Hello All,
Where can I find the documentation for OpenSsl FIPS certification ?
Any help is appreciated.
Regards,
Prashant.
asynchronous as I understand
from the code that the operation is very synchronous.Thank you again for all the help.Regards, Prashant.Girish Venkatachalam [EMAIL PROTECTED] wrote: --- Prashant Kumar <[EMAIL PROTECTED]>wrote: Hello Group, Is there anyway I could use the crypto ha
Hello Group,Is there anyway I could use the crypto hardware engine asynchronously with OpenSsl. Looking at the code it doesn't look like.The reason I am asking this is, in our deployment, I see that the CPU on which I am running OpenSsl is loaded just 40% and I still hit the maximum number
Hello Group,
Is there any work done to protect the TLS server implementation against the flood of Client hello's? I read about client puzzle somewhere.
Any help is appreciated.
Regards,
Prashant Kumar.__Do You Yahoo!?Tired of spam? Yahoo! Mail
Hello Group,
What version of PKCS#1 does openssl support. Is it PKCS#1 v2.1?
Thanks,
Prashant Kumar.
Discover Yahoo!
Use Yahoo! to plan a weekend, have fun online & more. Check it out!
Dr. Stephen/Jack,
Thank you so much for your answers.
Regards,
Prashant."Dr. Stephen Henson" [EMAIL PROTECTED] wrote:
On Fri, Jun 03, 2005, Prashant Kumar wrote: Hello Group, What version of PKCS#1 does openssl support. Is it PKCS#1 v2.1? PKCS#1 v2.1 defines a number of schemes and
Roger,
What I have found is that OpenSsl allocates s3-rbuf and s3-wbuf as soon as the SSL session is created, however uses these buffers as scratch buffer while doing handshake, or doing any other SSL opertion. Once the operation is done, those buffers could be safely freed since then do not hold
ntal patch--mutual auth should work now. Let me knowhow it goes. Thanks,nagendra* Prashant Kumar <[EMAIL PROTECTED]>[2005-05-09 14:03:21 -0700]: Hello Nagendra, I tried your DTLS patch with Openssl9.7g on a vxworks platform. Everything works except mutual certificate authentication. When I enab
Hello Nagendra,
I tried your DTLS patch with Openssl9.7g on a vxworks platform. Everything works except mutual certificate authentication. When I enable mutual certificate authentication, DTLS fails with the following assertion:
d1_both.c(1054): OpenSSL internal error, assertion failed:
-Ebell [EMAIL PROTECTED] wrote:
Prashant Kumar wrote: Hello Group,Hello Prashant, The workaround of freeing s3-rbuf and s3-wbuf after the handshake is complete and after SSL_read, SSL_write, SSL_shutdown and so on returns success really seems to work. I have tested it running openssl as a SSL client
Hello Group,
The workaround of freeing s3-rbuf and s3-wbuf after the handshake is complete and after SSL_read, SSL_write, SSL_shutdownand so on returns success really seems to work. I have tested it running openssl as a SSL client and as aserver. Taking a closer look at the code it looks like
Hello All,
I was doing some scaling testing to find out how much memory does OpenSsl use per TLS session. I see that OpenSsl pre-allocates around 34821 bytes for "rbuf" and 18698 bytes for "wbuf" in "ssl3_setup_buffers" to match with the packet size defined in the RFC. Did anyone try modifying
Hello Steve,
Thank you for your help. I will look at section 3.2 of the RFC. As a workaround for this memory usage limitatioin, I free the "s3-rbuf" and "s3-wbuf" once the handshake is done. I allocate "s3-rbuf" and "s3-wbuf" during SSL_read, SSL_write, SSL_shutdown and so on. Once these calls
Nagendra,
I looked at DtlsTransport.cxx. I think that answers my questions.
Thanks you.
Prashant.nagendra modadugu [EMAIL PROTECTED] wrote:
* Prashant Kumar <[EMAIL PROTECTED]>[2005-04-28 06:11:38 -0700]: I had one question on the timer management and retransmission. I see that there is
Hello Nagendra,
I had one question on the timer management and retransmission. I see that there is a new BIO type in the file bss_dgram.c. My question is if the application does not use the dgram BIO type and use the memory BIO instead, does the application has to take the responsibility of timer
Frederic,
Thank you so much your help. I found that the problem was with the Broadcom library. They were overwriting the first 8 bytes of the key with the last 8 bytes of IV!. So now I have AES128_SHA and AES256_SHA working with UBSEC.
Regards,
Prashant.Frédéric Donnat [EMAIL PROTECTED] wrote:
Hello All,
I am using OpenSsl9.7e version. I have added code to do RC4, DES, 3DES and AES with ubsec engine (BCM5823). All the ciphers work fine except for AES ciphers. I see that openssl gives me "fatal bad_record_mac" when I use AES. I verified with an example code that ubsec engine does the
Hello Group,
Does OpenSsl has plans to support DTLS ? Is there any good open source prototype implementation?
Regards,
Prashant kumar.
Celebrate Yahoo!'s 10th Birthday!
Yahoo! Netrospective: 100 Moments of the Web
Frederic,
Thank you for your input. I was wondering how did you guys fix the problem in the driver if it is not freeing up the memory fast enough? If the information is propriatary, never mind.
Thank you again for your help.
Regards,
Prashant.
Frédéric Donnat [EMAIL PROTECTED] wrote:
Hi,You can
Hello All,
I am trying to use ubsec hw accelerator with openssl and I get a DMA Error from the UBSEC when I try to run the function "ubsec_mod_exp". Any idea ? I am running this on a VXWORKS platform.
Any help is appreciated.
Thank you,
Prashant.
Do you Yahoo!?
Yahoo! Mail - Find what you
Frederic,
I am not even stressing the driver. I have written a small SSL server program for testing my hardware accelerator and I see this problem.
There may be some problem with the driver, let me dig more into it.
Thank you so much for your help. I will update you with my progress :).
Tue, 22 Feb 2005 10:16:31 -0800 (PST), Prashant Kumar<[EMAIL PROTECTED]>wrote: Thank you all for your response. Finally, I took the path of defining a new DSO method "dso_meth_slfcn" which statically links
[and
this seems to work]. The function "slfcn_bind_func" statically
Thank you all for your response. Finally, I took the path of defining a new DSO method "dso_meth_slfcn" which statically links [and this seems to work]. The function "slfcn_bind_func" statically converts the given string to corresponding "ubsec" function. Right now I am doing a string compare and
Hello All,
I see that "hw_ubsec.c" has support for key generation. However, it does not use ubsec for DES/3DES/AES ciphers. Did anyone try using Broadcom ubsec with OpenSsl for this purpose? Is there any example code in the public domain for this support ?
Thank you.
Prashant.
Do you Yahoo!?
Thank you all for your response. I tried including the
the --static flag while compiling as well as
directly calling the function ENGINE_load_ubsec. All
these methods end up calling ubsec_init which inturn
call DSO_load (and thus dlopen).
I am trying to use the engine implementation for
VXWORKS
Hello All,
Is it possible to use the engine implementation with statically linking the harware accelerator library with the openssl instead of dynamic linking.
All the posts I have read so far suggest that I should have a ".so" and engine implementation will load it at run time.
Thank you so
.
Thank you all for your help.
Regards,
Prashant.
Lutz Jaenicke [EMAIL PROTECTED] wrote:
On Tue, Jan 18, 2005 at 06:45:11AM -0800, Prashant Kumar wrote: Hello Group, In the project I am working on, we are trying to use OpenSsl in the non blocking mode. However, we want to avoid using the BSD select call
I can dowload this source. I want to see how BIO_PAIR is used in pfixtls.c.
Thank you all for your help.
Regards,
Prashant.
Lutz Jaenicke [EMAIL PROTECTED] wrote:
On Tue, Jan 18, 2005 at 06:45:11AM -0800, Prashant Kumar wrote: Hello Group, In the project I am working on, we are trying to use
requirements. Did anyone try to use openssl in such an environment?. Is there any example ?
Thank you for your help.
Regards,
Prashant Kumar.__Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
I saw a paper on Intel or IBM website where they have
explained few facts about integrating OpenSsl in CDSA.
Also I think some effort is in progress.
-Original Message-
From: raju [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 20, 2001 7:06 AM
To: [EMAIL PROTECTED]
Cc: [EMAIL
30 matches
Mail list logo
