On Thu, Nov 15, 2012 at 6:03 AM, Pravesh Rai pravesh@gmail.com wrote:
Hi,
At one place, we are using following logic for generating self-signed
certificate:
#define SEED_SIZE 128
k = RAND_status();
while(k == 0)
{
// custom logic for getting random numbers from system variables
...
From: Jeffrey Walton [mailto:noloa...@gmail.com]
On Thu, Nov 15, 2012 at 6:03 AM, Pravesh Rai pravesh@gmail.com
wrote:
...
#define SEED_SIZE 128
...
//RAND_seed(buf, SEED_SIZE);
RAND_add(buf, SEED_SIZE, (20/100) * SEED_SIZE);
k = RAND_status();
}
I'm not sure 20%
On Thu, Nov 15, 2012 at 10:41 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Thu, Nov 15, 2012 at 6:03 AM, Pravesh Rai pravesh@gmail.com wrote:
CryptGenRandom(hCryptProv, SEED_SIZE, buf); // On Windows OS
apr_generate_random_bytes(buf, SEED_SIZE); // On Linux OS
Speaking of poor
On Nov 15, 2012, at 18:04 , Dr. Stephen Henson st...@openssl.org wrote:
The -DOPENSSL_MAX_TLS1_2_CIPHER_LENGTH option was a quick hack to workaround
some broken servers. It may not be needed now many have been fixed and
applications where you have some control over the connection parameters
On 16 Nov 2012, at 4:36 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Thu, Nov 15, 2012 at 10:41 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Thu, Nov 15, 2012 at 6:03 AM, Pravesh Rai pravesh@gmail.com wrote:
CryptGenRandom(hCryptProv, SEED_SIZE, buf); // On Windows OS
On Fri, Nov 16, 2012 at 9:17 AM, Graham Leggett minf...@sharp.fm wrote:
On 16 Nov 2012, at 4:36 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Thu, Nov 15, 2012 at 10:41 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Thu, Nov 15, 2012 at 6:03 AM, Pravesh Rai pravesh@gmail.com wrote:
On Fri, Nov 16, 2012 at 12:57 PM, Jeffrey Walton noloa...@gmail.com wrote:
On Fri, Nov 16, 2012 at 9:17 AM, Graham Leggett minf...@sharp.fm wrote:
On 16 Nov 2012, at 4:36 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Thu, Nov 15, 2012 at 10:41 AM, Jeffrey Walton noloa...@gmail.com wrote:
On
The salt length in RSA-PSS signatures is shown as a hex number but
without the 0x prefix. Moreover the default value is shown as
20 (default) but this is now decimal.
The attached patch solves the problem.
Check the two certs:
-BEGIN CERTIFICATE-
Hello,
While investigating a crash, I observed that x_name.c uses return value of
X509_NAME_ENTRY_new without checking for NULL. Under out-of-memory condition,
this leads to a crash. Here it a patch that fixed the crash for me (also
attached).
--- crypto/asn1/x_name.c2012-02-27
Hello!
I have created a patch which adds a --with-fipsincludedir switch to the
Configure script.
If you want to create a FIPS-enabled build, the include files are currently
looked for in FIPSDIR/include. The value of this option makes that directory
changeable by the user.
Reason why I did
On Fri, Nov 16, 2012, Rainer Canavan wrote:
Since openssl is part of a product that we ship, would you consider moving
RC4-MD5 to the front of the cipher list by default a good idea, or are there
drawbacks that I overlooked, or would this even be preferred, since RC4 has
been propagated as
On Tue, Nov 20, 2012, Dr. Stephen Henson wrote:
On Fri, Nov 16, 2012, Rainer Canavan wrote:
Since openssl is part of a product that we ship, would you consider moving
RC4-MD5 to the front of the cipher list by default a good idea, or are there
drawbacks that I overlooked, or would
[mtau...@fsmat.at - Tue Nov 20 09:33:34 2012]:
Hello!
I have created a patch which adds a --with-fipsincludedir switch to
the Configure script.
If you want to create a FIPS-enabled build, the include files are
currently looked for in FIPSDIR/include. The value of this option
Am 20. Nov 2012 um 15:42:27 +0100, schrieb Stephen Henson via RT:
[mtau...@fsmat.at - Tue Nov 20 09:33:34 2012]:
Hello!
I have created a patch which adds a --with-fipsincludedir switch to
the Configure script.
If you want to create a FIPS-enabled build, the include files are
Hi,
I am trying to build an application with the FIPS Object module. I followed the
build instructions mentioned in FIPS User Guide 2.0.
FIPS Object Module:
./config
Make
make install
Open SSL:
./config fips
make depend
Make
My Application:
export FIPSLD_CC=g++
export CC=gcc
export
15 matches
Mail list logo