Re: mini project in C using openssl

2010-10-26 Thread Suchindra Chandrahas
Another link: http://code.google.com/p/ssl3fuzzerapi/source/browse/#svn/trunk On Wed, Oct 27, 2010 at 6:34 AM, Anthony Gabrielson < agabriels...@comcast.net> wrote: > Hi, > Check this out, its a nice little C example: > > http://agabrielson.wordpress.com/2010/07/15/openssl-an-example-from-the-co

Re: S_client

2008-02-25 Thread Suchindra Chandrahas
I am not sure about this stuff however! - Original Message From: rfx <[EMAIL PROTECTED]> To: openssl-users@openssl.org Sent: Monday, February 25, 2008 12:25:24 PM Subject: Re: S_client "Use browser directly (you don't have to use openssl s_client) and point the URL tab to

Re: Tutorial

2008-02-22 Thread Suchindra Chandrahas
Hi El Hachimi, You can follow ssl3fuzzerapi.googlecode.com. It is raw SSL v3 communication Thanks, Suchindra Chandrahas - Original Message From: EL HACHIMI Driss <[EMAIL PROTECTED]> To: openssl-users@openssl.org Sent: Friday, February 22, 2008 8:23

Re: Regarding openssl function ssl3_handshake_mac

2008-01-03 Thread Suchindra Chandrahas
Thanks Jimmy, now i properly understood! Thanks and Regards, Suchindra Chandrahas jimmy bahuleyan <[EMAIL PROTECTED]> wrote: Suchindra Chandrahas wrote: > Hi All, >Just went through this in openssl source in s3_enc.c: > > static int ssl3_handshake_mac(

Re: Regarding openssl function ssl3_handshake_mac

2008-01-03 Thread Suchindra Chandrahas
OK. So, this is after the rest of the calculations. OK understood! Thanks ! Thanks and Regards, Suchindra Chandrahas Marek Marcola <[EMAIL PROTECTED]> wrote: On Thu, 2008-01-03 at 03:30 -0800, Suchindra Chandrahas wrote: > Hi All, >Just went through this in opens

Regarding openssl function ssl3_handshake_mac

2008-01-03 Thread Suchindra Chandrahas
sent in client_finished message? Please let me know if i am wrong!!! Thanks and Regards, Suchindra Chandrahas - Never miss a thing. Make Yahoo your homepage.

Re: One last question on ClientFinished

2007-12-23 Thread Suchindra Chandrahas
Thanks Mererk. Will implement the same! Thanks and Regards, Suchindra Chandrahas Marek Marcola <[EMAIL PROTECTED]> wrote: On Fri, 2007-12-21 at 22:23 -0800, Suchindra Chandrahas wrote: > Hi All, > ClientFinished message has 2 hashes (md5 and > sha1) of "Al

One last question on ClientFinished

2007-12-21 Thread Suchindra Chandrahas
f 2. above)? Thanks a lot and Regards, Suchindra Chandrahas Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now. http://mobile.yahoo.com/;_ylt=Ahu06i62sR8HDtDypa

Re: MAC Calculation help needed

2007-12-18 Thread Suchindra Chandrahas
ards, Suchindra Chandrahas Marek Marcola <[EMAIL PROTECTED]> wrote: On Mon, 2007-12-17 at 19:39 -0800, Suchindra Chandrahas wrote: > Hi All, > I am doing the following to calculate MAC > as per SSL v3 handshake: > > printf("\nRESULT: Plain Record encry

Re: MAC Calculation help needed

2007-12-18 Thread Suchindra Chandrahas
} It openssl expecting any parameter that i am not passing?, or does the mistake mean something related to a part of ClientFinished message? Thanks and Regards, Suchindra Chandrahas Marek Marcola <[EMAIL PROTECTED]> wrote: On Mon, 2007-12-17 at 19:39 -0800, Suchindra Chandraha

MAC Calculation help needed

2007-12-17 Thread Suchindra Chandrahas
g SSL packet sniffing, and it uses 64 byte key material. However, my Write MAC key, Read MAC key, Write Key, Read Key are all fine as per comparison I am implementing an opensource ssl fuzzing client without using openssl libraries extensively Thanks for your help in advance, and Regards, Suchindra C

Re: question about use SHA function

2007-12-13 Thread Suchindra Chandrahas
Hi Helios, This is probably a linker issue Thanks and Regards, Suchindra Chandrahas Helios Nguyen <[EMAIL PROTECTED]> wrote: hello everybody, I want to use function of sha library, in my program i haved put this line #include but i got this error: : und

Re: Regarding construction of MasterSecret in ssl v3 handshake

2007-12-13 Thread Suchindra Chandrahas
eturn(ret); } I guess *p above is pointer to premaster secret. I am doing the same thing here, only that EVP_Digest_Update is replaced MD5_Update/SHA_Update. I am not still sure whether my algorithm is correct or not! Thanks and Regards, Suchindra Chandrahas jimmy bahuleyan <[EMAI

Re: Regarding construction of MasterSecret in ssl v3 handshake

2007-12-13 Thread Suchindra Chandrahas
Hi Jimmy, Yes i changed the no. of bytes to 32 (both client and server random). Also, is it ok to use openssl tls1_prf for ssl v3 handshake? Thanks and Regards, Suchindra Chandrahas jimmy bahuleyan <[EMAIL PROTECTED]> wrote: Suchindra Chandrahas wrote: &g

Regarding construction of MasterSecret in ssl v3 handshake

2007-12-12 Thread Suchindra Chandrahas
by me, though both use the same mechanism Is something wrong with the MasterSecret calculation algorithm? Can i use a generic OpenSSL v3 PRF function to calculate the same, without defining the other parameters of ssl connection structure (because i am only required to calculate the MasterSecret)? Thanks and Regards, Suchindra Chandrahas - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.

Re: Regarding Client Finished message

2007-09-13 Thread Suchindra Chandrahas
Thanks Merek. I have compiled a somewhat working version of it. Hope to complete by tomorrow Thanks for Matrix SSL Thanks and Regards, Suchindra Chandrahas Marek Marcola <[EMAIL PROTECTED]> wrote: Hello, > Thanks Merek. Will start working on this. Any docs that might have > implem

Re: Regarding Client Finished message

2007-09-13 Thread Suchindra Chandrahas
Thanks Merek. Will start working on this. Any docs that might have implementations of this in some code snippet forms, because i am not so well versed with MD5/Crypto libraries ? Thanks and Regards, Suchindra Chandrahas Marek Marcola <[EMAIL PROTECTED]> wrote: Hello, > I

Regarding Client Finished message

2007-09-13 Thread Suchindra Chandrahas
in TLS, we have: master secret = PRF(server random number, client random number, pre master secret) key_material = PRF(master secret, client random number, server random number) Please advice me if there is any tls library function that finds Pseudo Random (PRF?) Thanks and Regards, S

Re: Regarding OpenSSL communication

2007-08-24 Thread Suchindra Chandrahas
. Thanks a lot again, it helped me a lot! Thanks and Regards, Suchindra Chandrahas Marek Marcola <[EMAIL PROTECTED]> wrote: Hello, > I request you to please have mercy on me. I have > to communicate to SSL v3 Server using SSL v3 Client Hello Message. The > followi

Re: Regarding OpenSSL communication

2007-08-23 Thread Suchindra Chandrahas
quot;\x02\x01\x00" /* Compression Method */ I am somehow not getting GMT and random value details in ethereal. Is the above stuff the right SSL v3 Client Hello? Please help me out as i have to finish my project tomorrow morning! Thanks and Regards, Suchindra Chandrahas Mare

Re: Regarding OpenSSL communication

2007-08-23 Thread Suchindra Chandrahas
server finished received data transfer However, i guess ssl3 handshake handler at server expects changecipherspec from client side Please let me know if i am wrong! Thanks and Regards, Suchindra Chandrahas Lutz Jaenicke <[EMAIL PROTECTED]> wrote: Suchindra Chandrahas wrote: > Hi

Regarding OpenSSL communication

2007-08-23 Thread Suchindra Chandrahas
s:SSL3_GET_CLIENT_HELLO:no ciphers passed Can you please tell me where the error is? I have sent ciphers actually Thanks and Regards, Suchindra Chandrahas - Fussy? Opinionated? Impossible to please? Perfect. Join Yahoo!'s user panel and lay it on us.

Re: error regaring libssl.so

2007-06-20 Thread Suchindra Chandrahas
I had the same issue earlier, and it got resolved once i gave -lcrypto and included -I/usr/include/openssl/rsa.h and all the .hs such as md5.h in the source You must include /usr/include/openssl/rsa.h, md5.h ... etc and linker time stuff such as -lcrypto has to be used Allen Chen <[EMAIL PROT

Re: some doubt about ssl programming

2007-03-13 Thread Suchindra Chandrahas
Hi Vladislav, THANKS A LOT. I Now understoold that i must look for client certificates time, and not that which is obtained at server end. Will progress and update. Thanks a lot for your help Suchindra Chandrahas Vladislav Marinov <[EMAIL PROTECTED]> wrote:

Re: some doubt about ssl programming

2007-03-13 Thread Suchindra Chandrahas
Hi Vladislav, I know i should not disturb you, just a small question here. What kind of fuzzing attacks can be done on an SSL based apache web server ? I just wanted a brief idea about them Thanks and Regards, Suchindra Chandrahas

Re: some doubt about ssl programming

2007-03-13 Thread Suchindra Chandrahas
Part 1 and Part 2 are the PDFs that were given in openssl.org Well, the problem is still doubtful because 1. The server certificates are recent (not expired), and 2. But they are self signed certificates (this might be a problem !) Thanks for the replies Regards, Suchindra Chandrahas Goetz

some doubt about ssl programming

2007-03-13 Thread Suchindra Chandrahas
_cert that says : if(SSL_get_verify_result(ssl)!=X509_V_OK) 39 berr_exit("Certificate doesn’t verify"); Does this mean that the host's certificate is not a X509 certificate ? Regards, Suchindra Chandrahas - Be a PS3 game guru. Get your game fa

Re: SSL Programming

2007-03-13 Thread Suchindra Chandrahas
Thanks a lot ! Let me see, i am opening it in my browser now. Seems to take too long to open Suchi Vladislav Marinov <[EMAIL PROTECTED]> wrote: Suchindra Chandrahas wrote: > Hi All, >I have to write some ssl fuzzers for a web server. Any > resources or links wo

SSL Programming

2007-03-12 Thread Suchindra Chandrahas
Hi All, I have to write some ssl fuzzers for a web server. Any resources or links would be nice ! Thanks a lot for help, Suchindra Chandrahas - It's here! Your new message! Get new email alerts with the free Yahoo! Toolbar.

Re: RFC2630 support

2005-05-24 Thread Suchindra Chandrahas
Dear madhu, Have you worked at Disc Technology Services Private Limited previously. Just got confused by the name. Please don't mind. Regards, Suchi __ Do you Yahoo!? Yahoo! Small Business - Try