Hiya,
On 08/03/2021 02:37, Benjamin Kaduk wrote:
Hi Stephen :)
The API you'll want to use is EVP_PKEY_fromdata(); there's
a stubbed out example of using it to make an EVP_PKEY with
EC group parameters at
https://github.com/openssl/openssl/issues/14258#issuecomment-783351031
Hi Stephen :)
The API you'll want to use is EVP_PKEY_fromdata(); there's
a stubbed out example of using it to make an EVP_PKEY with
EC group parameters at
https://github.com/openssl/openssl/issues/14258#issuecomment-783351031
but the translation to also specify OSSL_PKEY_PARAM_PRIV_KEY
Hiya,
My question: how does one setup an EVP_PKEY for a NIST
curve (e.g. p256) key pair when one has the private key
in an octet string using the latest OpenSSL 3.0.0 high
level APIs?
I'm trying to get rid of deprecation warnings from my
code for HPKE [1] when dealing with NIST curves using
Hi,
I have been trying to implement TLS using OpenSSL libraries in C++. I was
able to successfully connect to a TLS server.
But our software requires it to disconnect and reconnect if i use the
reconnect option . It doesn't reconnect well after the 2nd attempt . Is
there any generalised code
On Wed, Mar 03, 2021 at 04:14:17PM +0530, Vadivel P wrote:
> Hi OpenSSL team,
>
> We are looking for the command line option or any other way to increase the
> DHE G Parameter length to 256 bytes, by default it's 2 now, we need to
> modify it as 256 byte on the server side for our
On Wednesday, 3 March 2021 11:44:17 CET, Vadivel P wrote:
Hi OpenSSL team,
We are looking for the command line option or any other way to increase the
DHE G Parameter length to 256 bytes, by default it's 2 now, we need to
modify it as 256 byte on the server side for our testing either
Hi OpenSSL team,
We are looking for the command line option or any other way to increase the
DHE G Parameter length to 256 bytes, by default it's 2 now, we need to
modify it as 256 byte on the server side for our testing either by command
line or with any other option.we need it for our local
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and
already comes with OpenSSL).
The idiosyncrasies are explained in the README.as400 file in AS400patch.tar.gz.
AS400patch.tar.gz (large patch for OpenSSL and other files):
https://drive.google.com/file/d
Done[1]
[1] https://github.com/openssl/openssl/issues/14257
On Fri, Feb 19, 2021 at 11:09 PM Dmitry Belyavsky wrote:
>
> Would you mind to raise the issue on GitHub with the reproduction?
>
> On Fri, 19 Feb 2021, 21:44 Alon Bar-Lev, wrote:
>>
>> Hi,
>>
>> I
Would you mind to raise the issue on GitHub with the reproduction?
On Fri, 19 Feb 2021, 21:44 Alon Bar-Lev, wrote:
> Hi,
>
> I am trying to analyze openssl sources, and it looks like the resign
> is implemented in an naive path that does not handle all cases.
>
> In other wor
Hi,
I am trying to analyze openssl sources, and it looks like the resign
is implemented in an naive path that does not handle all cases.
In other words, the CMS resign is not working in any case other than
the default execution path.
For example the -noattr is also not working.
I updated my
101BA3E2231FDF85FAB91872A081E37410905A09DAF530600BF9099B054B1DF869826E864A95F5D55DAE84A0CEC43E52F6D13574E1EF66A4E3A65883788E265D6C174211ADBCFEA96A9DD186887BFE040D6D0B59547D8763157D322F0307D7AF31
> 23B0ECFB11E1E7EA228861F4363DBA8D478A7E44F1DEB77A3904FBD90CAA41E291A2E094ABCBD5134146FB1C0F42
Thulasi Goriparthi <
> thulasi.goripar...@gmail.com> wrote:
>
>> I am able to reproduce this issue with 1.1.1j too.
>>
>> openssl version -a
>>
>> OpenSSL 1.1.1j 16 Feb 2021
>>
>> built on: Fri Feb 19 18:56:06 2021 UTC
>>
>> platform: darwi
Thanks!
Was about to write... I tested both 1.1 and master branches and result is
the same.
On Fri, 19 Feb 2021 at 21:04 Thulasi Goriparthi <
thulasi.goripar...@gmail.com> wrote:
> I am able to reproduce this issue with 1.1.1j too.
>
> openssl version -a
>
> OpenSS
I am able to reproduce this issue with 1.1.1j too.
openssl version -a
OpenSSL 1.1.1j 16 Feb 2021
built on: Fri Feb 19 18:56:06 2021 UTC
platform: darwin64-x86_64-cc
options: bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr)
compiler: cc -fPIC -arch x86_64 -g -Wall -DL_ENDIAN
On Fri, Feb 19, 2021 at 11:19:42PM +0530, Thulasi Goriparthi wrote:
> I am able to reproduce this issue with 1.1.1i
OpenSSL 1.1.1j has been released. Do you still see the problem with
1.1.1j?
--
Viktor.
Hi Alon,
I am able to reproduce this issue with 1.1.1i
echo "hello world" > msg
/* pkcs1 */
openssl cms -sign -in msg -text -signer cert1.pem -out 1.cms
openssl cms -verify -in 1.cms -CAfile ca.pem
openssl cms -resign -in 1.cms -signer cert2.pem -out 2.cms
openssl cms -ver
Hello OpenSSL masters,
Can someone please try to reproduce the below issue?
Thanks,
Alon
On Sat, 13 Feb 2021 at 23:23 Alon Bar-Lev wrote:
> Hello,
>
> I am trying to resign a CMS using the openssl tool.
>
> When I use RSA-PKCS1 everything is working fine.
>
> When I use
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 3.0 alpha 12 released
=
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
OpenSSL 3.0 is currently in alpha.
OpenSSL 3.0 alpha 12 has now been made
On Tue, Feb 16, 2021 at 8:56 PM Viktor Dukhovni
wrote:
> > On Feb 16, 2021, at 1:34 PM, Hubert Kario wrote:
> >
> > the whole problem is that if you trust the date in the timestamp as the
> date the timestamp was created, attacker can compromise the TSA key years
> after
> > it was last used
> On Feb 16, 2021, at 1:34 PM, Hubert Kario wrote:
>
> the whole problem is that if you trust the date in the timestamp as the date
> the timestamp was created, attacker can compromise the TSA key years after
> it was last used and then create timestamps that look like they have been
> created
On Tue, Feb 16, 2021 at 4:34 PM Hubert Kario wrote:
> On Tuesday, 16 February 2021 15:54:24 CET, Matthias Buehlmann wrote:
> > Hello Hubert (sorry, replied to your e-mail address directly before
> instead
> > of the mailing list),
> >
> > thank you for your reply, but I don't think you're
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL Security Advisory [16 February 2021]
Null pointer deref in X509_issuer_and_serial_hash() (CVE-2021-23841)
Severity: Moderate
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 1.1.1j released
===
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.1.1j of our open
On Tuesday, 16 February 2021 15:54:24 CET, Matthias Buehlmann wrote:
Hello Hubert (sorry, replied to your e-mail address directly before instead
of the mailing list),
thank you for your reply, but I don't think you're correct that timestamp
tokens expire together with the signing certificate!
03:35:32 CET, Matthias Buehlmann wrote:
> > If openssl ts -verify is used, what exactly is verified?
> >
> > For example, while the [-crl_check] [-crl_check_all] and
> > [-extended_crl] verify options are supported, there is no way to pass
> > CRLs to the call. So, is a
On Tuesday, 16 February 2021 03:35:32 CET, Matthias Buehlmann wrote:
If openssl ts -verify is used, what exactly is verified?
For example, while the [-crl_check] [-crl_check_all] and
[-extended_crl] verify options are supported, there is no way to pass
CRLs to the call. So, is anything checked
If openssl ts -verify is used, what exactly is verified?
For example, while the [-crl_check] [-crl_check_all] and
[-extended_crl] verify options are supported, there is no way to pass
CRLs to the call. So, is anything checked for revocation?
How are timestamps verified for which the signing
On Mon, Feb 15, 2021 at 02:06:17PM +0100, Richard Levitte wrote:
> Hmmm, I have never seen that (apart from in one of my own development
> branches, but that never reached the main source).
>
> If you want anyone to look into it, it would be a good idea to show us what
> your configuration is.
Hmmm, I have never seen that (apart from in one of my own development branches,
but that never reached the main source).
If you want anyone to look into it, it would be a good idea to show us what
your configuration is. The output from this command is recommended:
perl configdata.pm -d
Anyome running tests running into an infinite loop
on 04-test_encoder_decoder_legacy.t ?
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism
On Sat, Feb 13, 2021 at 11:34 PM Quanah Gibson-Mount wrote:
> --On Saturday, February 13, 2021 11:23 PM +0200 Alon Bar-Lev
> wrote:
>
> > I prepared a demo[1] to help people reproduce the issue, tested with
> > openssl-1.1.1i.
>
> Maybe <https://github.co
--On Saturday, February 13, 2021 11:23 PM +0200 Alon Bar-Lev
wrote:
I prepared a demo[1] to help people reproduce the issue, tested with
openssl-1.1.1i.
Maybe <https://github.com/openssl/openssl/issues/13931> ?
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corpo
Hello,
I am trying to resign a CMS using the openssl tool.
When I use RSA-PKCS1 everything is working fine.
When I use RSA-PSS it seems like the asn1 is produced corrupted, I do not
see the signature in asn1dump.
I prepared a demo[1] to help people reproduce the issue, tested with
openssl
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
The OpenSSL project team would like to announce the forthcoming
release of OpenSSL version 1.1.1j.
This release will be made available on Tuesday 16th February 2021
between 1300-1700 UTC.
OpenSSL 1.1.1j is a security-fix release. The highest
Have a look at the openssl-fipsinstall manual page.
The self tests are run when the FIPS provider is installed.
You can run the install manually using:
openssl fipsinstall -module ./fips.so -out fips.cnf -provider_name fips
I think that a verify command will also run them:
openssl
Hello,
Can any one tell , how to run POST tests in openssl-3.0.0.
Regards,
N
Anyone knows why 04-test_encoder_decode_legacy.t is spinning its wheels?
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
OpenSSL version 3.0 alpha 11 released
=
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
OpenSSL 3.0 is currently in alpha.
OpenSSL 3.0 alpha 11 has now been made
ca
> Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist
> rising!
> Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b
>
> Born 29 Jan 1969 Redhill, Surrey, UK
>
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
On 1/25/21 6:56 AM, The Doctor wrote:
Anyone using BSD running into basename issues?
I have not, but my use of 3.0 has been limited to KTLS testing
with nginx. Are you referring to whether or not the string
returned by basename(3) is part of the input string or whether
it is a copy stored in
Anyone using BSD running into basename issues?
--
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b
Born
On 1/25/21, 10:13, "openssl-users on behalf of The Doctor"
wrote:
Anyone using BSD running into basename issues?
Basename issues on MacOS. Presumably the same as you're having on BSD.
smime.p7s
Description: S/MIME cryptographic signature
ing 2048 bits public rsa's for 10s: 15663 2048 bits public RSA's in 10.02s
For further testing, I added back no-asm and my speed tests were in line with
the downloaded openssl binary I was testing with.
Doing 2048 bits private rsa's for 10s: 1868 2048 bits private RSA's in 10.00s
Doing 2048 bits
-Original Message-
From: openssl-users On Behalf Of Michael
Wojcik
Sent: Thursday, January 21, 2021 9:28 AM
To: openssl-users@openssl.org
Subject: RE: OpenSSL 1.1.1g Windows build slow rsa tests
> >From: openssl-users On Behalf Of
> >Dr Paul Dale
> >Sent: Wednesday
> From: openssl-users On Behalf Of Dr Paul
> Dale
> Sent: Wednesday, 20 January, 2021 19:28
>
> I'd suggest giving a build without the no-asm option a try. The
> performance difference is usually quite significant.
I agree. It just doesn't explain what Dan's email claims.
&
On 21/1/21 10:37 am, Michael Wojcik wrote:
From: openssl-users On Behalf Of Dr Paul
Dale
Sent: Wednesday, 20 January, 2021 16:19
Try building without the no-asm configuration option.
That was my first thought, but according to Dan's message, the firedaemon
version is also built with no-asm
> From: openssl-users On Behalf Of Dr Paul
> Dale
> Sent: Wednesday, 20 January, 2021 16:19
>
> Try building without the no-asm configuration option.
That was my first thought, but according to Dan's message, the firedaemon
version is also built with no-asm.
The only relevant di
Try building without the no-asm configuration option.
Pauli
On 21/1/21 6:18 am, Dan Heinz wrote:
Hello,
I’m building openssl 1.1.1g on multiple platforms and I found that the
rsa speed tests are significantly slower in my build than on the other
OS platforms (Linux and macOS).
I
Hello,
I'm building openssl 1.1.1g on multiple platforms and I found that the rsa
speed tests are significantly slower in my build than on the other OS platforms
(Linux and macOS).
I downloaded a Windows 64-bit binary distribution of openssl from
https://kb.firedaemon.com/support/solutions
On Wed, Jan 20, 2021 at 11:33:21AM +0530, Harish Kulkarni wrote:
> I am working on memory analysis of OpenSSL. One of the observation is the
> memory allocated by d2i_X509() API (returned in x) is not being freed after
> the connection is closed.. and this memory is stored as part of se
I am working on memory analysis of openssl. One of the observation is the
memory allocated by d2i_X509() API (returned in x) is not being freed after
the connection is closed.. and this memory is stored as part of session.. i
want to limit number of sessions which we cache for re-use
On Wed, Jan 20, 2021 at 08:55:13AM +0530, Harish Kulkarni wrote:
> For some experiments i want to stop session re-use in openssl.. is there a
> way to stop reusing of same session?.
Your question is not sufficiently specific. Are you looking to not
reuse a session in an client or a
Hello All,
For some experiments i want to stop session re-use in openssl.. is there a
way to stop reusing of same session?.
-thanks
harish
Hello All,
Happy new year and Wish you all the best in 2021.
I am doing a browser memory leak investigation.. as part of the
investigation, we are using heaptrack and our observation is top-most
memory allocation happens in openssl with following memory allocation
back-trace.
>From
On 12/01/2021 04:23, Gimhani Uthpala wrote:
> Hi team,
> https://www.openssl.org/docs/man1.0.2/man3/CRYPTO_set_locking_callback.html
> : From this , learnt that for openssl multi-threaded applications to be
> run safely, the callback functions to be implemented.
>
> I am usi
Hi,
On 07/01/21 23:53, Gimhani Uthpala wrote:
On Thu, Jan 7, 2021 at 3:08 AM Ken Goldman <mailto:kgold...@us.ibm.com>> wrote:
On 1/6/2021 12:10 PM, Gimhani Uthpala wrote:
> I am getting seg-faults at openssl level. This only
occurred very randomly and the followin
Hi team,
https://www.openssl.org/docs/man1.0.2/man3/CRYPTO_set_locking_callback.html
: From this , learnt that for openssl multi-threaded applications to be
run safely, the callback functions to be implemented.
I am using this in a multi-threaded application and Above scenario was
again
On 2021-01-07 18:05, Ken Goldman wrote:
On 1/7/2021 10:11 AM, Michael Wojcik wrote:
$ cat /etc/redhat-release && openssl version
CentOS Linux release 7.9.2009 (Core)
OpenSSL 1.0.2k-fips 26 Jan 2017
Ugh. Well, OP should have made that clear in the original message.
And thi
From: Gimhani Uthpala
To: Ken Goldman
Cc: openssl-users@openssl.org
Date: 01/07/2021 05:53 PM
Subject:[EXTERNAL] Re: Random and rare Seg faults at openssl library
level
I only have this 1.0.2.k-fips one version installed in both compiling and
running
On Thu, Jan 7, 2021 at 3:08 AM Ken Goldman wrote:
> On 1/6/2021 12:10 PM, Gimhani Uthpala wrote:
>
> > I am getting seg-faults at openssl level. This only occurred very
> randomly and the following are stacks that seg faults at openssl level in
> the given 2 cases. We are us
code analysis, source code review, testing
> variants, tracing, fuzzing, post-mortem analysis, and so on. This isn't
> specific to OpenSSL.
> >
> > But you're asking the wrong question. The correct question is: Why are
> you using an outdated version of OpenSSL?
>
>
On Thu, Jan 7, 2021 at 1:51 PM Jan Just Keijser wrote:
> Hi,
>
> On 06/01/21 18:10, Gimhani Uthpala wrote:
>
> Dear team,
> I'm running an application which uses openssl for secure communication
> between processes. I am getting seg-faults at openssl level. This only
>
John,
I guess you received this mail because you are subscribed to the openssl-users
mailing list.
(You might also be subscribed to the openssl-announce mailing list, but that's
less likely.)
To unregister from the list, please visit
https://mta.openssl.org/mailman/listinfo/openssl-users
On 1/7/2021 10:11 AM, Michael Wojcik wrote:
$ cat /etc/redhat-release && openssl version
CentOS Linux release 7.9.2009 (Core)
OpenSSL 1.0.2k-fips 26 Jan 2017
Ugh. Well, OP should have made that clear in the original message.
And this is one of the problems with using an OpenSSL
> From: Jan Just Keijser
> Sent: Thursday, 7 January, 2021 01:23
>
> On 06/01/21 21:57, Michael Wojcik wrote:
> >
> >
> > But you're asking the wrong question. The correct question is: Why are you
> > using an outdated version of OpenSSL?
>
> possi
Please remove my email from your distribution
> On Jan 7, 2021, at 9:08 AM, OpenSSL wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
>
> OpenSSL version 3.0 alpha 10 released
> =====
>
> OpenSSL - The O
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 3.0 alpha 10 released
=
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
OpenSSL 3.0 is currently in alpha.
OpenSSL 3.0 alpha 10 has now been made
On 06/01/2021 17:10, Gimhani Uthpala wrote:
> I am setting context to use SSLv23_method() s. However, I can see
> ssl3_ methods being called. Is there any issue with that?
Just answering this one side question: no, this is normal behaviour.
Matt
ing, symbolic
>> execution, static code analysis, source code review, testing variants,
>> tracing, fuzzing, post-mortem analysis, and so on. This isn't specific to
>> OpenSSL.
>>
>> But you're asking the wrong question. The correct question is: Why are you
>&
analysis, and so on. This isn't specific to OpenSSL.
But you're asking the wrong question. The correct question is: Why are you
using an outdated version of OpenSSL?
possibly because:
$ cat /etc/redhat-release && openssl version
CentOS Linux release 7.9.2009 (Core)
OpenSSL 1.0.2k-fips 26 Jan 2017
?
Hi,
On 06/01/21 18:10, Gimhani Uthpala wrote:
Dear team,
I'm running an application which uses openssl for secure communication
between processes. I am getting seg-faults at openssl level. This only
occurred very randomly and the following are stacks that seg faults
at openssl level
On 1/6/2021 12:10 PM, Gimhani Uthpala wrote:
I am getting seg-faults at openssl level. This only occurred very randomly and
the following are stacks that seg faults at openssl level in the given 2
cases. We are using openssl 1.0.2k.
The usual cause is that you are compiling with one
On 06/01/2021 20:57, Michael Wojcik wrote:
But you're asking the wrong question. The correct question is: Why are you
using an outdated version of OpenSSL?
--
Michael Wojcik
:whip-crack: !
> From: openssl-users On Behalf Of Gimhani
> Uthpala
> Sent: Wednesday, 6 January, 2021 10:10
> I'm running an application which uses openssl for secure communication between
> processes. I am getting seg-faults at openssl level. This only occurred very
> randomly and the fo
Dear team,
I'm running an application which uses openssl for secure communication
between processes. I am getting seg-faults at openssl level. This only
occurred very randomly and the following are stacks that seg faults at
openssl level in the given 2 cases. We are using openssl 1.0.2k.
Went
> From: openssl-users On Behalf Of Matt
> Caswell
> Sent: Tuesday, 5 January, 2021 09:35
>
> On 05/01/2021 11:41, y vasavi wrote:
> >
> > We currently FOM 2.0 module for FIPS certification.
> > It doesn't have support for RSA Key generation(186-4)
> &
On Tue, Jan 05, 2021 at 04:34:36PM +, Matt Caswell wrote:
>
>
> On 05/01/2021 11:41, y vasavi wrote:
> >
> > Hi All,
> >
> > We currently FOM 2.0 module for FIPS certification.
> > It doesn't have support for RSA Key generation(186-4)
> >
> > Are there any patches available ?
>
>
icial ones).
The 3.0 module which will be part of OpenSSL 3.0 when it is released
supports 186-4 RSA Key gen.
Matt
>
> Thanks,
> Vasavi.
Hi All,
We currently FOM 2.0 module for FIPS certification.
It doesn't have support for RSA Key generation(186-4)
Are there any patches available ?
Thanks,
Vasavi.
@Jochen Bern
Thanks for your reply!
I didn't describe the problem clearly due to lack of tls domain knowledge.
Now I know my cert is self-signed end entity cert, and the statement I
found
on openssl website does not apply to me. The behavior is similar(Actually
not the same,
since my two certs
: Chris Outwin
Sent: Monday, December 28, 2020 9:43 PM
To: Dr. Matthias St. Pierre
Subject: Re: SHA256 openssl-1.1.1i Checksum Error
Thank you for your prompt reply. Removing the quotes from VERSION=“1.1.1i”
allowed the script to run.
On Dec 28, 2020, at 12:49 PM, Dr. Matthias St. Pierre
> From: openssl-users On Behalf Of Dr.
> Matthias St. Pierre
> Sent: Monday, 28 December, 2020 11:50
> I have no experience with zsh, but it seems that quoting is handled
> differently by zsh?
Is the problem that quoting is handled differently, or that he actually had
Unic
> From: openssl-users On Behalf Of Jochen
> Bern
> Sent: Friday, 25 December, 2020 03:37
I believe David von Oheimb has already provided a solution for the original
problem in this thread (setting subjectKeyIdentifier and authorityKeyIdentifer
lets OpenSSL pick the right certifi
> From: openssl-users On Behalf Of Jochen
> Bern
> Sent: Friday, 25 December, 2020 03:37
I believe David von Oheimb has already provided a solution for the original
problem in this thread (setting subjectKeyIdentifier and authorityKeyIdentifer
lets OpenSSL pick the right certifi
I have no experience with zsh, but it seems that quoting is handled differently
by zsh?
At least it looks like the double quotes ended up in the GET line and you
simply received
an HTTP 404 Not Found (which is the reason why your digest isn’t correct.)
HTH,
Matthias
> GET /source/open
This is my first post. OpenSSL is not my forte.
The code below returns an unexpected checksum value for openssl-1.1.1i..
Strangely, when the same code is run for a previous version, the correct
checksum value is returned. Here is what I’ve tried:
1. Downloaded the current SHA256 value
On 25.12.20 00:35, openssl-users-requ...@openssl.org digested:
> Message: 3
> Date: Fri, 25 Dec 2020 07:35:40 +0800
> From: ???
>
> @Jochen actually, the certs have different SN, which indeed is not
> consistent with the man doc.
... how so? Different certs having dif
In openssl 1.1.1,
I see that this bn_mod_exp function is called from "rsa_ossl_public_decrypt"
:
566 if (!rsa->meth->bn_mod_exp(ret, f, rsa->e, rsa->n, ctx,
567rsa->_method_mod_n)) {
568 goto err;
569 }
so we are do
On Tue, Dec 22, 2020 at 3:45 AM prudvi raj wrote:
>
> Hello all,
>
> We use a hardware accelerator to calculate BIGNUM rr = a^p mod m .(
> bn_mod_exp). I am trying to rewrite that logic for openssl 1.1.1. Code
> snippet of custom bn_mod_exp function:
&
Hello all,
We use a hardware accelerator to calculate BIGNUM rr = a^p mod m .(
bn_mod_exp). I am trying to rewrite that logic for openssl 1.1.1. Code
snippet of custom bn_mod_exp function:
--
if(rr->d)
{
OPENSSL_free(rr->d);
}
rr->d = ( BN_ULONG * )( mallo
elerated functions for bn_mod_exp methods in
> > openssl 1.1.1, while upgrading for openssl 1.0.2. Here's the code
> > snippet () :
> > --
> > static DH_METHOD Intoto_DH_Method;
> > static RSA_METHOD Intoto_RSA_Method;
> >
On Thu, 2020-12-17 at 15:16 +0530, prudvi raj wrote:
> Hi,
>
> I need to set custom accelerated functions for bn_mod_exp methods in
> openssl 1.1.1, while upgrading for openssl 1.0.2. Here's the code
> snippet () :
> --
> static DH_METHOD Intoto_DH_Method;
&g
Hi,
I need to set custom accelerated functions for bn_mod_exp methods in
openssl 1.1.1, while upgrading for openssl 1.0.2. Here's the code snippet
() :
--
static DH_METHOD Intoto_DH_Method;
static RSA_METHOD Intoto_RSA_Method;
static DSA_METHOD Intoto_DSA_Method;
void
Hi,
I am trying to connect SSL server through windows mobile, but when I add
connection code not able to execute the executable in emulator.
It says the specified program requires a newer version of windows. But when
I remove openssl code I can able to execute in emulator.
Please help.
Regards
On 14/12/2020 16:04, Thulasi Goriparthi wrote:
> Hello,
>
> Is it acceptable for an openssl provider to implement an algorithm
> (rsaEncryption) as asym_cipher or signature algorithm without
> implementing corresponding keymgmt or redirecting the same to the
> 'default' pr
Hello,
Is it acceptable for an openssl provider to implement an algorithm
(rsaEncryption) as asym_cipher or signature algorithm without implementing
corresponding keymgmt or redirecting the same to the 'default' provider?
I ask, as our engine implementation handles key import dynamically at time
s a new problem, and I cannot find any tipps via
> > google.
> >
> > For all the coding a have looked into the openssl examples.
> >
> > I create a private key per code, the "openssl rsa -in
> > test_privatekey.pem -check" is fine
> >
> > I
find any tipps via google.
For all the coding a have looked into the openssl examples.
I create a private key per code, the "openssl rsa -in
test_privatekey.pem -check" is fine
I create a certificate request per code, "openssl req -text -noout
-verify -in test_request.pem"
This port is for ILE (native OS/400) not PASE (PASE is almost like Unix, and
already comes with OpenSSL).
The idiosyncrasies are explained in the README.as400 file in AS400patch.tar.gz.
AS400patch.tar.gz (large patch for OpenSSL and other files):
https://drive.google.com/file/d
901 - 1000 of 23554 matches
Mail list logo
