On Thu, Jul 13, 2017, Sam Roberts wrote:
> On Thu, Jul 13, 2017 at 1:41 PM, Dr. Stephen Henson wrote:
> >>
> >> Where is nt.mak? Its mentioned in the User Guide but I didn't find it
> >> in the github repo, or tarballs for openssl 1.0.2j or 1.1.0c, or
> >> tarballs for openssl-fips 2.0.9, or 2.0.
Hi All,
Help with these queries please,
1) Is it possible to use external session files (with session info as
identifiers or tickets for out of band resumption) for session resumption
in TLS 1.2. Does it need some kind of callback like the way it is used in
TLS 1.3 with (SSL_set_psk_find_session_
On Thu, Jul 13, 2017 at 1:41 PM, Dr. Stephen Henson wrote:
> On Thu, Jul 13, 2017, Sam Roberts wrote:
>> On Thu, Jul 13, 2017 at 12:34 PM, Dr. Stephen Henson
>> wrote:
>> > If you do want to link against the static libraries then the easiest way
>> > to do
>> > that is to examine the contents o
On Thu, Jul 13, 2017, Sam Roberts wrote:
> On Thu, Jul 13, 2017 at 12:34 PM, Dr. Stephen Henson
> wrote:
>
> > If you do want to link against the static libraries then the easiest way to
> > do
> > that is to examine the contents of nt.mak, look for FIPSLINK and adapt the
> > rule to your need
On Thu, Jul 13, 2017 at 12:34 PM, Dr. Stephen Henson wrote:
> First if you want to link to the OpenSSL DLLs then you don't need fipslink.pl
> at all: just link to them as you would any other application.
I'm working on Node.js, it links statically, so this isn't an option for me.
> If you do wan
On Thu, Jul 13, 2017, Sam Roberts wrote:
> I'm having trouble linking on Windows with fipslink.pl, lots of FIPS_
> symbols are unresolved.
>
> AFAICT, they are defined by the canister, and fipslink.pl is supposed
> to know this, and add them to the link libraries by itself, but it
> doesn't seem
I'm having trouble linking on Windows with fipslink.pl, lots of FIPS_
symbols are unresolved.
AFAICT, they are defined by the canister, and fipslink.pl is supposed
to know this, and add them to the link libraries by itself, but it
doesn't seem to do this.
Looking at the linux fipsld, it does appe
On 12/07/17 19:43, Roelof Du Toit wrote:
> This seems to be a bug in how s_time handles the TLS 1.3 post-handshake
> NewSessionTicket message; more specifically: not handling the retry when
> SSL_read() returns -1.
>
>
>
> The following diff (in tls1.3-draft-19 branch) appears to resolve the
