[openssl.org #2991] Certifacte verification with a RSA-SHA512 hash algorithm fails

2013-02-15 Thread Dominic Wollner via RT
Hi, we are using OpenSSL 0.9.8k. It's not the command line utility. We are linking against libcrypto and libssl. We load the CA certificates with SSL_CTX_set_default_verify_paths (c_rehash has been executed before), disable the automatic verification by setting SSL_CTX_set_verify to

Re: [openssl.org #2784] [PATCH] Eefficient implementations of SHA256 and SHA512, using the Simultaneous Message Scheduling method

2013-02-15 Thread Andy Polyakov via RT
[1] S. Gueron, V. Krasnov: Parallelizing message schedules to accelerate the computations of hash functions, http://eprint.iacr.org/2012/067.pdf ... As for Haswell. As discussed it's capable of executing 8xSMS SHA256 and 4xSMS SHA512, i.e. loading 8/4x input blocks

Re: [openssl.org #2989] AutoReply: OpenSSL-1.0.1e fails test suite on OSX

2013-02-15 Thread David Favor via RT
The current Macports Portfile specifies: -L${prefix}/lib --openssldir=${prefix}/etc/openssl zlib no-krb5 shared no-asm Removing no-asm allows test suite to run with 100% passes. So the problem is appears to be the C-code version of the related code. -- Love feeling your best ever, all

Re: [openssl.org #2989] AutoReply: OpenSSL-1.0.1e fails test suite on OSX

2013-02-15 Thread Andy Polyakov via RT
The current Macports Portfile specifies: -L${prefix}/lib --openssldir=${prefix}/etc/openssl zlib no-krb5 shared no-asm Removing no-asm allows test suite to run with 100% passes. So the problem is appears to be the C-code version of the related code. Please follow

verify certificate by OCSP server failed

2013-02-15 Thread vikony vikon
Hi all, i tired to verify a certificate by using OCSP server and i am gettting the following error: [root@VMQCRND30 apache]# openssl ocsp -issuer CA29.cer -cert CARD1.cer -url http://ocsp.nsn0.rcvs.nit.disa.mil Error connecting BIO Error querying OCSP responsder

Re: [openssl.org #2978] CVS repositories serving stale data

2013-02-15 Thread Vladimir Kotal
On 02/07/13 23:35, Andy Polyakov via RT wrote: The CVS repositories on cvs.openssl.org are still up and serving stale data. Please turn them off If you're referring to http://cvs.openssl.org, then removal would hardly be appropriate, because there are references to it in lists and RT. It would

[openssl.org #2991] Certifacte verification with a RSA-SHA512 hash algorithm fails

2013-02-15 Thread Stephen Henson via RT
On Fri Feb 15 10:24:22 2013, woll...@igel.com wrote: we are using OpenSSL 0.9.8k. It's not the command line utility. We are linking against libcrypto and libssl. We load the CA certificates with SSL_CTX_set_default_verify_paths (c_rehash has been executed before), disable the automatic

[openssl.org #2992] [PATCH] Fix POD errors to stop make install_docs dying with pod2man 2.5.0+

2013-02-15 Thread Nick Alcock via RT
podlators 2.5.0 has switched to dying on POD syntax errors. This means that a bunch of long-standing erroneous POD in the openssl documentation now leads to fatal errors from pod2man, halting installation. Unfortunately POD constraints mean that you have to sort numeric lists in ascending order

[openssl.org #2992] [PATCH] Fix POD errors to stop make install_docs dying with pod2man 2.5.0+

2013-02-15 Thread Lutz Jaenicke via RT
Applied. Thanks, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager

Re: [openssl.org #2981] BUG: 1.0.1e 64-bit C implementation ECDHE* chiphersuites incompatible with https://google.com

2013-02-15 Thread Serguei E. Leontiev
Hi, Andy, http://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=750398acd85a7ae220d272d28a76dff7bb269c31 works around this one. Serguei, could you test if it fixes even your problem[s]? Thank you. OK, ectest passed. -- Sorry for my bests English. Sternberg Astronom.