On Sep 9, 2014, at 1:03 PM, Ted Byers wrote:
>> El 09/09/2014 20:39, "Larry Bugbee" escribió:
>>>
>>> In the FWIW column
>>>
>>> Please don't mangle names by forcing C++ namespaces. Some us call OpenSSL
>>> fr
In the FWIW column Please don't mangle names by forcing C++ namespaces.
Some us call OpenSSL from Python (and other dynamic languages) and depend on
the C naming convention. Adding a "OSSL_" prefix is fine; mangling creates
huge problems.
-- Sent fm iTouch via Boxer
> From: owner-op
On Apr 28, 2014, at 1:53 AM, Mat Arge wrote:
> You'd still have incrementally growing serial numbers
> (which is actually bad by itself) but from distinct ranges.
...or perhaps random within the range.
smime.p7s
Description: S/MIME cryptographic signature
I wish you good luck. I was unsuccessful. Be sure to ask why not. For more
google applink.c+bugbee
-- Sent fm iTouch via Boxer
On April 2, 2014 at 11:45:44 AM PDT, Mohan Kumar wrote:Hi,
I am writing a DLL plugin which works with a third party plugin. The DLL uses
open ssl. I was ab
Sent from iTouch
> On Mar 7, 2014, at 11:42 AM, "Li, David" wrote:
>
> Hi,
>
> I am new to openssl C APIs. So I wrote a simple test to encrypt and decrypt a
> 15 byte ASCII string using AES128. The encryption seems OK and the encrypted
> length is 16. But the decryption always failed at
On Mar 8, 2014, at 11:23 AM, Larry Bugbee wrote:
> On Mar 7, 2014, at 11:42 AM, "Li, David" wrote:
>
>> Hi,
>>
>> I am new to openssl C APIs. So I wrote a simple test to encrypt and decrypt
>> a 15 byte ASCII string using AES128. The encryption see
On May 14, 2011, at 11:54 AM, Zico wrote:
> Do we "actually" need a third party to make our certificate? I mean, we can
> generate self-certified certificates, right? So, will my production machine
> not run if I don't use CAcert.org or GoDaddy or Verisign?
It is a matter of trust. If your se
Is it possible to define other (SHA512, SHA256, etc)
SignatureAlgorithms for use?
Yes, if you use 0.9.9-dev. Take a look at ftp.openssl.org. (Cert
sigs using 0.9.8 always used SHA-1 regardless of how I attempted to
specify SHA-256 etc.)
So, I hope that I will get sufficient information from you on how to
integrate OpenSSL into my Java application.
You might find it a lot easier if you were to use Bouncy Castle.
http://www.bouncycastle.org/
On Mar 24, 2008, at 9:28 AM, Andreas Grimmel wrote:
I found this command somewhere in a forum:
openssl x509 -in cacert-old.pem -days 1460 -out cacert-new.pem -
signkey private/cakey.pem
- in my understanding, this command takes the old cert, changes the
validity to four more years (1460 da
It seems if you use 'openssl ecparam -genkey' to create a key pair,
you cannot secure the PEM file output. You have to follow with a
second command 'openssl ec' to encrypt the private key with
AES. ...but the first command has already written the key to disk.
Is this an Oops or did I miss
I have noticed this as well. I believe it operates correctly in the
0.9.9 snapshot.
Indeed, the change log indicates a fix. Thanks. At the moment I'm
unable to get a good build with the 3/10 SNAP. ...a problem
linking .dylib.
___
It seems if you use 'openssl ecparam -genkey' to create a key pair,
you cannot secure the PEM file output. You have to follow with a
second command 'openssl ec' to encrypt the private key with
AES. ...but the first command has already written the key to disk.
Is this an Oops or did I miss
I am supposed to help with a test plan to make sure our stuff works
properly, but I'm not sure what to test. I imagine that it has to be
backward compatible, since everyone using HTTPS has to be, but am not
sure.
Other than reading the NEWS page for changes, can anyone think of
something I shoul
I've signed and consumed ECC certs just fine. My only problem is that
when I specify a hash algorithm like SHA-256, OpenSSL falls back to
the default SHA-1 for self-signed certs only.
On Feb 13, 2008, at 7:13 AM, Nabil Ghadiali wrote:
Ahh ok. That means that even if the signature is val
The source for incremental_send isn't in the book anywhere that I've
seen. I'm using the first edition (June 2002). My code does call
incremental_send, and the code I'm trying to compile is the example
code provided in the book itself (in chapter 6 - see example 6-4).
The book provides t
ere's any PKI anywhere using ECC for a US .gov.
As it
is this just ends up looking like another exotic military purchase not
related to the enterprise world. Show me an HSPD-12 spec that tells
me
I have to use ECC ;-)
Larry Bugbee wrote:
There is no substitute for legal counsel, but
And if you be a Python user, M2Crypto exposes ECC and the rest of
OpenSSL to your program.
On Jan 10, 2008, at 8:54 PM, Victor Duchovni wrote:
On Thu, Jan 10, 2008 at 10:25:00PM -0500, Victor Duchovni wrote:
Does 'openssl s_server' support this? Are there public ECC TLS
implementations thi
There is no substitute for legal counsel, but Tom had a summary that
you might be interested in...
http://libtom.org/pages/toorcon8_ecc_tstdenis.pdf
See slides 24-27.
Larry
On Jan 10, 2008, at 2:25 PM, Anilkumar Bollineni wrote:
Thanks a lot for the responses.
Bill, I agree with you that
19 matches
Mail list logo
