immy bahuleyan
> Sent: Monday, July 30, 2007 6:55 AM
> To: openssl-users@openssl.org
> Subject: Re: i2d_DSAPublicKey
>
> Hi,
>
> Edward Chan wrote:
> > When I call this function, I can see from the generated binary data
that
> > the format is the public key, followed
When I call this function, I can see from the generated binary data that
the format is the public key, followed by the P param, followed by 3
bytes which I don't know what they are, followed by the Q param,
followed by the G param.
Can anybody tell me what those 3 bytes?
I haven't tried gen
Hi there,
Wondering if anybody has built debug version of openssl? I tried doing
this, in the hopes that I could step into the code if I had the symbols.
I recall doing this successfully back when I was using 0.9.7, but I just
tried with 0.9.8e and I'm unable to step into any openssl functions
-Original Message-
> From: [EMAIL PROTECTED] [mailto:owner-openssl-
> [EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson
> Sent: Wednesday, July 25, 2007 4:22 AM
> To: openssl-users@openssl.org
> Subject: Re: nasm vs. masm
>
> On Wed, Jul 25, 2007, Edward Chan wrote:
Anybody have any idea which assembler is preferred when building with
VC8?
Hi there,
Just curious if anybody has done any profiling of openssl's memory
usage? Is there much heap contention? Has anybody tried plugging in a
3rd party memory manager such as Hoard, or SmartHeap to see if there is
any performance improvement?
Thanks,
Ed
this!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Christophe Devine
Sent: Saturday, April 21, 2007 2:03 AM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library
Edward Chan <[EMAIL PROTECTED]> wrote:
> But I think this always returned me 128 b
D]
[mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni
Sent: Friday, April 20, 2007 9:31 PM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library
On Fri, Apr 20, 2007 at 03:43:41PM -0700, Edward Chan wrote:
> I apologize for the confusion. I thought I had stated the problem
> before
I thought I tried this, but let me try again.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Christophe Devine
Sent: Saturday, April 21, 2007 2:03 AM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library
Edward Chan <[EMAIL PROTECTED]> wrote:
11:00 AM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library
On Fri, Apr 20, 2007 at 10:34:55AM -0700, Edward Chan wrote:
> I think the issue is with on the wire interoperability. Let me
> summarize my tests so far.
>
> Openssl to openssl - this works 100%
> CAP to CAPI -
But I think this always returned me 128 bytes. So am I supposed to
bzero the output buffer first?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Christophe Devine
Sent: Friday, April 20, 2007 12:00 PM
To: openssl-users@openssl.org
Subject: Re: BIGNUM lib
7:53 AM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library
On Fri, Apr 20, 2007 at 01:12:29PM +0530, jimmy wrote:
> Edward Chan wrote:
> > I have more info on this now. I just tried openssl with bsafe
crypto-c
> > me. Again, I get sporadic failures. When I compare the 2 computed
n the ASN.1 format for BIGNUM's over
the wire?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson
Sent: Thursday, April 19, 2007 3:14 AM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library
On Wed, Apr 18, 2007, Edward Chan wrote
EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson
Sent: Tuesday, April 17, 2007 4:40 PM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library
On Tue, Apr 17, 2007, Edward Chan wrote:
> The problem with CryptoAPI is that it doesn't give you direct access
to
> the shared secret. But I sus
15:23AM -0700, Edward Chan wrote:
>
> > BN_bn2bin(dh->pub_key, buf);
> > ReverseBytes(buf, size); // MS CAPI requires this in little-endian
>
> Reversing the BER encoded bytes of a big endian integer does not yield
> the BER encoding of the correspoding little-endian inte
pr 17, 2007 at 11:15:23AM -0700, Edward Chan wrote:
> BN_bn2bin(dh->pub_key, buf);
> ReverseBytes(buf, size); // MS CAPI requires this in little-endian
Reversing the BER encoded bytes of a big endian integer does not yield
the BER encoding of the correspoding little-endian integer.
--
L PROTECTED] On Behalf Of Edward Chan
Sent: Tuesday, April 17, 2007 11:15 AM
To: openssl-users@openssl.org
Subject: RE: BIGNUM library
The problem with CryptoAPI is that it doesn't give you direct access to
the shared secret. But I suspect it is wrong since the
encryption/decryption fails
;ll let you
know what I find. Thanks!
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson
Sent: Tuesday, April 17, 2007 11:03 AM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library
On Tue, Apr 17, 2007, Edward Chan wrote:
> Right
Behalf Of Victor Duchovni
Sent: Tuesday, April 17, 2007 8:49 AM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library
On Tue, Apr 17, 2007 at 08:42:12AM -0700, Edward Chan wrote:
> Thanks for the reply. So I'm a bit confused as to how different
crypto
> packages interoperate. I&#
Thanks for the reply. So I'm a bit confused as to how different crypto
packages interoperate. I've been having a problem with MS CryptoAPI
doing a DH key exchange with OpenSSL. There are some quirks such as
byte order, and a couple other things. But for the most part, I have it
working. But oc
:[EMAIL PROTECTED] On Behalf Of Edward Chan
Sent: Monday, April 16, 2007 4:27 PM
To: openssl-users@openssl.org
Subject: BIGNUM library
How easy or difficult would it be to extract just the BIGNUM library
from OpenSSL? Are there any documents on how to do this?
Thanks,
Ed
How easy or difficult would it be to extract just the BIGNUM library
from OpenSSL? Are there any documents on how to do this?
Thanks,
Ed
Is it ok to pass the same input buffer for the output buffer when using
EVP_EncryptUpdate with RC4?
EMAIL PROTECTED] On Behalf Of Jens Doenhoff
Sent: Sunday, January 14, 2007 12:48 AM
To: openssl-users@openssl.org
Subject: Re: SSL_CTX_load_verify_locations on linux
Hi.
--On Friday, January 12, 2007 11:24:42 PM -0800 Edward Chan
<[EMAIL PROTECTED]> wrote:
> Does anybody know where th
nson
Sent: Saturday, January 13, 2007 11:05 AM
To: openssl-users@openssl.org
Subject: Re: Doing a DH key exchange between OpenSSL and MS CryptoAPI
On Sat, Jan 13, 2007, Edward Chan wrote:
> I do call the OpenSSL DH crypto API's in my openssl client. But in my
> Microsoft CryptoAPI cli
, i think uses the OpenSSL
crypto APIs.
On 12/20/06, Edward Chan <[EMAIL PROTECTED]> wrote:
Has anybody done this? I can get it to work when both ends are the
same. But I can't do it when they are different. I also notice the
public key computed by CryptoAPI is 16 bytes larger
Hi there,
Does anybody know where the trusted root certificates can be found on
linux? I'm basically looking for the equivalent to the Windows
certificate store on Linux so I can point
SSL_CTX_load_verify_locations() to these trusted root ca certs. Or is
there a way I can use a default locati
If it is different for different libs, how do
libs inter-operate with each other?
Thanks,
Ed
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Edward Chan
Sent: Friday, December 22, 2006 11:28 PM
To: openssl-users@openss
Is the cert PEM or ASN1 encoded? I think
SSL_use_certificate_chain_file() only works with PEM. Are you passing
SSL_FILETYPE_ASN1 for the type parameter to SSL_use_certificate_file()?
If so, that might explain why one works and the other doesn't.
Ed
Fr
I'm playing with various crypto libraries to encrypt/decrypt in
AES-128-CTR. 2 of the 3 libs inter-operate fine with each other; i.e. I
can encrypt with one and decrypt with the other and vice versa.
However, when I use openssl with any of these libs, I am having
problems. It seems like up to the
Has anybody done this? I can get it to work when both ends are the
same. But I can't do it when they are different. I also notice the
public key computed by CryptoAPI is 16 bytes larger than that computed
by OpenSSL which I assume is due to some hdr information in the KEYBLOB
that MS generates?
Can anybody point me to some examples on how to use AES-128 in counter
mode? Is this supported thru the EVP interface, or do I need to use the
lower-level API's, such as AES_128ctr_encrypt/decrypt()?
Also, looking at the signature of these API's in aes.h, I don't see a
return code, or anything in
Is ECC only used where public key crytography would be used? As a
replacement for DH, for example? Or can it be used where symmetric
cryptography would be used?
Also, are there any IP issues related to using it? I thought I read
that many aspects of ECC has been patented by various people and
c
Title: BSafe vs. OpenSSL
Has anyone done any performance measurements with Bsafe vs. OpenSSL for AES encryption? Or even for general SSL performance? Would you recommend Bsafe over OpenSSL for some things and not others, or vice versa?
I'm sure OpenSSL is faster :) But just curious what o
server like that.
Thanks,
Ed
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Olaf Gellert
> Sent: Thursday, November 02, 2006 1:25 AM
> To: openssl-users@openssl.org
> Subject: Re: How to do client verification?
>
> Hi,
>
get_verify_result(ssl);
}
}
}
}
X509_free(cert);
}
return X509_V_ERR_APPLICATION_VERIFICATION;
}
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Edward Chan
> Sent: Wednesda
I want to verify that whoever the client is claiming to be, is actually
allowed to connect. However, I don't know where to find this
information in the cert. Are there standard fields where this
information can be found. For example, in the book, "Network Security
with OpenSSL", there is sample
Title: How to do client verification?
Hi there,
I'm wondering what is the usual criteria for doing client verification? I've got everything coded to ask the client for a cert, and I get the cert by calling SSL_get_peer_certificate(). But I don't know what to check for to verify the client
I think that would be a very useful feature to have! I could definitely
benefit from this in my application. I look forward to when this
becomes available :)
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz
> Sent: Thursday, October
Title: How to get an X509* from a PEM encoded certificate file
I've got some questions about the following API's:
SSL_CTX_use_certificate_chain_file()
SSL_CTX_use_certificate_file()
SSL_CTX_add_extra_chain_cert()
If I have a single PEM encoded file that contains multiple certs, I should
I'm sure David will have more to say about how the locking callbacks are
used in OpenSSL. But my understanding is that just because you
implement these, you still cannot freely call SSL_read/SSL_write from
different threads without the proper locking. The reason is because you
have direct access
/* break; */
> }
>
> you can find the code in /apps/s_server.c
>
> Edward Chan wrote:
>
> > SSL_accept() is returning <= 0. And when I trace out the err msg
> > using the following code
>
Title: Can SSL_accept() return SSL_ERROR_WANT_READ/WRITE for blocking sockets?
SSL_accept() is returning <= 0. And when I trace out the err msg using the following code
int iRet = SSL_accept(m_pSSL);
if (iRet <= 0)
{// handshake failed
char buf[25
Title: ERR_get_error() or SSL_get_error()?
If SSL_accept() returns <= 0, and I want to see what the error is, should I be calling this to get a string description of the error:
int ret = SSL_accept();
if (ret <= 0)
{
char buf[256];
ERR_error_string_n(ERR_get_error(), buf,
Title: Can OpenSSL be built as static libs?
I was wondering if OpenSSL can be built as static libs as I don't want people to be able to simply replace the dll's with their own.
Thanks,
Ed
or is there another or better way?
_
From: Edward Chan
Sent: Saturday, July 23, 2005 10:25 AM
To: 'openssl-users@openssl.org'
Subject: Getting public key out of an X509 object
Can someone point me to how I can get the publi
Title: Getting public key out of an X509 object
Can someone point me to how I can get the public key out of an X509 object? Basically, what I am trying to achieve is to sign something using the EVP interface and either a DSA or RSA private key, where the associated public key is in the cert.
Horray...that is it. Thanks!!!
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Edward Chan
> Sent: Thursday, July 21, 2005 11:00 AM
> To: openssl-users@openssl.org
> Subject: RE: d2i_RSAPublicKey doesn't work
>
> S
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dr.
> Stephen Henson
> Sent: Thursday, July 21, 2005 10:23 AM
> To: openssl-users@openssl.org
> Subject: Re: d2i_RSAPublicKey doesn't work
>
> On Thu, Jul 21, 2005, Edward Chan wrote:
&g
turns me null back.
Does the code look right?
Thanks,
Ed
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dr.
> Stephen Henson
> Sent: Thursday, July 21, 2005 4:12 AM
> To: openssl-users@openssl.org
> Subject: Re: d2i_RSAPu
rect?
Thanks,
Ed
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dr.
> Stephen Henson
> Sent: Wednesday, July 20, 2005 5:48 PM
> To: openssl-users@openssl.org
> Subject: Re: d2i_RSAPublicKey doesn't work
>
PROTECTED] On Behalf Of Nils Larsch
> Sent: Tuesday, July 19, 2005 12:36 AM
> To: openssl-users@openssl.org
> Subject: Re: d2i_RSAPublicKey doesn't work
>
> Edward Chan wrote:
> > If you're referring to http://www.openssl.org/support/faq.html
> >
> >
essage-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Nils Larsch
> Sent: Monday, July 18, 2005 1:10 PM
> To: openssl-users@openssl.org
> Subject: Re: d2i_RSAPublicKey doesn't work
>
> Edward Chan wrote:
> > What am I doing wrong here? I
Title: d2i_RSAPublicKey doesn't work
What am I doing wrong here? I generate an RSA key. Then I DER encode it. Then try to decode it, but the decode fails. The error says, "error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long"
RSA* rsa = RSA_generate_key(2048, RSA_F4, 0,
Title: Question about BIO->num_read & BIO->num_write
Just want to confirm that these are a running total of number of bytes read and written by this BIO, and not the number of bytes last read or written. Is that correct?
Thanks,
Ed
Title: Compile error in n_pkey.c with 0.9.7g on Win32 using ntdll.mak and nasm
Crap. Nevermind. I forgot to
run
> perl Configure VC-WIN32
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Edward
ChanSent: Wednesday, June 08, 2005 1:51 PMTo:
openssl-users@opens
Title: Compile error in n_pkey.c with 0.9.7g on Win32 using ntdll.mak and nasm
I get the following compile error:
cl /Fotmp32dll\f_string.obj -Iinc32 -Itmp32dll /MD /W3 /WX /G5 /Ox /O2
/Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDI
AN -DDSO_WIN32
For what it's worth, I've built OpenSSL several times (using VC6), each time
just following the instructions in INSTALL.W32 with NASM and it built fine.
Ed
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Dr.
> Stephen Henson
> Sent: Monday, May 0
Title: Does nFast800 work with OpenSSL on Windows?
Looking at their website, they say that software support for this card includes OpenSSL on Linux. But on Windows, they only mention CryptoAPI. Does anybody know if this means it doesn't work with OpenSSL on Windows? I've sent them an email
Title: Anybody using SafeNet Luna PCI crypto acclerator card?
I've got a C program that uses OpenSSL and I'm trying to use the SafeNet Luna card with it. I've downloaded a modified version of OpenSSL from them which includes support for this LunaCA3 engine, but am still having trouble getting
Thanks for the info. One last question :) So if I am using blocking
sockets, than would I ever get a WANT_WRITE error? I'm guessing no?
But if I am using BIO pairs, and blocking sockets, is it possible to get a
WANT_WRITE error?
Sorry, that was two more questions.
Ed
> -Original Message-
Title: Can anybody share some ENGINE sample code?
Does anybody have some working code that enables the use of crypto hardware using the ENGINE API's and would be willing to share it?
n
> was shut down cleanly (SSL_ERROR_ZERO_RETURN).
>
>
> -Joe
>
>
>
> On Apr 17, 2005, at 9:12 PM, Edward Chan wrote:
>
> > Does SSL_read always return the number of bytes of application data
> > read?
> > If so, that means that SSL_re
First of all, I want to thank everyone for all the information, especially
David with his excellent explanations. I know this thread is getting long,
but I really think I'm getting it now :) Just a few more questions and
comments...
> > > There may not be any application data, but there should
> > Yes, I think I understand what you are saying. If I get a
> WANT_READ
> > from a call to SSL_write, that means I need to read some
> data before I
> > can send.
>
> Not quite, it means the OpenSSL engine must read some
> data (from the
> socket) before you can perform the 'write' l
m the same operation again with the
> same parameters, but that does not exclude you from
> performing the other operation elsewhere. Just make sure that
> two threads aren't trying to do this at the same time on the
> same connection.
>
>
>
>
>
>
> On Apr
Ok, this is getting much clearer. Last question (hopefully)...so if an
SSL_write gets a WANT_READ, is it ok for the read thread to do an SSL_read
before I retry the SSL_write? Does it matter who does the requested
operation as long as it is done? Or does the read thread have to wait until
the wr
Thanks for this explanation. As I read more, I think I am getting a better
understanding of this. So unlike normal tcp connections, where a read juts
reads, and a write just writes, SSL_read may write, and SSL_write may read.
This is all done under the hood, so I don't need to be concerned with t
Title: Confusion about SSL_ERROR_WANT_READ/WRITE
I have an app where reads and writes happen from different threads. Now, ideally, one would envision that I just replace the reads/writes with SSL_read/SSL_write. Now I know it is not as simple as that.
What exactly is the meaning of the SSL_
that I can use
whatever crypt accelerator card the user has.
Thanks for all the help.
Ed
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]
> Sent: Friday, April 08, 2005 4:23 AM
> To: openssl-users@openssl.org
> Subject: Re: Use of Engines
>
penssl engine ubsec -
>
> Or you could just look into the ubsec engine codes for the
> definitions.
>
> -Tan Eng Ten
>
> Edward Chan wrote:
> > Is it required to call ENGINE_init()?
> >
> > Or is this sufficient
> >
> > ENGINE* e = ENGIN
Title: Use of Engines
Is it required to call ENGINE_init()?
Or is this sufficient
ENGINE* e = ENGINE_by_id(id);
ENGINE_set_default(e, ENGINE_METHOD_ALL);
I have looked in various code, and I mostly see the latter. But in the stunnel code, I see them doing
ENGINE* e = ENGINE_by_id(id
I don't know if /dev/random is available on all linux machines. But I think
it is. But as for Windows, which does not have /dev/random, I believe
OpenSSL seeds the PRNG on Windows automatically using a variety of clever
ideas and sources of entropy. It is probably better than what you could
come
transport
> (e.g. TCP), it may be necessary to
>read several packets from the transport layer before
> the record is complete and SSL_read() can succeed.
>
> it speaks to what you are inquiring about
>
>
>
> Edward Chan wrote:
>
> > I have a question abo
Title: SSL_read()
I have a question about SSL_read(). Am I correct in my understanding that SSL_read() will not read from the socket as long as there is data in the ssl buffers available for processing? And if there is data in the ssl buffer but it cannot be processed because we don't have a
Title: Support for CryptoSwift PCI cards
I was told that the CryptoSwift card from SafeNet is no longer being marketed and has been replaced with something called Luna PCI. Does OpenSSL 0.9.7d support this card? And if so, do you use the same engine string as used for the CryptoSwift card?
Title: Question about bio pairs
I know it's been talked about many times before, and I've read thru the archives, but I still don't quite get it. If I want to use I/O completion ports on Windows, I can perform the I/O as I normally would. But after reading the encrypted data off the socket,
Title: Using CryptoAPI to verify a cert
Does anybody know how to use the Microsoft Crypto API's to verify a cert. Given an X509 object, I've created a CERT_CONTEXT using the Crypto API, CertCreateCertificateContext(). And I've got a handle to the Windows certificate store, using CertOpenSyst
Ah, cool. Thanks!
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Nils Larsch
> Sent: Saturday, March 05, 2005 11:10 AM
> To: openssl-users@openssl.org
> Subject: Re: What does the "subject name's hash" mean?
&
bject name's hash" mean?
>
> Edward Chan wrote:
> > Sorry for all the questions today. But I'm looking at the
> > SSL_CTX_load_verify_locations() API and the 3rd arg. This
> specifies,
> > "The name of a directory containing CA certificates. Each
> file
Title: What does the "subject name's hash" mean?
Sorry for all the questions today. But I'm looking at the SSL_CTX_load_verify_locations() API and the 3rd arg. This specifies, "The name of a directory containing CA certificates. Each file in the directory must contain only a single CA certi
> To: openssl-users@openssl.org
> Subject: Re: Does anybody know where certs are installed on Windows?
>
> Edward Chan wrote:
>
> >I understand the usage of the API. What I mean is, how do you know
> >what directory or file to specify, if this is not easily known? Dr.
omatic.
> CryptoAPI and Openssl can share info via compatible
> structures, but that is about as far as it goes. The rest is
> up to you.
>
> Jim
>
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of Edward Chan
> Se
> The file would contain one or more CA public keys and the
> directory is ca public keys with the name of the file being a
> hash of the ca name with a .0 extension.
>
> Darya
>
> -Original Message-
> From: Edward Chan [mailto:[EMAIL PROTECTED]
> Sent: Friday, Ma
Thursday, March 03, 2005 1:09 PM
> To: openssl-users@openssl.org
> Subject: Re: Does anybody know where certs are installed on Windows?
>
> On Thu, Mar 03, 2005, Edward Chan wrote:
>
> > Is there a Win32 API or something that can tell me where certs get
> > installed o
-users@openssl.org
> Subject: Re: Questions about cert verification
>
> Edward Chan wrote:
>
> > I've been trying to follow the examples in "Network Security with
> > OpenSSL". But I just don't get it. I know, I'm an idiot. Can
> >
Title: Questions about cert verification
I've been trying to follow the examples in "Network Security with OpenSSL". But I just don't get it. I know, I'm an idiot. Can somebody point me in the right direction with the appropriate API's to use for doing the following:
I have a digital signa
Title: Questions about digital signatures
Below is code that I got from the "Network Security with OpenSSL" book to sign a piece of data using a certificate generated and signed by a CA I created (error checking left out). It seems to work. But I'm curious about what sort of information goes
Title: Does anybody know where certs are installed on Windows?
Is there a Win32 API or something that can tell me where certs get installed on Windows?
Thanks,
Ed
Title: Using SSL_read with Windows Overlapped I/O
Nevermind, I found some info in the acrhives. Again,
I should have looked before I posted. My
apologies.
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Edward
ChanSent: Sunday, February 13, 2005 12:22 AMTo:
o
Title: Using SSL_read with Windows Overlapped I/O
Can somebody describe how, if possible, to use OpenSSL with Windows overlapped I/O?
Title: PEM_write_DSA_PUBKEY
I'm trying to write the public/private keys to a PEM file. I'm using the book "Network Security with OpenSSL" as a reference which says I need to use PEM_write_DSA_PUBKEY, but I can't find this anywhere in the openssl source. I'm using 0.9.7d. I see PEM_write_DSA
I was also having some problems with SSL_read() and SSL_write(). My
application does read and write from different threads. My problems seem to
have gone away after reading David's comment that 2 threads can't be reading
and writing at the same time on the same SSL connection. So I've added a
mu
Title: Cryptographic accelerators
Hi there,
Of the accelerator's that OpenSSL supports, which are the more popular? And what are people's experiences with these cards?
I want to get 1 or 2 to test with and was wondering which ones you would recommend to get.
Thanks,
Ed
Title: SSL_read & SSL_write and retry
Hi there,
I've been trying to figure out the correct way to use SSL_read and SSL_write with retry and auto retry mode, etc. I'm a little confused. I've got a program that uses blocking sockets, and select (I only use select to check for readability of
My understanding is that SSL_read is similar to the regular read() call in
its semantics. That means the m_length arg you supplied is the max number
of bytes to read (so this obviously should be <= size of the buffer
supplied). It will read what ever is available, up to a max of m_length.
So if y
Great. Thanks for the info.
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED] On Behalf Of
> Bernhard Froehlich
> Sent: Monday, January 31, 2005 11:39 PM
> To: openssl-users@openssl.org
> Subject: Re: Seed PRNG on Windows
>
> Edwa
s@openssl.org
> Subject: Re: Seed PRNG on Windows
>
> Edward Chan wrote:
>
> > Hi there,
> >
> > Just wondering what people typically use to seed the PRNG
> on Windows.
> > On linux, there is /dev/random. But there is no such device for
> > Windows.
Title: Seed PRNG on Windows
Hi there,
Just wondering what people typically use to seed the PRNG on Windows. On linux, there is /dev/random. But there is no such device for Windows. I've heard of EGADS, but when I installed the EGADS service, I found it to be a huge memory hog. Are there
Title: Does anyone use egads?
Hi there,
Just wondering if anyone uses Entropy Gathering And Distribution System (EGADS)? I'm using it on Windows. But I just noticed, it is a HUGE memory hog. Just starting up the egads service, it immediately takes up almost 150Mb of RAM.
Does that sound
1 - 100 of 130 matches
Mail list logo
