I have been trying unsuccessfully to import a PKCS12 file created by openssl
into the "keychain access" application for MacOSX. When I do, I always get
the error: CSSMERR_CL_UNKNOWN_FORMAT
Please note the following:
* 2048 bit rsa private key, PEM encoded and encrypted with 3DES, and
vie
greetings:
i'm trying to build openssl-0.9.8l according to these instructions.
> perl Configure VC-WIN64A
> ms\do_win64a
> nmake -f ms\ntdll.mak
> cd out32dll
> ..\ms\test
i'm using dmake due to the incompatibility of nmake15 with vista 64.
this is the error i am getting.
C:\Users\noman\Des
It's not the CryptoAPI calls that are taking time - nearly all of the
time is spent within Heap32Next. Thus my hypothesis is that
CryptAcquireContextW or CryptGenRandom is failing, causing 'good' to
be 0 and the heap traversal to be unbounded.
I see the "entrycnt = 80" constraint on walking the l
On Wed, Nov 11, 2009, Alex Lam wrote:
> Hi all,
>
> The patch that disable renegotiation has broken DTLS's ClientHello exchange
> in 0.9.8l.
> Server sends an Alert together with HelloVerifyRequest...
>
As mentioned in the announcement 0.9.8l is based on 0.9.8k which has a very
broken DTLS impl
Hi David,
On Wed, Nov 11, 2009 at 6:02 PM, David Schwartz wrote:
>
> Sebastián Treu wrote:
>
>> When talking about thead-safeness and the developer responsability.
>> Say that I implement static locking callbacks on my application with
>> non-blocking BIO.
>
> Yes, you must implement the locking
Sebastián Treu wrote:
> When talking about thead-safeness and the developer responsability.
> Say that I implement static locking callbacks on my application with
> non-blocking BIO.
Yes, you must implement the locking callbacks. OpenSSL uses them to provide
the thread-safety guarantees it provi
Continuing with the "true multithreading" idea, I have some doubts
about what the documentation says about implementing static locks. I
read the old doc "Network Security with OpenSSL" from O'reilly about
the OpenSSL 0.9.7 library. I didn't finish it, but I focus on the API
part, chapter 4 and chap
Hi all,
The patch that disable renegotiation has broken DTLS's ClientHello exchange
in 0.9.8l.
Server sends an Alert together with HelloVerifyRequest...
Thanks,
Alex.
alexl-lnx2:~/openssl-098l/openssl/apps> ./openssl s_server -dtls1 -debug
Using default temp DH parameters
Using default temp ECDH
On Tue, Nov 10, 2009 at 04:03:46PM -0800, SSDwellah wrote:
> I am using openssl and have an AES_KEY structure (AES 256-bit) in memory
> that is used for encrypting some data. I would very much like to store the
> AES key to a file.
Do you want to encrypt the file?
- If not, just write out th
