All,
We are using OpenSSL 1.0.1e/FIPS 2.0.11 on CentOS6 x86_64 and I have a question
about the TLS GCM Cipher suites -
Do the TLS GCM suites satisfy the requirements of Section 8 of SP 800-38D ?
If I am reading the document right, the following are the requirements therein.
1) The
Hello Steve,
Even if a vendor letter is good for CMVP, how is the vendor supposed to know ?
I would say openssl should give such a tool so that vendor and the testing Lab
can know such things. It is more than critical that the applications link to
the intended crypto module. This convoluted
-users] Verifying the sha1 of fipscanister.o with what is
embedded in libcrypto.so
On 03/15/2016 05:24 PM, Satya Das wrote:
> Hello Steve,
>
> Even if a vendor letter is good for CMVP, how is the vendor supposed
> to know ?
Ummm, because the vendor is the one who created the validated
sedly secure. Such
build scripts are fundamentally insecure and should not
be used.
On 15/03/2016 05:26, Satya Das wrote:
>
> Hello Ethan,
>
> I am tweaking the centos rpmspec to use my fips object module. That
> seems to be downloading source tar ball, patching etc.
>
> Pl
Hello,
I have a simple problem I am trying to solve. I have built a fips capable
openssl shared object (.so). I also have the sha1 hash of the fipscanister.o in
a file called fipscanister.o.sha1. I also have the sha1 hash of fips_premain.c
in a file called fips_premain.c.sha1. In order to make
016 08:30 PM, Satya Das wrote:
> Hello,
>
>
>
> I have a simple problem I am trying to solve. I have built a fips
> capable openssl shared object (.so). I also have the sha1 hash of the
> fipscanister.o in a file called fipscanister.o.sha1. I also have the
> sha1 has
and the
final .so state.
On Mon, Mar 14, 2016 at 5:30 PM, Satya Das
<sa...@attivonetworks.com<mailto:sa...@attivonetworks.com>> wrote:
Hello,
I have a simple problem I am trying to solve. I have built a fips capable
openssl shared object (.so). I also have the sha1 hash of the fipscanister.
>What platform are you building? Is it a native or cross compile?
>You'd get that behaviour if fipsld isn't linking the binaries properly.
Thanks Steve. I am on centos 6, native compile. I saw " /libcrypto.so is not
cross-compiler aware." with fipsld linking until introducing -exe option to
Hello,
I am building a fips capable openssl package and running into a condition where
all binaries exit with a signature in the stdout. As far as I can tell it is
the incore hash. It seems FINGERPRINT_premain() is finding a ? in the
FINGERPRINT_ascii_value and branching to exit(0).
What am I
can I fix this error ?
-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Satya Das
Sent: Monday, March 28, 2016 5:48 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Binaries exit with signature bytes
>What platform are
10 matches
Mail list logo