Re: [openssl-dev] Question about commit 222333cf01e2fec4a20c107ac9e820694611a4db

2017-04-12 Thread Matt Caswell
On 12/04/17 00:20, Michael Reilly wrote: > Unfortunately the check breaks code which doesn't know nor need to know the > keysize. The engine takes care of allocating buffers required. So how does EVP_SignFinal() work with your engine? The "sig" parameter is supposed to be allocated by the

Re: [openssl-dev] Question about no-* options (no-fips in particular) on 1.1 branch

2017-04-12 Thread William A Rowe Jr
On Wed, Apr 12, 2017 at 1:26 PM, Salz, Rich via openssl-dev wrote: >> Did the no-fips option get removed by-design? Are the no-* corollaries going >> to be dropped going forwards? > > Yes. All FIPS support was removed. It could be brought back, and made a > no-op, if

[openssl-dev] OSCP.

2017-04-12 Thread john gloster
Could anyone point me to some OSCP samples? Needed to check whether CA certificate is still active. Thanks. -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] Question about no-* options (no-fips in particular) on 1.1 branch

2017-04-12 Thread William A Rowe Jr
Did the no-fips option get removed by-design? Are the no-* corollaries going to be dropped going forwards? ../src/openssl-1.1.0git/config shared no-fips --libdir=lib --prefix=/opt/openssl110 Operating system: x86_64-whatever-linux2 Configuring for linux-x86_64 Configuring OpenSSL version

Re: [openssl-dev] Question about no-* options (no-fips in particular) on 1.1 branch

2017-04-12 Thread Salz, Rich via openssl-dev
> Yes. All FIPS support was removed. It could be brought back, and made a > no-op, if that's a real issue. By it, I meant the "no-fips" option -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Question about no-* options (no-fips in particular) on 1.1 branch

2017-04-12 Thread Jan Ehrhardt
Hi Bill, William A Rowe Jr in gmane.comp.encryption.openssl.devel (Wed, 12 Apr 2017 13:09:05 -0500): >Did the no-fips option get removed by-design? Are the no-* >corollaries going to be dropped going forwards? > >../src/openssl-1.1.0git/config shared no-fips --libdir=lib >--prefix=/opt/openssl110

Re: [openssl-dev] Question about no-* options (no-fips in particular) on 1.1 branch

2017-04-12 Thread Salz, Rich via openssl-dev
> Did the no-fips option get removed by-design? Are the no-* corollaries going > to be dropped going forwards? Yes. All FIPS support was removed. It could be brought back, and made a no-op, if that's a real issue. There are no plans to remove any other no-* at this time. -- openssl-dev

[openssl-dev] Code Health Tuesday - summary

2017-04-12 Thread Paul Dale
Code Health Tuesday is over once again. In total 27 PRs were raised for the event with three of these as yet unmerged. In total about thirty tests were updated which represents roughly half of the outstanding test cases. All in all, a solid outcome for testing uniformity. Pauli --