Hello:
Is PKCS5_PBKDF2_HMAC() thread safe?
Thanks,
Bill
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager
Thank you Jeff. I will take a look. -Bill
On Nov 27, 2012, at 5:59 AM, Jeffrey Walton wrote:
On Mon, Nov 26, 2012 at 5:59 PM, Bill Durant cipherte...@gmail.com wrote:
Hello:
Is PKCS5_PBKDF2_HMAC() thread safe?
See the Is OpenSSL thread-safe? under the PROG section:
http://www.openssl.org
Hello:
Is it not possible to build a FIPS-capable OpenSSL with assembly language
optimization enabled in the fipscanister that works under non-SSE2 capable
processors?
On SUSE Linux Enterprise Server 10, I have built the fipscanister with assembly
language optimization enabled as follows:
Hello Jeffrey:
Thank you for the response.
So FIPS mode enable is supported on non-SSE2 processors *only* with a
fipscanister that is built with the no-asm option?
Thanks,
Bill
On Dec 19, 2012, at 1:13 AM, Jeffrey Walton wrote:
On Tue, Dec 18, 2012 at 11:15 PM, Bill Durant cipherte
Wow... That is certainly a very unfortunate limitation... Thank you for
clarifying... Bill
On Dec 19, 2012, at 6:40 AM, Steve Marquess wrote:
On 12/19/2012 05:21 AM, Bill Durant wrote:
Hello Jeffrey:
Thank you for the response.
So FIPS mode enable is supported on non-SSE2 processors
On Oct 13, 2010, at 11:27 AM, Dr. Stephen Henson wrote:
On Wed, Oct 13, 2010, Bill wrote:
Hi Steve,
Thank you for the suggestion but It did not help:
$ make
gcc -c foo.cpp -fPIC -Wall -I./openssl-0.9.8o-fips/include -I.
rm -f libfoo.so
FIPSLD_CC=gcc ./openssl-0.9.8o-fips/bin/fipsld -shared
mode is enabled.
Thanks,
Bill
On Oct 13, 2010, at 1:12 PM, Bill Durant wrote:
On Oct 13, 2010, at 11:30 AM, Michael S. Zick wrote:
On Wed October 13 2010, Bill wrote:
Hello Mike,
It is not a script:
=== Ubuntu 8.04
$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=8.04
Hello,
Is it possible to build the latest FIPS-capable OpenSSL as a universal
binary on Mac OS X similar to the following?
$ sw_vers
ProductName:Mac OS X
ProductVersion: 10.5.8
BuildVersion: 9L30
$ file /usr/lib/libcrypto.dylib
/usr/lib/libcrypto.dylib: Mach-O universal binary with 4
On Oct 13, 2010, at 11:30 AM, Michael S. Zick wrote:
On Wed October 13 2010, Bill wrote:
Hello Mike,
It is not a script:
=== Ubuntu 8.04
$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_RELEASE=8.04
DISTRIB_CODENAME=hardy
DISTRIB_DESCRIPTION=Ubuntu 8.04.4 LTS
$ which gcc
/usr/bin/gcc
$
On Oct 13, 2010, at 5:19 PM, William A. Rowe Jr. wrote:
On 10/13/2010 3:31 PM, Bill Durant wrote:
I am interested in building the static version of the FIPS-capable
OpenSSL as an universal
binary.
Three builds, per spec, of the FIPS canister. No tweaks, no
exceptions to
the security
On Oct 13, 2010, at 5:27 PM, William A. Rowe Jr. wrote:
On 10/13/2010 7:22 PM, Bill Durant wrote:
On Oct 13, 2010, at 5:19 PM, William A. Rowe Jr. wrote:
On 10/13/2010 3:31 PM, Bill Durant wrote:
I am interested in building the static version of the FIPS-
capable OpenSSL as an universal
Hello,
Does anyone know if the latest FIPS-capable OpenSSL can be used safely
by multi-threaded applications?
I have read the various FIPS-related docs for OpenSSL and did not see
any mention of thread support.
Per http://www.openssl.org/docs/crypto/threads.html, I understand that
the
Hello,
Does anyone know if mttest (crypto/threads/mttest.c) works with a FIPS-
capable OpenSSL?
I am trying it on Mac OS X 10.5.8. I am not sure if the test results
are expected or not.
Am I running or building mttest incorrectly?
Here are the details:
$ sw_vers
ProductName:Mac OS
I listened to your email using DriveCarefully and will respond as soon as I can.
Download DriveCarefully for free at www.drivecarefully.com
__
OpenSSL Project http://www.openssl.org
User Support
Hello,
Has anyone been able to build a working 64-bit version of the FIPS-capable
OpenSSL on Mac OS X 10.6.7 (SnowLeopard)?
I have built a 64-bit version of the fipscanister from openssl-fips-1.2.3 on
Mac OS X 10.6.7.
But fips_shatest and the openssl command are core dumping when I do a
Hello,
Has anyone been successful at calling FIPS_mode_set() from a 64-bit application
on SnowLeopard?
I have a one-line app that uses the 64-bit version of a FIPS-capable OpenSSL
but it core dumps when I call FIPS_mode_set(). The core dump occurs in
EVP_SignFinal().
If this is working
On May 24, 2011, at 3:58 PM, Dr. Stephen Henson wrote:
On Tue, May 24, 2011, ciphertexto wrote:
On May 24, 2011, at 4:18 AM, Dr. Stephen Henson wrote:
It can take a long time to execute sometimes as it performs two slow DH
parameter generation operations. Retry it a few times. If it still
On May 24, 2011, at 5:42 PM, Dr. Stephen Henson wrote:
On Tue, May 24, 2011, Bill Durant wrote:
On May 24, 2011, at 3:58 PM, Dr. Stephen Henson wrote:
On Tue, May 24, 2011, ciphertexto wrote:
On May 24, 2011, at 4:18 AM, Dr. Stephen Henson wrote:
It can take a long time to execute
Hello,
Does anyone know how to produce a FIPS-capable OpenSSL that works on Windows NT?
I have built the latest FIPS-capable OpenSSL (openssl-fips-1.2.3) with
openssl-0.9.8r using MS Visual Studio .NET 2003 on Windows 7.
I have a small app that uses the OpenSSL library (just
On Oct 5, 2011, at 8:08 AM, Dr. Stephen Henson wrote:
On Tue, Oct 04, 2011, William A. Rowe Jr. wrote:
On 10/4/2011 10:45 PM, Bill Durant wrote:
Does anyone know how to produce a FIPS-capable OpenSSL that works on
Windows NT?
It's likely not possible...
But when I run it under
On Oct 5, 2011, at 9:10 PM, William A. Rowe Jr. wrote:
On 10/5/2011 10:08 AM, Dr. Stephen Henson wrote:
On Tue, Oct 04, 2011, William A. Rowe Jr. wrote:
On 10/4/2011 10:45 PM, Bill Durant wrote:
But when I run it under Windows NT, I get the following run-time error:
The procedure
On Oct 5, 2011, at 12:15 PM, Dr. Stephen Henson wrote:
On Wed, Oct 05, 2011, Bill Durant wrote:
On Oct 5, 2011, at 8:08 AM, Dr. Stephen Henson wrote:
On Tue, Oct 04, 2011, William A. Rowe Jr. wrote:
On 10/4/2011 10:45 PM, Bill Durant wrote:
Does anyone know how to produce a FIPS-capable
On Oct 24, 2011, at 1:01 AM, Bill Durant wrote:
On Oct 5, 2011, at 12:15 PM, Dr. Stephen Henson wrote:
On Wed, Oct 05, 2011, Bill Durant wrote:
On Oct 5, 2011, at 8:08 AM, Dr. Stephen Henson wrote:
On Tue, Oct 04, 2011, William A. Rowe Jr. wrote:
On 10/4/2011 10:45 PM, Bill Durant wrote
Hello,
Has the AES key wrap feature been removed from the nightly OpenSSL in FIPS
mode?
I have built a FIPS-capable OpenSSL using the following:
ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111025.tar.gz
On Oct 25, 2011, at 4:17 AM, Dr. Stephen Henson wrote:
On Mon, Oct 24, 2011, Bill Durant wrote:
On Oct 24, 2011, at 4:00 PM, Dr. Stephen Henson wrote:
On Mon, Oct 24, 2011, Bill Durant wrote:
Hello Steve:
I downloaded
ftp://openssl.org/snapshot/openssl-fips-2.0-test-20111023.tar.gz
Hello,
What is the procedure for building a 64-bit FIPS-capable OpenSSL on Windows
from the following latest snapshots:
ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111028.tar.gz
ftp://ftp.openssl.org/snapshot/openssl-fips-2.0-test-20111028.tar.gz
On Oct 28, 2011, at 1:57 PM, Dr. Stephen Henson wrote:
On Fri, Oct 28, 2011, Bill Durant wrote:
Hello,
What is the procedure for building a 64-bit FIPS-capable OpenSSL on Windows
from the following latest snapshots:
ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111028
On Oct 28, 2011, at 3:51 PM, Dr. Stephen Henson wrote:
On Fri, Oct 28, 2011, Bill Durant wrote:
On Oct 28, 2011, at 1:57 PM, Dr. Stephen Henson wrote:
On Fri, Oct 28, 2011, Bill Durant wrote:
Hello,
What is the procedure for building a 64-bit FIPS-capable OpenSSL on
Windows from
Hello,
What is the procedure for building a FIPS-capable OpenSSL snapshot on Ubuntu
8.04.4 LTS from the following snapshots:
ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable-SNAP-20111031.tar.gz
On Nov 1, 2011, at 4:23 PM, Dr. Stephen Henson wrote:
On Tue, Nov 01, 2011, Bill Durant wrote:
Hello,
What is the procedure for building a FIPS-capable OpenSSL snapshot on Ubuntu
8.04.4 LTS from the following snapshots:
ftp://ftp.openssl.org/snapshot/openssl-1.0.1-stable
On Nov 1, 2011, at 4:34 PM, Bill Durant wrote:
On Nov 1, 2011, at 4:23 PM, Dr. Stephen Henson wrote:
On Tue, Nov 01, 2011, Bill Durant wrote:
Hello,
What is the procedure for building a FIPS-capable OpenSSL snapshot on
Ubuntu 8.04.4 LTS from the following snapshots:
ftp
Hello,
Does RAND_bytes() now defaults to the full implementation of NIST SP 800-90
DRBG, while in FIPS mode with the latest FIPS-capable OpenSSL 1.0.1?
Per code inspection, that is what it looks like. But just wanted to double
check to be 100% certain.
If that is the case, is the
32 matches
Mail list logo