Thank you Matt and Dave.
Matt,
Yes I agree that I should be calling EncryptInit and EncryptFinal only
once. That is one of the mistakes. The reason why I did that was, I am
exposing a encryption API to other functions in the project.
They dont care how encryption is done. They have a buffer ( usu
> From: owner-openssl-us...@openssl.org On Behalf Of aniluvce06
> Sent: Thursday, 25 April, 2013 07:31
> This is Anil. I have few questions related to AES encryption:
> 1. Does the size of encrypted data depends on the size of the plain
> text(considering plain text <= block size) ?
> Ex: If
>From: owner-openssl-us...@openssl.org On Behalf Of Taraniteja Vishwanatha
>Sent: Thursday, 25 April, 2013 16:43
>I was using the low level aes APIs and now have switched to EVP ones.
>My string encryption and decryption always work fine. But when it comes
>to files, I am getting malloc errors:
On 25 April 2013 21:42, Taraniteja Vishwanatha wrote:
> Hey guys,
>
> I was using the low level aes APIs and now have switched to EVP ones. My
Good. That is (in most cases) the correct approach.
> string encryption and decryption always work fine. But when it comes to
> files, I am getting mall
Hey guys,
I was using the low level aes APIs and now have switched to EVP ones. My
string encryption and decryption always work fine. But when it comes to
files, I am getting malloc errors: malloc: *** error for object : incorrect
checksum for freed object - object was probably modified after bein
Thank you!
Hi:
First post to the list.
I've been using OpenSSL with avariation of the source code from
http://www.codeproject.com/Articles/98355/SMTP-Client-with-SSL-TLS
And it works fine with all SMTP servers I've tested it but the microsoft
live.com SMTP.
smtp.live.com is for all email addresses from @
Hello,
I am acting as my own cert authority so the index.txt file is constantly
being updated as I generate new certs. However, I have noticed that things
like the DB_file field are never used in the CA program.
Is it safe for me to write some custom code that will take advantage of
that field?
Just to update - I found the section in one of the apps that copies the
extensions from the request. I was able to enable the EXT_COPY_ADD and was
able to get my SANS in the cert as well as the request.
On Wed, Apr 24, 2013 at 6:44 PM, Derek Cole wrote:
> Hello,
>
> I have some code which I am
> -Original Message-
> From: sajualways
>
> Openssl "s_server" is allowing Session Reuse on the same tcp connection
Yes, of course. Why not? The ssl protocol is taking place on a higher OSI level
than tcp, so it doesn't matter whether it's the same or a different tcp
connection.
> When
I looked at the latest smsign.c shown below modified with a large data item.
The result is still a detached and quite small like a signature. The flag
changed
and yet nothing different. It should be quite large. All I see is the API to
soign
p7 = PKCS7_sign(scert, skey, NULL, in, flags);
and trie
Openssl "s_server" is allowing Session Reuse on the same tcp connection
When a second client hello is sent with "session id" of first handshake it
is reusing i.e it is doing a session resumption instead it should do
"Renegotiation"
--
View this message in context:
http://openssl.6102.n7.nabble
Hi,
For FIPS work, we are planning to support only TLSv1.2 ciphers. Is there a
configuration option to use *only* TLSv1.2 ciphers?
we are using apache/mod_ssl engine(v 2.2.16). *SSLProtocol* directive does
not support TLSv1.1/TLSv1.2 option.
if there is no config option, which functions need to
Hi All,
This is Anil. I have few questions related to AES encryption:
---
1. Does the size of encrypted data depends on the size of the plain
text(considering plain text <= block size) ?
Ex: I
Hi All,
This is Anil. I have few questions related to AES encryption:
---
1. Does the size of encrypted data depends on the size of the plain
text(considering plain text <= block size) ?
Ex: I
Hi Steve,
Thanks for the suggestion. It worked.
*ssh_aes_ctr_iv: no context [preauth]* message was coming because i was
checking against EVP_aes_128_ctr for the type.
It should be:
Cipher.c:385 if (c->evptype == evp_aes_128_ctr)
ssh_aes_ctr_iv(&cc->evp, 0, iv, len);
Thanks,
Hi Steve,
Thanks for the suggestion. It worked.
*ssh_aes_ctr_iv: no context [preauth]* message was coming because i was
passing EVP type to that function. Now its fine after passing evp.
Thanks,
Cipher
--
View this message in context:
http://openssl.6102.n7.nabble.com/OpenSSL-internal-error-a
I changed evp_*_ctr to EVPs in cipher.c . Now SSH connection takes place, but
after authentication connection gets closed.
Here is the debug mode log.
[root@PC]# ssh -p 2024 localhost
root@localhost's password:
Write failed: Broken pipe
[root@PC]#
debug1: sshd version OpenSSH_6.1p1
debug1: read
On Thu, Apr 25, 2013, Viktor Dukhovni wrote:
> On Wed, Apr 24, 2013 at 10:35:04PM -0400, Dave Thompson wrote:
>
> > > I am assuming RSA though I would like to do ECDSA.
> >
> > These APIs will use any privatekey for which a signature
> > scheme is available; that's RSA DSA ECDSA (or pedantically
On Thu, Apr 25, 2013, redpath wrote:
> I took the sign.c example and modified it slightly to use artifacts I have,
> but it seems the result just produces a PKCS7 that has a signature?
> I want to have the data (PDF or JPG) in there as I need to use it after
> validating
> that it is trusted.
>
Exactly a non-detached, I see the constant detached and thought thats what it
meant but that road lead nowhere, so if anyone has pointers how to make a
non-detacched or modify below that would be
great.
--
View this message in context:
http://openssl.6102.n7.nabble.com/Data-and-Signature-envel
On 4/25/2013 1:13 PM, redpath wrote:
I took the sign.c example and modified it slightly to use artifacts I have,
but it seems the result just produces a PKCS7 that has a signature?
I want to have the data (PDF or JPG) in there as I need to use it after
validating
that it is trusted.
Basically I
I took the sign.c example and modified it slightly to use artifacts I have,
but it seems the result just produces a PKCS7 that has a signature?
I want to have the data (PDF or JPG) in there as I need to use it after
validating
that it is trusted.
Basically I have a piece of data and a signature an
I thought the PKCS7 was the way to go thanks.
Yes the command line is confusing as to what the PKCS7 can provide
and thats what was a paradox to me.
Any pointers to PKCS7 example code inserting objects and extracted them
would be appreciated and I do use the men_bio nicely.
--
View this messag
24 matches
Mail list logo
