Re: ECDSA signature verification
On Mon, 2009-01-19 at 11:22 +, Young, Alistair wrote: * is it possible to define our own curves (rather than using one of the predefined curves)? if you want to play with your EC, check crypto/ec/ectest.c if you want to add a new curve to openssl, have a look at crypto/ec/ec_curve.c, crypto/objects/object.txt I opened a thread in openssl-dev: Adding an EC to OpenSSL. * how configurable is the hashing step? I see that there are parameters like -ecdsa-with-SHA1 - can arbitrary hashing functions be used? there is only sha1. You have to add more EVP, I think... OpenSSL 0.9.9 is required for public-key EVP. * where can I find some good (= simple!) documentation on using OpenSSL for this task. I've not had much luck finding anything relevant in the man page. source code? ECDSA has also doxygen comments :-) bye! -- Emanuele Cesena emanuele.ces...@gmail.com http://ecesena.dyndns.org Il corpo non ha ideali __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: ECDSA signature verification
Thank you, Emanuele. We really need to use the FIPS version of OpenSSL, so updating the code isn't a possiblity. However, looking into the source it looks as though all of the functions that we need are there, so hopefully we can get the functionality we require by writing a bit of code ourselves which links to the FIPS library. Regards, Alistair. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Emanuele Cesena Sent: 23 January 2009 08:24 To: openssl-users@openssl.org Subject: Re: ECDSA signature verification On Mon, 2009-01-19 at 11:22 +, Young, Alistair wrote: * is it possible to define our own curves (rather than using one of the predefined curves)? if you want to play with your EC, check crypto/ec/ectest.c if you want to add a new curve to openssl, have a look at crypto/ec/ec_curve.c, crypto/objects/object.txt I opened a thread in openssl-dev: Adding an EC to OpenSSL. * how configurable is the hashing step? I see that there are parameters like -ecdsa-with-SHA1 - can arbitrary hashing functions be used? there is only sha1. You have to add more EVP, I think... OpenSSL 0.9.9 is required for public-key EVP. * where can I find some good (= simple!) documentation on using OpenSSL for this task. I've not had much luck finding anything relevant in the man page. source code? ECDSA has also doxygen comments :-) bye! -- Emanuele Cesena emanuele.ces...@gmail.com http://ecesena.dyndns.org Il corpo non ha ideali __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Please help Logica to respect the environment by not printing this email / Merci d'aider Logica à préserver l'environnement en évitant d'imprimer ce mail / Bitte drucken Sie diese Nachricht nicht aus und helfen Sie so Logica dabei die Umwelt zu schuetzen / Por favor ajude a Logica a respeitar o ambiente não imprimindo este correio electrónico. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: ECDSA signature verification
... though I notice that the Security Policy document does not explicitly mention ECDSA in the table of FIPS approved algorithms. It does mention DSA with 1024-bit keys (but has a confusing footnote which states that DSA supports a key size of less than 1024 bits except when not in FIPS mode - is there an extra 'not' in this statement?), but that perhaps doesn't cover ECDSA. Alistair. -Original Message- From: Young, Alistair Sent: 23 January 2009 10:13 To: 'openssl-users@openssl.org' Subject: RE: ECDSA signature verification Thank you, Emanuele. We really need to use the FIPS version of OpenSSL, so updating the code isn't a possiblity. However, looking into the source it looks as though all of the functions that we need are there, so hopefully we can get the functionality we require by writing a bit of code ourselves which links to the FIPS library. Regards, Alistair. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Emanuele Cesena Sent: 23 January 2009 08:24 To: openssl-users@openssl.org Subject: Re: ECDSA signature verification On Mon, 2009-01-19 at 11:22 +, Young, Alistair wrote: * is it possible to define our own curves (rather than using one of the predefined curves)? if you want to play with your EC, check crypto/ec/ectest.c if you want to add a new curve to openssl, have a look at crypto/ec/ec_curve.c, crypto/objects/object.txt I opened a thread in openssl-dev: Adding an EC to OpenSSL. * how configurable is the hashing step? I see that there are parameters like -ecdsa-with-SHA1 - can arbitrary hashing functions be used? there is only sha1. You have to add more EVP, I think... OpenSSL 0.9.9 is required for public-key EVP. * where can I find some good (= simple!) documentation on using OpenSSL for this task. I've not had much luck finding anything relevant in the man page. source code? ECDSA has also doxygen comments :-) bye! -- Emanuele Cesena emanuele.ces...@gmail.com http://ecesena.dyndns.org Il corpo non ha ideali __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Please help Logica to respect the environment by not printing this email / Merci d'aider Logica à préserver l'environnement en évitant d'imprimer ce mail / Bitte drucken Sie diese Nachricht nicht aus und helfen Sie so Logica dabei die Umwelt zu schuetzen / Por favor ajude a Logica a respeitar o ambiente não imprimindo este correio electrónico. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
How to check Server certificate and signature?
Dear All, I have one doubt how to check the signature. And I saw server is sending the server certificate, can we check this certificate or what is use of this(certificate come from server side) certificate. In peer verification, at client side checking the system time, which is lying in the range of time given in CA certificate. If we will give wrong time(which is lying in between range of time in CA certificate ) instead of current time of system then also it is working. So I have doubt can we remove this issue or it will check server time also. Please tell me. Thank you. Regards, --Ajeet Kumar Singh
Re: How to check Server certificate and signature?
I'm not sure what you're trying to ask/say here, but have you looked into the OPENSSL verify callbacks? ( http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html ) On Fri, Jan 23, 2009 at 12:11 PM, Ajeet kumar.S ajeetkuma...@jasmin-infotech.com wrote: Dear All, I have one doubt how to check the signature. And I saw server is sending the server certificate, can we check this certificate or what is use of this(certificate come from server side) certificate. In peer verification, at client side checking the system time, which is lying in the range of time given in CA certificate. If we will give wrong time(which is lying in between range of time in CA certificate ) instead of current time of system then also it is working. So I have doubt can we remove this issue or it will check server time also. Please tell me. Thank you. Regards, --Ajeet Kumar Singh -- Met vriendelijke groeten / Best regards, Ger Hobbelt -- web:http://www.hobbelt.com/ http://www.hebbut.net/ mail: g...@hobbelt.com mobile: +31-6-11 120 978 -- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Make test failed for Fips Capable openssl 9.8J
On Fri, Jan 23, 2009, rajan chittil wrote: Hi , I have gone through security policy ( http://www.openssl.org/docs/fips/SecurityPolicy-1.2.pdf) and user guide.( http://www.openssl.org/docs/fips/UserGuide-1.2.pdf). I have changed the configuration option to 1. opensslfips1.2 ./config fipscanisterbuild make 2. openssl 9.8j ./Configure -DSSL_ALLOW_ADH --prefix=/usr --openssldir=/var/ssl --with-fipslibdir=/home/rajan/openssl/opensslfips1.2/fips64/openssl-fips-1.2/fips fips no-idea no-rc5 no-ec no-symlinks shared threads aix64-xlc_r make make test But still i am getting the same error test SSL protocol test ssl3 is forbidden in FIPS mode 508008:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: test ssl2 is forbidden in FIPS mode 508010:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: test tls1 508012:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: make: The error code from the last command is 1. Stop. make: The error code from the last command is 2. Stop. But i have tested ./fips_test_suite it work fine $ ./fips_test_suite FIPS-mode test application 1. Non-Approved cryptographic operation test... a. Included algorithm (D-H)...successful 2. Automatic power-up self test...successful 3. AES encryption/decryption...successful 4. RSA key generation and encryption/decryption...successful 5. DES-ECB encryption/decryption...successful 6. DSA key generation and signature validation...successful 7a. SHA-1 hash...successful 7b. SHA-256 hash...successful 7c. SHA-512 hash...successful 7d. HMAC-SHA-1 hash...successful 7e. HMAC-SHA-224 hash...successful 7f. HMAC-SHA-256 hash...successful 7g. HMAC-SHA-384 hash...successful 7h. HMAC-SHA-512 hash...successful 8. Non-Approved cryptographic operation test... a. Included algorithm (D-H)...successful as expected 9. Zero-ization... Generated 128 byte RSA private key BN key before overwriting: 77eed34099e0d0dc56d316727fd2217c3bc0f6409bc1cd12ffdb427101218787e5bcc0013f58d1633b3f8934c1cf65a05744701fefc80dd92ac7ac4e88ff91ae18c5dda39e77257e3be162cda8f252dfca19dc3998af38b6de90c766295dfd74db93ea66333f3c91c35d8958292f205a6d89d4332f913f21fb6756179008ef29 BN key after overwriting: 5171b0a563d968222705431c1abf13bef9780e38a28817d7a36c953d18179e2330ee87d363b8154e2d268eb5aed447bd6419da455d390ce70891bf0512360721e0be0e44c32489e1c975436fa752460397a8e921a0ad64eee7200abe57c2807925edc105a5233da59dd7b4a26a675a2683d5cbee2d87f02fefbfaab5c355e264 char buffer key before overwriting: 4850f0a33aedd3af6e477f8302b10968 char buffer key after overwriting: 96a916306b46b3d4189fa6d1b04a4ed9 successful as expected All tests completed with 0 errors $ ./fips_test_suite aes FIPS-mode test application AES encryption/decryption with corrupted KAT... ERROR:2d06e065:lib=45,func=110,reason=101:file=fips_aes_selftest.c:line=98: Power-up self test failed $ ./fips_test_suite sha1 FIPS-mode test application SHA-1 hash with corrupted KAT... ERROR:2d073065:lib=45,func=115,reason=101:file=fips_sha1_selftest.c:line=90: Power-up self test failed This things work fine. Can You please tell me where i am going wrong. Try building without the shared option and see if that works. Also make sure the system type is consistent between the two builds... in the FIPS directory do: ./config -t and ensure you use that type for the 0.9.8j build. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: How to check Server certificate and signature?
Dear All, Thank you Ger Hobbelt for your help. I want to validate only the signature of the server certificate. For example in peer verification, ssl will check time of client system(6:28PM 23 Jan 2009) to Ca root certificate validity time after client hello process. Validity Not Before: Aug 1 00:00:00 1996 GMT Not After : Dec 31 23:59:59 2020 GMT If in our application code I don't want to validate with system Time To validity period of time(Not Before and Not After). I want to validate to signature of the server certificate. Can I validate to signature of server certificate. Please reply me. Thank you. Regards, --Ajeet Kumar Singh
Re: Make test failed for Fips Capable openssl 9.8J
I have done as you told but still no success In the openssl fips 1.2 , # ./config -t Operating system: 00C3E1AD4C00-ibm-aix Configuring for aix64-cc /usr/bin/perl ./Configure aix64-cc same option i have given in openssl 9.8j ./Configure -DSSL_ALLOW_ADH --prefix=/usr --openssldir=/var/ssl --with-fipslibdir=/home/joshi/openssl-fips-1.2/fips fips no-idea no-rc5 no-ec no-symlinks threads aix64-cc when i done this export OPENSSL_FIPS=1 # ../apps/openssl 495854:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: Please Help Rajan On Fri, Jan 23, 2009 at 5:44 PM, Dr. Stephen Henson st...@openssl.orgwrote: On Fri, Jan 23, 2009, rajan chittil wrote: Hi , I have gone through security policy ( http://www.openssl.org/docs/fips/SecurityPolicy-1.2.pdf) and user guide.( http://www.openssl.org/docs/fips/UserGuide-1.2.pdf). I have changed the configuration option to 1. opensslfips1.2 ./config fipscanisterbuild make 2. openssl 9.8j ./Configure -DSSL_ALLOW_ADH --prefix=/usr --openssldir=/var/ssl --with-fipslibdir=/home/rajan/openssl/opensslfips1.2/fips64/openssl-fips-1.2/fips fips no-idea no-rc5 no-ec no-symlinks shared threads aix64-xlc_r make make test But still i am getting the same error test SSL protocol test ssl3 is forbidden in FIPS mode 508008:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: test ssl2 is forbidden in FIPS mode 508010:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: test tls1 508012:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: make: The error code from the last command is 1. Stop. make: The error code from the last command is 2. Stop. But i have tested ./fips_test_suite it work fine $ ./fips_test_suite FIPS-mode test application 1. Non-Approved cryptographic operation test... a. Included algorithm (D-H)...successful 2. Automatic power-up self test...successful 3. AES encryption/decryption...successful 4. RSA key generation and encryption/decryption...successful 5. DES-ECB encryption/decryption...successful 6. DSA key generation and signature validation...successful 7a. SHA-1 hash...successful 7b. SHA-256 hash...successful 7c. SHA-512 hash...successful 7d. HMAC-SHA-1 hash...successful 7e. HMAC-SHA-224 hash...successful 7f. HMAC-SHA-256 hash...successful 7g. HMAC-SHA-384 hash...successful 7h. HMAC-SHA-512 hash...successful 8. Non-Approved cryptographic operation test... a. Included algorithm (D-H)...successful as expected 9. Zero-ization... Generated 128 byte RSA private key BN key before overwriting: 77eed34099e0d0dc56d316727fd2217c3bc0f6409bc1cd12ffdb427101218787e5bcc0013f58d1633b3f8934c1cf65a05744701fefc80dd92ac7ac4e88ff91ae18c5dda39e77257e3be162cda8f252dfca19dc3998af38b6de90c766295dfd74db93ea66333f3c91c35d8958292f205a6d89d4332f913f21fb6756179008ef29 BN key after overwriting: 5171b0a563d968222705431c1abf13bef9780e38a28817d7a36c953d18179e2330ee87d363b8154e2d268eb5aed447bd6419da455d390ce70891bf0512360721e0be0e44c32489e1c975436fa752460397a8e921a0ad64eee7200abe57c2807925edc105a5233da59dd7b4a26a675a2683d5cbee2d87f02fefbfaab5c355e264 char buffer key before overwriting: 4850f0a33aedd3af6e477f8302b10968 char buffer key after overwriting: 96a916306b46b3d4189fa6d1b04a4ed9 successful as expected All tests completed with 0 errors $ ./fips_test_suite aes FIPS-mode test application AES encryption/decryption with corrupted KAT... ERROR:2d06e065:lib=45,func=110,reason=101:file=fips_aes_selftest.c:line=98: Power-up self test failed $ ./fips_test_suite sha1 FIPS-mode test application SHA-1 hash with corrupted KAT... ERROR:2d073065:lib=45,func=115,reason=101:file=fips_sha1_selftest.c:line=90: Power-up self test failed This things work fine. Can You please tell me where i am going wrong. Try building without the shared option and see if that works. Also make sure the system type is consistent between the two builds... in the FIPS directory do: ./config -t and ensure you use that type for the 0.9.8j build. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: ECDSA signature verification
On Fri, 2009-01-23 at 10:13 +, Young, Alistair wrote: We really need to use the FIPS version of OpenSSL, so updating the code isn't a possiblity. ah ok, so maybe you can just skip EVP. bye! -- Emanuele Cesena emanuele.ces...@gmail.com http://ecesena.dyndns.org Il corpo non ha ideali __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: ECDSA signature verification
On Fri, Jan 23, 2009, Young, Alistair wrote: ... though I notice that the Security Policy document does not explicitly mention ECDSA in the table of FIPS approved algorithms. It does mention DSA with 1024-bit keys (but has a confusing footnote which states that DSA supports a key size of less than 1024 bits except when not in FIPS mode - is there an extra 'not' in this statement?), but that perhaps doesn't cover ECDSA. That is correct, ECDSA is not an approved algorithm in FIPS mode. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl-fips 1.2 questions
Steve Marquess marqu...@oss-institute.org wrote: Stunnel has official FIPS mode support. I'm working on some fixes to cleanly compile stunnel with openssl-fips 1.2. Unfortunately it looks like fipsld is no longer installed during the openssl-fips installation process. Can you confirm it? Is there a recommended way to find fipsld in ./configure script? TIA, Michal Trojnara __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to check Server certificate and signature?
Okay, so if I get this right, you're saying you want to verify the server certificate BUT you do NOT want to check it's activation date / expiry date (i.e. the time range over which the certificate is valid)? I'll forego the very bad security implications of such a wish (those time ranges are there for a reason, after all), you can do such a thing by providing your own certificate validation callback which does forego the time checks. You can register such a callback using the methods I mentioned before. For an example verify callback, see the OpenSSL apps/verify.c source code (this is off the top of my head; I may be wrong with the filename, but the apps/ directory contains several sample applications which showcase server- and client-cert verify callbacks; search the apps/*.c code for places where those registration methods are called and you'll be able to track down the verify callbacks from there. I'll see if I can provide a little more detail this evening, but that depends very much on what others have planned for me once I get home ;-) Anyway, cave canem: from what I read in your request you are treading dangerous security ground. So far, Ger On Fri, Jan 23, 2009 at 2:07 PM, Ajeet kumar.S ajeetkuma...@jasmin-infotech.com wrote: Dear Ger Hobbelt, Thank you for your help and Time. I want to validate only the signature of the server certificate. For example in peer verification, ssl will check time of client system(6:28PM 23 Jan 2009) to Ca root certificate validity time after client hello process. Validity Not Before: Aug 1 00:00:00 1996 GMT Not After : Dec 31 23:59:59 2020 GMT If in our application code I don't want to validate with system Time To validity period of time(Not Before and Not After). I want to validate to signature of the server certificate. Can I validate to signature of server certificate. Please reply me. Thank you. Regards, --Ajeet Kumar Singh -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Ger Hobbelt Sent: Friday, January 23, 2009 5:04 PM To: openssl-users@openssl.org Subject: Re: How to check Server certificate and signature? I'm not sure what you're trying to ask/say here, but have you looked into the OPENSSL verify callbacks? ( http://www.openssl.org/docs/ssl/SSL_CTX_set_verify.html ) On Fri, Jan 23, 2009 at 12:11 PM, Ajeet kumar.S ajeetkuma...@jasmin-infotech.com wrote: Dear All, I have one doubt how to check the signature. And I saw server is sending the server certificate, can we check this certificate or what is use of this(certificate come from server side) certificate. In peer verification, at client side checking the system time, which is lying in the range of time given in CA certificate. If we will give wrong time(which is lying in between range of time in CA certificate ) instead of current time of system then also it is working. So I have doubt can we remove this issue or it will check server time also. Please tell me. Thank you. Regards, --Ajeet Kumar Singh -- Met vriendelijke groeten / Best regards, Ger Hobbelt -- web:http://www.hobbelt.com/ http://www.hebbut.net/ mail: g...@hobbelt.com mobile: +31-6-11 120 978 -- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Met vriendelijke groeten / Best regards, Ger Hobbelt -- web:http://www.hobbelt.com/ http://www.hebbut.net/ mail: g...@hobbelt.com mobile: +31-6-11 120 978 -- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: force 32-bit fips
All, I am trying to build OpenSSL-fips-1.2 on a Solaris 10 machine with Sun Studio 8 and force it to build 32-bit objects. Is there a way I can do that without changing the makefile and thus violating the fips validation? I'm not specifically familiar with 64-bit Solaris, but I know that 64-bit Linux has a way to set its 'personality' to 32-bit and cause automatic detection schemes to see it as a 32-bit machine. But if you really need FIPS, you shouldn't screw around. Build it on a 32-bit machine if it's going to be used on a 32-bit machine. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: ECDSA signature verification
-Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: 23 January 2009 13:07 To: openssl-users@openssl.org Subject: Re: ECDSA signature verification On Fri, Jan 23, 2009, Young, Alistair wrote: ... though I notice that the Security Policy document does not explicitly mention ECDSA in the table of FIPS approved algorithms. It does mention DSA with 1024-bit keys (but has a confusing footnote which states that DSA supports a key size of less than 1024 bits except when not in FIPS mode - is there an extra 'not' in this statement?), but that perhaps doesn't cover ECDSA. That is correct, ECDSA is not an approved algorithm in FIPS mode. Steve. Thanks for confirming this for me, Steve. Off the top of your head, are you aware of any ECDSA implementations which have been FIPS validated? Alistair. Please help Logica to respect the environment by not printing this email / Merci d'aider Logica à préserver l'environnement en évitant d'imprimer ce mail / Bitte drucken Sie diese Nachricht nicht aus und helfen Sie so Logica dabei die Umwelt zu schuetzen / Por favor ajude a Logica a respeitar o ambiente não imprimindo este correio electrónico. This e-mail and any attachment is for authorised use by the intended recipient(s) only. It may contain proprietary material, confidential information and/or be subject to legal privilege. It should not be copied, disclosed to, retained or used by, any other party. If you are not an intended recipient then please promptly delete this e-mail and any attachment and all copies and inform the sender. Thank you. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl-fips 1.2 questions
I have doubt regarding fips . If i have an application which enter into the fips mode , will that make crypto lib into the fips mode and rest of the application will also be in fips mode . in other word whether fips mode is at system level or application level. Thanks Joshi On Fri, Jan 23, 2009 at 7:24 PM, Michal Trojnara michal.trojn...@mobi-com.net wrote: Steve Marquess marqu...@oss-institute.org wrote: Stunnel has official FIPS mode support. I'm working on some fixes to cleanly compile stunnel with openssl-fips 1.2. Unfortunately it looks like fipsld is no longer installed during the openssl-fips installation process. Can you confirm it? Is there a recommended way to find fipsld in ./configure script? TIA, Michal Trojnara __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Regards Joshi Chandran
Re: DTLS server implementation experiences and documentation
On Thu, 22 Jan 2009 06:10:36 +0100, Robin Seggelmann seggelm...@fh-muenster.de said: RS As a workaround you can use connected UDP sockets. Just use accept() RS and connect() as you would with TCP connections and create new BIO and RS SSL objects for every connection. I have tested that and it works RS pretty well so far. And that prevents OpenSSL from reading too much data from the socket? If so, that's certainly a good thing. -- In the bathtub of history the truth is harder to hold than the soap, and much more difficult to find. -- Terry Pratchett __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
certificate verification failed for postfix relayhost
-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi list ! I run debian lenny/sid and postfix is my MTA . My relayhost uses a selfsigned CA certificate which i have imported as /etc/ssl/certs/myisp.crt and linked as /usr/share/ca-certificate/myisp.pem and in postfix as /etc/postfix/CA/myisp.pem In postfix configuration i have: smtpd_tls_CApath = /etc/postfix/CA/ and i have my selfsigned CA cert on itself in /etc/postfic/ssl/cacert.pem , after this i'm still getting these warnings in mail.log: Jan 10 00:41:58 mail postfix/smtp[10404]: certificate verification failed for smtp.myisp[111.222.222.999]:587: untrusted issuer /C=NO/O=MyISP/CN=MyISP Certification Authority/emailaddress...@myisp Should i stick both cerificates on one big file.pem in postfix like smtpd_tls_CAfile = /etc/postfix/ssl/file.pem or there is another way to make postfix successfully verify my isp CA ? Thanks ! Gab - -- sec 1024D/80231A90 2008-07-01 Key fingerprint = 54AC C632 B35E FB9B 6D9F 108D DBE6 5425 8023 1A90 uid Gabriele Lost Adm (Chiave ufficiale Gabrix.ath.cx,ok?) ad...@gabrix.ath.cx uid [jpeg image of size 2989] ssb 4096g/550632FD 2008-07-01 -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEAREKAAYFAkl5cRMACgkQ2+ZUJYAjGpDLmQCfX9GPFsow5gI2m+h3YwwfskG4 Z7cAoLf5ZMCPKG8ETMXnYejPpIGPGPLI =FA3Y -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
controlling re-negotiation on TLS client
Hello, I develop an application with TLS client functionality. I use SSL_set_connect_state() to put openssl to client mode. Is there any possibility how to reject re-negotiation request from server. Now SSL_read() handles re-negotiation transparently and accept that. I'd like to have more control over re-negotiations. Thanks in advance for your advices. Regards, Jirka __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Errors when compiling on AIX
Hello, I'm receiving the following error when compiling on AIX with XLC using the openssl-SNAP-20090123. I receive the same error when compiling 64bit. cc -I.. -I../.. -I../asn1 -I../evp -I../../include -DOPENSSL_THREADS -qt hreaded -DDSO_DLFCN -DHAVE_DLFCN_H -q32 -O -DB_ENDIAN -qmaxmem=16384 -qro -qroco nst -DSHA1_ASM -DSHA256_ASM -DAES_ASM -c bn_nist.c^M bn_nist.c, line 390.9: 1506-1300 (W) The subscript -6 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 390.9: 1506-1300 (W) The subscript -5 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 392.9: 1506-1300 (W) The subscript -6 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 392.9: 1506-1300 (W) The subscript -5 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 484.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 484.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 484.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 486.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 486.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 486.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 486.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 490.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 490.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 490.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 490.9: 1506-1300 (W) The subscript -7 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 587.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 587.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 587.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 589.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 589.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 589.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 589.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 607.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 607.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 607.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 613.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 613.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 613.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 616.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 616.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 619.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line 622.9: 1506-1300 (W) The subscript -8 is less than zero. The s ubscript of an array should be greater than or equal to zero.^M bn_nist.c, line
Re: certificate verification failed for postfix relayhost
On Fri, Jan 23, 2009 at 08:26:12AM +0100, gabrix wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Hi list ! I run debian lenny/sid and postfix is my MTA . My relayhost uses a selfsigned CA certificate which i have imported as /etc/ssl/certs/myisp.crt and linked as /usr/share/ca-certificate/myisp.pem and in postfix as /etc/postfix/CA/myisp.pem In postfix configuration i have: smtpd_tls_CApath = /etc/postfix/CA/ Did you run the OpenSSL c_rehash(1) utility? and i have my selfsigned CA cert on itself in /etc/postfic/ssl/cacert.pem , after this i'm still getting these warnings in mail.log: Jan 10 00:41:58 mail postfix/smtp[10404]: certificate verification failed for smtp.myisp[111.222.222.999]:587: untrusted issuer /C=NO/O=MyISP/CN=MyISP Certification Authority/emailaddress...@myisp Should i stick both cerificates on one big file.pem in postfix like smtpd_tls_CAfile = /etc/postfix/ssl/file.pem That would work. or there is another way to make postfix successfully verify my isp CA ? Or use c_rehash(1), but be aware that it is not atomic and CA certs may briefly disappear while c_rehash(1) is running. It is possible to fix the c_rehash(1) Perl script to be atomic, but nobody has done that yet... -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Make test failed for Fips Capable openssl 9.8J
Dr. Stephen Henson st...@openssl.org wrote: On Fri, Jan 23, 2009, rajan chittil wrote: Hi , I have gone through security policy ( http://www.openssl.org/docs/fips/SecurityPolicy-1.2.pdf) and user guide.( http://www.openssl.org/docs/fips/UserGuide-1.2.pdf). I have changed the configuration option to 1. opensslfips1.2 ./config fipscanisterbuild make 2. openssl 9.8j ./Configure -DSSL_ALLOW_ADH --prefix=/usr --openssldir=/var/ssl --with-fipslibdir=/home/rajan/openssl/opensslfips1.2/fips64/openssl-fips-1.2/fips fips no-idea no-rc5 no-ec no-symlinks shared threads aix64-xlc_r make make test But still i am getting the same error test SSL protocol test ssl3 is forbidden in FIPS mode 508008:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: test ssl2 is forbidden in FIPS mode 508010:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: test tls1 508012:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: make: The error code from the last command is 1. Stop. make: The error code from the last command is 2. Stop. But i have tested ./fips_test_suite it work fine $ ./fips_test_suite FIPS-mode test application 1. Non-Approved cryptographic operation test... a. Included algorithm (D-H)...successful 2. Automatic power-up self test...successful 3. AES encryption/decryption...successful 4. RSA key generation and encryption/decryption...successful 5. DES-ECB encryption/decryption...successful 6. DSA key generation and signature validation...successful 7a. SHA-1 hash...successful 7b. SHA-256 hash...successful 7c. SHA-512 hash...successful 7d. HMAC-SHA-1 hash...successful 7e. HMAC-SHA-224 hash...successful 7f. HMAC-SHA-256 hash...successful 7g. HMAC-SHA-384 hash...successful 7h. HMAC-SHA-512 hash...successful 8. Non-Approved cryptographic operation test... a. Included algorithm (D-H)...successful as expected 9. Zero-ization... Generated 128 byte RSA private key BN key before overwriting: 77eed34099e0d0dc56d316727fd2217c3bc0f6409bc1cd12ffdb427101218787e5bcc0013f58d1633b3f8934c1cf65a05744701fefc80dd92ac7ac4e88ff91ae18c5dda39e77257e3be162cda8f252dfca19dc3998af38b6de90c766295dfd74db93ea66333f3c91c35d8958292f205a6d89d4332f913f21fb6756179008ef29 BN key after overwriting: 5171b0a563d968222705431c1abf13bef9780e38a28817d7a36c953d18179e2330ee87d363b8154e2d268eb5aed447bd6419da455d390ce70891bf0512360721e0be0e44c32489e1c975436fa752460397a8e921a0ad64eee7200abe57c2807925edc105a5233da59dd7b4a26a675a2683d5cbee2d87f02fefbfaab5c355e264 char buffer key before overwriting: 4850f0a33aedd3af6e477f8302b10968 char buffer key after overwriting: 96a916306b46b3d4189fa6d1b04a4ed9 successful as expected All tests completed with 0 errors $ ./fips_test_suite aes FIPS-mode test application AES encryption/decryption with corrupted KAT... ERROR:2d06e065:lib=45,func=110,reason=101:file=fips_aes_selftest.c:line=98: Power-up self test failed $ ./fips_test_suite sha1 FIPS-mode test application SHA-1 hash with corrupted KAT... ERROR:2d073065:lib=45,func=115,reason=101:file=fips_sha1_selftest.c:line=90: Power-up self test failed This things work fine. Can You please tell me where i am going wrong. Try building without the shared option and see if that works. Also make sure the system type is consistent between the two builds... in the FIPS directory do: ./config -t and ensure you use that type for the 0.9.8j build. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ;-)HOWDY COWBOYS COWGIRLS i get all your e-mail all the time every day, i develo web ages, excuse my daughters com uter it doesnt have the letter thats missing, anyway i must get at least12 mails a day about your develo ing secure info and netsca e develo ment. sssi etc. dont send them anymore, i know you use lists, take my adress off. thanx from bob in the usa! and GOD bless all!
Re: DTLS server implementation experiences and documentation
Hello David, I wonder if you could give out a reference on how to establish a VPN using DTLS or to tell how to do so. Kind regards, GLG On Thu, Jan 22, 2009 at 7:47 AM, David Woodhouse dw...@infradead.org wrote: On Thu, 2009-01-22 at 06:10 +0100, Robin Seggelmann wrote: To avoid getting into trouble with already fixed bugs you should apply the patches I sent to the dev list. I'll set up a website with a patch collection and some instructions soon. Is there anyone who actually cares about DTLS and getting patches applied? I've had patches to make OpenSSL capable of talking to production servers out there in the wild, which use the OpenSSL-specific pre-RFC version of DTLS and I've been able to write a complete VPN client along with NetworkManager support, and get it into Linux distributions, in the time it's taken to get the patch into OpenSSL... and I'm still waiting... It's getting to the point where I wonder if it would be quicker and easier just to reimplement DTLS in GNUTLS and use that.
Re: no shared cipher error
Thanks everyone for the help, I think I am getting closer. All of the SSL has been removed from the listener (makes much more sense to me now), and the Init routine has had CRYPTO_malloc_init() and ENGINE_load_builtin_engines() added (it already had the other basic routines). When I use my client to connect to s_server, everything works. When I try to use s_client to connect to my server, I get a few errors: verify error:num=18:self signed certificate 9083:error:1407F0E5:SSL routines:SSL2_WRITE:ssl handshake failure... This is happening on the SSL_accept, everything up until that point seems to be OK. Both sides are using TLS1. The certificate and key were just generated for testing purposes, we'll be using something else in production but I don't have access to all that right now. I believe I should be able to get this working with just the quick/dirty key and cert. Any insight is appreciated. Thanks On Thu, Jan 22, 2009 at 7:07 PM, Victor Duchovni victor.ducho...@morganstanley.com wrote: On Thu, Jan 22, 2009 at 08:51:20PM -0500, Dave Thompson wrote: Except as noted above, this sounds reasonable. I assume you realize that ALL includes, and could possibly negotiate, some weak ciphers; but since you're explicitly adding eNULL you apparently don't care. It certainly should be able to negotiate SOMETHING. Also, before 0.9.9, ALL may not be properly ordered by default, it really is safer to use: a...@strength if one wants to use aNULL ciphers whenever mutually acceptable (i.e. nobody is checking certificates anyway), then: aNULL:ALL:@STRENGTH is needed to put the aNULL (aka ADH) ciphers first (within each bit strength category). -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: generating private and public key with alias
From: Miguel [mailto:m...@moviquity.com] Sent: Friday, 23 January, 2009 02:40 To: dave.thomp...@princetonpayments.com Subject: RE: generating private and public key with alias It's better to reply on the list so that others can check me; added back. so to generate the CA private Key, can I do it like this way? prviate: openssl dsaparam -genkey 1024 -out dsaprivatekey.pem Yes. (Assuming you want a new 1024-bit DSA key in a new group.) public: openssl req -new -x509 -days 1001 -key dsaprivatekey.pem -out ca.cert although, if this is a self signed certificate, which one would be the public? I'm not sure what your question is here. The publickey is _generated_ with the privatekey, as part of the keypair. This step creates a certificate _containing_ the publickey. A certificate always contains a public key (for some entity), and often is itself published e.g. put on a directory server. Whether a certificate is selfsigned affects whether/how the relier decides to trust it, but not the fact it contains the publickey. Note that both openssl by default and keytool generate certificates that are NOT flagged as CA certs (in BasicConstraints, or KeyUsage). If you use this certkey in openssl ca to sign a child cert and then (attempt to) use it, _some_ verifiers may reject on the ground that the parent cert is not a valid CA cert. If your verifier is picky, you need to create the CA (selfsigned) cert using openssl req with a config file specifying the needed extensions; the distributed (and hopefully installed on your system) openssl.cnf is a good starting point and guide. and, how is the similar way to get the public and private key using keytool? At least as of recent Java (JRE) versions, keytool -genkeypair [-keyalg DSA -validity d -alias n -keystore f -storepass p] generates BOTH a DSA-1024 keypair AND a selfsigned cert for it (in one command) and puts them in the keystore under the alias. You can get a copy of the cert out (to a file, or stdout) with keytool -exportcert [-file f -alias n -keystore f -storepass p] . The default format is DER, which openssl can handle if you tell it, but a human cannot easily recognize; use -rfc to get PEM format, which is easier to look at, safer to transport in some situations, and the default for openssl. If you really want the publickey alone (not contained in a cert), openssl can extract it from the cert with openssl x509 -in cert [-inform DER] -noout -pubkey [ key.pem ] I believe the only way to get out the privatekey with keytool is to create a pkcs12-type keystore (separate from your normal one) and import the desired entry into that. But on my system at present this creates a p12 that neither openssl pkcs12 or keytool can recover -- at least not the shrouded-keybag portion, which is the important one. I may have a bad version of something but don't have time to investigate. I don't know of any standard/builtin Java utility that does CA functionality, i.e. uses a keycert to generate/sign child certs, so having a CA keycert in the Java keystore may be worthless. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Make test failed for Fips Capable openssl 9.8J
I have used aix64-cc compiler to build openssl fips 1.2 But since we have GPFS problem , we have to use xlc_r compiler to build openssl 9.8J .Since i am using xlc_r compiler it is not created validated module. Can you please tell me what all changes i need to do to build the openssl 9.8J by using xlc_r compiler . I have seen some are using some patch on Makefile.shared file etc. Can you please guide me . Thanks Rajan On Sat, Jan 24, 2009 at 3:47 AM, mail1...@tds.net wrote: Dr. Stephen Henson st...@openssl.org wrote: On Fri, Jan 23, 2009, rajan chittil wrote: Hi , I have gone through security policy ( http://www.openssl.org/docs/fips/SecurityPolicy-1.2.pdf) and user guide.( http://www.openssl.org/docs/fips/UserGuide-1.2.pdf). I have changed the configuration option to 1. opensslfips1.2 ./config fipscanisterbuild make 2. openssl 9.8j ./Configure -DSSL_ALLOW_ADH --prefix=/usr --openssldir=/var/ssl --with-fipslibdir=/home/rajan/openssl/opensslfips1.2/fips64/openssl-fips-1.2/fips fips no-idea no-rc5 no-ec no-symlinks shared threads aix64-xlc_r make make test But still i am getting the same error test SSL protocol test ssl3 is forbidden in FIPS mode 508008:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: test ssl2 is forbidden in FIPS mode 508010:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: test tls1 508012:error:2D06906E:FIPS routines:FIPS_CHECK_INCORE_FINGERPRINT:fingerprint does not match:fips.c:238: make: The error code from the last command is 1. Stop. make: The error code from the last command is 2. Stop. But i have tested ./fips_test_suite it work fine $ ./fips_test_suite FIPS-mode test application 1. Non-Approved cryptographic operation test... a. Included algorithm (D-H)...successful 2. Automatic power-up self test...successful 3. AES encryption/decryption...successful 4. RSA key generation and encryption/decryption...successful 5. DES-ECB encryption/decryption...successful 6. DSA key generation and signature validation...successful 7a. SHA-1 hash...successful 7b. SHA-256 hash...successful 7c. SHA-512 hash...successful 7d. HMAC-SHA-1 hash...successful 7e. HMAC-SHA-224 hash...successful 7f. HMAC-SHA-256 hash...successful 7g. HMAC-SHA-384 hash...successful 7h. HMAC-SHA-512 hash...successful 8. Non-Approved cryptographic operation test... a. Included algorithm (D-H)...successful as expected 9. Zero-ization... Generated 128 byte RSA private key BN key before overwriting: 77eed34099e0d0dc56d316727fd2217c3bc0f6409bc1cd12ffdb427101218787e5bcc0013f58d1633b3f8934c1cf65a05744701fefc80dd92ac7ac4e88ff91ae18c5dda39e77257e3be162cda8f252dfca19dc3998af38b6de90c766295dfd74db93ea66333f3c91c35d8958292f205a6d89d4332f913f21fb6756179008ef29 BN key after overwriting: 5171b0a563d968222705431c1abf13bef9780e38a28817d7a36c953d18179e2330ee87d363b8154e2d268eb5aed447bd6419da455d390ce70891bf0512360721e0be0e44c32489e1c975436fa752460397a8e921a0ad64eee7200abe57c2807925edc105a5233da59dd7b4a26a675a2683d5cbee2d87f02fefbfaab5c355e264 char buffer key before overwriting: 4850f0a33aedd3af6e477f8302b10968 char buffer key after overwriting: 96a916306b46b3d4189fa6d1b04a4ed9 successful as expected All tests completed with 0 errors $ ./fips_test_suite aes FIPS-mode test application AES encryption/decryption with corrupted KAT... ERROR:2d06e065:lib=45,func=110,reason=101:file=fips_aes_selftest.c:line=98: Power-up self test failed $ ./fips_test_suite sha1 FIPS-mode test application SHA-1 hash with corrupted KAT... ERROR:2d073065:lib=45,func=115,reason=101:file=fips_sha1_selftest.c:line=90: Power-up self test failed This things work fine. Can You please tell me where i am going wrong. Try building without the shared option and see if that works. Also make sure the system type is consistent between the two builds... in the FIPS directory do: ./config -t and ensure you use that type for the 0.9.8j build. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org [image: ;-)] HOWDY COWBOYS COWGIRLS i get all your e-mail all the time every day, i develo web ages, excuse my daughters com uter it doesnt have the letter thats missing, anyway i must get at least12 mails a day about your develo ing secure info and netsca e develo ment. sssi etc. dont send them anymore, i know you use