Hi Jacob,
Any suggestions regarding how to fix the following errors:
140073969415840:error:2D06B06F:FIPS
routines:FIPS_check_incore_fingerprint:fingerprint
does not match:fips.c:232:
(I built the FIPS module and the OpenSSL library on Ubuntu linux)
Thanks,
Rich
On Thu, Feb 11, 2016 at 11:52 P
hello,
i am running el5 with unmodified openssl.cnf file and have a program that uses
the openssl libraries but is stupid enough to not offer some parameters to
configure cert and cacert ("check_nrpe").
This programs source code initializes the openssl lib as follows:
SSL_library_
hello,
i am running el5 with unmodified openssl.cnf file and have a program that uses
the openssl libraries but is stupid enough to not offer some parameters to
configure cert and cacert ("check_nrpe").
This programs source code initializes the openssl lib as follows:
SSL_library_
I’m struggling with the following task. I’m writing a software application
linked with OpenSSL-1.0.2. It receives an encrypted symmetric key (say, with
identifying parameters) that needs to be decrypted using hardware token,
accessible via PKCS#11. I know that engine_pkcs11 (or rather it’s current
As always, if you don't know or care what FIPS 140-2 is then rejoice at
your good fortune and move on.
I'm getting queries about "red letter" text in the listing of the #1747
validation on the NIT CMVP web site:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747
That red
In message
<347004c001fd430aadadceac908e6...@ustx2ex-dag1mb1.msg.corp.akamai.com> on Mon,
22 Feb 2016 14:46:28 +, "Salz, Rich" said:
rsalz> > If we integrate the support natively into OpenSSL, then PKCS#11 URIs
(see
rsalz> > RFC7512) can be first-class citizens throughout the crypto and SS
> If we integrate the support natively into OpenSSL, then PKCS#11 URIs (see
> RFC7512) can be first-class citizens throughout the crypto and SSL APIs. Any
> function which takes a filename for a cert or key should also accept¹ a
> PKCS#11 URI.
It'd be great to see a crypto/pkcs11 directory with fu
In message <1456140741.4735.272.ca...@infradead.org> on Mon, 22 Feb 2016
11:32:21 +, David Woodhouse said:
dwmw2> On Sat, 2016-02-20 at 22:55 +0100, Richard Levitte wrote:
dwmw2> >
dwmw2> > sander> What I would like to see though is for such a PKCS#11 Engine
dwmw2> > sander> to be part of O
Hi Sugumar,
I might misunderstand your need but 'Hex' (as 'Base64') is just an encoding
method to ease use of characters that are not printable.
Your example hex string IV : "12345678901234567890123456789012" should be
converted to :
unsigned char IV[16] = { 0x12, 0x34, 0x56, 0x78, 0x90, 0x12, 0x
