Hi All,
We have a product that has 2 network interfaces i.e. wired and wireless.
Both interfaces uses separate OpenSSL library. However FIPS validated
OpenSSL crypto module is common for both interfaces as shown below.
FIPS validated openSSL
Hi All,
We want to support a hardware accelerator on our device. We are using
OpenSSL with OpenSSL FIPS Object module. I wanted to know if we can add
engine support in OpenSSL FIPS Object module.
I welcome all valuable inputs.
Regards
Jayalakshmi.
Hi All,
I have ported OpenSSL 1.0.2d on our product. After that CBC mode is not
working. Handshakes are failing with bad mac alert failure. When I checked
the code mac retrieved from ssl3_cbc_copy_mac does not match with the
calculated mac.
Any help on this is appreciated.
Thanks and Regards
Hi All,
Recently we have ported OpenSSL 1.0.2d. Everything works perfect except the
below explained issue.
When we enable only TLS 1.0 protocol and select CBC ciphers, TLS handshake
fails with the error "bad record mac".
Error is in function static int ssl3_get_record(SSL *s). Error
Hi All,
I am generating 1k/2k/3k/4k CSR's on our device using OpenSSL library. I am
generating these CSR on our device. We have windows 2008 R2 servers and I
am signing these CSR using certificate authority on windows server. I am
setting only client and server authentication bits in the CSR
Hi All,
OpenSSL uses 256 bit AES-CTR DRBG as default DRBG in FIPS mode. I have
question associated with this.
1. OpenSSL wiki says : Default DRBG is 256-bit CTR AES *using a derivation
function*
2. Where as the document
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1747.pdf
Hi All,
I am trying to build CAVP test executable for WinCE. Most of the executable
are built except 1-2. I am facing iob_func unresolved error.
Every thing seems to be proper. Any idea or help is well appreciated.
Regards
Jaya
--
openssl-dev mailing list
To unsubscribe:
Hi All,
Please can any one let me know the release date or time line for OpenSSL
1.1.1?
Regards
Jayalakshmi
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Hi Matt,
I do understand. Thanks a lot for the reply.
Regards
Jayalakshmi
On Thu, May 18, 2017 at 2:47 PM, Matt Caswell <m...@openssl.org> wrote:
>
>
> On 18/05/17 06:32, Jayalakshmi bhat wrote:
> > Please can any one let me know the release date or time line for OpenSSL
&
Hi All,
I am using OpenSSL-FIPS-2.0.4 library on ARM7 + WinCE 6.0 with "user
affirm" the validation for Y per I.G. G.5.
We want to run latest CAVP test suites. We have built the *build_algvs and
other executable* for the above product/build environment.
However when we are trying to execute the
Hi All,
I am trying to build openssl. As part of that I want to remove some ciphers
like md4, rc5 etc.
I tried ./config no-md5, no-rc5 and ./Configure no-md5, no-rc5. In both the
case MD4 and RC5 directories are still getting compiled.
Please can you let me know what could be going wrong.
Hi All,
I am looking for details on options used to disable or remove unwanted
ciphers, components while openssl building. This is for OpenSSL 1.0.2h. I
am seeing many things on internet. But most of them have minimum
explanation, please can you tell me is there any link that I can refer.
Hi,
I have a question on ECC ciphers implementaion in OpenSSL. I do see
README.ECC file in FIPS certfied OpenSSL crypto library. That says The
OpenSSL Software Foundation has executed a sublicense agreement
entitled "Elliptic Curve Cryptography Patent License Agreement" with the
National
Hi,
We are planning to use DHE_RSA TLS ciphers into our product. I have few
questions on using DH parameter. We would like to use DH-2048.
our product includes both TLS client and server applications. Thus any time
there will be considerable number of active connectioons.
I believe we can use
Hi All,
Our device uses TPM to protect certificate private keys. We have written
engine interface to integrate TPM functionality into OpenSSL. Thus TPM gets
loaded as an engine instance.
Also we have mapped RSA operations to TPM APIS as like
encryption/decryption etc.
Now we are into few
15 matches
Mail list logo