> In fact I'm using a custom BIO to interface between OpenSSL and some
> custom buffer structures. If I hadn't misread the protocol, for
> application data, SSL_write() should be able to proceed even when a
> SSL_read() returned WANT_READ. But what about rehandshake? If the
> SSL_read() returned W
> When using nonblocking BIO, can SSL_write(ssl, ...) be called right
> after a SSL_read(ssl, ...) "returned" SSL_ERROR_WANT_READ/WRITE? Or vice
> versa, please?
Of course. You can attempt to send or receive any time you want to.
DS
_
On Mon, 15 May 2006 22:07:17 -0400 (EDT), "Mikhail Kruk"
<[EMAIL PROTECTED]> said:
> Assuming that we are talking about a regular tcp non-blocking socket, the
> answer is yes. SSL_read() is just telling you that your request can't be
> satisfied at the moment and should be retried after more da
On Tue, 16 May 2006, Wei Li wrote:
On Mon, 15 May 2006 21:40:22 -0400 (EDT), "Mikhail Kruk"
<[EMAIL PROTECTED]> said:
When using nonblocking BIO, can SSL_write(ssl, ...) be called right
after a SSL_read(ssl, ...) "returned" SSL_ERROR_WANT_READ/WRITE? Or vice
versa, please?
Always assume that
On Mon, 15 May 2006 21:40:22 -0400 (EDT), "Mikhail Kruk"
<[EMAIL PROTECTED]> said:
> > When using nonblocking BIO, can SSL_write(ssl, ...) be called right
> > after a SSL_read(ssl, ...) "returned" SSL_ERROR_WANT_READ/WRITE? Or vice
> > versa, please?
>
> Always assume that a non-blocking SSL_read a
Always assume that a non-blocking SSL_read and SSL_write can return both
WANT_READ and WANT_WRITE. It's not as difficult as they want you to
think.
When using nonblocking BIO, can SSL_write(ssl, ...) be called right
after a SSL_read(ssl, ...) "returned" SSL_ERROR_WANT_READ/WRITE? Or vice
vers
When using nonblocking BIO, can SSL_write(ssl, ...) be called right
after a SSL_read(ssl, ...) "returned" SSL_ERROR_WANT_READ/WRITE? Or vice
versa, please?
Thanks.
--
Regards,
Wei
--
http://www.fastmail.fm - Send your email first class
__
The RSA patent expired in 2001.
-Kyle H
On 5/15/06, gmu 2k6 <[EMAIL PROTECTED]> wrote:
On 5/15/06, Victor Duchovni <[EMAIL PROTECTED]> wrote:
> On Mon, May 15, 2006 at 10:36:08AM +0200, gmu 2k6 wrote:
>
> > this is going into a new PBX so it in the first step is it more like
> > an independent
By any chance, do you know any sample procedures or
references to use those basic hash & RSA to generate
EMV certificate?
thanks!
hao
--- Nils Larsch <[EMAIL PROTECTED]> wrote:
> hao chen wrote:
> > Hi,
> >
> > I highly appreciate if any one can tell me if
> openssl
> > is able to generate EMV
Lee Colclough schrieb:
Hello Lee,
> I couldn't get this to work either. I think that something is either
> wrong with my cnf file, or my command line batch file I use generate and
> sign certificates is wrong.
Your config file is wrong.
> Is anyone willing to have a look at them? I know it's a
hao chen wrote:
Hi,
I highly appreciate if any one can tell me if openssl
is able to generate EMV Certificate.
no, you need to create them manually using the basic hash and RSA
operations.
Cheers,
Nils
__
OpenSSL Project
On Mon, 2006-05-15 at 11:06 -0700, [EMAIL PROTECTED] wrote:
> plain text document attachment (Re:)
> Actually i did try base 64 decoding , only to get nothin in the
> file..Sorry if i seem extremely ignorant(I am!)..i just started to
> work on these, cant find tutorials and the only source i have i
Actually i did try base 64 decoding , only to get nothin in the
file..Sorry if i seem extremely ignorant(I am!)..i just started to
work on these, cant find tutorials and the only source i have is some
man page which doesnt help me much.
Heres what i did. I pasted this to a file
AQO2SoMgtzHArqduMT
Yes..im tryin this out now...If theres a easier way out..i would take
it...why cant these pple use a single format?Saves everyone trouble
and time
Thanks,
Sudharsan
On 5/15/06, Marek Marcola <[EMAIL PROTECTED]> wrote:
Hello,
> I dont really need to care about the private key. I need to know th
Hello,
> I dont really need to care about the private key. I need to know the
> format of the public key of DNSSec, cause i am gonna use openSSL to
> verify the SIG records signed using a KEY record.
Second file generated with dnssec-keygen is dns file record
for example:
xyz. IN DNSKEY 2
Thanks for the tip. Making the modification to the Makefile in the
engines directory seems to have fixed my problem.
I don't suppose anyone could explain to me why this was changed between
0.9.8a and 0.9.8b? It just seems like it would be a change that would
be involved in bigger version bump t
On Mon, May 15, 2006 at 06:23:56AM -0700, jamesp81 (sent by Nabble.com) wrote:
>
> If you are describing the OpenSSL documentation
>
> Actually, I was referring to the mysql developers handbook on the web. The
> Openssl docs, as you mention, are more of a reference than a manual.
> Should've b
On Mon, May 15, 2006 at 09:30:39AM -0700, Sudharsan Rangarajan wrote:
> Hi Marek,
> I dont really need to care about the private key. I need to know the
> format of the public key of DNSSec, cause i am gonna use openSSL to
> verify the SIG records signed using a KEY record.
>From the rsa(1) manpa
Hi Marek,
I dont really need to care about the private key. I need to know the
format of the public key of DNSSec, cause i am gonna use openSSL to
verify the SIG records signed using a KEY record.
Thanks,
Sudharsan
On 5/15/06, Marek Marcola <[EMAIL PROTECTED]> wrote:
Hello,
> I have antoher iss
Hi Brad,
Nevermind. I figured it out myself..Its just that im new here and
openssls documentation seems to less!
Thanks,
Sudharsan
On 5/15/06, Brad Hards <[EMAIL PROTECTED]> wrote:
On Monday 15 May 2006 17:44 pm, you wrote:
> Hi all,
> I have a quick question. Suppose i am doing RSA crypto. I c
On Mon, May 15, 2006 at 04:19:38PM +, gmu 2k6 wrote:
> >> Moreover for some reason the ppl on sci.crypt
> >> told me to use TLS in EDH (ephemeral DH mode) vs RSA mode.
> >
> >http://en.wikipedia.org/wiki/Perfect_forward_secrecy
>
> so RSA mode does not support this
Yes RSA key exchange does
Hi Marek,
Thanks for the sample code. Whats this file format of DNSSec
called?The public key looked like PEM...is it?
Thanks,
Sudharsan
On 5/15/06, Marek Marcola <[EMAIL PROTECTED]> wrote:
Hello,
> I have antoher issue. I used Bind and dnssec-keygen. The key formats
> produced by dnssec-keygen
Hi Bradm
This is what i mean. Suppose ive been given a file containing a RSA
private key. I need to read it in somehow to fill this structure up ,
so that i can use it for decryption/signing. I cant find any function
to do this.
struct
{
BIGNUM *n; // public modulus
On 5/15/06, Victor Duchovni <[EMAIL PROTECTED]> wrote:
On Mon, May 15, 2006 at 10:36:08AM +0200, gmu 2k6 wrote:
> this is going into a new PBX so it in the first step is it more like
> an independent box without dependence on Kerberos. I'm gonna
> issue certificates for all nodes and use those t
Hello,
> I'm trying to build OpenSSL 0.9.8b on HP Itanium and I'm running into
> some problems during the make install step. I'm didn't notice any
> errors during configure or make and make test passed. I'm able to
> build 0.9.8a with the exact same steps. Has anyone else seen this?
> Any sugge
Thanks Richard. It makes perfect sense.Richard Salz <[EMAIL PROTECTED]> wrote: Look at the end of section 4.1.1 for the details of "target cert identifier"/r$--SOA AppliancesApplication Integration Middleware__OpenSSL Project http
I'm trying to build
OpenSSL 0.9.8b on HP Itanium and I'm running into some problems during the make
install step. I'm didn't notice any errors during configure or make and
make test passed. I'm able to build 0.9.8a with the exact same
steps. Has anyone else seen this? Any suggestions on
On Mon, May 15, 2006 at 10:36:08AM +0200, gmu 2k6 wrote:
> this is going into a new PBX so it in the first step is it more like
> an independent box without dependence on Kerberos. I'm gonna
> issue certificates for all nodes and use those to authenticate
> inter-service connections. With TLS I th
Hi, and thanks again for the assistance.
I couldn't get this to work either. I think that something is
either wrong with my cnf file, or my command line batch file I use generate and
sign certificates is wrong.
Is anyone willing to have a look at them? I know it's a bit long
but j
Hi,
suppose I have an MS certificate. I want to read its v2 template
name, (OID 1.3.6.1.4.1.311.21.7).
When doing a dump of the certificate, I couldn't find there any
string, even though the certificate probably does contain some name.
While an article [1] recommends to find out the
Hi,
I highly appreciate if any one can tell me if openssl
is able to generate EMV Certificate. If it can, what
or where I can have the procedures to do it.
thanks
hao
Best Regard
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam prot
Title: How to add new c source file to OpenSSL project
Hi,
We have a need to modify some functions to fit our own use. Instead of changing the existing functions, we choose to create new c source file with new functions. But I can't seem to get this to work. Here is a high-level description
Without any guarantees:
The order of attributs in the distinguished name section may be
important. If you
have a country code, start with this as a first attribut. You may not want
to put an email address into the DN?
I'd recommend to use _value fields in order to avoid prompting.
In order t
If you are describing the OpenSSL documentation
Actually, I was referring to the mysql developers handbook on the web. The
Openssl docs, as you mention, are more of a reference than a manual.
Should've been a little more clear about that.
There is a step-by-step in the mysql docs on how to set
Hello,
> I have antoher issue. I used Bind and dnssec-keygen. The key formats
> produced by dnssec-keygen seem incompatible with that of Openssls
> command line interface(atleast the private key, i tried to add the
> --START PUBLIC key--- thingie to the public key file produced by
> dnssec-keygen).
Hi to clever folks,
suppose I have a MS certificate. I want to read its v2 template
name, (OID 1.3.6.1.4.1.311.21.7).
When doing a dump of the certificate, I couldn't find there any
string, even though the certificate probably does contain some name.
While an article [1] recommen
Hi, and thanks for your help so far.
I tried the first option you specified, but couldn't get it to work.
Here is a snippet from my OpenSSL.cnf file
---SNIP---
[ req_distinguished_name ]
# Variable name Prompt string
#---
On Monday 15 May 2006 17:44 pm, you wrote:
> Hi all,
> I have a quick question. Suppose i am doing RSA crypto. I cant seem to
> figure out how i can choose a particular private key/public key. The
> only api that seems to be provided is rsa_generate_key and the man
> page says use the given api to
On 5/15/06, Kyle Hamilton <[EMAIL PROTECTED]> wrote:
With 2000 simultaneous connections, your limit would be the kernel,
not the encryption. :)
well, with modern *nix kernels this is not a big problem anymore,
but we also don't target that many simultaneous connections either
right now, so...
On 5/15/06, Joseph Oreste Bruni <[EMAIL PROTECTED]> wrote:
I put together a multi-way messaging system supporting over 2000
simultaneous persistent connections. During my initial design, I was
concerned that the encryption would become an issue, especially with
that many connections. So, we purch
On 5/15/06, Victor Duchovni <[EMAIL PROTECTED]> wrote:
On Sun, May 14, 2006 at 05:29:30PM -0700, Kyle Hamilton wrote:
> as has been mentioned before, premature
> optimization is the root of all evil. Write the code, determine the
> bottlenecks with a profiler, and optimize them. Most of the t
[ I am documenting protocol and cipherlist selection for Postfix 2.3
users, and want to get a solid understanding of the details first... ]
1.
I am curious why among the 56 bit, non-RC4 ciphers:
EXP1024-DHE-DSS-DES-CBC-SHA Kx=DH(1024) Au=DSS Enc=DES(56) Mac=SHA1 export
EXP1024-D
Hi all,
I have a quick question. Suppose i am doing RSA crypto. I cant seem to
figure out how i can choose a particular private key/public key. The
only api that seems to be provided is rsa_generate_key and the man
page says use the given api to modify the key. Unf i cant seem to find
any functio
43 matches
Mail list logo
