Reinaldo Matukuma:
> Hello all.
> I will try to explain what I need and what I want to do.
> I know a hash from a file "X". And I also know that this file "X" has
> data always been appended at end periodically.
> So, I want to only update the hash information of the file without
> the need to
hi,
i am currently using openssl 0.9.8l. i am trying to build it on Windows
AMD platform. i am getting missing symbol issue while building static crypto
library in FIPS mode.
if i build openssl 0.9.8l in non fips mode (i.e without passing fips
--fipslibdir to Configure )
i get the below outp
Shaun Crampton wrote:
Hi,
I have a server that needs to serve content to two groups of clients
over HTTPS. One group of clients are standard web browsers, with the
normal group of trusted roots. The other group are embedded devices
that only support certificates signed by the manufacturer'
I use the following OpenSSL functions to verify the MACs of incoming TLS
messages:
HMAC_CTX_init()
HMAC_Init_ex()
HMAC_Update();
HMAC_Final();
HMAC_CTX_cleanup();
This works fine for most messages in an TLS stream, including handshakes,
alerts, and application data. It also
On Tue, Feb 23, 2010, Reinaldo Matukuma wrote:
>
> Hello all.
>
> I will try to explain what I need and what I want to do.
>
> I know a hash from a file "X". And I also know that this file "X" has data
> always been appended at end periodically.
>
> So, I want to only update the hash informati
Hi,
I have a server that needs to serve content to two groups of clients over
HTTPS. One group of clients are standard web browsers, with the normal group
of trusted roots. The other group are embedded devices that only support
certificates signed by the manufacturer's trusted root (which in
Hello all.
I will try to explain what I need and what I want to do.
I know a hash from a file "X". And I also know that this file "X" has data
always been appended at end periodically.
So, I want to only update the hash information of the file without the need to
read all the file again.
I k
> Should the caller specify an empty ivec (to the correct length) in this case
> or am I missing something?
I think so too.
If you always initialise the IVEC to NUL bytes,
and use the same key to encrypt lots of small packets,
it becomes easier to crack the key.
If you use some variable data tha
Hi all,
I'd like to solve this problem.
I need to send a SIGN message with two or three files as attachment from
Linux MTA server.
(The message may be empty.) For example:
One of the attachment file is ".pdf" file, the second is "sign" of the
.pdf file and the third file
is "certificate".
Wh
Hello,
Looking at test/evp_test.c and the test data test/evptests.txt for
encryption/decryption, I don't understand how the initialisation vector
('iv' variable) is used.
The test data in evptests.txt is expressed as Hex strings which are then
translated to bit patterns before use:
cipher:
On Mon, Feb 22, 2010, Eisenacher, Patrick wrote:
>
> Unfortunately, the perceived verification algorithm is a limitation in
> openssl, which always wants to do path validation up to a self signed cert,
> even if no revocation checking is requested. And no, there's no way to
> modify its verificat
On Tue, Feb 23, 2010, Michael Fuller wrote:
>
> When 0.9.8m beta 1 was released 1 month ago, I presumed that
> 0.9.8m would follow shortly, presumably some time after the
> renegotiation draft was approved, which happened ~2 weeks ago.
>
> So, now that RFC5746 has been upgraded from draft to fin
Hi Patrick,
sorry for the bad line-breaking, but I'm stuck here with a poor msa.
> -Original Message-
> From: Patrick Patterson
>
> On February 22, 2010 09:18:25 am Eisenacher, Patrick wrote:
> > > -Original Message-
> > > From: Patrick Patterson
> > >
> > > On 12/02/10 8:51 AM, s
> The man page for SSL_write() mentions that I should call
> SSL_get_error() upon failure:
> http://www.openssl.org/docs/ssl/SSL_write.html
>
> Is that all I have to do? Or do I should I inspect the error
> stack too?
IIRC you always need to check and clear the error stack when you encounter
an
On February 22, 2010 09:18:25 am Eisenacher, Patrick wrote:
> > -Original Message-
> > From: Patrick Patterson
> >
> > On 12/02/10 8:51 AM, skillz...@gmail.com wrote:
> > > Is there a way (via the API rather than the tool) to tell
> >
> > OpenSSL that
> >
> > > the sub-CA certificate is tru
15 matches
Mail list logo
