Hello,
I write an engine which shifts private key operations to a hardware
security module.
I face a problem concerning the key generation process. The keys are
stored in the hsm but
there exists an external reference file, like an keystore, which is used
to address the key in conjunction
with
Dr. Stephen Henson st...@openssl.org writes:
The OpenSSL DRBG implementation tests all variants during the POST
and also tests specific versions on instantiation. That includes an
extensive health check and a KAT. So in that sense there will be two
KATs before a reseed takes place but no KAT
On 08/18/2011 09:06 AM, Andreas Gruener wrote:
Hello,
I write an engine which shifts private key operations to a hardware security
module.
I face a problem concerning the key generation process. The keys are stored in
the hsm but
there exists an external reference file, like an keystore, which
It would be nice to be able to specify which source IP (may servers have
more than one) the command line openssl s_client command uses for a
connection.
Something like the -b syntax other commands use would be ideal.
It would be nice to be able to specify which source IP (may servers have
With the 20110815 snapshot I am getting a SegFault when trying to use CMAC. The
command I used is as follows:
[root@localhost bin]# ./openssl dgst -mac cmac -macopt cipher:aes128 -macopt
key:IZEASGTBPOIZEASG -c /lorum-ipsum.txt
Segmentation fault
Valgrind reports:
==27337== Invalid read of
I think that the following patch on 20110815 should resolve the segfault and
report the correct algorithm with cmac e.g.
[root@localhost bin]# ./openssl dgst -mac cmac -macopt cipher:aes256 -macopt
key:IZEASGTBPOIZEASGTBPOIZEASGTBPOIZ -c /lorum-ipsum.txt
CMAC-AES-256-CBC(/lorum-ipsum.txt)=
On 8/18/2011 2:58 AM, Mike Nosler via RT wrote:
Everything works fine on XP. The code stays in the second
BIO_do_accept() waiting for a connection, and sending an HTTPS request
from a browser causes BIO_do_accept() to return.
On 32-bit Vista Home Premium and 64-bit Windows 7, the second