On Mon, Jun 30, 2014 at 4:32 PM, Jakob Bohm wrote:
> Because there is no documentation for SSL_CTX_set_tmp_ecdh_callback()
> in OpenSSL 1.0.1 and older, I am afraid I have to ask:
>
> 1. Is the EC_KEY* returned by the callback supposed to be allocated
> for each invocation or is it supposed to b
Because there is no documentation for SSL_CTX_set_tmp_ecdh_callback()
in OpenSSL 1.0.1 and older, I am afraid I have to ask:
1. Is the EC_KEY* returned by the callback supposed to be allocated
for each invocation or is it supposed to be a static shared by all
invocations?
If the latter (a
Ø Using BIO apis is there a way to specify the local ip address on which an
application can bind to.
No, you will have to open and bind the socket yourself and then create a BIO
around that descriptor.
/r$
--
Principal Security Engineer
Akamai Technologies, Cambridge, MA
IM: r
Hi,
Using BIO apis is there a way to specify the local ip address on which an
application can bind to.
In my board, i have 2 ip addresses on the interface eth0
10.x.1.3 - primary ip (board ip)
10.x.10.21 - secondary ip (virtual ip given by strongswan server as part of
ikev2 negotiations)
I want
It took a couple of hours of code hacking followed by six long months of
waiting, but at long last revision 2.0.6 of the OpenSSL FIPS Object
Module v2.0 (validation certificate #1747) has finally been approved:
https://www.openssl.org/source/openssl-fips-2.0.6.tar.gz
https://www.openssl.org/so
Hi,
OpenSSL 1.0.2 has a new interface for creating a new ECDSA_METHOD.
Unlike the corresponding RSA_METHOD structure the ECDSA_METHOD structure
is privately defined in header file ecs_locl.h, and there are functions
like ECDSA_METHOD_set_sign() etc. to override members of the structure.
From
*Guessing the context that is sent to EVP_PKEY_derive_set_peer is
initialized/created with a pkey belonging to different group. *
*In other words, EC keys of both parties in DH are not of the same group. *
On Mon, Jun 30, 2014 at 10:13 AM, pratyush parimal <
pratyush.pari...@gmail.com> wrote:
>
