Hello,
> > Hello,
> > > Oops, forgot to include the functions. These are:
> > >
> > >
> > > i2d_ECDSA_SIG
> > >
> > > d2i_ECDSA_SIG
> > This functions are implemented in file crypto/ecdsa/ecs_asn1.c.
> > Proof (after compiling):
> > $ nm crypto/ecdsa/ecs_asn1.o | grep -E 'i2d|d2i'
> > 00a0
On Wed, Sep 26, 2007, Marek Marcola wrote:
> Hello,
> > Oops, forgot to include the functions. These are:
> >
> >
> > i2d_ECDSA_SIG
> >
> > d2i_ECDSA_SIG
> This functions are implemented in file crypto/ecdsa/ecs_asn1.c.
> Proof (after compiling):
> $ nm crypto/ecdsa/ecs_asn1.o | grep -E 'i2d|d
Hello,
> Oops, forgot to include the functions. These are:
>
>
> i2d_ECDSA_SIG
>
> d2i_ECDSA_SIG
This functions are implemented in file crypto/ecdsa/ecs_asn1.c.
Proof (after compiling):
$ nm crypto/ecdsa/ecs_asn1.o | grep -E 'i2d|d2i'
00a0 T d2i_ECDSA_SIG
0060 T i2d_ECDSA_SIG
Looking
> > In this second step of verification, you can exchange public keys,
> > certificates, challenges, responses, and so on. Each side can
> > verify what it
> > is talking to on the other side by whatever mechanism you want.
> Ahh, yes, ok. But the result would not be SSL but
> something-SSL-based
Hi,
strange. What could be the reason then? I have 2 systems available for
testing.
C5 and C7. C5 runs Suse 9.3 (kernel 2.6.11) which shows the difference I
have posted below.
C7 runs Debian etch (kernel 2.6.18 type i686). On the C7 I see no difference
between
openssl version d and e but speed see
Hi!
I cannot confirm these performance differences between 0.9.8d and
0.9.8e. My results on a Via CPU are:
0.9.8d
==
engine "padlock" set.
Doing aes-256-cbc for 3s on 16 size blocks: 11906104 aes-256-cbc's in
3.00s
Doing aes-256-cbc for 3s on 64 size blocks: 9088256 aes-256-cbc's in
2
Hello,
> When I run ssl_server (after compiling ssl_server.c ), there is a
> error below. Please help me to solve this error.
>
> [EMAIL PROTECTED] Codevidu]# ./sslserver 8000
> 3691:error:140A90A1:SSL routines:SSL_CTX_new:library has no
> ciphers:ssl_lib.c:1424:
> Aborted
Did you initialize Op
* Victor Duchovni wrote on Tue, Sep 25, 2007 at 11:40 -0400:
> On Tue, Sep 25, 2007 at 05:20:28PM +0200, Steffen DETTMER wrote:
> > creating a new TLS (version) standard/RFC
>
> Approximately correct, not a new TLS standard, the existing TLS 1.1 is
> likely sufficient, rather a new standard cipher-
With a VIA C5 board I get a huge difference in speed with engine padlock
support (same machine same OS etc.).
Where is the difference coming from. Are there any changes regarding
buffering or block sizes? Look at this results:
0.9.8e:
#./openssl speed -evp aes-256-cbc -engine padlock engine "pad
Thanks for the explanation as to why this is occurring.
Bill
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson
Sent: September 25, 2007 11:49 AM
To: openssl-users@openssl.org
Subject: Re: EC Oddity
Some of the newer functions in OpenSSL
On Tue, Sep 25, 2007, Bill Colvin wrote:
> I have been doing some EC test code with the Sept. 5 snapshot and have
> observed something that I find a little odd. So I thought I would
> mention it so someone could take a look to see if it is a bug or what is
> supposed to occur.
>
>
>
> I have
On Tue, Sep 25, 2007, Bynum, Don wrote:
> Please send me your extensions file, CA cert/Key and the CSR you are
> using for your intermediate. I am assuming that what you have so far is
> for testing purposes. Otherwise, I would not ask for the CA key
> (obviously). Send them to me as a zip file
On Tue, Sep 25, 2007 at 05:20:28PM +0200, Steffen DETTMER wrote:
> > GSSAPI uses Keberos-5 KDCs for key management.
>
> Ahh, you mean creating a new TLS (version) standard/RFC, that is
> using GSSAPI and is to be used e.g. inside large organizations
> that already have some GSSAPI available (beca
* Victor Duchovni wrote on Tue, Sep 25, 2007 at 09:27 -0400:
> On Tue, Sep 25, 2007 at 11:58:45AM +0200, Steffen DETTMER wrote:
> > > I would like to see GSSAPI support in TLS (so would Microsoft
> > > and a few others). This addresses key management, without
> > > requiring secondary protocols, an
I have been doing some EC test code with the Sept. 5 snapshot and have
observed something that I find a little odd. So I thought I would
mention it so someone could take a look to see if it is a bug or what is
supposed to occur.
I have a PEM file with an EC private key.
I want to create an ep
On Tue, Sep 25, 2007 at 11:58:45AM +0200, Steffen DETTMER wrote:
> > No, the challenge is key management. TLS is just fine.
>
> What do you mean, `TLS is just fine'?
TLS is a sound protocol, the problem is not the protocol, the problem
is key management.
> Doesn't it depend on the requirements
Please send me your extensions file, CA cert/Key and the CSR you are
using for your intermediate. I am assuming that what you have so far is
for testing purposes. Otherwise, I would not ask for the CA key
(obviously). Send them to me as a zip file and I'll take a look.
Don.
[EMAIL PROTECTED]
* Victor Duchovni wrote on Mon, Sep 24, 2007 at 21:05 -0400:
> > Whatever you want to call it. The point is, if the client
> > can't validate the self-signed cert, you need some other way
> > to make sure the server and client have opposite ends of the
> > *same* SSL connection, rather than ends of
* David Schwartz wrote on Mon, Sep 24, 2007 at 07:42 -0700:
> > Storing some fingerprint of a certificate or public key locally
> > in some trusted place (such as a local file system) seems to be
> > quite secure (should be the same level as having a CAs root
> > certificate in a file), however, I'
19 matches
Mail list logo
