You can use the below API's
RAND_bytes()
RAND_pseudo_bytes()
On Thu, Apr 5, 2012 at 12:33 AM, Jeremy Farrell
wrote:
> http://lmgtfy.com/?q=openssl+random+number
>
> > From: Alex Chen [mailto:alex_c...@filemaker.com]
> >
> > There is a 'rand' command in the openssl command line tool to generat
Hi All,
I have fixed the CVE-2009-3555 bug by making my application RFC 5746
compliant.
Is this will cause the DoS attack ( CVE-2011-1473). Now I am facing Dos
attack on one of the port.
Please let me know is there any patch to fix this problem.
Thanks,
Gayathri
> ENGINE_free all of the structural references you got, including the one for
> the ENGINE you're using
And so in order to free all structural references of an ENGINE * e, I could
just do this?-
while( e->struct_ref > 0 ) {
ENGINE_free( e );
}
And to keep all but one functional refer
Thanks for the response, Steve.
Alex
On Apr 4, 2012, at 4:58 PM, Steve Marquess wrote:
> On 04/04/2012 07:17 PM, Alex Chen wrote:
>> Steve,
>>
>> Unfortunately it has been four weeks and the status is still stuck in
>> 'coordination'. Well, we all know the government pace is a 'little
>> slower
On 04/04/2012 07:17 PM, Alex Chen wrote:
> Steve,
>
> Unfortunately it has been four weeks and the status is still stuck in
> 'coordination'. Well, we all know the government pace is a 'little
> slower' than the rest of the industry. There is a 'finalization'
> status after 'coordination', what is
On Tue, Apr 03, 2012, Naveen Nathan wrote:
> On Wed, Apr 04, 2012 at 03:12:26AM +0200, Dr. Stephen Henson wrote:
> > On Tue, Apr 03, 2012, Naveen Nathan wrote:
> >
> > > > > > That's because the ASN1_OBJECT is a little different. Some standard
> > > > > > OIDs are
> > > > > > set to a fixed valu
Steve,
Unfortunately it has been four weeks and the status is still stuck in
'coordination'.
Well, we all know the government pace is a 'little slower' than the rest of the
industry.
There is a 'finalization' status after 'coordination', what is involved in that
status?
When an application rea
On 4 Apr 2012, at 12:10 PM, Sunjeet Singh wrote:
> If I have multiple SSL connections using an engine at the same time, IS IT
> TRUE THAT-
> 1. I should have at least one structural and one functional reference for the
> entire duration within which the engine will be used i.e., between the call
Hi,
I'm working on an OpenSSL Engine implementation and I don't entirely get the
idea behind Structural and Functional references. So, I'd be very grateful if
someone could comment on my approach of handling references.
If I have multiple SSL connections using an engine at the same time, IS IT
http://lmgtfy.com/?q=openssl+random+number
> From: Alex Chen [mailto:alex_c...@filemaker.com]
>
> There is a 'rand' command in the openssl command line tool to generate
> 'pseudo' random number generator. But I cannot find the API from
> either the 'ssl' or 'crypto' man pages.
> Can someone poin
There is a 'rand' command in the openssl command line tool to generate 'pseudo'
random number generator. But I cannot find the API from either the 'ssl' or
'crypto' man pages.
Can someone point me to the API page if it is available?
Is this RNG implementation different in the regular distributi
Yeah, that was the problem. RC2 was disabled in the build.
Thanks,
-binlu
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Dr. Stephen Henson
Sent: Tuesday, April 03, 2012 1:59 PM
To: openssl-users@openssl.org
Subject: Re: pkc
Hi Andy,
> -Original Message-
> From: Andy GOKTAS
>
> I'm generating a CSR and need to include subjectAltNames (about 6 of
> them).
>
> I remember reading (but I could be dreaming) a while back
> that you MUST
> include your CN in the subjectAltName list - and it should be listed
> first i
Hi,
We are using OpenSSL DH for key establishment in our product. Recently we
increased the size of P parameter to 2048 bits from 640 bits (we use g
parameter of value 5), which is in accordance with the latest NIST standard
document. Using the established shared secret, we are deriving 4 sub keys
On 04/04/2012 02:51 PM, brajan wrote:
I am using openssl 0.9.8g version .
i convert the PEM certificate file to X509 format and try to read the key
usage value .
Keyuage =lCertificate->ex_kusage ;
Some time the keyusage = 128
Some time Keyusage is 0 for the same certificate . why this problem o
On Wed, Apr 04, 2012, brajan wrote:
>
> I am using openssl 0.9.8g version .
>
> i convert the PEM certificate file to X509 format and try to read the key
> usage value .
> Keyuage =lCertificate->ex_kusage ;
>
> Some time the keyusage = 128
> Some time Keyusage is 0 for the same certificate . w
I am using openssl 0.9.8g version .
i convert the PEM certificate file to X509 format and try to read the key
usage value .
Keyuage =lCertificate->ex_kusage ;
Some time the keyusage = 128
Some time Keyusage is 0 for the same certificate . why this problem occurs
...
--
View this message in con
On 04/04/2012 11:01 AM, Christian Weber wrote:
Dear users and developers,
we just read through some of the code examples for SRP usage.
Concerning the necessary callbacks we wonder why in
s_server.c the verifier parametrization is being delayed.
Within apps/s_server.c we can find the comment:
Hello,
I’m generating a CSR and need to include subjectAltNames (about 6 of
them).
I remember reading (but I could be dreaming) a while back that you MUST
include your CN in the subjectAltName list - and it should be listed
first in the subjectaltname list, otherwise it won’t work; or you will
Hi All,
What is the difference between CVE-2009-3555 and CVE-2011-1473. Both are
related to SSL renegotiation issue.
Please let me know is there any patch to fix this problem. Is there any
openssl version with fixes for the above two vulnerabilities.
Thanks,
Gayathri
Hi,
I had earlier posted query on AES_Keywrap() usage and had good response on
the same and got lot of things clarified. Now i am successful in using
AES_wrap_key() API but i am running into a new problem.
I need to wrap 512bit key with 256 bit KEK key. When i do this, i am hitting
seg fault in A
Le 04/04/2012 05:22, Curt Sampson a écrit :
[...]
In fact, if one can be encoded in a shorter form than the other, it MUST
be encoded in that shorter format. This is because certificates use DER,
not BER, and DER says that.
As pointed by Peter Sylvester, BER doesn't allow useless leading 00
Dear users and developers,
we just read through some of the code examples for SRP usage.
Concerning the necessary callbacks we wonder why in
s_server.c the verifier parametrization is being delayed.
Within apps/s_server.c we can find the comment:
"When the callback is called for a new connect
23 matches
Mail list logo
