Re: [openssl-users] Vanilla OpenSSL uses sytems libs

2018-03-14 Thread e...@coderhacks.com
My systems (debian 10) version is 1.1.0g. The vanilla is 1.1.0f. On 2018-03-14 23:10, Richard Levitte wrote: BTW, which OpenSSL version are we talking about here? In message on Wed, 14 Mar 2018 10:59:20 +0100, "e...@coderhacks.com"

[openssl-users] FIPS Non?-Approved Cryptographic Functions

2018-03-14 Thread Mark Minnoch
> From the OpenSSL FIPS Security Policy chapter 4, it mentioned there are a > number of non-FIPS approved algorithms/ services which are still > implemented by the FIPS canister modules (e.g. RSA, DSA, DRDB, ECDSA etc). > > Just wondering why these algorithms are still implemented by FIPS

Re: [openssl-users] Vanilla OpenSSL uses sytems libs

2018-03-14 Thread Richard Levitte
BTW, which OpenSSL version are we talking about here? In message on Wed, 14 Mar 2018 10:59:20 +0100, "e...@coderhacks.com" said: etc> Yes... thats the same what I thought. etc> etc> I expected to link against the the

Re: [openssl-users] how to control the cipher list of an openssl server

2018-03-14 Thread Nitin Mutkawoa
Hello I wish to add some additional information. Perhaps it's useful to you. As Matt mentioned check out your ciphers. --> *openssl ciphers -v* You can also grep a particular cipher for example TLS. *openssl "ciphers" -v | grep i tls* So basically, you might need to check if you have the right

Re: [openssl-users] MIME-canonicalization

2018-03-14 Thread Viktor Dukhovni
> On Mar 14, 2018, at 2:43 AM, e...@coderhacks.com wrote: > > I am facing some problems with a SMIME where the content is binary encoded > AND a linefeed (LF) (0x0a) is used for line-separator. > The CMS_verify failes (CMS > routines:CMS_SignerInfo_verify_content:verification failure). > >

Re: [openssl-users] MIME-canonicalization

2018-03-14 Thread e...@coderhacks.com
I have verified in comparing the orginal file that is going into SIME_read_CMS with the content of the the 2nd argument (bcont) it get out of it. I check manually. The file with a hex-editor. bcont with BIO_read and then print it to the screen. The file does have LFs, the bcont does have

Re: [openssl-users] MIME-canonicalization

2018-03-14 Thread Michael Wojcik
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of e...@coderhacks.com > Sent: Wednesday, March 14, 2018 02:33 > To: openssl-users@openssl.org > Subject: Re: [openssl-users] MIME-canonicalization > > I think I found the reason for the problem. > > SMIME_read_CMS does

Re: [openssl-users] Vanilla OpenSSL uses sytems libs

2018-03-14 Thread e...@coderhacks.com
Yes... thats the same what I thought. I expected to link against the the vanilla built if I set no-shared. But it links against my systems libs. It seems config takes my no-shared correctly - because If I do a typo it will tell me about an unknown option. Only If I set LD_LIBRARY_PATH to my

Re: [openssl-users] Vanilla OpenSSL uses sytems libs

2018-03-14 Thread Richard Levitte
Something here makes no sense at all... you configure with 'no-shared', and then get an apps/openssl that's linked with the system shared libraries? In message <323c64fe-c3a7-0b93-a11e-46f743b99...@coderhacks.com> on Tue, 13 Mar 2018 23:46:14 +0100, "e...@coderhacks.com"

Re: [openssl-users] EVP signing

2018-03-14 Thread Matt Caswell
On 14/03/18 09:20, Federico Buti wrote: > Hi list. > > I'm currently implementing a signing routine and for that I'm using the > high-level API EVP according to this page > . I'm > using openssl 1.0.2m. > > I need to sign with

[openssl-users] (no subject)

2018-03-14 Thread Guido
Gesendet von Mail für Windows 10 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] EVP signing

2018-03-14 Thread Federico Buti
Hi list. I'm currently implementing a signing routine and for that I'm using the high-level API EVP according to this page . I'm using openssl 1.0.2m. I need to sign with hashing SHA256 and prime256v1, with the former retrieved via

Re: [openssl-users] MIME-canonicalization

2018-03-14 Thread e...@coderhacks.com
I think I found the reason for the problem. SMIME_read_CMS does convert any single LF to a CRLF. If I compare the input to the CMS I get out of SMIME_read_CMS then there are all LFs replaced with CRLFs. Thats the problem with the verify. If I manually replace the added CRs in the CMS and

[openssl-users] MIME-canonicalization

2018-03-14 Thread e...@coderhacks.com
Hi! I am facing some problems with a SMIME where the content is binary encoded AND a linefeed (LF) (0x0a) is used for line-separator. The CMS_verify failes (CMS routines:CMS_SignerInfo_verify_content:verification failure). It works fine if CRLF (0x0d 0x0a) is line-separator or even if only

Re: [openssl-users] OpenSSL 1.0.2n Build Failed on Windows 32bit Platform

2018-03-14 Thread Wang
Thank you very much, Matthias. It works. Regards, Wang -- Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Vanilla OpenSSL uses sytems libs

2018-03-14 Thread e...@coderhacks.com
Thanks! It works if I export LD_LIBRARY_PATH=/my/openssl/root and recompile it. On 2018-03-14 00:02, Scott Neugroschl wrote: Set LD_LIBRARY_PATH to use your compiled versions. -Original Message- From: openssl-users On Behalf Of