Re: [openssl.org #3120] Minimum size of DH

On Thu, 2014-03-13 at 22:52 +0100, Stephen Henson via RT wrote: On Thu Mar 13 20:12:38 2014, d...@fifthhorseman.net wrote: This is a hard-coded patch to make OpenSSL clients reject connections which use DHE handshakes with 1024 bits. I should've commented on this before, sorry. I'm

Thunderbird decrypt issue

Hi, I have a problem with Thunderbird which works via the cryptoki to our device which makes use of OpenSSL. Thunderbird passes ciphertext which falls exactly on the blocksize boundary. I translate the cryptoki DecryptUpdate() call to the OpenSSL DecryptUpdate(). OpenSSL retains the last

FIPS compatible openssl test fails on MACOSx

I'm trying to build openssl on 64-bit Mac v10.6.8. I've built FIPS 2.0 successfully and ran test with no issues. but while building openssl, some fingerprint tests failed. Here is the procedure that I followed : ./Configure darwin64-x86_64-cc fips

Re: Thunderbird decrypt issue

On Mar 14, 2014, at 5:33 AM, Leon Brits le...@parsec.co.za wrote: Hi, I have a problem with Thunderbird which works via the cryptoki to our device which makes use of OpenSSL. Thunderbird passes ciphertext which falls exactly on the blocksize boundary. I translate the cryptoki

[openssl.org #3280] [PATCH] avoid perl deprecation warnings when updating error codes

defined(@array) is deprecated at ./util/mkerr.pl line 792. (Maybe you should just omit the defined()?) defined(@array) is deprecated at ./util/mkerr.pl line 800. (Maybe you should just omit the defined()?) --- util/mkerr.pl | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)

Re: Thunderbird decrypt issue

On Fri, Mar 14, 2014, Leon Brits wrote: Hi, I have a problem with Thunderbird which works via the cryptoki to our device which makes use of OpenSSL. Thunderbird passes ciphertext which falls exactly on the blocksize boundary. I translate the cryptoki DecryptUpdate() call to the OpenSSL

[openssl.org #3281] [BUG] Openssl 1.1.0 (master) CMS Validation RSASSA-PSS

Hello, I'm working on CMS rsassa-pss signature validation. I'm using the source code from the trunk repository of openssl to do so. I've found that there is a problem when the signature algorithm identifier is sha1withRSAEncryption instead of RSAEncryption (a bouncy castle signature for exemple).

[openssl.org #3281] [BUG] Openssl 1.1.0 (master) CMS Validation RSASSA-PSS

On Fri Mar 14 20:04:42 2014, flevionn...@gmail.com wrote: Hello, I'm working on CMS rsassa-pss signature validation. I'm using the source code from the trunk repository of openssl to do so. I've found that there is a problem when the signature algorithm identifier is sha1withRSAEncryption