On 2007.05.31 at 22:28:27 -0700, gary clark wrote:
> Hello,
>
> Using 0.8.9e.
>
> Attempting to port my openssl testclient to a XP
> machine which does not have the complete install of
> openssl.
> I took the ssleay32.dll and libeay32.dll and installed
> them in the system32 directory.
>
> When
Hello,
Using 0.8.9e.
Attempting to port my openssl testclient to a XP
machine which does not have the complete install of
openssl.
I took the ssleay32.dll and libeay32.dll and installed
them in the system32 directory.
When running the client I am seeing it crash with the
message "The application
On a Linux AS4 machine, I was able to successfully build both 0.9.8.e and FIPS
1.1.1 and have both pass all tests :-)
The VERSION in the FIPS Makefile is different than the version of the base
OpenSSL, and the only way to change the output of "openssl version" is to
change the header file. I'v
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz
Sent: Thursday, May 31, 2007 7:17 PM
To: openssl-users@openssl.org
Subject: RE: Saving (and restoring) cipher context
> I think your argument is based on a false premise. In the majority of
I've got the errors fixed! Previously when I installed MinGW, I chose the
minimal option without installing g++ and make. After I made a MinGW update to
install these two packages, the openssl fips object module compiles nicely
without errors!
Thanks for all the help.
hweeli <[EMAIL PROTE
Thanks for the reply. Yes, I ran "./config fips". In fact I just tried again,
the errors are consistent.
To be more specific, the errors occurred at this point during make:
...
ar d ../libcrypto.a $exdel
ar r ../libcrypto.a fipscanister.o
true ../libcrypto.a || echo Never mind.
gcc
Thanks for the information. We were thinking about having the client
send up a hash over the entire file any time it attempted to start or
resume an upload, and if the computed checksum didn't match the
original, just force the client to start over from the beginning.
Would this work?
-Orig
> If the server is doing all the encryption, then presumably the server is
> responsible for storing the keys someplace where it has ready access to
> them.
That's really not something you can assume. For example, the server might
hold only public keys and when it needs to decrypt something, the
Hello,
> Thanks for the info. Is it possible that the client is using version 3
> while the server is using some other version? I'm seeing this
> error("error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
> number") in my client and I'm pretty sure that I'm setting the client's
> version t
Hello,
> I have configured openSSL in Win-XP by downloading
> Openssl-0.9.8d,tcnative-1.dll and runnig commands as,
> openssl req -config openssl.cnf -new -out server.csr
> openssl rsa -in privkey.pem -out server.key
> openssl x509 -in server.csr -out server.crt -req -signkey server.key
-days 365
If the server is doing all the encryption, then presumably the server is
responsible for storing the keys someplace where it has ready access to
them. If this is the case, how is encryption protecting the data in the
event the server is compromised? My concern is that this provides some
level of
Thanks, I'll look into that, particularly if I can't come up with a way to
avoid a restart entirely.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Koenning
Sent: Thursday, May 31, 2007 5:54 AM
To: openssl-users@openssl.org
Subject: Re: Saving (
Thanks for the suggestion. I think our biggest concern about doing
encryption on the client side is exposing the underlying encryption
mechanism we're using for stored files. Ideally, we'd like the server
to be a secure black box: files go in via SSL, are store securely, and
come back out the sam
Marek,
Thanks for the info. Is it possible that the client is using version 3
while the server is using some other version? I'm seeing this
error("error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number") in my client and I'm pretty sure that I'm setting the client's
version to 3. Ho
If you have concerns about doing encryption client side and worry about
how to securely pass the key around you can try the oft-used strategy of
using an asymmetric (RSA) public key to encrypt a randomly generated
symmetric (AES) key. This encrypted symmetric key can then be safely
stored with the
Jim Wong wrote:
I'm developing an application in which we're using AES to encrypt files as
they're transferred from another system and saved to disk. We'd like to
provide the ability for the application to resume a transfer that was
interrupted mid-stream, but the encryption throws a bit of a w
16 matches
Mail list logo
