Replacement fpr FIPS_Digest

Hi, I am working on converting this code to OpenSSL 3 for FIPS-140 KASVS ECDH testing: https://github.com/majek/openssl/blob/master/fips/ecdh/fips_ecdhvs.c The only consequential change I made to the code was replacing the

Re: OpenSSL3 unloading and re-loading the FIPS provider after it enters error state

On 06/12/2021 15:49, Cristian Andrei Sandu wrote: Hi guys, Is there any way I can re-load the FIPS provider after it reached its error state? I’d like to do it without restarting the process. (If it matters, I’m already using a non-default library context with a separate configuration file

OpenSSL3 unloading and re-loading the FIPS provider after it enters error state

Hi guys, Is there any way I can re-load the FIPS provider after it reached its error state? I'd like to do it without restarting the process. (If it matters, I'm already using a non-default library context with a separate configuration file that I load with OSSL_LIB_CTX_load_config()). I'd lik

RE: Enumerating TLS protocol versions and ciphers supported by the peer

> From: Dr. Matthias St. Pierre > Sent: Monday, 6 December, 2021 07:53 > To: Michael Wojcik ; openssl- > > > > "Comparable elegant" is underspecified. > > (I guess, "Comparably elegant" would have been grammatically more > correct.) I just meant that elegance is in the eye of the beholder. Ma

Re: Need Replacement for Deprecated function.

On 05/12/2021 22:06, Viktor Dukhovni wrote: Where is that macro defined? Ah, so it is. And "cscope -kR" is ignoring that file, for some reason, hence lying to me. Thanks Viktor. -- Cheers, Jeremy

RE: Enumerating TLS protocol versions and ciphers supported by the peer

> "Comparable elegant" is underspecified. (I guess, "Comparably elegant" would have been grammatically more correct.) > Perhaps try testssl.sh (https://testssl.sh/)? It has various options for > reducing the number and types of tests it runs. We've used it for > profiling internal TLS-enabled

RE: Enumerating TLS protocol versions and ciphers supported by the peer

From: openssl-users On Behalf Of Dr. Matthias St. Pierre Sent: Monday, 6 December, 2021 07:12 > today I learned that nmap has a nice feature to enumerate the protocol > versions and cipher > suites supported by the peer (see below). > Is there a comparable elegant way to obtain the same result

Enumerating TLS protocol versions and ciphers supported by the peer

Hi all, today I learned that nmap has a nice feature to enumerate the protocol versions and cipher suites supported by the peer (see below). Is there a comparable elegant way to obtain the same results using the `openssl s_client` tool? Matthias -- $ nmap -script ssl-enum-ciphers -p 443 www.

How to renew and install SSL certificate for Virtualmin/Webmin, Apache web server, Dovecot and Postfix for a company in Singapore on 6 Dec 2021 Mon

Subject: How to renew and install SSL certificate for Virtualmin/Webmin, Apache web server, Dovecot and Postfix for a company in Singapore on 6 Dec 2021 Mon Author: Mr. Turritopsis Dohrnii Teo En Ming (TARGETED INDIVIDUAL) Country: Singapore Date: 6 Dec 2021 Monday Singapore Time Type of Publicat

Re: Need Replacement for Deprecated function

On 06/12/2021 12:26, Shivakumar Poojari wrote: Hi All, We are upgrading our code to openssl 3.0. Need Replacement for below Deprecated function. DSE: DES_set_key(); DES_ecb_encrypt(); AES: AES_set_encrypt_key(); AES_set_decrypt_key(); AES_wrap_key(); AES_unwrap_key();--- perivously i upgra

Need Replacement for Deprecated function

Hi All, We are upgrading our code to openssl 3.0. Need Replacement for below Deprecated function. DSE: DES_set_key(); DES_ecb_encrypt(); AES: AES_set_encrypt_key(); AES_set_decrypt_key(); AES_wrap_key(); AES_unwrap_key();--- perivously i upgraded AES function with EVP related function but wrap