[openssl-users] FIPS: Error compiling 1.0.1e: 'T' vs. 't'

Hello, There is a problem with compiling the openssl-1.0.1e.tar.gz sources against the FIPS 2.0 canister. On my machine the following is declared global: 000dd3c0 T private_AES_set_decrypt_key 000dd0f0 T private_AES_set_encrypt_key On another machine, they are declared local

[openssl-users] FIPS: Error compiling 1.0.1e: 'T' vs. 't'

Hello, There is a problem with compiling the openssl-1.0.1e.tar.gz sources against the FIPS 2.0 canister. On my machine the following is declared global:  000dd3c0 T private_AES_set_decrypt_key  000dd0f0 T private_AES_set_encrypt_key On another machine, they are declared local

Re: [openssl-users] SSL_ERROR_WANT_READ but nothing to read

On 17/03/15 00:51, Narada Hess wrote: HI, I have a client application using a single read-write socket in non-blocking mode. In C, on Linux, using openssl 1.0.1e. After the connection is established and all the initial handshaking is done, the client issues SSL_read(), then enters a loop

Re: [openssl-users] Forthcoming OpenSSL releases

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 17/03/15 00:32, Sec_Aficionado wrote: Thanks for the heads up. Just to confirm, is this highest severity defect a yet-to-be-disclosed vulnerability, or a fix for an already known one? This is a previously undisclosed vulnerability. Matt

Re: [openssl-users] FIPS: Problem building 1.0.1e: 'T' vs. 't'

From: Dr. Stephen Henson st...@openssl.org Date: 03/17/15 12:28 What are the two platforms? That is what does: First of all, I'm very, very sorry to have posted duplicates of the question.  The web-access email client is, was, a bit on the fuzzy side, stalling and reporting errors. It

Re: [openssl-users] TLS 1.2 message hiding.

Ok, so TLS does not handle this. The current draft of the TLS 1.3 specification includes a field to pad every data record. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] question about resigning a certificate

Hi I have done that and compared the output with diff The only differences are Serial number Signature algo Comment Signature. Alex From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Jakob Bohm Sent: Wednesday, 18 March 2015 6:50 AM To: openssl-users@openssl.org

Re: [openssl-users] SSL_ERROR_WANT_READ but nothing to read

In case anyone is following this thread, Matt's suggestion led to the solution. It turns out we weren't getting a packet from the remote end and all my angst was for naught. Thanks, Matt, for your help. N -Original Message- From: openssl-users

Re: [openssl-users] question about resigning a certificate

On 16/03/2015 02:46, Alex Samad - Yieldbroker wrote: Hi I had a sha1 signed CA and I issued other identity and CA certificates from this CA. With the deprecation of sha1 coming, I resigned my original CA (self signed) as sha512, with the same creation and expiry dates. I believe the only

Re: [openssl-users] Reg : SCEP using OPENSSL

If it fits your needs, you may want to look into using EST (RFC 7030) instead of SCEP. EST is the replacement for SCEP. The SCEP draft was never ratified. The libest open source project implements RFC 7030 and uses OpenSSL. It's available at https://github.com/cisco/libest. On 03/17/2015

[openssl-users] What is the format for a parameter file (-paramfile option)?

I am attempting to generate keys using genpkey, with the RSA options specified in a parameter file: openssl genpkey -paramfile keygen.params -out ftest.key -outform PEM However, I'm constantly getting the following error: Error reading parameter file keygen.params I can't find any

Re: [openssl-users] What is the format for a parameter file (-paramfile option)?

On Tue, Mar 17, 2015, Michael Stickles wrote: I am attempting to generate keys using genpkey, with the RSA options specified in a parameter file: openssl genpkey -paramfile keygen.params -out ftest.key -outform PEM However, I'm constantly getting the following error: Error

[openssl-users] FIPS: Problem building 1.0.1e : 'T' vs. 't'

Hello, There is a problem with compiling the openssl-1.0.1e.tar.gz sources against the FIPS 2.0 canister. On my machine the following is declared global: 000dd3c0 T private_AES_set_decrypt_key 000dd0f0 T private_AES_set_encrypt_key On another machine, they are declared local

Re: [openssl-users] FIPS: Problem building 1.0.1e : 'T' vs. 't'

On Tue, Mar 17, 2015, jonetsu wrote: Hello, There is a problem with compiling the openssl-1.0.1e.tar.gz sources against the FIPS 2.0 canister. On my machine the following is declared global: 000dd3c0 T private_AES_set_decrypt_key 000dd0f0 T private_AES_set_encrypt_key

[openssl-users] openssl 1.0.2 shared build's linking is not consistent - bin and libs linked to different libcrypto.so's

I'm trying to build a library self-consistent instance of openssl 1.0.2 on linux/64. Setting *FLAGS rpath, although the openssl binary links correctly against its own {libcrypto,libssl}.so, the libssl.so links against *system*, not its own, libcrypto. I've tried a bunch of combinations of

[openssl-users] FIPS: Error compiling 1.0.1e: 'T' vs. 't'

Hello, There is a problem with compiling the openssl-1.0.1e.tar.gz sources against the FIPS 2.0 canister. On my machine the following is declared global:  000dd3c0 T private_AES_set_decrypt_key  000dd0f0 T private_AES_set_encrypt_key On another machine, they are declared local

Re: [openssl-users] TLS 1.2 message hiding.

On 03/13/15 20:56, Salz, Rich wrote: I'm using TLS 1.2 with compression and was wondering if OpenSSL implements ways to hide the exact length of the message (may be using RFC 6066). No. What in 6066 were you thinking of trying to use? ___