I am using OCSP software which pre-signs all certificate information.
Therefor if a nonce check is requested, my responders are not able to
provide the nonce back.
Knowing this I grabbed apache 2.4.4 from source and modified
"/usr/local/src/httpd-2.4.4/modules/ssl/ssl_engine_ocsp.c"
I commente
I am using OCSP software which pre-signs all certificate information.
Therefor if a nonce check is requested, my responders are not able to
provide the nonce back.
Knowing this I grabbed apache 2.4.4 from source and modified
"/usr/local/src/httpd-2.4.4/modules/ssl/ssl_engine_ocsp.c"
I commented
On Wed, Apr 24, 2013, Alan Kozlay wrote:
> OpenSSL Team,
>
> Compiled for Android:
> OpenSSL 1.0.1e
> FIPS Module 2.0.3.
>
> I've created an Engine for PKCS#11 to perform RSA operations.
> It works when OpenSSL is used for TLS/SSL in both FIPS and non-FIPS mode.
> It works when OpenSSL is used f
Hi,
W dniu 24.04.2013 17:36, Dr. Stephen Henson pisze:
On Mon, Apr 22, 2013, Krzysztof Benedyczak wrote:
Hi Openssl Developers,
Since openssl 1.0.0 a new subject hash is used, i.e. the output of the
openssl x509 -subject_hash ...
has changed. The old one was quite easy to decipher and commo
-Original Message-
From: Venkataragavan Narayanaswamy
Sender: owner-openssl-us...@openssl.org
Date: Tue, 23 Apr 2013 00:29:17
To: openssl-dev@openssl.org;
openssl-us...@openssl.org
Reply-To: openssl-us...@openssl.org
Subject: MD5 in openSSL internals
Hi,
We are currently analyzing an
OpenSSL Team,
Compiled for Android:
OpenSSL 1.0.1e
FIPS Module 2.0.3.
I've created an Engine for PKCS#11 to perform RSA operations.
It works when OpenSSL is used for TLS/SSL in both FIPS and non-FIPS mode.
It works when OpenSSL is used for PKCS_sign in non-FIPS mode but not in FIPS
mode.
I see
I can't get the 1.0.1e SSL library to build when I specify the following config
options:
shared no-ec2m no-idea no-krb5 no-mdc2 no-rc5 no-tlsext -DOPENSSL_IA32_SSE2
First I get warnings:
s3_srvr.c: warning: implicit declaration of function
'ssl_check_clienthello_tlsext_late'
s3_srvr.c: warning
On Mon, Apr 22, 2013, Krzysztof Benedyczak wrote:
> Hi Openssl Developers,
>
> Since openssl 1.0.0 a new subject hash is used, i.e. the output of the
>
> openssl x509 -subject_hash ...
>
> has changed. The old one was quite easy to decipher and commonly
> known (part of the MD5 hash of the bin