I think you may call the function [X509 *SSL_get_peer_certificate(const SSL
*s)] to get a peer's certificate,
but you have freed this certificate.SSL_get_peer_certificate will increase the
reference count of this certificate and finally you will find that you haven't
freed this certificate's mem
Taking a different slant, is it possible to provide the "Entropy" using a
pass phrase. So a given pass phrase will always generate the same key
pair. This means that for simple applications no key store is required.
Much like password based (symmetric) encryption.
Any ideas as to how hard that
Thanks Harvey,
This seems to have worked as far as getting the .rodata section used. This
is what I see now:
001b5740 g O .rodata0010 FIPS_rodata_start
001b5750 l O .rodata0011 FIPS_hmac_key
001b57bc g O .rodata0036 FIPS_bn_version
001c1e08 g O .
Hi,
I'm experiencing a memory leak in my server code using openssl 1.0.0g
when a client with a self-signed cert tries to connect and is refused.
Valgrind's massif traces this back to ssl3_get_client_certificate()
at s3_srvr.c:2956, such as the following:
| ->10.77% (4,116,792B) 0x5364BC3: asn1_it
On Feb 16, 2012, at 9:22 AM, Kenneth Goldman wrote:
> Many laptops and desktops and some servers now come with a TPM chip,
> a free source of hardware random numbers.
Even aside from TPM or other HSMs, hardware random number generators have been
a common feature of PC motherboard chipsets for
On 02/17/2012 12:54 PM, Alex Chen wrote:
> Thanks for the information Jakob. I cannot find such module from OpenSSL
> source download page.
See
ftp://ftp.openssl.org/snapshot/openssl-fips-2.0-test-20120217.tar.gz
or
http://opensslfoundation.com/testing/validation-2.0/
Thanks for the information Jakob. I cannot find such module from OpenSSL
source download page.
Alex
On Feb 17, 2012, at 2:19 AM, Jakob Bohm wrote:
> On 2/16/2012 10:28 PM, Alex Chen wrote:
> > From what I saw in OpenSSL site and the user guide, the
> > FIPS object module is only compatible wit
Thank you very much. Recoded my test app for the EVP_Verify routines,
things are working as expected now.
Now back to making sense of all the key format (DER,PEM,BER) options.
This is new stuff for me.
JH
On 2/16/12, Dr. Stephen Henson wrote:
> On Thu, Feb 16, 2012, john hagen wrote:
>
>> Can
From: "Jakob Bohm"
> On 2/16/2012 11:42 PM, David H. Lipman wrote:
>> From: "Johan Samyn"
>>
>> 48 hours later my replies have NOT made it to Gmane.
>> Mark: 2/16/12 @ 1742 hrs
>>
>>
> I guess that would be 2012-02-16 17:42 -0500 aka
> 2012-02-16 22:42 UTC?
>
> It arrived here on our European
On 02/17/2012 12:29 PM, Jakob Bohm wrote:
> On 2/16/2012 11:42 PM, David H. Lipman wrote:
>> From: "Johan Samyn"
>>
>> 48 hours later my replies have NOT made it to Gmane.
>> Mark: 2/16/12 @ 1742 hrs
>>
>>
> I guess that would be 2012-02-16 17:42 -0500 aka
> 2012-02-16 22:42 UTC?
>
> It arrived
On 2/16/2012 11:42 PM, David H. Lipman wrote:
From: "Johan Samyn"
48 hours later my replies have NOT made it to Gmane.
Mark: 2/16/12 @ 1742 hrs
I guess that would be 2012-02-16 17:42 -0500 aka
2012-02-16 22:42 UTC?
It arrived here on our European mailserver
2012-02-17 11:01:12 UTC
From
From: "Johan Samyn"
48 hours later my replies have NOT made it to Gmane.
Mark: 2/16/12 @ 1742 hrs
--
Dave
Multi-AV Scanning Tool - http://multi-av.thespykiller.co.uk
http://www.pctipp.ch/downloads/dl/35905.asp
__
OpenSSL Proj
On 2/16/2012 10:28 PM, Alex Chen wrote:
> From what I saw in OpenSSL site and the user guide, the
> FIPS object module is only compatible with OpenSSL 0.9.8,
> not 1.0. Is that still valid? Does that mean if I
> cannot use that module to work with OpenSSL 1.0?
No, that is the old FIPS module, w
Hello,
is there somewhere a release schedule for version 1.0.1 published?
Thanks
Dirk
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.or
14 matches
Mail list logo
