> On Jun 8, 2021, at 6:48 AM, Hubert Kario wrote:
>
> On Monday, 7 June 2021 21:01:04 CEST, Arran Cudbard-Bell wrote:
>> The tables to convert extension IDs and compression methods to humanly
>> readable names are not available outside ssl/t1_trace.c.
>>
>> SSL_trace() itself produces reams o
Dear team,
It would be nice if there was a user- and security-friendly best
practice document for distributions (such as Linux distributions) that
freeze on an OpenSSL release version (such as 1.1.1z) and then backport
any important fixes.
Perhaps something like the following:
1. The distri
On Monday, 7 June 2021 20:26:28 CEST, Lothar Belle wrote:
Hi,
recently I compiled openssl-1.1.1k on CentOS-8
but when I am using libcrypto.so.1.1 I get errors like:
libk5crypto.so.3: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b
Obviously RedHat added additional features into there own
On Monday, 7 June 2021 21:01:04 CEST, Arran Cudbard-Bell wrote:
The tables to convert extension IDs and compression methods to
humanly readable names are not available outside ssl/t1_trace.c.
SSL_trace() itself produces reams of helpful information as
handshakes progress, and is particularly u
To be more specific, Please help me point out the API, which supports *RSA
186-4 key generation*.
Thanks,
Pramod.
On Tue, Jun 8, 2021 at 4:06 PM Illuri Pramod
wrote:
> Hello All,
>
> I am looking for options to support fips 186-4 in openssl 1.0.2. Oracle
> FOM based out of fips object module (
Hello All,
I am looking for options to support fips 186-4 in openssl 1.0.2. Oracle FOM
based out of fips object module (FOM) 2.0.13, which is available in public
domain, claims to have 186-4 support as per the documentation. However, I
didn't find the specific diff/API, which added this support.
Hello list,
I'm signing a file using SMIME with 2 signers.
When trying to check the signature with only one of the two signers, it
fails with a "signer certificate not found". Using both signers, it
succeeds.
Is there a way to be able to check the signature with a single signer,
not all of
janj...@nikhef.nl said:
> As you found out, it is nearly impossible to swap out the existing openssl
> 1.1.1g with a "stock" openssl version, as RedHat/CentOS have applied patches
> to it. My advice would be: don't even try. If you *have to* use openssl
> 1.1.1k, then switch to Fedora or to Ub
Hi,
On 07/06/21 20:26, Lothar Belle wrote:
Hi,
recently I compiled openssl-1.1.1k on CentOS-8
but when I am using libcrypto.so.1.1 I get errors like:
libk5crypto.so.3: undefined symbol: EVP_KDF_ctrl, version OPENSSL_1_1_1b
Obviously RedHat added additional features into there own libraries,
bu
On 08/06/2021 00:09, Arran Cudbard-Bell wrote:
On Jun 7, 2021, at 4:57 PM, Matt Caswell wrote:
On 07/06/2021 20:01, Arran Cudbard-Bell wrote:
The tables to convert extension IDs and compression methods to humanly readable
names are not available outside ssl/t1_trace.c.
SSL_trace() its
10 matches
Mail list logo
