Hello,
I am trying to cross compile FIPS compliant openssl module
(openssl-fips-ecp-2.0.2.tar.gz) for linux armv4 pratform :
I have used following script to setup the environment:
===
export MACHINE=armv4t
export RELEASE=2.6.23
export SYSTEM=Linux
On 3/8/2013 10:34 AM, Abhijit Ray Chaudhury wrote:
Hello,
I am trying to cross compile FIPS compliant openssl module
(openssl-fips-ecp-2.0.2.tar.gz) for linux armv4 pratform :
I have used following script to setup the environment:
===
export
If one naively uses PKCS12_parse to extract key, certificate, and
certificate chain, and then iterates through the STACK_OF(X509) calling
SSL_CTX_add_extra_chain_cert (starting at sk_X509_value(ca, 0)) then the
chain will be in the opposite order to what's in the PKCS#12 file.
That seems
Dr. Stephen Henson steve-mcmkbn63+blafugrpc6...@public.gmane.org
writes:
[...]
Validated RSA_METHOD structures set RSA_FLAG_FIPS_METHOD, so that will work
with the FIPS module.
That code is there so you can't accidentally use an unvalidated method (e.g.
from an ENGINE) in FIPS mode but if
Hi Jakob,
Thank you so much for really fast reply.
Our toolchain is built once and then pushed into version version
control system. So the based on the repository directory, toolcain
could have become inconsistent in this particular context . I'll try
building the toolchain.
Is it valid FIPS
On 03/08/2013 05:00 AM, Jakob Bohm wrote:
On 3/8/2013 10:34 AM, Abhijit Ray Chaudhury wrote:
Hello,
I am trying to cross compile FIPS compliant openssl module
(openssl-fips-ecp-2.0.2.tar.gz) for linux armv4 pratform :
...
Please let me know how to pass CFLAGS to the build system or how to
On Fri, Mar 08, 2013, Abhijit Ray Chaudhury wrote:
Hello,
I am trying to cross compile FIPS compliant openssl module
(openssl-fips-ecp-2.0.2.tar.gz) for linux armv4 pratform :
I have used following script to setup the environment:
===
export
Thank you all, for your kind responses and your time .
I will try the
http://opensslfoundation.com/testing/validation-2.0/platforms/ios/setenv-ios.sh
approach and see the result.
I saw the Configure script which config finally runs. It has
provisions of adding some extra flags like -mcpu or
Hi,
On performing the AES128 decryption, I see the decrypted data is preceded by a
block of 16bytes.
E.g. Below, 0x48 to 0x5a is the extra 16bytes block. And the actual 'GET'
request starts from 0x47 onwards.
48 3f c4 99 fa f0 75 0e 51 b8 3b 58 aa 1f 4a 5a
47 45 54 20 2f 20 48 54 54 50 2f 31
It's probably the IV.
--
Erwann ABALEA
Le 08/03/2013 16:55, Tayade, Nilesh a écrit :
On performing the AES128 decryption, I see the decrypted data is preceded by a
block of 16bytes.
E.g. Below, 0x48 to 0x5a is the extra 16bytes block. And the actual 'GET'
request starts from 0x47 onwards.
-Original Message-
From: Erwann Abalea [mailto:erwann.aba...@keynectis.com]
Sent: Friday, March 08, 2013 9:44 PM
To: openssl-users@openssl.org
Cc: Tayade, Nilesh
Subject: Re: [openssl-users] Extra bytes before the decrypted data.
It's probably the IV.
Yes, it can be IV.
But I am
Hi,
Has anyone experience with linking to fips enabled openssl from a static
library on iOS? It appears as the incore_macho utility only supports dynamic
libraries (for osx) or executables.
Statically linking to openssl from an executable works without any problems
by following the documentation.
+-+
| Root CA |
+-+
/\
/ \
/\
/ \
/\
/ \
/\
/ \
+---++---+
| Server CA
13 matches
Mail list logo