Hello,
Does anyone know if mttest (crypto/threads/mttest.c) works with a FIPS-
capable OpenSSL?
I am trying it on Mac OS X 10.5.8. I am not sure if the test results
are expected or not.
Am I running or building mttest incorrectly?
Here are the details:
$ sw_vers
ProductName:Mac OS X
Hello,
Does anyone know if the latest FIPS-capable OpenSSL can be used safely
by multi-threaded applications?
I have read the various FIPS-related docs for OpenSSL and did not see
any mention of thread support.
Per http://www.openssl.org/docs/crypto/threads.html, I understand that
the "
> From: owner-openssl-us...@openssl.org On Behalf Of Harakiri
> Sent: Tuesday, 02 November, 2010 10:06
> > BIO_set_flags(b64,BIO_FLAGS_BASE64_NO_NL)
> >
> > Output doesn't generate (any) linebreaks. Input doesn't
> > REQUIRE them every <80, but does ALLOW them anywhere.
Sorry, but it looks like
Bruce Stephens writes:
> "Dr. Stephen Henson" writes:
>
> [...]
>
>> Is that unmodified OpenSSL 0.9.8o? If so that's peculiar I get the expected
>> error here.
>
> No, it's Debian's 0.9.8o-2.
Ah, my fault. Obvious in retrospect: Debian's openssl finds the root
cert because it's in the ca-certi
"Dr. Stephen Henson" writes:
[...]
> Is that unmodified OpenSSL 0.9.8o? If so that's peculiar I get the expected
> error here.
No, it's Debian's 0.9.8o-2.
[...]
__
OpenSSL Project http://www.op
Bruce Stephens wrote:
> Erik Tkal writes:
>
>> Maybe that's a bug in OpenSSL 0.9.8o? The docs for verify say "It is
>> an error if the whole chain cannot be built up."
>
> Maybe, but I think it's just as reasonable to regard it as a bug in the
> docs.
>
> I think it's useful for verify to be a
Erik Tkal writes:
> Maybe that's a bug in OpenSSL 0.9.8o? The docs for verify say "It is
> an error if the whole chain cannot be built up."
Maybe, but I think it's just as reasonable to regard it as a bug in the
docs.
I think it's useful for verify to be able to verify chains from trust
anchor
Erik Tkal wrote:
> Your "rootcacert" is not a root cert, as it was issued by "C=US, ST=UT,
> L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com,
> CN=UTN-USERFirst-Client Authentication and Email". You need to append that
> cert as well to your CAfile.
Shouldn't it be possible
On Wed, Nov 03, 2010, Bruce Stephens wrote:
> Erik Tkal writes:
>
> > Hi Michael,
> >
> > Your "rootcacert" is not a root cert, as it was issued by "C=US,
> > ST=UT, L=Salt Lake City, O=The USERTRUST Network,
> > OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication
> > and Email".
Maybe that's a bug in OpenSSL 0.9.8o? The docs for verify say "It is an error
if the whole chain cannot be built up."
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@o
On Wed, Nov 3, 2010 at 9:12 AM, David Schwartz wrote:
> On 11/2/2010 6:25 PM, Md Lazreg wrote:
>
>> r=select(m_sock_fd + 1, &fds, 0, 0, ptv);
>> if (r <= 0 && (Errno == EAGAIN || Errno == EINTR))/*if we timed
>> out with EAGAIN try again*/
>> {
>> r = 1;
>>
Erik Tkal writes:
> Hi Michael,
>
> Your "rootcacert" is not a root cert, as it was issued by "C=US,
> ST=UT, L=Salt Lake City, O=The USERTRUST Network,
> OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication
> and Email". You need to append that cert as well to your CAfile.
That
On Wed, Nov 03, 2010, Naama Bar Menachem wrote:
> Hi
>
> I need to cross-compile openSSL when my host is "i686-pc-linux-gnu" and
> the target is "mips64-octeon-linux-gnu"?
>
> On the ./Configure oprions I don't see any matching platform
>
>
You can set the environment variables MACHINE, RELE
Hi Michael,
Your "rootcacert" is not a root cert, as it was issued by "C=US, ST=UT, L=Salt
Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com,
CN=UTN-USERFirst-Client Authentication and Email". You need to append that
cert as well to your CAfile.
Erik
HI!
I'm feeling dumb since this simple command fails and I cannot see why:
$ openssl verify -CAfile rootcacert.pem subcacert.pem
subcacert.pem: C = DE, O = SCA Deutsche Post Com GmbH, CN = Signtrust CERT
Root CA 1:PN
error 2 at 1 depth lookup:unable to get issuer certificate
I've attached the ce
Hi,
I want to copy an x509_store variable in another one which have the same
type (x509_store).
is there a method like (memcopy in c++) which copy from x509_store to
x509_store?
Thanks.
--
Amicalement
Fatma
Hi
I need to cross-compile openSSL when my host is "i686-pc-linux-gnu" and
the target is "mips64-octeon-linux-gnu"?
On the ./Configure oprions I don't see any matching platform
Thank you
Naaama Bar-Menachem
Software Engineer, R&D
On 11/2/2010 6:25 PM, Md Lazreg wrote:
r=select(m_sock_fd + 1, &fds, 0, 0, ptv);
if (r <= 0 && (Errno == EAGAIN || Errno == EINTR))/*if we timed
out with EAGAIN try again*/
{
r = 1;
}
This code is broken. If 'select' returns zero, checking errno
On Wed, Nov 03, 2010, Alexei Soloview wrote:
> Hello!
>
> I have read earlier messages about support of RSA-PSS, but I'm confused.
>
> I'm trying to verify certificate that signed using RSA-PSS. OpenSSL version
> is 1.0.0a.
>
PSS certificate signatures are not supported in OpenSSL 1.0.0a. Curr
Hello!
I have read earlier messages about support of RSA-PSS, but I'm confused.
I'm trying to verify certificate that signed using RSA-PSS. OpenSSL version
is 1.0.0a.
==
X509_STORE_CTX cert_ctx;
X509_STO
20 matches
Mail list logo