Hi All,
I have a use case where an admin can configure the Ciphers from UI. I have this
code in the backend that tries to set the cipher
meth = TLSv1_client_method();
ctx = SSL_CTX_new(meth);
sslretval = SSL_CTX_set_cipher_list(ctx, ts_str(cipher));
When a user sets a cipher such a
Hi,
The application I am working on should not support TLS 1.1 and above protocols.
I am using SSL_CTX_set_options( ctx, SSL_OP_NO_TLSv1_1); to disable the same
after creating the SSL context. But it doesn't seem to disable the TLS1.1 and
TLS1.2 protocols
Code Snippet:
SSL_CTX *c = SSL_CTX_new
Hi,
I am building FIPS capable openssl using openss-1.0.1c and openssl-fips-2.0.2.
I successfully built and ran unit tests on openssl-1.0.1c but on 32 bit
machines, big number test(bntest) goes into infinite loop. Can someone please
let me know if this is a known issue on 32 bit machines?
Op
I don't think you need to add "fipscanisterbuild" option to config for building
openssl-fips-2.0.*
Just try this
For Openssl-fips
1) ./config
2) make
3) make install
For Openssl
1) ./config fips
2) make depend
3) make
4) make install
-Original Message-
From: owner-openssl-us...@openss
hex dump or a good guess for anything that doesn't look like
base64).
> Matthew.
>
> On Wed, Feb 20, 2013 at 07:54:00PM +, Santhosh Kokala wrote:
> > Hi All,
> > I am unable to identify the certificate format that I
> received during SCEP enrollment. I am attachin
Hi All,
I am unable to identify the certificate format that I received during SCEP
enrollment. I am attaching a copy of the cert chain that I received. Can
someone please let me know how to convert the above attached certificate to PEM
format?
Santhosh
ca_ra_cert.bin
Description: ca_ra_cert.bi
I did further debugging and I found out that "-d" switch is causing the failure.
./config fips -d
ake depend
make
make test
This will cause the ecdsatest to fail.
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Santhosh Kokala
Sent:
Hi,
I am compiling FIPS capable Openssl using FIPS object module openssl-fips-2.0.2
and openssl -1.0.1c. After building FIPS object module and Openssl, when I run
"make test" inside openssl directory ecdsatest fails. Can someone please let
me know how to fix this issue?
My configure command
, Santhosh Kokala wrote:
> Hi,
>
> I am trying to compile FIPS capable openssl and I am using
> --with-fipslibdir switch which points to fipscanister.o. When I do
> this I see compilation errors
>
> ./config fips
> --with-fipslibdir=/home/test_user/fips/usr/local/ssl/fips-2
Hi,
I am trying to compile FIPS capable openssl and I am using --with-fipslibdir
switch which points to fipscanister.o. When I do this I see compilation errors
Compiling FIPS Object Module:
./config --install_prefix=/home/test_user/fips
make
make install
Compiling Openssl
./config f
I would really appreciate if someone answers my question.
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Santhosh Kokala
Sent: Thursday, January 31, 2013 10:13 PM
To: openssl-users@openssl.org
Subject: Regarding FIPS_mode_set()
Hi All,
I have a C
Linking the FIPS capable libraries to our code is proving to be a real pain
in the butt. The problem stems from the fact that long before I arrived it
was decided that everything is to be linked statically. So that means that
fipsld is needed. To compound things our code is c++ and compiled using g
Hi All,
I have a C++ application that links statically with Openssl library. We already
modify some parts of openssl (excludes crypto part) library to extract session
keys and other info to encrypt/decrypt traffic for a whole different purpose.
My question is since my application is statically l
.
Santhosh Kokala
On 1/18/13 11:51 AM, "Nayna Jain" wrote:
>I have been trying that. it shows handshake for TLSv1 for some sites and
>not for others.
>
>I might be using it wrong.. but am not also sure if it supports analyzing
>https by default..
>
>Have you tried it ?
&
How about wireshark?
On 1/18/13 11:38 AM, "Nayna Jain" wrote:
>
>Hi,
>
>I want to analyze the actual SSL handshake happening over the wire.
>Does anyone know a good open source analyzer tool for Windows ?
>
>Thanks & Regards,
>Nayna Jain
>
>___
I have seen Dr. Stephen's reply in this thread
http://www.mail-archive.com/openssl-users@openssl.org/msg63620.html, that
fipsld can be modified as long as it follows rules in the security policy.
On 11/26/12 4:30 PM, "Santhosh Kokala"
wrote:
>Thanks Dr. Stephen and Andy for
Thanks Dr. Stephen and Andy for helping me resolve this issue. I modified
fipsld script to use gcc for compiling fips_premain.c and it worked.
On 11/25/12 1:42 PM, "Andy Polyakov" wrote:
>Santhosh Kokala wrote:
>> I would really appreciate, if someone helps me with this iss
I would really appreciate, if someone helps me with this issue.
From: owner-openssl-...@openssl.org [owner-openssl-...@openssl.org] on behalf
of Santhosh Kokala [santhosh.kok...@riverbed.com]
Sent: Wednesday, November 21, 2012 11:33 AM
To: openssl-users
Jeffrey,
This still did not fix my issue. Any other ideas?
Santhosh
On 11/20/12 4:14 PM, "Jeffrey Walton" wrote:
>On Tue, Nov 20, 2012 at 6:16 PM, Santhosh Kokala
> wrote:
>> Hi,
>> I am trying to build an application with the FIPS Object module. I
>>followed
&
I am trying to compile tips_hmac.c to verify the FIPS build. But I see errors.
Can you please let me know what needs to be done to fix this?
Errors:
gcc -c fips_hmac.c -I/usr/local/ssl/include
FIPSLD_CC=gcc /usr/local/ssl/fips-2.0/bin/fipsld -o fips_hmac fips_hmac.o
/usr/local/ssl/fips-2.0/lib/
Hi,
I am trying to build an application with the FIPS Object module. I followed the
build instructions mentioned in FIPS User Guide 2.0.
FIPS Object Module:
./config
Make
make install
Open SSL:
./config fips
make depend
Make
My Application:
export FIPSLD_CC=g++
export CC=gcc
export CXX=/usr/
21 matches
Mail list logo
