http://www.orangeparkcpa.com/att/vks.xdil?bpppv
3/28/2013 11:47:11 AM
nafe12
On 03/27/2013 11:51 PM, Abhijit Ray Chaudhury wrote:
Hi,
I am probably re-posting same question after I made some headway in
compiling, linking and running FIPS enabled openssl module in our
platform. Following are the steps I followed:
1. Downloaded
Hello all,
I am curious about how something should work relating to some self signed
certs I am trying to use. It has been a while since I was messing with
this.
I have a webserver setup for my internal webmail at https://examplemail.com.
however, that site redirects to
Ø I guess I need to know what to research to make all of these guys sort of
use the same cert. is this what chaining could do for me?
Not sure why you need or want a single cert, but if you do then one cert with
multiple subjectAltName extensions should do it.
/r$
--
On Wed, Mar 27, 2013, Bao, Robert wrote:
I changed the default DRBG for FIPS to HMAC_SHA384 by following Dr.
Henson's suggestion in another post titled FIPS Mode and Default DRBG
(OpenSSL 1.0.x and FIPS 2.0 Module)
I changed the OpenSSL compile flag OPENSSL_DRBG_DEFAULT_TYPE to point
Steve,
Thanks a lot for your explanation. I am not clear on one crucial point.
Below are the steps I used to build fipscanister.o:
1. export env variables. (note CROSS_COMPILE=/opt/fip-tools/; and
/opt/fip-tools/gcc is a shell script).
2. ./config
3. make
It built fipscanister.o for me.
1 Is
I started wondering whether FIPS 2 had been built on s390(x) after first trying
to build it 32-bit and having that crash and burn completely.
A little more research turned up that SuSE has FIPS support as of SuSE 11 SP1,
some variant of OpenSSL 0.9.8 and FIPS 1. That ought to be available on
That worked!
Thanks a lot for your quick help.
Robert
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Thursday, March 28, 2013 10:11 AM
To: openssl-users@openssl.org
Subject: Re: Got FIPS
hi,
i have encrypted a string using Blowfish from Openssl library
i got the following string A▓☼LÝ$øä²↓j╗ú¤Ä:ðï▲
i inserted the data into my database BUT when i retrieved the data i
got A¦¤LÝ$øä²?j+ú¤Ä:ðï? (NOT same to the original the one i inserted)
thus when i decrypt the loaded string
Encrypted data is not a text string, it is an array of binary octets. You will
have to do something like base64 encode/decode when treating it as a text
string.
/r$
--
Principal Security Engineer
Akamai Technology
Cambridge, MA
Your string is not portable (it isn't even a string). Whence, storing
it as a string in your database isn't a good thing to do.
Try encoding it in base64 after your encryption, and store the result
(which will be a clean portable string).
An alternative solution is to store your encrypted value
Can anyone PLZ tell me how can one do base64 encode/decode on OPENSSL
PLz provide a link where can learn how to use the base64 in openssl
On Thu, Mar 28, 2013 at 10:14 PM, Salz, Rich rs...@akamai.com wrote:
Encrypted data is not a text string, it is an array of binary octets. You
will have
El día Thursday, March 28, 2013 a las 01:14:35PM -0500, Salz, Rich escribió:
Encrypted data is not a text string, it is an array of binary octets. You
will have to do something like base64 encode/decode when treating it as a
text string.
Or the OP should use a data type of the database
From: owner-openssl-us...@openssl.org On Behalf Of Kevin Jenkins
Sent: Wednesday, 27 March, 2013 01:51
(previously: keycerts setup for Tomcat-apparently-with-APR)
The default server.xml has
Listener className=org.apache.catalina.core.AprLifecycleListener
SSLEngine=on /
I'll leave that in since
Look up the documentation of the following OpenSSL functions (Yes this
is a bit roundabout for encoding a single string, but this is all
OpenSSL exposes):
BIO_f_base64
BIO_s_mem
A better way is to use a non-OpenSSL library to Base64 (or Base32 or
Base85 or Base16 or whatever you like) the
There is greater need for precision in what is desired. Doing a
base64 encoding and storing encrypted data are two entirely different
matters, required sometimes in quite different circumstances. I
generally do not bother with encoding as that is not normally needed
in what I do, but a 30 second
what is the best way to store keys that will be used by openssl
can someone plz explain how to create the pem/p7 file for keys found some
info @ http://www.mail-archive.com/openssl-users@openssl.org/msg18775.html
Another unanswered question about pem file manipulation
Hahaha, I thought I was reading my own notes there for a minute Ted.
I would highly recommend the key not being on the same machine, or even in the
same cluster.
And honestly, not the same data warehouse for that matter. (Anything in the
warehouse can be cross-tracked and traced, and you're be
18 matches
Mail list logo
