-----Original Message----- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: 04 February 2009 15:20 To: openssl-users@openssl.org Subject: Re: OpenSSL command line HMAC
> On Wed, Feb 04, 2009, Young, Alistair wrote: > > > Well, having been trying this for a while, I'm having serious problems using this on a Linux platform. > Do you *have to* use FIPS? If not then using Java's crypto functions would be by far the easiest option. > > I could extend the openssl utility to support a hex key on the command line: it makes sense to do that anyway. > > JNI looks like the most effective option possibly round a very simple wrapper function but I'm not familiar with > it. > > Steve. Thanks Steve. Unfortunately we need to something with FIPS validation behind it, so the standard Java crypto libraries (or something like BouncyCastle) are out. It also means that we can't modify the OpenSSL source so would have to add wrappers if we wanted to extend its functionality. JNI is looking increasingly inevitable - but, of course, while I believe that the general OpenSSL libraries can be built with JNI bindings, this is not true of the FIPS build - so we'll have to write those ourselves too. If I find an alternative approach, I'll post it back to this list. Regards, Alistair. Please help Logica to respect the environment by not printing this email / Merci d'aider Logica à préserver l'environnement en évitant d'imprimer ce mail / Bitte drucken Sie diese Nachricht nicht aus und helfen Sie so Logica dabei die Umwelt zu schuetzen / Por favor ajude a Logica a respeitar o ambiente não imprimindo este correio electrónico. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
