wow this is pretty awesome you should give it a look
http://www.finance15dynews.net/biz/?read=9799495
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl
wow this is crazy check it out http://www.finance15elnews.net/biz/?page=7115048
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Auto
wow this is awesome give it a look
http://www.finance15cinews.net/biz/?employment=0410777
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@opens
wow this is pretty crazy you should check it out
http://www.thanews.net/biz/?employment=8003005
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users
This error has caught a lots of people, I think it deserved a new version
release to fixed this bug. Or at least saying 1.0.1a is not suitable for not
x86 platform on the web page and offering the daily snap as a work around.
As from the website, 1.0.1a is the latest released, and it contains
Hi,
Regarding this SGC-Restart DoS Attack (CVE-2011-4619), does it require the
server to use the SGC certificate or it doesn't matter what kind of certificate
is used by the server?
--
Qunying
Hi,
It seems there is an effort to provide a git repository:
http://repo.or.cz/w/mirror-openssl.git
Qunying
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
Hi,
While working on DTLS, in d1_both.c:dtls1_get_message_fragment():787~866
There are calls to OPENSSL_assert (line 787):
/* read handshake message header */
i=s->method->ssl_read_bytes(s,SSL3_RT_HANDSHAKE,wire,
DTLS1_HM_HEADER_LENGTH, 0);
if (i <= 0)
Hi,
I would like to clarify if SSL server request client to send certification, and
does not do the verification in OpenSSL (verification error is ignored, and
certificate is verified somewhere else), will the client certificate still
participate in the negotiation of keys?
Thanks
--
qun-ying
I found a solution without hacking into the library itself. Since my system is
running glibc, I forced all mem request to use mmap with
mallopt(M_MMAP_THRESHOLD, 0), which release the memory back to the system when
free is called, testing shows so far so good.
--
qun-ying
- Original Mes
Does it mean that it is hard to change the behavior?
--
qun-ying
--- On Fri, 9/24/10, David Schwartz wrote:
>
> Sounds like OpenSSL wasn't what you wanted. OpenSSL is
> intended for use on general-purpose computers with virtual
> memory. It is not designed to return virtual memory to the
> syst
Hi,
I think I should clarify something here. The app is running in a small device
that does not have virtual memory (no swap space) and the memory is limited
(256/512 M). In peek connections, it may use up to 90% of the system memory,
and when connection goes down, memory usage is not coming
Hi,
I have an SSL apllication, that it suppose to run for a long time. After some
time of running, I found the usage of the memory is growing. I stop all SSL
connections and checked all SSL * has been freed but it could not release the
memory back to the system.
After some investigation, I f
If you just want to study it, gnutls has support TLS1.2, I suppose now most
Linux distributions include it by default also.
--
qun-ying
--- On Tue, 7/14/09, Akos Vandra wrote:
> From: Akos Vandra
> Subject: Re: TLSv1.2 in openssl
> To: openssl-users@openssl.org
> Received: Tuesday, July 14
Hi,
May I know is the current version of OpenSSL supports verification for CRL with
critical extensions? I am currently runing 0.9.7m.
Thanks
--
qun-ying
__
The new Internet Explorer® 8 - Faster, safer, easier. Optimized
Ah, I miss that one. Thanks.
--
qun-ying
--- On Wed, 2/4/09, Giang Nguyen wrote:
> From: Giang Nguyen
> Subject: RE: IE could not connect to a chaine-cert's ssl server
> To: openssl-users@openssl.org
> Received: Wednesday, February 4, 2009, 2:02 PM
> i think it's because your "my-cacert.pem"
Hi,
I try to test out some chained certificates with web server. My setup is as
follow:
my-cacert.pem <== my ca certificate
level1.cert <= my level1 certificate signed by my ca
level1.key <= my level1's key file
level2.pem <= my level2 certificate use as a server side certificate
ca.pem <= incl
Averroes wrote:
> Hi all,
>
> Perhaps someone noticed this:
>
> When I create a certificate there is difference
> between system (OS) time and creation time of certificate.
> Approximately one hour.
>
>
> certificate info:
> Validity
> Not Before: Sep 14 09:57:24 2001 GMT
>
Don't use Netscape 6.01! Use Mozilla in stead (latest milestone is 0.8). It is
much more stable and with features that Netscape does not have.
--
(~._.~) Öì Ⱥ Ó¢ ¦¶ ¸s ^ (Qun-Ying) (65) 874-6643
( O )
()~*~()
(_)-(_)[EMAIL PROTECTED] * [EMAIL PROTECTED]
I am sorry for my unclear questions.
In a scenario that the signature is stored in PKCS#7 format which is encrypted
with the recipient's public key. While the data is encrypted with 3DES.
If the data are to be stored in its encryption form and only decrypted when its
in use, does the verificatio
While normally the original data before encryption gets signed, what is the
effect of signing the encrypted data? In this form, the verification can take
place without decrypting the data. Any pros and cons of this method?
Thanks
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6643
( O ) T
After you create the base 64 BIO, set the following flag,
BIO_set_flags(b64, BIO_FLAGS_BASE64_NO_NL);
to parse the input without linefeed.
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O ) TrustCopy Pte Ltd / Kent Ridge Digital Labs
()~*~() 21 Heng Mui Keng Terrace, Singapore 11
In your VC installation, you should be able to found a batch file under
C:\progra~1\micros~2\vc98\bin, it is named "vcvars32.bat", just run the batch
file under your DOS prompt, it will setup all the environment for you.
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O ) TrustCopy
Marco Donati wrote:
>
>
> I generate the key, then use it to sign a certificate request (PKCS#10).
> The PKCS#10 is sent to a CA.
> When the certificate is issued by the CA it is downloaded (via LDAP) and
> stored into the original P12 with its key
>
> I need it in PKCS12 for compatibility w
As more information on the mingw32 platform:
The code needed tlhelp32.h is for win95 only not for NT.
the tlhelp32.h is suppose only work in Win95 and later, not in NT at least 4.0.
It is said to to be supported under NT 5.0.
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O )
()~*~
Hi,
I have not dug into the source code yet, but I want to know how to use the proxy
support? Does it work transparently with those web proxy server, acting as a
tunnel for communication between two sites?
Thanks
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O )
()~*~()
(_)-(_)
?? wrote:
>
> no default format.
> if you use openssl, pem is default.It is DER encode of you private key, then
>base64 it. with addtion alogorithm information, it became .pem file.
> PKCS is another format to store one' s certificate of private key or crl. Not
>strange, often used by I
Hi,
If I have the signature generated, how do I convert the p7 into a DER string
without writing out to a file? How do I know the size of the buffer to prepare?
Thanks
--
(~._.~) Öì Ⱥ Ó¢ (Qun-Ying) (65) 874-6743
( O )
()~*~()
(_)-(_)[EMAIL PROTECTED] * [EMAIL PROTECTED]
_
Dr S N Henson wrote:
> Well it doesn't have to be a file. Any BIO will do.
>
> The S/MIME API doesn't currently have an init/update/final equivalent
> though.
>
I am facing a problem here: the decrypted data is stored in some strange format
(beyond my control), and I have to read in the data i
Hi All,
I am little bit confuse on the usage of the PKCS7_* functions.
If I have a file that need to be signed and I want the signed data to be
separately from the file and store else where. I follow the sign.c example, but
get lost a little bit, should I get the digest using EVP_digest*() funct
30 matches
Mail list logo
