A problem that I have with apps/req.c is that it is hardly a good reference
for how to use the API calls.
I think, ideally, that all of openssl.cnf should be entirely an artifact of
the apps, but there are (still, I think) things that can only by constructing
some openssl.cnf configuration and se
On 12/22/2021 1:33 PM, Philip Prindeville wrote:
> Should supporting openssl.cnf be part of the library API, or
> externally handled in the command-line utility where it then passes in
> the values extracted from that file?
I don't know how openssl.cnf factors into CSR creation with existing
tool
> On Dec 22, 2021, at 2:18 PM, Jordan Brown
> wrote:
>
> On 12/22/2021 11:45 AM, David von Oheimb wrote:
>> Yet beware that a general-purpose library function that has (at least) the
>> flexibility offered by that app would need a non-trivial set of parameters.
>>
>
> I suspect that it wou
On 12/22/2021 11:45 AM, David von Oheimb wrote:
>
> Yet beware that a general-purpose library function that has (at least)
> the flexibility offered by that app would need a non-trivial set of
> parameters.
>
I suspect that it would end up looking a lot like the existing API.
There might be a few
@Philip,
it should not be hard to copy the core code from apps/req.c and cut out
all parts not needed for generating a PKCS#10 CSR (including its
self-signature).
Yet beware that a general-purpose library function that has (at least)
the flexibility offered by that app would need a non-trivial
@Philip,
it should not be hard to copy the core code from apps/req.c and cut out
all parts not needed for generating a PKCS#10 CSR (including its
self-signature).
Yet beware that a general-purpose library function that has (at least)
the flexibility offered by that app would need a non-trivial
> However, is crypto library thread-safe?
Check out this blog entry:
https://www.openssl.org/blog/blog/2017/02/21/threads/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hi guys,
I want to use some ciphers such as RSA, DES in my application provided by
crypto library.
However, is crypto library thread-safe?
Thanks,
Jared, (韦煜)
Software developer
Interested in open source software, big data, Linux
--
openssl-users mailing list
To unsubscribe: https
u get the Toolkit.
Thanks
Ravichandra
On Tue, Jan 28, 2014 at 6:45 PM, Chinmaya Dwibedy wrote:
Hi,
>
>The Diffe Hellman exchange consists of CPU-intensive
operations like key-pair generation and shared-secret generation. The Octeon
Core Crypto Library provides API's on Octeon for Cry
.
Thanks
Ravichandra
On Tue, Jan 28, 2014 at 6:45 PM, Chinmaya Dwibedy wrote:
> Hi,
>
> The Diffe Hellman exchange consists of CPU-intensive operations like
> key-pair generation and shared-secret generation. The Octeon Core Crypto
> Library provides API's on Octeon for Cryp
Hi,
The Diffe Hellman exchange consists of CPU-intensive
operations like key-pair generation and shared-secret generation. The Octeon
Core Crypto Library provides API's on Octeon for Crypto acceleration. The
following functions (provided by the Cavium) to perform the Diffie-Hellman
Opera
Hi,
Does any version of openssl crypto library ( one for RNG) has complaint with
the requirement of NIST SP800-90?
Plz let me know. I couldnt get any info on this from docs.
-Nikitha
hi,
i am currently using openssl 0.9.8l. i am trying to build it on Windows
AMD platform. i am getting missing symbol issue while building static crypto
library in FIPS mode.
if i build openssl 0.9.8l in non fips mode (i.e without passing fips
--fipslibdir to Configure )
i get the below
> Should the caller specify an empty ivec (to the correct length) in this case
> or am I missing something?
I think so too.
If you always initialise the IVEC to NUL bytes,
and use the same key to encrypt lots of small packets,
it becomes easier to crack the key.
If you use some variable data tha
Hello,
Looking at test/evp_test.c and the test data test/evptests.txt for
encryption/decryption, I don't understand how the initialisation vector
('iv' variable) is used.
The test data in evptests.txt is expressed as Hex strings which are then
translated to bit patterns before use:
cipher:
On Thu, Feb 18, 2010, carlyo...@keycomm.co.uk wrote:
>
> > On Thu 18/02/10 3:31 PM , Robert Doncaster b...@edp.co.uk sent:
> > Hello,
> >
> > Is there a programmatic way to give a list of available cypher names (eg
> > AES-128-ECB...)?
> > i.e a list of the names that could be supplied to EVP_g
> On Thu 18/02/10 3:31 PM , Robert Doncaster b...@edp.co.uk sent:
> Hello,
>
> Is there a programmatic way to give a list of available cypher names (eg
> AES-128-ECB...)?
> i.e a list of the names that could be supplied to EVP_get_cipherbyname().
>
>
the openssl enc.c example shows a function
Hello,
Is there a programmatic way to give a list of available cypher names (eg
AES-128-ECB...)?
i.e a list of the names that could be supplied to EVP_get_cipherbyname().
Thanks,
Bob Doncaster
--
Hi,
I'm developing a security product and in the process of selecting the crypto
library.
Can anyone please answer the following queries.
1. Does openssl crypto library supports scatter/gather I/O. The requirement
is to pass bsdnet mbuf cluster to the openssl crypto library for
encry
-- Size of data to decrypt.
Can this be possible using Crypto Library?
Which Crypto Api's in Linux uses key, MD5 or SHA1 and padding to
decrypt and encrypt the data?
Thanks,
Gaurav
__
OpenSSL Project
key to use for the decryption.
hHash --- Hash handle MD5 or SHA1.
dwFlag-For padding
pbData --- Data to decrypt.
pdwDatalength -- Size of data to decrypt.
Can this be possible using Crypto Library?
Which Crypto Api's in Linux uses key, MD5 or SHA1 and padding to
decrypt and encrypt the
crypt uses parameters:
hkey ---key to use for the decryption.
hHash --- Hash handle MD5 or SHA1.
dwFlag-For padding
pbData --- Data to decrypt.
pdwDatalength -- Size of data to decrypt.
Can this be possible using Crypto Library?
Which Crypto Api's in Linux uses key, MD5 or SHA1 and paddi
(OT)
* Mark wrote on Thu, Sep 10, 2009 at 15:54 +0100:
> > No offense, but that's what the mailing list is for.
> > Granted, a search might have yielded the answer as well...
> > but if anything, the question should make you feel good
> > because it's one mess you won't be cleaning up.
>
> No off
>
> No offense, but I disagree. This list is for questions specific to OpenSSL
> programming, not for questions like "should I do what the documentation says".
> Asking such a question shows a fundamental misunderstanding on correct
> programming
> techniques. Unfortunately this is all too comm
> On Thu, Sep 10, 2009 at 6:29 AM, Mark
> <2d3ww4...@sneakemail.com> wrote:
> >
> > I am always very concerned when I read questions like this. The
> > documentation says to implement the callbacks. Therefore you must
> > do so.
>
> No offense, but that's what the mailing list is for. Granted,
On Thu, Sep 10, 2009 at 6:29 AM, Mark <2d3ww4...@sneakemail.com> wrote:
>
> I am always very concerned when I read questions like this. The
> documentation says to implement the callbacks. Therefore you must
> do so.
No offense, but that's what the mailing list is for. Granted, a
search might h
> We are planning to make use of openssl crypto library in
> multithreaded environment.
>
> We found in the openssl website that "
> OpenSSL can safely be used in multi-threaded applications
> provided that at least two callback functions are set,
> locking_functi
On Thu, Sep 10, 2009, deiva shanmugam wrote:
> Hi,
>
> Thanks for the response, steve.
>
> So, irrepective of creating the openssl object per thread or globally for
> all threads, callback functions should be implemented to make the
> application thread safe?
>
Yes: the error queue requires
Wed, Sep 09, 2009, deiva shanmugam wrote:
>
> > Hi,
> >
> > We are planning to make use of openssl crypto library in multithreaded
> > environment.
> >
> > We call OpenSSL_add_all_algorithms() before creating threads and will
> create
> > BIO, EVP_K
On Wed, Sep 09, 2009, deiva shanmugam wrote:
> Hi,
>
> We are planning to make use of openssl crypto library in multithreaded
> environment.
>
> We call OpenSSL_add_all_algorithms() before creating threads and will create
> BIO, EVP_KEY, SHA256 , SHA1 and RSA object in each
Hi,
We are planning to make use of openssl crypto library in multithreaded
environment.
We call OpenSSL_add_all_algorithms() before creating threads and will create
BIO, EVP_KEY, SHA256 , SHA1 and RSA object in each thread and makes use of
the following functions:
SHA1_Init
> -Original Message-
> From: Richard Levitte [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 12, 2008 7:21 PM
> To: openssl-users@openssl.org; Xu, Qiang (FXSGSC)
> Subject: Re: crypto library in openssl
>
> You're doing three mistakes:
>
> 1. you're
> -Original Message-
> From: Richard Levitte [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 12, 2008 7:21 PM
> To: openssl-users@openssl.org; Xu, Qiang (FXSGSC)
> Subject: Re: crypto library in openssl
>
> You're doing three mistakes:
>
> 1. you're
> -Original Message-
> From: Richard Levitte [mailto:[EMAIL PROTECTED]
> Sent: Wednesday, March 12, 2008 7:21 PM
> To: openssl-users@openssl.org; Xu, Qiang (FXSGSC)
> Subject: Re: crypto library in openssl
>
> Note: openssl-dev is inappropriate, as it is meant for the
gt;if (*sizeOfDecryptedString < currentDecryptedStrLength)
Qiang.Xu>{
Qiang.Xu>LOGDEBUG("Cleaning up Salt in Decrypted String");
Qiang.Xu>
Qiang.Xu>/*
Qiang.Xu> * loop around and null out each "salt" character in the string
Qiang.Xu&
Xu, Qiang (FXSGSC) wrote:
Hi, all:
I come across a problem in using crypto library in OpenSSL.
We are using EVP_DecryptInit(), EVP_DecryptUpdate(), and EVP_DecryptFinal() to do the
decryption of the user's password after the user logs in. However, I just found when the
user's p
Hi, all:
I come across a problem in using crypto library in OpenSSL.
We are using EVP_DecryptInit(), EVP_DecryptUpdate(), and EVP_DecryptFinal() to
do the decryption of the user's password after the user logs in. However, I
just found when the user's password is "$elkins02&
time).
To simulate this process I would like to get:
the HMAC code followed by Encryption code, i mean:
the code has four inputs: MAC key, Encryption key, IV if necessary and Data.
the one output : (MAC and Data) encrypted
I would like to ask whether it is possible to use crypto library for
2.255.8062
What I am looking for is a blessing not in disguise.
Jerome K. Jerome
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola
Sent: Monday, March 20, 2006 4:28 PM
To: openssl-users@openssl.org
Subject: Re: Crypto Library question
H
On Mon, Mar 20, 2006, Friedline, Harold wrote:
> I am attempting to write code to utilize the crypto(3) library that
> comes with openssl. Specifically, I am using these functions
> OpenSSL_add_all_digests();
> md = EVP_get_digestbyname(dgst);
> EVP_DigestInit_ex(&mdctx, md, NUL
I tried your code and I had a suspicion that using the
*_ex() functions along with *() functions can cause
trouble. Which is what has happened in your case.
Here is the correct code for your reference. You are
supposed to stick to either Init_ex() , Final_ex()
functions or Init() ,Final() functio
Hello
> The code compiles and links. Using it, however, produces different
> results than using
> echo "some string" | openssl dgst -md5
Echo command adds "new line" characters.
Try someting like "echo -n" on linux or "\c" on hpux
to disable this.
Best regards,
--
Marek Marcola <[EMAIL
Title: Crypto Library question
I am attempting to write code to utilize the crypto(3) library that comes with openssl. Specifically, I am using these functions
OpenSSL_add_all_digests();
md = EVP_get_digestbyname(dgst);
EVP_DigestInit_ex(&mdctx, md, NULL);
EVP_DigestInit(&m
> >Why would you go out of your way to create fragile code when you
> >could fix
> >this the right way in three or four minutes?
> If you don't use a "thread per request" model, it's a lot more than
> three or four minutes.
I don't see why you think that is. None of my code uses a 'threa
> Can I force this precalculation (caching) to take place after creating
> an RSA structure and before multiple threads use it (without doing an
> actual dummy-decryption)? If yes, would this suffice to avoid the race
> condition so that no locking is required?
Why would you go out of you
On Wed, Jun 02, 2004, Thomas Schuerger wrote:
> > > Hi,
> > >
> > > I have problems using the RSA_private_decrypt() function of the crypto
> > > library in parallel with *the same* (RSA *) structure. When using a
> > > single thread, decryp
On Fri, May 28, 2004, Thomas Schuerger wrote:
> > > I have problems using the RSA_private_decrypt() function of the crypto
> > > library in parallel with *the same* (RSA *) structure. When using a
> > > single thread, decryption works flawlessly, when using two or mor
> > I have problems using the RSA_private_decrypt() function of the crypto
> > library in parallel with *the same* (RSA *) structure. When using a
> > single thread, decryption works flawlessly, when using two or more
> > threads in parallel, decryption mostly fails with
On Fri, May 28, 2004, Thomas Schuerger wrote:
> Hi,
>
> I have problems using the RSA_private_decrypt() function of the crypto
> library in parallel with *the same* (RSA *) structure. When using a
> single thread, decryption works flawlessly, when using two or more
> t
Hi,
I have problems using the RSA_private_decrypt() function of the crypto
library in parallel with *the same* (RSA *) structure. When using a
single thread, decryption works flawlessly, when using two or more
threads in parallel, decryption mostly fails with PKCS errors.
I thought the RSA
On Mon, Feb 16, 2004 at 10:40:36PM +1100, Chris Nolan wrote:
> Hello Vadim!
>
> On Mon, 2004-02-16 at 21:28, Vadim Fedukovich wrote:
> > Dear Chris,
> >
> > authentication methods and protocols were researched for years.
> >
> > The method described is an easy one and probably could be implement
Chris Nolan wrote:
1. Using a certificate that contains the client's public encryption key,
send a PKCS7 message to the client.
2. Get the client to send me a hash of the decrypted content.
The problem is, wrapping my head around what to call and in what order
on the server side. The man pages are
Hello Vadim!
On Mon, 2004-02-16 at 21:28, Vadim Fedukovich wrote:
> Dear Chris,
>
> authentication methods and protocols were researched for years.
>
> The method described is an easy one and probably could be implemented fast.
> However, one better start from requirements before any coding.
> F
Dear Chris,
authentication methods and protocols were researched for years.
The method described is an easy one and probably could be implemented fast.
However, one better start from requirements before any coding.
For example: server is not authenticated here so man-in-the-middle
is allowed by d
Hi all,
I'm working on building a client-server setup for an application
involving Smartcards. I have a library for Smartcard access on the
Windows side and was hoping to do the following for authentication:
1. Using a certificate that contains the client's public encryption key,
send a PKCS7 mes
Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Ken Ballou
Sent: Friday, October 31, 2003 4:45 PM
To: [EMAIL PROTECTED]
Subject: Re: RSA Decryption with OpenSSL Crypto Library
The length of 258 bytes is very curious. If the server's key length is 2048
bits, then
-0800, William Korbe III wrote:
> Hello,
>
> I have been trying to decrypt the "client pre master secret" sent in a SSL
> handshake using the server's private key with OpenSSL's Crypto library. But
> RSA_private_decrypt() always returns -1!
>
> I have set
Hello,
I have been trying to decrypt the "client pre master secret" sent in a SSL
handshake using the server's private key with OpenSSL's Crypto library. But
RSA_private_decrypt() always returns -1!
I have set up a test apache2 server with modssl and have generated the
serv
i think that by default OpenSSL is installed in /usr/local/ssl, so
libcrypto.a is in /usr/local/ssl/lib.
you probably would want to do:
./config --prefix=/usr/local
now libcrypto will be installed in /usr/local/bin and openssl executable
in /usr/local/bin
may be this was the problem.
hth.
al
ndustry. These particular algorithms must be available in a
library somewhere.
Does the SSL libraries (more importatn, the crypto library) supply such a
thing? If so, where can I read about it and learn how to use it?
Thanks in advance for looking
Hello all,
I want to compile an executable that will only support
EDH-DSS-DES-CBC3-SHA. I tried configuring with these options: no-idea
no-rsa no-cast no-bf no-rc4 no-rc5 no-rc2 no-des but when I go to compile I
get errors in evp.h because a union is defined and it is empty because of
the al
Title: ??: Please Help: Crypto library with Visual C++
oh
nothing do not be nervous
i think
if you want to read data from a file
first you
must construct a
BIO * mbio = BIO_new_file(filename , "rb") object
then build another BIO* b64 = BIO_new(BIO_f_base64());
then mbio
Title: ??: Please Help: Crypto library with Visual C++
Dear
Yong Yue
I am
sorry to bother you again. The description is clear enough on the URL you gave
me.
However, I looked at the BIO explanation on http://www.columbia.edu/~ariel/ssleay/bio.html
I am
not sure how to read in some data
Title: ??: Please Help: Crypto library with Visual C++
u can
follow this link: http://www.openssl.org/docs/crypto/BIO_f_base64.html#
-原始邮件-发件人: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]代表 Jordan C N
Chong发送时间: 2001年9月10日 18:04收件人:
[EMAIL PROTECTED]主题: RE: Please Help
Title: ??: Please Help: Crypto library with Visual C++
thousand thanks for your help :D
it
helps a lot and it works fine now...
Now,
pls. one more thing,
I
tried to decode a Base64 encoded string into
the
string is (for example)
:KljL0/zpzt8Y
Title: ??: Please Help: Crypto library with Visual C++
i think all necessary files for your application is as follows:
openssl-0.9.6a/out32dll/ : ssleay32.dll & libeay32.dll
ssleay32.lib & libeay32.rls
openssl-0.9.6a/inc32/openssl - this directory cont
Dear All,
Thousand thanks for your help. I really appreciate that. Your help really
means a lot to me...
Now, the problem is about the VC setting,
I am not sure how to set the directory settings for the project
For example, I copied all the files from the direc
From: "imran badr" <[EMAIL PROTECTED]>
imran.badr> I donot see AES support in the crypto library. Are we
imran.badr> going to have that soon ?
It's in the development source, called Rijndael.
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Chairman@S
I donot see AES support in the crypto library. Are we going to have that
soon ?
Thanks,
Imran Badr.
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL
oh god I didn't mean that to go to the list. excuse me!
At 01:01 PM 1/18/01 -0800, you wrote:
>if you want ...
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
: Wednesday, January 17, 2001 9:51 AM
To: [EMAIL PROTECTED]
Subject: Security algorithms in crypto library
Hi,
We are building a broadband wireless equipment and we are looking for
following algorithms:
I would appreicate someone helps me out to verifying these algorithms
are present in openSSL
crypto
if you want some consulting help, I'd be interested in talking
to you.
At 10:16 AM 1/18/01 -0800, you wrote:
>Hi,
>
>We were thinking of using parts of the crypto libary of openssl in our
>product.
>Is anybody have some experience porting to vxWorks ? Is there any place,
>where we get the commerc
Hi,
We were thinking of using parts of the crypto libary of openssl in our
product.
Is anybody have some experience porting to vxWorks ? Is there any place,
where we get the commercial support for this ?
I would appreciate your suggestions.
Thanks
/Murali
begin:vcard
n:Ganga;Muralidhar
tel;
Thanks go to Jussi and Michael for pointing out the
linker issue :)
es not
> have same parameters as the OpenSSL SHA1_Update.
> Because you hardly have access to netscape's source code, you have to bend
> over and rename the SHA1_Update function in OpenSSL to something else -
> lots of files to update. Or link the OpenSSL crypto library using -Wl,-
> Bsy
ename the SHA1_Update function in OpenSSL to
something else -> lots of files to update. Or link the OpenSSL crypto library
using -Wl,-Bsymbolic option. This should prevent the unix loader from resolving
calls from crypto library to netscape httpd's code (which in my opinion is a
really s
Steve BazylSent: Tuesday, June 13, 2000 7:41
PMTo: [EMAIL PROTECTED]Subject: segfault when
using crypto library inside netscape plugin (Solaris
2.6/Sparc/openssl-0.9.5a)
We're having a
really strange problem with the openssl crypto library -- it keeps segfaulting
down in SHA1_Update
"Steve Bazyl" <[EMAIL PROTECTED]> writes:
> [1 ]
> We're having a really strange problem with the openssl crypto library -- it
> keeps segfaulting down in SHA1_Update when called from an NSAPI plugin
> (running in NES 3.6).
>
> I've tried buildin
We're having a
really strange problem with the openssl crypto library -- it keeps segfaulting
down in SHA1_Update when called from an NSAPI plugin (running in NES 3.6).
I've tried building
the library with optimizations off and all that fun stuff, and have run the test
suit
I'm new to OpenSSL, but would like to use the crypto library it in a SSL
filter. I searched documentation about it, but didn't find anything. Do
someone a documentation, even a short one ? Thanks !
Nicolas
__
OpenS
80 matches
Mail list logo
