OpenSSL 1.0.1 is expected to be released in the next few weeks.
[snip]
Users are encouraged to test recent snapshots of OpenSSL 1.0.1 and
report any problems via the request tracker (r...@openssl.org).
I assume the snapshots are built from the OpenSSL_1_0_1-stable CVS tag.
On UnixWare
[seggelm...@fh-muenster.de - Thu Jul 14 14:45:17 2011]:
This version improves compatibility with Solaris and Linux and
resolves some minor issues.
A couple of initial comments. As it stands I think this will break
compilation on Windows when linking DLLs. The mkdef.pl scripts need
updating
I am building and testing the FIPS module for a PowerPC/NetBSD1.6.2 target
on a x86/linux(CentOS) host.
The Configure script does not have NetBSD options, so I am setting my
environment variables such that it selects the ppc-linux target. The
fipscanister.o builds fine.
When I go to build the
Intel Xeon E-1220 processor (Sandy-Bridge), 3.1GHz, supporting
SSE4.1/4.2, AVX, AES-NI
OpenSSL 0.9.8
=
...
- comments
RC4 is clearly faster when built from C and optimized by the compiler.
It has lesser to do with compiler [allegedly performing miracles],
rather with
On 12/08/2011 07:54 PM, Rick Davis wrote:
I'm working on a cross-compile build of openssl-fips-1.2.3.
...
2. ./Configure no-hw no-shared no-dso no-asm ...
...
4. Modify main Makefile with: ...
There is something here that I am missing to build the fips modules
correctly; the basic
It looks like a bug inopenssl-1.0.0e x86 (Windows, Linux, etc.):
functions BN_mod_mul and BN_mod_mul_mongomery sometimes (very rarely)
yield different results when squaring (multiplication at the same time
works fine).
Compile time options include -DOPENSSL_BN_ASM_MONT, ie the assembler
I recognize now that I need to have an option that does not currently exist
for my target. I changed my SYSTEM environment variable to NetBSD, which
resolves the -ldl issue, but is still not correct because the configure
scripts land me in BSD-generic32, which is not quite right either. So it
I am building and testing the FIPS module for a PowerPC/NetBSD1.6.2 target
on a x86/linux(CentOS) host.
The Configure script does not have NetBSD options, so I am setting my
environment variables such that it selects the ppc-linux target. The
fipscanister.o builds fine.
When I go to build the
Hi all,
I am totally new to this topic and stuck with this simple issue. Please,
provide me with any ideas / recommendations.
The issue:
0. Windows 7. OpenSC is not available. The text is pretty short (=48
symbols).
1. I have a PIV card with its Key Management Key Certificate. At the moment,
Hello,
I have tested OPENSSL-1.0.1-STABLE-SNAP-20111209 on AXP and IA64 with 32 and 64
bist pointer size and found few OpenVMS related problems.
The following patches are needed in order to get clean compile and successful
build.
1. missing srtp.h header file
TITAN2_ZAY $ diff MAKEVMS.COM;1
-NOLONGLONG, In this declaration, 64-bit integral types are not supported
on this platform.
At line number 20 in
DKA400:[ZOLI.OPENSSL-101-STABLE-SNAP-20111209.CRYPTO.MODES]MODES_LCL.H;1.
typedef unsigned long long u64;
^
%CC-E-NOLONGLONG, In this declaration, 64
On Fri, 9 Dec 2011, Andy Polyakov wrote:
I assume the snapshots are built from the OpenSSL_1_0_1-stable CVS tag.
On UnixWare 7.1.4 (i586-sco-unixware7) configured with
./config --prefix=/opt/mt/openssl-1.0.0 --openssldir=/etc/ssl zlib
-Kpentium_pro
I'm getting this error
making
On 12/9/2011 4:28 AM, Umaxik wrote:
Hi all,
I am totally new to this topic and stuck with this simple issue. Please,
provide me with any ideas / recommendations.
The issue:
0. Windows 7. OpenSC is not available. The text is pretty short (=48
symbols).
Yes it is available, in the
I'm still having this build problem on Windows, with code just pulled from
CVS 1.0.1 stable branch. It happens when building the 32-bit build on a
64-bit OS.
Note that I can build the FIPS 2.0 module just fine before I build this.
It's now referring to line 973 instead of 966 in mk1mf.pl as it
Sorry, it is still line 966 of mk1mf.pl.
On Fri, Dec 9, 2011 at 9:32 AM, Tyrel Haveman tyr...@gmail.com wrote:
I'm still having this build problem on Windows, with code just pulled from
CVS 1.0.1 stable branch. It happens when building the 32-bit build on a
64-bit OS.
Note that I can build
I assume the snapshots are built from the OpenSSL_1_0_1-stable CVS tag.
On UnixWare 7.1.4 (i586-sco-unixware7) configured with
./config --prefix=/opt/mt/openssl-1.0.0 --openssldir=/etc/ssl zlib
-Kpentium_pro
I'm getting this error
making all in crypto...
cc -I. -I.. -I../include
Dr. Stephen Henson wrote:
OpenSSL 1.0.1 is expected to be released in the next few weeks.
[snip]
Users are encouraged to test recent snapshots of OpenSSL 1.0.1 and
report any problems via the
request tracker (r...@openssl.org).
I submitted RT #2563 back on July 14, 2011. It contains a major
on this platform.
At line number 20 in
DKA400:[ZOLI.OPENSSL-101-STABLE-SNAP-20111209.CRYPTO.MODES]MODES_LCL.H;1.
Well, getting rid of 64-bit integer type is labor-intensive and given
the diminishing audience preferred option is to avoid the problem. One
can argue that one can disable modes
In CVS OPENSSL_1_0_1-stable branch, on a ILP32 target (where
sizeof(long) == 4), the function OPENSSL_ia32cap_loc() is clearing
upper bits of capability vector which disable support for SSE3, AES-NI,
etc...
A user program not reading/writing OPENSSL_ia32cap before using other
encryption,
On Fri, 9 Dec 2011, Andy Polyakov wrote:
http://cvs.openssl.org/chngview?cn=21817
Yes that works. Thanks.
--
Tim RiceMultitalents
t...@multitalents.net
__
OpenSSL Project
Hi Andrey,
I measured on a chip that has no OS which supports cryto acceleration (cavium
octeon). My setup doe not involve TCP io since the TCP data has been received
and passed to ssl through custom BIO (or mem bio). I measure SSL_read SSL_write
(about 1K size) in ms (aes256_cbc/sha1). the
I forgot to mention when I tested it was a slightly different impl that
contains couple other small optimizations, in the tls1_mac() function I
combined the first two update calls into one call which saved couple of ms
also. the numbers were tls numbers.
as for the question of record size,
Kevin;
I'm working on a similar yet different port, having similar issues. One thing I
found helpful was to
get the 'MACHINE', 'SYSTEM', 'BUILD', and 'RELEASE' settings by running the
variants of uname
on my target.
Regards;
== Rick Davis
- Original Message -
From: Kevin
I just tried a simple tls echo server running on the chip with only one core
enabled (to rule malloc contention by cpu cores, this is a 16 core cpu). I did
two runs and the ONLY difference in code is with /without checkpointing the
ctx. both have crypto accel. the speed is measured on data part
24 matches
Mail list logo
