Hi,
The latest Windows update that corrected the WinShock SChannel
vulnerability brought many changes to the way TLS is performed and among
the changes is the fact that the Supported Point Formats Extension is
not sent anymore in the ServerHello during the TLS handshake.
In version of
Hello,
I am currently using openssl-fips-2.0.7 and I noticed that 2.0.8 is available
on the website.
Neither distribution contain a changelog, so I was wondering what changes were
made to 2.0.8.
Thanks,
Phil
Phil Bellino
Principal Software Engineer | MRV Communications Inc.
300 Apollo Drive |
Hello,
Actually I have developed one algorithm like RSA so how can I use my
algorithm with OPENSSL to secure Tcp/ip connections.
Sorry if you don't understand my questions, I am totally new to the these
topics.
-Niraj
On 19-Nov-2014 1:08 PM, Amir Reda amirale...@gmail.com wrote:
sorry sir
I have developed one algorithm like RSA so how can I use my algorithm with
OPENSSL to secure Tcp/ip connections.
Adding new algorithms to openssl is not trivial. It's also not really
documented. Good luck!
For what it's worth, developing your own crypto algorithms is generally a bad
idea,
Hi,
via X509_LOOKUP_load_file() resp. X509_LOOKUP_add_dir() I'm adding a PEM
file containing multiple CRLs and/or a directory containing hashed CRL
files to a X509_STORE.
Then I'm using the X509_verify_cert() function to verify a certificate.
After verification is successful, I would like
I am trying to emulate in OpenSSL java encryption algorithm.
When using RSA_public_encrypt are there parameters to emulate any of these
combinations of parameters in Java?
RSA/ECB/OAEPWITHMD5ANDMGF1PADDING or RSA/ECB/PKCS1Padding?
I tried using RSA_PKCS1_PADDING as a padding parameter but
Good day -
Can anyone offer some clues on
10280:error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt
error:.\ssl\s3_pkt.c:1275:SSL alert number 51
OpenSSL 1.01h is the server, running on Windows 7 Pro 64 bit.
Thanks,
Charles
Microsoft published today a new version of the KB 2992611
on the first patch, they modified the registry entry
key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CryptographyBeforce\Configuration\Local\SSL\00010002
, entry Functions
original list, before 11 november, and after 19 november
On https://support.microsoft.com/kb/2992611 we can read
Some customers have reported an issue that is related to the changes in
this release. These changes added the following new cipher suites to
Windows Server 2008 R2 and Windows Server 2012. In order to give customers
more control over whether
From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
Sent: Wednesday, November 19, 2014 14:08
10280:error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt
error:.\ssl\s3_pkt.c:1275:SSL alert number 51
http://tools.ietf.org/html/rfc5246.html#section-7.2
decrypt_error
From: owner-openssl-us...@openssl.org On Behalf Of Dan Si Atat
Sent: Wednesday, November 19, 2014 14:32
I am trying to emulate in OpenSSL java encryption algorithm.
When using RSA_public_encrypt are there parameters to emulate any of
these
combinations of parameters in Java?
Dave -
Thanks much.
Either there's a bug somewhere or you are being attacked (MitM'ed).
Unlikely I am being MitM'ed -- the connection is over a VPN. (Why TLS when
there is already a VPN in place? I am testing TLS software and the VPN is a
fact of life and my only client to server link.
Do
On 19/11/14 22:57, Charles Mills wrote:
Dave -
Thanks much.
Either there's a bug somewhere or you are being attacked (MitM'ed).
Unlikely I am being MitM'ed -- the connection is over a VPN. (Why TLS when
there is already a VPN in place? I am testing TLS software and the VPN is a
fact
On Wed, Nov 19, 2014, Matt Caswell wrote:
On 19/11/14 22:57, Charles Mills wrote:
User response: If the error occurred while executing
in FIPS mode, check that only FIPS key sizes are used.
Collect a System SSL trace containing the error and
then contact your service representative.
- DHE is 1024
- RSA is 2048
Server certificate:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=Charles Mills Consulting, LLC, ST=California,
C=US/emailAddress=charles
m...@mcn.org, O=Charles Mills
Hi all,
I would be very grateful if somebody could explain why the following
problem occurs:
a test vector with an AAD of 20 bytes created an authentication tag that is
not correct,
this could for instance be a padding bug in OpenSSL's GCM implementation.
Ref:
On Nov 19, 2014, at 5:03 PM, Maarten Bodewes maarten.bode...@gmail.com
wrote:
Hi all,
I would be very grateful if somebody could explain why the following problem
occurs:
a test vector with an AAD of 20 bytes created an authentication tag that is
not correct,
this could for
On Nov 19, 2014, at 6:09 PM, William McGovern w...@thaiglish.com wrote:
On Nov 19, 2014, at 5:03 PM, Maarten Bodewes maarten.bode...@gmail.com
mailto:maarten.bode...@gmail.com wrote:
Hi all,
I would be very grateful if somebody could explain why the following problem
occurs:
a
To be perfectly clear, the server is not OpenSSL itself but application code
that calls OpenSSL. The code is stable and in production and, as I said,
works if I do *not* turn on FIPS on the client. I could trace through the
calls if necessary.
Also, I will be out of the office all day Thursday so
On Nov 19, 2014, at 6:26 PM, William McGovern w...@thaiglish.com wrote:
On Nov 19, 2014, at 6:09 PM, William McGovern w...@thaiglish.com
mailto:w...@thaiglish.com wrote:
On Nov 19, 2014, at 5:03 PM, Maarten Bodewes maarten.bode...@gmail.com
mailto:maarten.bode...@gmail.com wrote:
On Nov 19, 2014, at 6:26 PM, William McGovern w...@thaiglish.com wrote:
On Nov 19, 2014, at 6:09 PM, William McGovern w...@thaiglish.com
mailto:w...@thaiglish.com wrote:
On Nov 19, 2014, at 5:03 PM, Maarten Bodewes maarten.bode...@gmail.com
mailto:maarten.bode...@gmail.com wrote:
21 matches
Mail list logo