On Wed, Mar 11, 2009 at 11:51:23AM +0100, Ger Hobbelt wrote:
On Tue, Mar 10, 2009 at 8:02 PM, The Doctor doc...@doctor.nl2k.ab.ca wrote:
This is happening again
Holy (beep)!
... would you do me a favor, please? (and maybe make some others
happy in the process as well)
I love an
I am trying to to get mutt to use a FIPS validated OpenSSL to send/receive
encrypted emails. When
I don't set the environment variable OPENSSL_FIPS=1, everything works fine.
When I try the same command to decrypt an email with OPENSSL_FIPS set, it fails
with:
env OPENSSL_FIPS=1 openssl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
i have a self signed certificare autority , would lite to grow my ssl
web of trus , but ignore the procedure . A link would hel a lot and also
(i cam from pgp experience) what's the procedure for the two way signing ?
Thanks!
- --
sec
Your key's digest is set to md5. This is disallowed in FIPS mode.
Also, 3DES is not allowed in FIPS mode, either.
-Kyle H
On Tue, Mar 10, 2009 at 3:22 PM, Davin Chan dsc...@nas.nasa.gov wrote:
I am trying to to get mutt to use a FIPS validated OpenSSL to send/receive
encrypted emails. When
BODY { font-family:Arial, Helvetica, sans-serif;font-size:12px; }
Triple-DES is listed in the OpenSSL 1.2 security policy and is
listed as approved by NIST, so why would it not be available?
Carl
On Wed 11/03/09 12:01 PM , Kyle Hamilton aerow...@gmail.com sent:
Your key's digest
On Tue, Mar 10, 2009 at 8:02 PM, The Doctor doc...@doctor.nl2k.ab.ca wrote:
This is happening again
Holy (beep)!
... would you do me a favor, please? (and maybe make some others
happy in the process as well)
I love an essay, but let's just say that the combination of riding the
bleeding
On Wed March 11 2009, Ger Hobbelt wrote:
On Tue, Mar 10, 2009 at 8:02 PM, The Doctor doc...@doctor.nl2k.ab.ca wrote:
This is happening again
Holy (beep)!
... would you do me a favor, please? (and maybe make some others
happy in the process as well)
Sell Also:
Hi All,
I have some weird problem extracting Subject field from certificate when
using windows API and openssl API.
Using windows API results the following subject:
e=li...@mailaddress.com,CN=lior,OU=SLS,O=Sales,L=Depart,S=NLS,C=DE
And using openssl API / openssl.exe utility
Hi Lior:
On March 11, 2009 12:33:46 pm Lior Aharoni wrote:
You can see that we have some differences:
1.E= in windows and emailAddress= in openssl
2.S= in windows and ST= in openssl
Does someone know if there is a way of retrieving the data using openssl
that will result the same
On Wed, Mar 11, 2009 at 5:56 PM, Patrick Patterson
ppatter...@carillonis.com wrote:
So, Microsoft is just inventing clever shortcuts, whereas OpenSSL is following
the standards. I would complain to Microsoft, if I were you :)
And in case you _seriously_ consider b0rking everything and doing
Hello,
I was able to build the FIPS 1.2 software successfully using
./config --prefix=/apps/fips_build/fips-1.2-install fipscanisterbuild
no-asm
make
make install
then I built openssl-0.9.8j using the very standard options and telling
it my fipslibdir:
VERSION=0.9.8j
MAJOR=0
MINOR=9.8
On Wed, Mar 11, 2009, Jeremy Regan wrote:
Hello,
I was able to build the FIPS 1.2 software successfully using
./config --prefix=/apps/fips_build/fips-1.2-install fipscanisterbuild
no-asm
make
make install
then I built openssl-0.9.8j using the very standard options and telling
it my
Hi all,
As the subject says I'm grabbing a public key from a PEMK encoded X509
cert and I compute the SHA-1 hash over this to create a signer id. This
is done by using PEM_read_X509 to read the PEM cert into an x509 struct,
using X509_get_pubkey to obtain the public key as an EVP_PKEY from
Hi All,
I have some weird problem extracting Subject field from certificate
when using windows API and openssl API.
Using windows API results the following subject:
e=li...@mailaddress.com,CN=lior,OU=SLS,O=Sales,L=Depart,S=NLS,C=DE
And using openssl API / openssl.exe utility results the
It was my mistake, I had misunderstood that DES itself was not allowed
and therefore derivatives of it were not allowed either.
-Kyle H
On Wed, Mar 11, 2009 at 5:43 AM, carlyo...@keycomm.co.uk wrote:
Triple-DES is listed in the OpenSSL 1.2 security policy and is listed as
approved by NIST,
Thank you for your valuable advice. I have determined the root problem
and I believe it is important to inform you of the result.
In building the fips-1.2 source, I found that if I did it vanilla, it
would choose 64 bit object mode. The AIX machine we are using is
running in mixed-kernel
On Wed, Mar 11, 2009 at 12:10:47PM -0700, Larson, John wrote:
As the subject says I'm grabbing a public key from a PEMK encoded X509
cert and I compute the SHA-1 hash over this to create a signer id. This
is done by using PEM_read_X509 to read the PEM cert into an x509 struct,
using
On Wed, Mar 11, 2009 at 06:16:13PM +0100, Ger Hobbelt wrote:
On Wed, Mar 11, 2009 at 5:56 PM, Patrick Patterson
ppatter...@carillonis.com wrote:
So, Microsoft is just inventing clever shortcuts, whereas OpenSSL is
following
the standards. I would complain to Microsoft, if I were you :)
The only problem was I didn't know it existed, haha. I'm still fairly
new to OpenSSL so as robust as it is sometimes I end up doing things the
long way.
Anyways I put it in and edited out some of the other functions, compiled
and ran and it looks great. The output matches the Subject Key
Hi John:
On March 11, 2009 03:10:47 pm Larson, John wrote:
Hi all,
As the subject says I'm grabbing a public key from a PEMK encoded X509
cert and I compute the SHA-1 hash over this to create a signer id. This
is done by using PEM_read_X509 to read the PEM cert into an x509 struct,
using
The end result is that I had to change the makefile to -q32 to get
it to work with the openssl-0.9.8j distribution, which smartly does
use 32_64 mode and will FAIL if I did not change the fips-1.2 makefile.
This violates the security policy and invalides the FIPS certification. You
cannot
21 matches
Mail list logo