Hi Dave,
Thank you so much for a detailed reply and the code review.
-
Regarding the problem:
-
- Yes, I am calling load certificates before the trying to make a connection.
According to your suggestion, I have tried to
From: Magosányi Árpád m...@magwas.rulez.org
To: openssl-users@openssl.org,
Date: 01/18/2012 03:38 AM
Subject: 100 bits of entropy with FIPS/EAL4 certified hw RNG?
1. (yes, I realise that RTFM, but which one?):
The openssl crypto library manual.
How should I/can I seed
100 bits of
I have a service that is transitioning from self-signed to real certs. The
problem is that the old cert
has a funny name associated with it. I want to jam keys and certs into a
.pem file but
I don't know:
If openssl will use all keys against all certs. (I know the old key, so I
can get it down
If I call EVP_get_digestbynid with NID_ecdsa_with_SHA256,
NID_ecdsa_with_SHA384 or NID_ecdsa_with_SHA512 it returns null (on OpenSSL
1.0.0-fips 29 Mar 2010). I expected it to return EVP_sha256, EVP_sha384
and EVP_sha512 respectively. Am I supplying the wrong NIDs?
Thanks,
Keith Welter
IBM
From: Scott Wilson excell...@hotmail.com
Date: 01/18/2012 01:52 PM
Does openssl support SHA256?
Yes
If SHA256 is supported, how do I get it to work? Thanks!!
SHA256_Init/Update/Final()
Steve,
Can 1.0.1-stable be successfully compiled with FIPS 2.0 test module at this
time?
We experience linking errors due to conflicts between libcrypto and
fipscanister that indicate otherwise.
-Scott
Steve Marquess-3 wrote:
Hi,
I had a few questions regarding the new OpenSSL FIPS
Jack,
On the first compilation step of fips-1.2.3, using the latest
build-essential (that should be apt-get install build-essential), I get the
following errors:
md5-x86_64.s: Assembler messages:
md5-x86_64.s:41: Error: 0xd76aa478 out range of signed 32bit displacement
md5-x86_64.s:50: Error:
On 1/19/2012 2:39 AM, Scott Wilson wrote:
Excellent, thanks. Do you know how many versions back SHA256 is
supported? The reason I ask is that I've got an older version running
on a Ubuntu VM (OpenSSL 0.9.8o 01 Jun 2010), and I tried to generate a
CA cert using SHA256 but it signed with SHA1.
I'm afraid I've now worked around the problem by using an alternative and
rather less secure solution (i.e. not using openssl at all) - but it's all
inside good firewalls, and the obsolete server will be phased out this year.
Issue closed, no solution found :-(
-Original Message-
From:
On Thu January 19 2012, Brooke, Simon wrote:
I'm afraid I've now worked around the problem by using an alternative and
rather less secure solution (i.e. not using openssl at all) - but it's all
inside good firewalls, and the obsolete server will be phased out this year.
Phasing out the
Hi,
Can you tell me which versions of OpenSSL support TLS 1.1 or TLS 1.2.
Thank You,
ROGER MYERS
Portals Integration PAWS (Portals Web Services), EMEA
CSC
MSS | p: +44 (0)7917.534962 | rmyer...@csc.com | www.csc.com
CSC • This is a PRIVATE message. If you are not the intended recipient,
On Thu, Jan 19, 2012, Roger Myers wrote:
Hi,
Can you tell me which versions of OpenSSL support TLS 1.1 or TLS 1.2.
OpenSSL 1.0.1 and later. There haven't been any official releases of those yet
but 1.0.1 is in beta.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
On Wed, Jan 18, 2012, Keith Welter wrote:
If I call EVP_get_digestbynid with NID_ecdsa_with_SHA256,
NID_ecdsa_with_SHA384 or NID_ecdsa_with_SHA512 it returns null (on OpenSSL
1.0.0-fips 29 Mar 2010). I expected it to return EVP_sha256, EVP_sha384
and EVP_sha512 respectively. Am I
Hi,
I know the problem is not directly related to OpenSSL, but i thought
someone might know it. Also if someone know some method that i can use
using OpenSSL, please let me know that, I am open to use that also.
I am trying to programatically install certificate to Windows Certificate
Store, for
Bonsoir,
dans le cadre de notre projet de fin d'étude, nous sommes amenées à
utiliser la technique de Deff Hellman afin d'initier une session entre
la source des paquets et tous les noeuds du chemins. si vous permettez
on a quelques questions à vous poser.
est ce que la source peut échanger le
Bonsoir,
This is an english spoken mailing list, so I'll reply in english.
With Diffie-Hellman, g (the generator) is public, and can thus be shared
by all the actors (nodes, in your study).
Each actor's private key (a or b in your example) is used only once and
discarded at the end of the
The windows binaries do not appear to have been upgraded yet. It is possible
that some of them are affected, I should think. Thanks.
-Original Message-
From: owner-openssl-annou...@openssl.org [mailto:owner-openssl-
annou...@openssl.org] On Behalf Of OpenSSL
Sent: Wednesday, January
On 1/19/2012 10:59 AM, John A. Wallace wrote:
The windows binaries do not appear to have been upgraded yet. It is possible
that some of them are affected, I should think. Thanks.
They are up now.
-Original Message-
From: owner-openssl-annou...@openssl.org [mailto:owner-openssl-
18 matches
Mail list logo