On Tue, Feb 02, 2016, Neptune wrote:
> FIPS Object Module 2.0.9
> OpenSSL 1.0.1l
> Platform: Win32
>
> I am attempting to statically link a FIPS-capable library into a .dll. The
> .dll is built without errors and by viewing the .dll in a hex editor I can
> see the correct HMAC is embedded
FIPS Object Module 2.0.9
OpenSSL 1.0.1l
Platform: Win32
I am attempting to statically link a FIPS-capable library into a .dll. The
.dll is built without errors and by viewing the .dll in a hex editor I can
see the correct HMAC is embedded within and correct, but the self test is
failing.
Thank you...that would explain why I'm suddenly having success when I give
our .dll a fixed address. Unfortunately, this is something we are trying to
avoid. Even more unfortunate is we are stuck with Win32 (at least for
another year) and linking to the executable is not a solution because the
dll
Thanks Steve.
I think the way to use OPENSSL_config() and openssl.conf to enable FIPS
mode basically still requires each application to explicitly invoke
OPENSSL_config() API in order to truly enable the FIPS mode, is that
correct?
If that's the case, then basically there's no way to really
Can someone please tell me how to verify the fix done for
CVE-2015-3197. I want to test 1.0.1r version for this issue.
>From the issue description I'm not able to understand what exactly
client and server doing.
Please tell me what packet client has to send or else please provide
me the packet
On 02/02/16 09:18, Martin Vegter wrote:
> On 1 February 2016 at 22:45, Viktor Dukhovni
> wrote:
>>
>> You're using internal function names that are not exported by the
>> libcrypto shared library on Debian systems. Use the EVP interface.
>>
>> In future versions of
On 02/02/16 07:52, Jakob Bohm wrote:
> I am trying to upgrade an existing 3rd party multithreaded server
> from OpenSSL 1.0.2c to 1.0.2f . However when I do so, it starts
> mishandling the close_notify "alert".
>
> 1.0.2f seems to send the close_notify alert unencrypted followed
> by an
On 1 February 2016 at 22:45, Viktor Dukhovni wrote:
>
> You're using internal function names that are not exported by the
> libcrypto shared library on Debian systems. Use the EVP interface.
>
> In future versions of OpenSSL constrained visibility of shared
> library
Hi,
I am the crazy guy who decided to continue in maintenance of
M2Crypto when everybody else wisely (?) left the ship.
Unfortunately (for M2Crypto), I am a Linux guy, so while I have
finally gave up and installed Windows X in VM, I am really lost
in the Windows APIs and we have currently
On 02/02/2016 11:40, Matt Caswell wrote:
On 02/02/16 07:52, Jakob Bohm wrote:
I am trying to upgrade an existing 3rd party multithreaded server
from OpenSSL 1.0.2c to 1.0.2f . However when I do so, it starts
mishandling the close_notify "alert".
1.0.2f seems to send the close_notify alert
On 02/02/16 11:24, Jakob Bohm wrote:
> On 02/02/2016 11:40, Matt Caswell wrote:
>> On 02/02/16 07:52, Jakob Bohm wrote:
>>> I am trying to upgrade an existing 3rd party multithreaded server
>>> from OpenSSL 1.0.2c to 1.0.2f . However when I do so, it starts
>>> mishandling the close_notify
Hi All:
Based on the OpenSSL FIPS user guide, the FIPS_mode_set API from the
OpenSSL FIPS modules run a the necessary self-tests.
I was wondering does the OPENSSL_config() API also run the self-tests?
Your suggestions are greatly appreciated.
Thanks.
On Mon, Feb 1, 2016 at 1:37 PM, security
On Tue, Feb 02, 2016, security veteran wrote:
> Hi All:
>
> Based on the OpenSSL FIPS user guide, the FIPS_mode_set API from the
> OpenSSL FIPS modules run a the necessary self-tests.
>
> I was wondering does the OPENSSL_config() API also run the self-tests?
>
Short answer: yes.
Longer
13 matches
Mail list logo