Using MD5 in FIPS OpenSSL for RADIUS support

2006-04-16 Thread Hagai Yaffe
Hello, I am using OpenSSL version 0.9.7d for cryptographic needs of my application, among other uses I am using MD5 to implement RADIUS client. I would like to use the FIPS compliant version of OpenSSL but MD5 is not one of the certified algorithms, this is a problem since MD5 is part

How the Data plus the MAC encrypted?

2006-04-16 Thread Aidaros Dev
Dear Openssl users, In Bulk data transfer, How the Data plus the MAC encrypted? which one is encrypted first? Thanks in advance

Re: Using MD5 in FIPS OpenSSL for RADIUS support

2006-04-16 Thread Brad Hards
On Sunday 16 April 2006 22:28 pm, Hagai Yaffe wrote: I am using OpenSSL version 0.9.7d for cryptographic needs of my application, among other uses I am using MD5 to implement RADIUS client. I would like to use the FIPS compliant version of OpenSSL but MD5 is not one of the certified

RE: strange problem of no shared cipher for no certificate TLS connection

2006-04-16 Thread Zhang, Long \(Roger\)
Hi, Steve, Thanks for your reply. I found no use to add dhparam file to my server and client. The connection still could not be setup. I found if I set server certificate and private key, the connection could be setup. That is, server certificate is required even I used SSL_CTX_set_verify to

RE: strange problem of no shared cipher for no certificate TLSconnection

2006-04-16 Thread Zhang, Long \(Roger\)
Hi, Marek, I used SSL_CTX_set_cipher_list() to try all kinds of ADH plus aNULL, eNULL, NULL and ALL. The connection still could not be setup without server certificate. I found if I set server certificate and private key, the connection could be setup. If no server certificate, it must fail

Re: strange problem of no shared cipher for no certificate TLS connection

2006-04-16 Thread Victor Duchovni
On Mon, Apr 17, 2006 at 10:20:14AM +0800, Zhang, Long (Roger) wrote: Hi, Steve, Thanks for your reply. I found no use to add dhparam file to my server and client. The connection still could not be setup. I found if I set server certificate and private key, the connection could be setup.

RE: strange problem of no shared cipher for no certificate TLS connection

2006-04-16 Thread Zhang, Long \(Roger\)
Hi, I have tried to set ciphersuite to ADH. And I checked my application with s_server.c and s_client.c. When -nocert is set for openssl server, the certificate is not loaded. My application also does not load any certificate. But my connection still could not be setup without server

Re: strange problem of no shared cipher for no certificate TLS connection

2006-04-16 Thread Victor Duchovni
On Mon, Apr 17, 2006 at 11:12:41AM +0800, Zhang, Long (Roger) wrote: Hi, I have tried to set ciphersuite to ADH. And I checked my application with s_server.c and s_client.c. When -nocert is set for openssl server, the certificate is not loaded. My application also does not load any

Errors compiling snapshot under Win32

2006-04-16 Thread Chris Clark
I'm having trouble compiling the current snapshot of OpenSSL under VC++. Configure and domasm are both successful, but when I run nmake I get the following result: nmake -f ms\ntdll.mak Microsoft (R) Program Maintenance Utility Version 6.00.9782.0 Copyright (C) Microsoft Corp 1988-1998. All