Hi All,
I am having issues while running tests of fips 1.2 on solaris
sparcv9(studio 11). These are the steps I followed:
Built fips 1.2 with the command:
a. perl Configure fipscanisterbuild solaris-sparcv9-cc
b. make
c. make test
Here is the error I am getting:
> From: owner-openssl-us...@openssl.org On Behalf Of weihao.ma
> Sent: Monday, 28 September, 2009 09:06
> hi,can somebody help me fixing the problem~
>
> The client and server is the book of Network Security with
> OpenSSL(O'Reilly) in chapter 5.
>
> gcc -o client client.o common.o ..\out\libs
> From: owner-openssl-us...@openssl.org On Behalf Of Klaus Heinrich Kiwi
> Sent: Friday, 25 September, 2009 13:02
> On 09/23/2009 07:59 PM, Dave Thompson wrote:
> > Or it appears you can use the callback to impose a limit on
> the number
> > of tries, amount of time, etc. as you consider approp
> From: owner-openssl-us...@openssl.org On Behalf Of Michael D
> Sent: Friday, 25 September, 2009 09:32
> Thank you for your reply.
> Maybe we can drill down on the client key exchange message first.
> Looking at the rfc I see it should hold:
> ECPoint ecdh_Yc;
>
> But for the prime192 curve, I w
OpenSSL uses the operating system to get entropy. If AMD wants Linux
to support its on-chip random number generator, it needs to write a
driver that replaces /dev/random and /dev/urandom.
In addition, Intel has been playing nice and getting its code in the
openssl distribution, as a set of
Arno Garrels wrote:
>Nima Sharifimehr wrote:
>> When you specify the flag X509_V_FLAG_CRL_CHECK for the cert
>> verification, then you will need to have a valid corresponding CRL
>> for the last cert in the cert chain. And if you specify the flag
>> X509_V_FLAG_CRL_CHECK then you will need to h
Arno Garrels wrote:
> However it fails as described in my
> previous mail when I try to verify a cert on demand against some
> custom store.
Got it working now, don't ask me what was wrong in my code, guess it
was just my bad testing.
--
Arno Garrels
Nima Sharifimehr wrote:
> When you specify the flag X509_V_FLAG_CRL_CHECK for the cert
> verification, then you will need to have a valid corresponding CRL
> for the last cert in the cert chain. And if you specify the flag
> X509_V_FLAG_CRL_CHECK then you will need to have corresponding CRLs
> for
When you specify the flag X509_V_FLAG_CRL_CHECK for the cert verification, then
you will need to have a valid corresponding CRL for the last cert in the cert
chain. And if you specify the flag X509_V_FLAG_CRL_CHECK then you will need to
have corresponding CRLs for all the certs available in the
Hi all,
in order to build a DLL that includes the static version of
libeayfips32.lib (OpenSSL 0.9.8k + OpenSSL-FIPS 1.2 on Windows XP with
Visual Studio 2005), I use the following instructions in a .mak file
(taken from ms\nt.mak):
$(OUTPUT_D)\$(MODULE).dll: $(MY_OBJS) $(LIBS_DEP) $(TARGET_D)
hi,can somebody help me fixing the problem~
The client and server is the book of Network Security with OpenSSL(O'Reilly)
in chapter 5.
gcc -o client client.o common.o ..\out\libssl.a ..\out\libcrypto.a
..\out\libcrypto.a(bss_conn.o): In function `conn_state':
D:/PROJECTS/C/openssl/./crypto/bio
On 09/27/09 22:36, Alan Buxey wrote:
The AMD Geode LX800 CPU has an on-chip AES 128-bit crypto accelerations
block and a true random number generator, but OpenSSL is not using it.
Please see the below link for test reports and openssl outputs
http://debian.pastebin.com/faeff2a3
Is there anybody
> With the commandline 'ca' it's easy: man ca; -batch.
>
> With CA.pl, you could edit the script to change this;
> but since all it's doing is invoking the commandline,
> you could as easily just invoke the commandline.
Thank you very much for this hint. I just added in CA.pl -batch to the
definit
Hello,
I'd really appreciate if someone can give me an example of how to do this,
I've been spending some time on this without any luck, I'm new to c++ so for
you guys it should be pretty easy.
I'm trying to get the SSL state info and trying to invoke a delegate to pass
the information but I'm n
Hi,
When I set the store verify flags to either X509_V_FLAG_CRL_CHECK
or to "X509_V_FLAG_CRL_CHECK | X509_V_FLAG_CRL_CHECK_ALL"
verification always fails with error X509_V_ERR_UNABLE_TO_GET_CRL
for certs _not_ revoked. Revoked certs however are identified
correctly with verify result X509_V_ERR_
15 matches
Mail list logo
