Re: Running SSL on own socket code

2011-06-02 Thread Neo Liu
On Wed, Jun 1, 2011 at 10:22 PM, Victor Duchovni < victor.ducho...@morganstanley.com> wrote: > On Tue, May 31, 2011 at 09:05:29AM -0400, Jeff Saremi wrote: > > > I'd like to know the feasibility or complexity around using my own > > socket code with OpenSSL's ssl code. If I provide OpenSSL with a

Re: How to derive EAP-TLS key material from TLS?

2011-06-01 Thread Neo Liu
On Wed, Jun 1, 2011 at 5:49 PM, Robin Seggelmann wrote: > > _key, but how can I find the PRF api used to calculate: > as Michael stated, the function SSL_tls1_key_exporter() is exactly what > you're looking for. The TLS Key Exporter is described in RFC 5705. The > patch #1830, which Michael also m

Re: How to derive EAP-TLS key material from TLS?

2011-05-31 Thread Neo Liu
sed to calculate: RPF(master_secret, "client EAP encryption", client_random || server_random) > Best regards > Michael > > > > Thanks > > > > Neo LIu > > __ > OpenSSL Project

How to derive EAP-TLS key material from TLS?

2011-05-30 Thread Neo Liu
V V V Figure 2 - EAP-TLS Key Hierarchy How could I do this in OpenSSL? Thanks Neo LIu

Re: SSL Communication using BIO

2011-05-23 Thread Neo Liu
I think you can read this article and it will be help. http://www.lenholgate.com/blog/2002/11/using-openssl-with-asynchronous-sockets.html On Mon, May 23, 2011 at 4:59 PM, Harshvir Sidhu wrote: > David, >So are you suggesting that i change the approach in my Code. My > application is for Win

Re: SSL Communication using BIO

2011-05-22 Thread Neo Liu
BIO pair is non-blocking BIO, so you need to call SSL_accept() or SSL_do_handshake() for server times. The example code looks like follows: BIO_write(ebio, ...) SSL_accept(ssl) BIO_read(ebio, ...) you can use BIO_pending() and BIO_wpending() to watch the buffer status of the BIO pairs. On Mon, M

Re: Can openssl support EAP-TLS?

2011-05-18 Thread Neo Liu
I found an answer on the StackOverFlow. http://stackoverflow.com/questions/2512026/x-509-certificate-based-authentication-with-openssl-without-using-sockets It may work and I am trying on it. On Wed, May 18, 2011 at 3:35 PM, Neo Liu wrote: > Thanks for your advice. > I have another qu

Re: Can openssl support EAP-TLS?

2011-05-18 Thread Neo Liu
the "other side" of the SSL engine). > > > I'm sure others might be able to explain it better, but it's a technique > I've used in cases where I can't have SSL "front" a traditional socket. > > > > > > --

Re: Can openssl support EAP-TLS?

2011-05-17 Thread Neo Liu
On Thu, May 12, 2011 at 10:18 AM, Rene Hollan wrote: > If you're looking to do authentication, freeradius will do EAP, and talk > to openssl for the TLS part (and an LDAP server for the actual > authentication and authorization). > -- > > FreeRADIUS is too big for me.

Can openssl support EAP-TLS?

2011-05-10 Thread Neo Liu
Hi, everyone: I wanna know that if openssl support EAP-TLS protocol?