SHA-1 is partially broken already. It should not be used unless
necessary for backwards compatibility.
On 10/25/2011 9:01 PM, Jonas Schnelli wrote:
On 10/25/2011 10:52 AM, Jonas Schnelli wrote:
How do i create a HMAC-SHA1 with a RSA Key?
What do i give as input for the param *key?
Why:
M
Hi,
I am currently writing my own TLS socket handshake and have all of it
working besides the record's mac generation. I am using the
TLS_RSA_WITH_AES_256_CBC_SHA
cipher suite which I expect the mac generation to be done with a HMAC_SHA
function as specified in the TLS 1.0 rfc specification. I
On Tue October 25 2011, Akanksha Shukla wrote:
> Hi Stephen,
>
>
>
> I added debug code as:
>
>
>
> int retryCounter = 0;
>
> while(retryCounter < CONNECT_MAX_TRY)
>
> {
>
> int retVal = BIO_do_connect(conn);
>
> if(retVal <= 0)
>
> {
>
> if(BIO_should_retry(conn)
Hi Stephen,
I added debug code as:
int retryCounter = 0;
while(retryCounter < CONNECT_MAX_TRY)
{
int retVal = BIO_do_connect(conn);
if(retVal <= 0)
{
if(BIO_should_retry(conn))
{
retryCounter++;
sleep(CONNECT_SLEEP_INTERVAL)
Thanks to both Erwin and Steve
This indeed helps. My old malfunctioned code looks like this:
unsigned char *p;
p = (unsigned char*)pCertificate;
pX509 = d2i_X509(NULL, reinterpret_cast(p),
certLength);
After I changed the code to:
const unsigned char *p = (const unsigned char*)pCertific
> On 10/25/2011 10:52 AM, Jonas Schnelli wrote:
>> How do i create a HMAC-SHA1 with a RSA Key?
>> What do i give as input for the param *key?
>>
>> Why:
>> My encrypted file has now the filename of the unencrypted-files-sha1.
>> (unsecure!).
>> I cannot use the sha1 of the encrypted file becau
> On 10/25/2011 10:52 AM, Jonas Schnelli wrote:
>> How do i create a HMAC-SHA1 with a RSA Key?
>> What do i give as input for the param *key?
>>
>> Why:
>> My encrypted file has now the filename of the unencrypted-files-sha1.
>> (unsecure!).
>> I cannot use the sha1 of the encrypted file because
This is a snippet of my code that converts DER encoded X509 into OPENSSL
X509
/* Convert X509 from DER to openssl X509 struct */
X509 *x509CertificateTemp = NULL;
const unsigned char *x509CertificateDERNext;
x509CertificateDERNext = x509CertificateDER;
if(d
On Tue, Oct 25, 2011, Nan Luo wrote:
> Hi, I used to work with openssl-0.9.7, and all my certificates were
> generated by openssl-0.9.8. Openssl-0.9.7 works great with openssl-0.9.8's
> certificates, I never had issues in parsing, verification, .. Recently
> I upgraded my application with open
Thank you, Erwin, for your quick response. I actually had tried the same
certificate using DER format too, the same decoding error was spilled. I
used the following command to convert this certificate from PEM to DER:
/usr/local/bin/openssl x509 -in ssClient100.cert -inform PEM -outform DER
-out s
A quick observation. If I my understanding is correct, d2i_X509() function
is only for DER-encoded X509. Could you make sure that your 0.9.8's cert is
DER-encoded, not PEM's encoded. The cert file you are attaching is PEM's
encoded file.
On Tue, Oct 25, 2011 at 9:41 AM, Nan Luo wrote:
> Hi,
Hi, I used to work with openssl-0.9.7, and all my certificates were
generated by openssl-0.9.8. Openssl-0.9.7 works great with openssl-0.9.8's
certificates, I never had issues in parsing, verification, .. Recently
I upgraded my application with openssl-1.0.0, I found that none of old
openssl-0.
Hi Peter,
Same error on the server:
normg@conifer>./srpserver
Server is starting to listen on port 57784
Server is starting accept on port 57784
Connection accepted
SSL_accept failed, error=SSL_ERROR_SSL
Details: error:1408A0C1:SSL routines:SSL3_GET_CLIENT_HELLO:no shared cipher
s3_srvr.c at 13
On 10/25/2011 10:52 AM, Jonas Schnelli wrote:
How do i create a HMAC-SHA1 with a RSA Key?
What do i give as input for the param *key?
Why:
My encrypted file has now the filename of the unencrypted-files-sha1.
(unsecure!).
I cannot use the sha1 of the encrypted file because i use EVP_Seal* (aes2
On 10/25/2011 05:15 AM, Norm Green wrote:
Hello Experts,
I'm new to OpenSSL so please bear with me.
I'm trying to construct a simple example that uses a recent OpenSSL 1.0.1
snapshot to create secure connection using SRP without using any certificates.
I am aware 1.0.1 is not yet released, b
On Mon, Oct 24, 2011, Bill Durant wrote:
> On Oct 24, 2011, at 4:00 PM, Dr. Stephen Henson wrote:
> > On Mon, Oct 24, 2011, Bill Durant wrote:
> >
> >>
> >>
> >> Hello Steve:
> >>
> >> I downloaded
> >> ftp://openssl.org/snapshot/openssl-fips-2.0-test-20111023.tar.gz and
> >> http://openssl.or
Hi
How do i create a HMAC-SHA1 with a RSA Key?
What do i give as input for the param *key?
Why:
My encrypted file has now the filename of the unencrypted-files-sha1.
(unsecure!).
I cannot use the sha1 of the encrypted file because i use EVP_Seal* (aes256
session key) so the sha1 of the encrypte
I've been trying to deploy FreeRadius 2.1.10 on a CentOS 6 VM.
I've also installed Samba 3.5.6, Kerberos 1.8.2-3 & OpenSSL 1.0.0-4 for x86_64
el6.
I'm getting the following output in the final stage of "Configuring FreeRADIUS
to use ntlm_auth for MS-CHAP" stage:
WARNING: !!!
I tried openssl to download a remote cert on my181.svr.us.cyber.net
Below are the 3 steps to generate self sign certificate.
1)To generate keys:
/opt/boksm/lib/openssl genrsa -des3 -out server2.key 2048 -config
/usr/sfw/lib/webmin/acl/openssl.cnf
2)To generate CSR
/opt/boksm/lib/openssl req -n
19 matches
Mail list logo
