Hi,
The RSA_private_decrypt() function is proved to be costlier on my system.
I will try for some hardware cards (PCI or over the network), which will help
me perform asymmetric decryption in case of Premaster-decryption.
I am looking at information on Thales nShield, SafeNet Luna devices.
I saw the message below on the mailing list. I have run into a situation
where I have a CMS using the PSS padding and I wanted to see if this
might be implemented by now in CMS_verify.
If not, I have some experience working with the openssl source code, but
some pointers would be appreciated.
Hi,
X509_STORE_add_cert() would add a certificate to the list of trusted
certificates in the ctx. What is the way to remove a certificate from this
trusted store? Am not finding any function to remove the certificate. Can
anyone of you suggest a way to remove the certificate from this trusted
On 01/04/2013 03:45 AM, Jeffrey Walton wrote:
Hi All,
I'm wondering how the single pass linker affects symbol resolution. If
I specify:
fipscanister.o libcrpyto.a
the linker will resolve symbols preferring the cryptography from
fipscanister.o, then from libcrpyto.a. After
On Fri, Jan 4, 2013 at 9:58 AM, Tayade, Nilesh
nilesh.tay...@netscout.com wrote:
Hi,
The RSA_private_decrypt() function is proved to be costlier on my system.
I will try for some hardware cards (PCI or over the network), which will help
me perform asymmetric decryption in case of
Hi,
I am experiencing an issue that has to do with the PKCS padding. I am using AES
with CBC mode. When padding is enabled and the plain text buffer is size a
multiple of the block size, the call to 'EVP_EncryptFinal_ex()' adds an entire
extra block to the cipher text. If the input is a
On Fri, Jan 4, 2013 at 10:56 AM, Steve Marquess
marqu...@opensslfoundation.com wrote:
On 01/04/2013 03:45 AM, Jeffrey Walton wrote:
Hi All,
I'm wondering how the single pass linker affects symbol resolution. If
I specify:
fipscanister.o libcrpyto.a
the linker will resolve symbols
On Fri, Jan 4, 2013 at 11:21 AM, Jeffrey Walton noloa...@gmail.com wrote:
On Fri, Jan 4, 2013 at 10:56 AM, Steve Marquess
marqu...@opensslfoundation.com wrote:
On 01/04/2013 03:45 AM, Jeffrey Walton wrote:
Either the libcrypto.a is from a FIPS
capable OpenSSL build, in which case it
On 01/04/2013 11:36 AM, Jeffrey Walton wrote:
...
OK. So here is the point of confusion for me. 2.5 Relationship to the
OpenSSL API, page 19 of the User Guide:
Applications linked with the FIPS Object Module
and with the separate OpenSSL libraries can use
both the FIPS
On 01/04/2013 11:21 AM, Jeffrey Walton wrote:
...
In my final application, I always link against libcrypto.a. Period. I
never link against fipscanister.o. Period.
That is as it should be. In general the application developer should not
be referencing fipscanister.o, only the sysadmin
I'm still having the same original fingerprint error when I start Apache.
[Fri Jan 04 20:22:27.251329 2013] [ssl:emerg] [pid 27764:tid 1] AH01885:
FIPS mode failed
[Fri Jan 04 20:22:27.251488 2013] [ssl:emerg] [pid 27764:tid 1] SSL
Library Error: error:2D06B06F:FIPS
11 matches
Mail list logo
