Re: [openssl-users] Regarding FIPS capable openssl (I want to combine libcrypto.a and libssl.a)

Hi All, I am now able to solve this problem, myself. We need to do changes in fipsld script. Change 'crypto' or 'libcrypto' to whatever name (u want to specify for the lib) in fipsld utility script and that's it. Thanks, -Sahil Gandhi On Thu, Jun 30, 2016 at 9:28 AM, Sahil Gandhi

Re: [openssl-users] OpenSSL-1.1-pre5 SSL_CTX_set_tmp_dh_callback

On 01/07/16 11:24, pepone.onrez wrote: > Hi, > > I trying to update my software to use OpenSSL-1.1 and I having problems > with DH callbacks > > When build with 1.1.0-pre5 the callback set with SSL_CTX_set_tmp_dh_callback > is not being called, when using 1.0.x it is called as expected. > > I

[openssl-users] OpenSSL-1.1-pre5 SSL_CTX_set_tmp_dh_callback

Hi, I trying to update my software to use OpenSSL-1.1 and I having problems with DH callbacks When build with 1.1.0-pre5 the callback set with SSL_CTX_set_tmp_dh_callback is not being called, when using 1.0.x it is called as expected. I have build 1.1.0-pre5 from sources with default

Re: [openssl-users] OpenSSL s_time output meaning

I've created an OpenSSL engine in order to use the GPU for RSA operations (modular exponentiation) and I have integrated this engine with mod_ssl in the Apache web server. So, knowing about s_time command, I wanted to obtain the number of secured connections per sec that Apache can handle using my

[openssl-users] DSA with OpenSSL-1.1

Hi, After upgrade my software to use OpenSSL-1.1 one of the test is failing, the test in question client and server are configured to use DSA certificates. The server is configured to request a client certificate. SSL error occurred for new outgoing connection: remote address =

Re: [openssl-users] DSA with OpenSSL-1.1

On 01/07/16 14:29, pepone.onrez wrote: > Hi, > > After upgrade my software to use OpenSSL-1.1 one of the test is > failing, the test in question client and server are configured to use > DSA certificates. The server is configured to request a client > certificate. > >SSL error occurred for

Re: [openssl-users] OpenSSL s_time output meaning

Not answering the question, but that is a pretty cool thing you built! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

On 1 July 2016 at 15:39, Matt Caswell wrote: > > > On 01/07/16 14:29, pepone.onrez wrote: >> Hi, >> >> After upgrade my software to use OpenSSL-1.1 one of the test is >> failing, the test in question client and server are configured to use >> DSA certificates. The server is

Re: [openssl-users] OpenSSL-1.1-pre5 SSL_CTX_set_tmp_dh_callback

On 1 July 2016 at 12:31, Matt Caswell wrote: > > > On 01/07/16 11:24, pepone.onrez wrote: >> Hi, >> >> I trying to update my software to use OpenSSL-1.1 and I having problems >> with DH callbacks >> >> When build with 1.1.0-pre5 the callback set with SSL_CTX_set_tmp_dh_callback

Re: [openssl-users] OpenSSL s_time output meaning

> I'm not sure what use that information might be to you, since you haven't told us why you're running s_time in the first place. So that is why I am running s_time, to benchmark my customised Apache server. I had a little difficulty with its output. :D Best wishes, Dani Grosu On 1 July 2016 at

Re: [openssl-users] DSA with OpenSSL-1.1

On 01/07/16 15:22, pepone.onrez wrote: > On 1 July 2016 at 15:39, Matt Caswell wrote: >> >> >> On 01/07/16 14:29, pepone.onrez wrote: >>> Hi, >>> >>> After upgrade my software to use OpenSSL-1.1 one of the test is >>> failing, the test in question client and server are

Re: [openssl-users] DSA with OpenSSL-1.1

Hi, On Fri, 1 Jul 2016 15:29:53 +0200 "pepone.onrez" wrote: > After upgrade my software to use OpenSSL-1.1 one of the test is > failing, the test in question client and server are configured to use > DSA certificates. The server is configured to request a client >

[openssl-users] Unable to decrypt CMS object encrypted with EC prime256v1 certificate

Hi, we are testing OpenSSL interoperability with a third-party application, and we cannot decrypt a CMS object that is encrypted by the third-party application with a prime256v1 elliptic-curve certificate. I have attached the following files: demo_signer_ec_secp256r1.cms.der: DER-encoded

Re: [openssl-users] DSA with OpenSSL-1.1

On 1 July 2016 at 16:40, Matt Caswell wrote: > > > On 01/07/16 15:22, pepone.onrez wrote: >> On 1 July 2016 at 15:39, Matt Caswell wrote: >>> >>> >>> On 01/07/16 14:29, pepone.onrez wrote: Hi, After upgrade my software to use OpenSSL-1.1 one of

Re: [openssl-users] DSA with OpenSSL-1.1

On 1 July 2016 at 16:40, Hanno Böck wrote: > Hi, > > On Fri, 1 Jul 2016 15:29:53 +0200 > "pepone.onrez" wrote: > >> After upgrade my software to use OpenSSL-1.1 one of the test is >> failing, the test in question client and server are configured to use >>

Re: [openssl-users] DSA with OpenSSL-1.1

On 01/07/16 16:57, pepone.onrez wrote: > On 1 July 2016 at 16:51, pepone.onrez wrote: >> On 1 July 2016 at 16:40, Matt Caswell wrote: >>> >>> >>> On 01/07/16 15:22, pepone.onrez wrote: On 1 July 2016 at 15:39, Matt Caswell

[openssl-users] How to turn on certain elements in CMS objects

Hi, this message is related to another question that I sent with subject "Unable to decrypt CMS object encrypted with EC prime256v1 certificate". Below I have included the full ASN.1 dump of the CMS object generated by a third-party application. The CMS object has two properties that I so

Re: [openssl-users] DSA with OpenSSL-1.1

On 1 July 2016 at 16:51, pepone.onrez wrote: > On 1 July 2016 at 16:40, Matt Caswell wrote: >> >> >> On 01/07/16 15:22, pepone.onrez wrote: >>> On 1 July 2016 at 15:39, Matt Caswell wrote: On 01/07/16 14:29, pepone.onrez

Re: [openssl-users] DSA with OpenSSL-1.1

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Hanno Böck > Sent: Friday, July 01, 2016 08:40 > To: openssl-users@openssl.org > Subject: Re: [openssl-users] DSA with OpenSSL-1.1 > > I can't answer your question, but I have one to you: Why do you use DSA? > >

Re: [openssl-users] DSA with OpenSSL-1.1

> In short: Removing support for DSA in OpenSSL would prevent some of our > products from updating to 1.1.x for a significant length of time, probably > years. We have no plans to do that. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users