> I have try this, but it fails, because the is no way to find out when
> the write buffer BIO has data that must send. I have try it with the
> callback function. But this will not work, because the function must be
> static. And than I can not acces the network object form Qt.:(
I can't
Hello,
> > >> So I found out that SSL don't take teh data from the socket:(
> > >> The Qt buffer will grow and grow, but SSL don't read the data:(
> > >
> > > It seems to me that you have an architecture problem. As i understand
> > > your descriptions you have OpenSSL and Qt accessing a socket in
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
I don't see an 'ssl' command on my system -- is this a shell script or an
alias? If you have a script 'ssl' calling 'openssl' then you're going to
have to deal with layers of quoting.
For example, if 'ssl' is a script, then upon entering the comm
Hello,
> >> So I found out that SSL don't take teh data from the socket:(
> >> The Qt buffer will grow and grow, but SSL don't read the data:(
> >
> > It seems to me that you have an architecture problem. As i understand
> > your descriptions you have OpenSSL and Qt accessing a socket in
> > *para
Richard Koenning schrieb:
> Frank Büttner wrote:
>
>> So I found out that SSL don't take teh data from the socket:(
>> The Qt buffer will grow and grow, but SSL don't read the data:(
>
> It seems to me that you have an architecture problem. As i understand
> your descriptions you have OpenSSL and
David Schwartz schrieb:
>> So I found out that SSL don't take teh data from the socket:(
>> The Qt buffer will grow and grow, but SSL don't read the data:(
>
> If you use bio pairs, SSL doesn't have to touch the network at all ever. You
> can read and write data to and from the network and to and
Ah - okay.
Actually, loading the certificate also into the server and loading the ciphers
in
the client and also in the server resolved the problem.
Unfortunately, i used incomplete documentation from a university presentation
from
the internet, which contained logic as well as other errors.
The
> So I found out that SSL don't take teh data from the socket:(
> The Qt buffer will grow and grow, but SSL don't read the data:(
If you use bio pairs, SSL doesn't have to touch the network at all ever. You
can read and write data to and from the network and to and from OpenSSL.
This is probably
Frank Büttner wrote:
So I found out that SSL don't take teh data from the socket:(
The Qt buffer will grow and grow, but SSL don't read the data:(
It seems to me that you have an architecture problem. As i understand your
descriptions you have OpenSSL and Qt accessing a socket in *parallel*,
Krishna M Singh schrieb:
> Hi Frank
>
> Don't know anything about Qt socket system but I feel there must be
> some other API in place of select in that. Non-blocking sockets cant'
> be handled without select easily and efficiently..
> Its very crude way but u can sort of implement select functiona
Hello,
I would recommend to actually load the server certificate in addition
to the key. Without certificate the key/certificate pair is not complete
and only anonymous ciphers would be valid. These are not enabled by
default so that no "shared cipher for which all necessary data are
available" ca
Hi Frank
Don't know anything about Qt socket system but I feel there must be
some other API in place of select in that. Non-blocking sockets cant'
be handled without select easily and efficiently..
Its very crude way but u can sort of implement select functionality like this..
a) timeout = 100 m
Hello !
I have changed the order now - however, in my understanding, setting the
ciphers is not required in any case.
The behaviour is unfortunately still the same.
Is there a way to debug the handshake further down ?
Thanks
Florian
Krishna M Singh wrote:
> Hi
>
> I don't remember the internal
Krishna M Singh schrieb:
> Not sure whether it failed with bio.. But for non-blocking sockets u
> must use the select call else it would be too complex to handle the
> sockets.. Have u tried that..?
>
>
I can't use the select() call, because I only have an fd for the socket.
But no direct connect
Not sure whether it failed with bio.. But for non-blocking sockets u
must use the select call else it would be too complex to handle the
sockets.. Have u tried that..?
On 8/18/06, Frank Büttner <[EMAIL PROTECTED]> wrote:
Krishna M Singh schrieb:
> Hi
>
> I haven't ever used BIO.. One more thing
Hi
I don't remember the internals of the SSL_CTX and SSL structures but t
we need to create SSL object once all the initialization of SSL_CTX is
completed...
m_ssl=SSL_new(m_ctx);
should come after all the calls to add cipher etc. that sets something
in the context are done else the m_ssl willn'
Krishna M Singh schrieb:
> Hi
>
> I haven't ever used BIO.. One more thing, after calling SSL_read we
> need to call SSL_pending also to make nothing is buffered.. In case
> SSL_pending returns non-zero than we can iteractively call the
> SSL_read again until it returns SSL_WANT_read or Write..
>
Hi
We have used the code present in ca.c to make a library to generate
the certs on fly.. OpenSSL CA generates the certificates. We have used
the same.. Plz chk ca.c it would give more insigh.. I am sorry to say
but to us it appears they aren't any simple direct API for this..
HTH
-Krishna
On 8
Hi
I haven't ever used BIO.. One more thing, after calling SSL_read we
need to call SSL_pending also to make nothing is buffered.. In case
SSL_pending returns non-zero than we can iteractively call the
SSL_read again until it returns SSL_WANT_read or Write..
Whatvever it returns, based on that w
Hello !
Here is again the complete code as of now.
The restricitions are removed so far.
Output from Server:
SSL PrivateKey opened successfully
LOG; Now accepting connections on fd...connection accepted.
LOG; Now accepting (ssl)...SSL Handshake (SSL_accept) failed - error
code -1
SSH Handshake er
> Well, i tried this, but unfortunately, there is no change.
> Is my understanding wrong that per default, there are ciphers defined ?
> I am happy to define them if required - however, i don't
> understand the error.
> Any idea ?
Make sure you've removed any test code you added that limi
> David Schwartz schrieb:
> >> The only signals that I have is readyRead() (emit when I can read data
> >> form socked) and bytesWritten() (emit when data was written to the
> >> socked). I seen that OpenSSL will only have data for read when
> >> an Record
> >> was complete transmitted. How can I
Well, i tried this, but unfortunately, there is no change.
Is my understanding wrong that per default, there are ciphers defined ?
I am happy to define them if required - however, i don't understand the error.
Any idea ?
Florian
David Schwartz wrote:
> > Hello !
> >
> > However, when using DES-C
Hello again
Marek Marcola wrote:
Hello,
create a public salt (anyone can see this and will) of X length (128bits)
take sha512 hash of file to be encryted (and keep it)
supply a password to the pbkdf2 - to create a 256bit key for my AES256
CFB encryption
use the has
David Schwartz schrieb:
>> The only signals that I have is readyRead() (emit when I can read data
>> form socked) and bytesWritten() (emit when data was written to the
>> socked). I seen that OpenSSL will only have data for read when an Record
>> was complete transmitted. How can I find out the siz
> Hello !
>
> However, when using DES-CBC3-SHA instead, i still have the same behaviour.
>
> Any idea ?
>
> Many thanks !!
>
> Florian
Did you add these ciphers?
Try something like:
EVP_add_cipher(EVP_des_cbc());
EVP_add_cipher(EVP_rc2_cbc());
EVP_add_cipher(EVP_rc4());
EVP_
Hello !
However, when using DES-CBC3-SHA instead, i still have the same behaviour.
Any idea ?
Many thanks !!
Florian
Girish Venkatachalam wrote:
> --- Florian G otter <[EMAIL PROTECTED]> wrote:
> > Added code:
> >
> > if(SSL_set_cipher_list(m_ssl,"EXP-RC4-MD5")==1)
> > {
> > cout << "set
Hello,
> > > create a public salt (anyone can see this and will) of X length (128bits)
> > > take sha512 hash of file to be encryted (and keep it)
> > > supply a password to the pbkdf2 - to create a 256bit key for my AES256
> > > CFB encryption
> > > use the hash with same salt in pbkdf2 and create
>#include
>#include "openssl/bio.h"
>int main ()
>{
>BIO *bio_out;
>bio_out = BIO_new_fp(stdout, BIO_NOCLOSE);
>BIO_printf(bio_out, "Hello World\n");
>
>getchar();
>
>return(0);
>}
>The code was compiled successfully.
>When the code went to "BIO_printf(bio_out, "Hello World
--- Florian G otter <[EMAIL PROTECTED]> wrote:
> Added code:
>
> if(SSL_set_cipher_list(m_ssl,"EXP-RC4-MD5")==1)
> {
> cout << "setting cipher went okay" << endl;
> }
> else
> {
> cout << "cipher not set" << endl;
> }
>
Dont use EXP- ciphers!
__
> Please be kind to me.
--
There is no fear. All were newbies at some point in their careers, and all have
made mistakes, met with failures and become experts.
This
should work. It works for me. Perhaps, you shold check the return from
BIO_new_fp like (if bio_out == NULL) return 1; - this wi
Well - this was really a stupid mistake.
However, after some hours of furter debugging i am stuck now with a problem
again.
Basically, it looks like the client and the server do not find a shared
cipher to use.
I tried the code without specifiying the ciper (according to the
documentation, standard
Marek Marcola wrote:
Hello,
Ok I have taken comment so far and this is my plan - if I am way off
please let me know
create a public salt (anyone can see this and will) of X length (128bits)
take sha512 hash of file to be encryted (and keep it)
supply a password to the pbkdf2 - to
Hello,
> I want to decrypt using 3DES and want to use the EVP api.
> Here's what i'm doing, it will be nice someone could validate if my approach
> is correct. here's the code that i have come up with...
>
>
> int 3desDecrypt(unsigned char * pEncData, int pDataSize)
> {
>int dec_data_size =
Hello,
> Ok I have taken comment so far and this is my plan - if I am way off
> please let me know
>
> create a public salt (anyone can see this and will) of X length (128bits)
> take sha512 hash of file to be encryted (and keep it)
> supply a password to the pbkdf2 - to create a 256bit key for my
> Hi,
> On 8/16/06, David Schwartz <[EMAIL PROTECTED]> wrote:
> > [...] The SSL engine may have already read the data and your
> > 'select' may block forever. You should only wait for 'select'
> to give you
> > read hit before calling SSL_read if your last SSL operation returned a
> > WANT_READ
> The only signals that I have is readyRead() (emit when I can read data
> form socked) and bytesWritten() (emit when data was written to the
> socked). I seen that OpenSSL will only have data for read when an Record
> was complete transmitted. How can I find out the size of an Record?
> Then I ca
Hi,
> I am a newbie to openssl. Maybe my questions here is silly.
> Please be kind to me.
> I recently downloaded the openssl source, and compiled it
> under win32 successfully.
> When I use VC6 to try to write a tiny test case,
> I just couldn't get through it.
>My code is list below:
>#incl
I've found the reason.http://www.openssl.org/support/faq.html#PROG2On 8/18/06,
Jiyong Xu <[EMAIL PROTECTED]> wrote:
Hi,I am a newbie to openssl. Maybe my questions here is silly. Please be kind to me.I recently downloaded the openssl source, and compiled it under win32 successfully.When I use VC6
Hi,I am a newbie to openssl. Maybe my questions here is silly. Please be kind to me.I recently downloaded the openssl source, and compiled it under win32 successfully.When I use VC6 to try to write a tiny test case, I just couldn't get through it.
My code is list below:#include #include "openssl/bi
Thanks Marek for that reply. It helped me :)
Regards,
Prabhu. S
- Original Message -
From: "Marek Marcola" <[EMAIL PROTECTED]>
To:
Sent: Wednesday, August 09, 2006 3:02 PM
Subject: Re: query on SSL_CTX_set_verify();
> Hello,
> > I have client application program in which I call the m
Ok I have taken comment so far and this is my plan - if I am way off
please let me know
create a public salt (anyone can see this and will) of X length (128bits)
take sha512 hash of file to be encryted (and keep it)
supply a password to the pbkdf2 - to create a 256bit key for my AES256
CFB encrypt
Richard Koenning schrieb:
> Frank Büttner wrote:
>
>> Non blocking is not possible because Qt returns only an non blocking fd.
>
> What is the problem?
>
>> What do you mean with the select() function. In the openSSL doc I can
43 matches
Mail list logo
