Hello,
Thank you Alexei and Wan-Teh for the help.
The code was helpful to solve the problem.
Regards,
Abhishek
"Wan-Teh Chang" wrote in message
news:mailman.1626.1262923126.4112.dev-tech-cry...@lists.mozilla.org...
> On Wed, Dec 23, 2009 at 10:45 PM, Abhishek Rahirikar
> wrote:
>>
>> Is there
On Wed, Dec 23, 2009 at 10:45 PM, Abhishek Rahirikar
wrote:
>
> Is there any way by which I can specify a cipher list which needs to be
> tested just like Openssl provides -cipher option used in Openssl?
First, use code similar to this (the disableAllSSLCiphers function in
the tstclnt.c test prog
Hi Abhishek,
You can modify desired cipher set by calling SSL_CipherPrefSet.
See an example at
http://mxr.mozilla.org/security/source/security/nss/cmd/tstclnt/tstclnt.c#749
Alexei
Abhishek Rahirikar wrote:
Finally spotted the problem after debugging with wireshark.
The problem is that NSS
Finally spotted the problem after debugging with wireshark.
The problem is that NSS tool performs handshake with more ciphers than the
intended cipher.
Can anyone please guide me how to perform handshake with a single cipher
suite specified? SSL_CipherPrefSet function can be used, but I doubt i
On 2009-12-21 02:52 PST, Abhishek Rahirikar wrote:
> Hello Wan-Teh and All,
>
> I am now getting curiously confused with the problem.
>
> Another cipher I saw today which has similar issues.
>
> Tool using NSS fails to perform handshake with cipher
> SSL_RSA_WITH_DES_CBC_SHA. But Openssl is abl
Hello Wan-Teh and All,
I am now getting curiously confused with the problem.
Another cipher I saw today which has similar issues.
Tool using NSS fails to perform handshake with cipher
SSL_RSA_WITH_DES_CBC_SHA. But Openssl is able to perform handshake with its
cipher equivalant DES-CBC-SHA.
I a
On Fri, Dec 18, 2009 at 7:36 AM, Abhishek Rahirikar
wrote:
>
> Ok.. But the tool is able to get all the information using the cipher. It is
> able to get the certificate and check the expiry, host of certificate etc.
> Do you know what the NSS do if the cipher requested for handshake is not
> supp
Hi,
Thank you for the quick reply.
Please see my comments below.
"Wan-Teh Chang" wrote in message
news:mailman.544.1261148552.4112.dev-tech-cry...@lists.mozilla.org...
> On Fri, Dec 18, 2009 at 6:33 AM, Abhishek Rahirikar
> wrote:
>> Hi,
>>
>> I am a new user of NSS.
>>
>> I am testing a tool
On Fri, Dec 18, 2009 at 6:33 AM, Abhishek Rahirikar
wrote:
> Hi,
>
> I am a new user of NSS.
>
> I am testing a tool that checks if any weak cipher are supported by the web
> application server. The tool is based on NSS.
> The tool reports some ciphers that are supported. It uses SSL_ForceHandshak
9 matches
Mail list logo
