Re: [openssl-users] Code-Architecture questions while compiling OpenSSL for STM32-processors
Someone correct me if I'm wrong, but I'm afraid it's not likely that openssl will work for your use case. You might try wolfSSL, polarSSL, or some purpose-built embedded encryption librarly. If you have a specific cryptographic operation to achieve, it might help point you in the right direction. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Any advice/recommendation for watching TLS version negotiation
Greetings, We have embedded OpenSSL 1.0.2j in our application order to securely communicate with a Java Servlet engine (such as Tomcat). Our application uses SSLv23_method(), so I expect it to negotiate up through TLS 1.2 (right?). A customer claims to have configured the web (app) server to only allow TLS 1.2 (by disallowing up through TLS 1.1), and says that the client code (which we know is based on OpenSSL 1.0.2j) is nevertheless connecting using TLS 1.1. We are setting up a similar environment internally to diagnose what's happening, and I wonder if anyone has any advice on the "best" tool for "watching" the TLS version negotiation when the connection is being established. The client environment is Solaris 10. I'm obtaining the necessary privileges to use the snoop command. Does anyone have any do's or don'ts for using snoop? Thanks in advance! Mark Ludwig Siemens Product Lifecycle Management Software Inc. Communications and Government Affairs Product Lifecycle Management Lifecycle Coll 5939 Rice Creek Parkway Shoreview, MN 55126 United States Tel. :+1 (651) 855-6140 Fax :+1 (651) 855-6280 ludwig.m...@siemens.com www.siemens.com/plm -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?
Look at the OPENSSL version define. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Code-Architecture questions while compiling OpenSSL for STM32-processors
> Ping !!! You didn't get a reply in 24 hours from an open source mailing list? A little patience. > Upon code-browsing, I am beginning to feel that OpenSSL uses program-buffer, > which is used for malloc/free. OpenSSL uses malloc, etc. Look at crypto/mem.c and (in 1.1.0 and master) the manpage for CRYPTO_malloc. >If yes, is there a place where the maximum-size of "in-program-buffer-heap" is >defined? Nothing like that exists. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?
Can you please suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0 because we are supporting both openssl versions and To maintain these sources we are using #ifdef and #else preprocessor statement. We are looking some technical to make the difference between these sources. #ifdef // openssl 1.1.0 sources #else // openssl 1.0.2 sources #endif -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Code-Architecture questions while compiling OpenSSL for STM32-processors
Ping !!! Upon code-browsing, I am beginning to feel that OpenSSL uses program-buffer, which is used for malloc/free. Am I right? If yes, is there a place where the maximum-size of "in-program-buffer-heap" is defined? On Tue, Nov 22, 2016 at 7:33 PM, Ajay Gargwrote: > Hi All. > > I wish to compile openssl libraries for a STM32-processor (which would > then be linked statically with our application-framework code). > > > Now. I believe that OpenSSL uses tonnes of "malloc"s and "free"s. But for > bare-metal-systems (without any formal OSes), we generally don't have any > heap-memory. > > So, what is the protocol for compiling OpenSSL for such systems? > I am sorry, but this is the first time I would be compiling for a non-OS > entity. > > > Will be thankful for inputs. > > > Thanks and Regards, > Ajay > -- Regards, Ajay -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users