One of my requirements is to use a FIPS-compliant cryptographic
module, and OpenSSL is an obvious choice. Now I understand that, when
operating in FIPS-compliant mode, all the cryptographic operations in
OpenSSL are completed atomically. In some cases, this could be a
problem. For example, if on
Oops! The -nocert option in the s_server invocation should not be there.
-- Forwarded message --
From: JCA <[EMAIL PROTECTED]>
Date: Feb 4, 2008 8:28 AM
Subject: Fwd: An OpenSSL server with NULL cipher support
To: openssl-users@openssl.org
OK, I found it. In cas
With this, the server accepts the TLS_RSA_WITH_NULL_SHA ciphersuite
without complaints.
-- Forwarded message --
From: JCA <[EMAIL PROTECTED]>
Date: Feb 3, 2008 9:44 AM
Subject: An OpenSSL server with NULL cipher support
To: openssl-users@openssl.org
I am trying to u
I am trying to use the openssl command line utility in order to
launch an SSL server supporting the NULL encryption cipher (I am
trying to debug a simple SSL client.) To that effect, I launch openssl
as follows:
# openssl s_server -accept 443 -nocert -WWW -cipher 'ALL:NULL'
The client is
Two questions: First, what is the default session ID reuse timeout for OpenSSL? Second, is it possibletwo specify that timeout in a system-wide configuration file?
againSara
On 1/23/06, JCA <[EMAIL PROTECTED]> wrote:>OpenSSL's Achilles's heel is its incomplete documentation, and the fact> that apparently nobody seems to know the answer to a large percentage of
> questions, if this forum is a measure of that. Anyway, having gone thro
OpenSSL's Achilles's heel is its incomplete documentation,
and the fact that apparently nobody seems to know the answer to a large
percentage of questions, if this forum is a measure of that.
Anyway, having gone through the exercise of putting together a
crypto engine for OpenSSL, just about th
On 1/17/06, Felix Dorner <[EMAIL PROTECTED]> wrote:
Hi,my book tells me to callRAND_load_file("/dev/random", 1024)this appears to take much too long. is there anything wrong? how manybytes do i need?thanks,felix__
OpenSSL
Project
On 12/14/05, Amir (sent by Nabble.com) <[EMAIL PROTECTED]> wrote:
Thank you for your reply,
I do not undrestand the last paragraph very well. I know how to
encrypte a file using a symmetric algorithm. But i dont know what do
you mean by "then encrypting with the RSA key"
Encrypting by by a symme
With RSA, the data to be encrypted is first mapped on to
an integer. For RSA to work, this integer must be smaller than the RSA
modulus used. In order to get things to work the way you want, if you
are using a (say) 1,024-bit RSA modulus, you must split your input data
in chunks 1,024 bits long,
I'd be interested to obtain some OpenSSL performance
measurement, in order to carry out comparisons against commercial
implementations. The problem is, in their marketing sheets, such
implementations frequently talk about the number of SSL transactions
per second. What does that mean? For some i
11 matches
Mail list logo
