Re: [openssl-users] Bleichenbacher Vulnerability

2017-12-19 Thread M K Saravanan
On 20 December 2017 at 14:21, haris iqbal wrote: > Wanted to know this, since my custom application uses an older version > of OpenSSL, and I wanted to be sure that it is not affected. Not answering your original question. But you can test it using one of the following

[openssl-users] Bleichenbacher Vulnerability

2017-12-19 Thread haris iqbal
Hi, I was wondering when exactly (the version) was the OpenSSL library patched for the Bleichenbacher Vulnerability? Since the Bleichenbacher Vulnerability had a number of variations, most recently ROBOT being one of them, I wanted to know whether OpenSSL is immune to this attack because of a

[openssl-users] Help to understand WPACKET API

2017-12-19 Thread Ananthaneni Saitejachowdary
Hi, I am trying to tweak openssl-master client to test a tls1.3 enabled server. I want to club the client certificate, client key exchange , change cipher spec and certificate verify into single handshake message.( So that the record shows up as multiple handshake messages). OpenSSL Version :

Re: [openssl-users] FIPS 2.0 build_tests using cross for ppc64

2017-12-19 Thread Salz, Rich via openssl-users
* My target can’t support native build environment, so I must use cross. * Is there any way to fix those errors? If you make any changes to the FIPS build procedure, then the result is not FIPS validated. I think the build procedure does not support cross-compiling very well, because

[openssl-users] FIPS 2.0 build_tests using cross for ppc64

2017-12-19 Thread Michael Fainstein
I am trying to build test suite using cross environment on Linux x86-64 for ppc64. Without setting FIPS_SIG I am getting error ../fips/fipsld: line 186: ./fips_hmactest: cannot execute binary file With FIPS_SIG=`pwd`/util/incore I am getting error from incore: ELF64 is supported only natively

Re: [openssl-users] SSL alert number 48

2017-12-19 Thread Jan Just Keijser
Hi, On 12/12/17 11:06, wizard2...@gmail.com wrote: Hi. Ok, I agree with you that the way I generate the certificates could not be the right one, but now I change the way and the problem remains. Please check the way I'm creating the certificates. I create a ROOT-CA entity and a

[openssl-users] FW: Help to understand WPACKET API

2017-12-19 Thread Sai Teja Chowdary
Hi, I am trying to tweak openssl-master client to test a tls1.3 enabled server. I want to club the client certificate, client key exchange , change cipher spec and certificate verify into single handshake message.( So that the record shows up as multiple handshake messages). OpenSSL Version :