Hello Jakob,
Am 03.08.2012 um 09:52 schrieb Jakob Bohm:
>> My assumption of a chain of trust is that the end of a trust chain is
>> reached (=a server or client certificate is seen as valid and secure) if the
>> whole chain of certificates ends in an entifiy where subject=issuer and
>> CA:true
Hello Dave,
Am 03.08.2012 um 03:55 schrieb Dave Thompson:
> Aside: it's a good thing you gave the server, because Outlook
> (which we use) blocks *.cer. I wish it didn't, but it does.
I've reached this "great" functionality last week, too. There's a possibility
to allow filename extensions ins
Hell,I've got a question regarding self-signed X509v3 certificates used in a TLS1.0 server/client environment. A communication partner uses a self-signed certificate as attached to this mail (can be retrieved from the TLS server 87.236.105.37:6619). My TLS client uses the following options: SSL_CTX
Hi!
Please correct me if I'm wrong, but afaik the "-stream" option doesn't
work for the openssl smime commands "decrypt" and "verify" (tested
with openssl-1.0.0-stable-SNAP-20090511, openssl-SNAP-20090511 and
openssl-1.0.0-beta2).
Regards,
Harald
Am 08.05.2009 um 12:07 schrieb kha...@sb
Hi Shankar,
if you're dealing with OFTP2 (I assume you're implementing this
because of older posts refering to the protocol and its RFC), you may
inspect the field SFIDSEC. Taken from the RFC 5024, ch. 5.3.3:
Value: '00' No security services
'01' Encrypted
is Joerg
Walter ([EMAIL PROTECTED]) or contact me ([EMAIL PROTECTED]) for openSSL
specific topics.
Regards,
Harald Latzko
c-works GmbH
> Hi Stephen,
>
> We are developing a secure communication on OFTP(RFC-5024), as per the RFC
> we need to sign the file, compress the file , encr
Hello,
I've read the following in the latest CHANGES file of the openSSL
0.9.9 snapshot 20071220:
*) Add option -stream to use PKCS#7 streaming in smime utility. New
function i2d_PKCS7_bio_stream() and PEM_write_PKCS7_bio_stream()
to output in BER and PEM format.
Does this work f
Hello Pankaj,
Am 09.11.2007 um 23:33 schrieb Pankaj Mathur:
Hi ,
I am trying to encrypt and decrypt a large file using the Openssl
API.
I am doing this by calling EVP_EncryptUpdate / EVP_DecryptUpdate
iteratively for a block size of 1024 and then calling the
EVP_EncryptFinal_ex/ EVP_Dec
both versions
and not going up to over 600MB/s like you posted. Any clues?
-Ursprüngliche Nachricht-
Von: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Im
Auftrag von Harald Latzko
Gesendet: Dienstag, 25. September 2007 20:25
An: openssl-users@openssl.org
Betreff: Re: via padlock support much slow
Hi!
I cannot confirm these performance differences between 0.9.8d and
0.9.8e. My results on a Via CPU are:
0.9.8d
==
engine "padlock" set.
Doing aes-256-cbc for 3s on 16 size blocks: 11906104 aes-256-cbc's in
3.00s
Doing aes-256-cbc for 3s on 64 size blocks: 9088256 aes-256-cbc's in
2
oh, I forgot to mention that this behaviour appears in the latest
snapshot (20070816) of openssl-0.9.9-dev.
Am 16.08.2007 um 10:30 schrieb Harald Latzko:
Hello!
Am 14.04.2007 um 00:04 schrieb Dr. Stephen Henson:
'tis done.
I found a quiet period to look into it and test it a l
Hello!
Am 14.04.2007 um 00:04 schrieb Dr. Stephen Henson:
'tis done.
I found a quiet period to look into it and test it a little. Check
out the new
-stream option in the smime utility for OpenSSL 0.9.9.
Support in the API is quite simple too, just include the
PKCS7_STREAM flag in
the cal
Hello,
after having read several documents, howtos, READMEs etc., i wasn't
able to compile actual daily snapshots of openssl 0.9.9 on AIX5.3
64bit with GCC 4.0.0. I've tried various combinations of ./Configure-
options, linker options and others, but none worked. It always stops
at the app
D2I_READ_BIO:malloc
failure:a_d2i_fp.c:229:
The memory consumption raised about 1.5GB on this machine before no
more memory was available, so I think the OS (Debian Linux) had no
more memory available for allocation (which explains the error message).
Is there a way to decrypt large fi
model to work from. Which
would you like me to do: AES, 3DES or BLOWFISH?
Peace,
Charles
Harald Latzko wrote:
Hi!
I tried to compile your code, but the following include files are
missing (or not included in MacOS, Linux and openSSL distribution):
- portable.h
- exception.h
- ltscrypto.h
.:
Here are examples, from my code, of both 3DES and AES. Any
questions, ask away.
Chaz.
Harald Latzko wrote:
Hi!
Do you have a solution for deryption of big files using des3 and/
or aes256, too? The openSSL command line smime utility eats up all
my memory and crashes after a while
Hi!
Do you have a solution for deryption of big files using des3 and/or
aes256, too? The openSSL command line smime utility eats up all my
memory and crashes after a while...
Greetings,
Harald
Am 17.05.2007 um 01:15 schrieb Chaz.:
[EMAIL PROTECTED] wrote:
Hi, all
I have encrypted the fi
Hi!
I use for big file encryption the new "stream" support of openSSL
0.9.9, it works perfectly. For decryption (and signature
verification), the stream support is not implemented yet. So we have
to wait until it's implemented, or find another solution. If you have
found another way to do
Hello!
Am 14.04.2007 um 00:04 schrieb Dr. Stephen Henson:
Sorry to have given you false hopes. The issue that all the data
has to
be in working memory to be encrypted is indeed starting to become
a real
annoyance in some practical circumstances. So perhaps if Stephen
Henson
should develop
Hello,
Am 14.04.2007 um 00:04 schrieb Dr. Stephen Henson:
'tis done.
I found a quiet period to look into it and test it a little. Check
out the new
-stream option in the smime utility for OpenSSL 0.9.9.
Support in the API is quite simple too, just include the
PKCS7_STREAM flag in
the call
tely satisfied :-)
Thank you very much for the great work. I'm testing at the moment
with encoding files, resulting in an extremely good performance using
hardware engines.
If anything is open or unclear, I will reply to this message.
Reg
Hello,
Am 24.03.2007 um 14:39 schrieb Dr. Stephen Henson:
No, sorry I do not know how to enable the streaming encryption
support
and it very probably will not be in the command line tool.
I only know beginnings of streaming encryption support exist from
posts
by Dr. Stephen Henson on this
Hello!
Am 23.03.2007 um 20:01 schrieb Marco Roeland:
can anybody even confirm that encrypting files via "openssl smime"
command consumes very much memory?
Yes. The PKCS7_encrypt(3ssl) function needs to hold all the data in
memory as specified in the BUGS section of its man page. As far as I
kno
Hello again,
can anybody even confirm that encrypting files via "openssl smime"
command consumes very much memory?
Regards,
Harald
Am 22.03.2007 um 19:29 schrieb Harald Latzko:
Hi!
I encrypt files via openssl on commandline using the following
command:
openssl smime -encryp
Hi!
I encrypt files via openssl on commandline using the following command:
openssl smime -encrypt -in /tmp/testfile -out /tmp/testfile.enc -
nodetach -binary -aes256 -outform DER -engine padlock /tmp/public.pem
Since I use the engine "padlock" on a VIA CPU (openssl speed show an
enormous s
Hello list!
I have problems encrypting files with the following command:
openssl smime -encrypt -in /tmp/infile -out /tmp/testencrypted -nodetach
-binary -des3 -outform DER /tmp/mypub.cer
This command is running in several versions of openSSL successfully on
several platforms (Linux, MacOS X, Wi
26 matches
Mail list logo
