Hi,
I complied and installed FIPS capable OPENSSL 1.0.1c and OPENSSH 6.1p1 with
FIPS.
While debugging i found that SSH fails for *ctr* mode of cipher operation.
Is it because of a buggy patch?
Here is what i get when i connect using aes256-ctr
FIPS mode initialized
debug1: inetd sockets after
Hello,
It would be very great if my problem could be solved here.
In C I have to make a Diffie-Hellman Key Exchange and the problem is that the
corresponding Java Server expects a ASN.1 DER encoded SubjectPublicKeyInfo, the
same thing that Java creates with the getEncoded() Method, described
start with SSL handshake with Protocol: TLSv1, Cipher: DHE-RSA-AES256-SHA 256
as a minimum and disable the others.
--
View this message in context:
http://openssl.6102.n7.nabble.com/FIPS-with-CAPI-Engine-tp26273p44713.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
TLS is a protocol, and not a cipher. just enter openssl ciphers and you will
see no protocols are returned.
Your question doesn't sound right, as I use 1.0.1c on windows, iOS, and
android FIPS/Non FIPS with no issues the last year. Can you share a bit more
information? platform? handshake code,
Hi,
I'm trying to build fips capable openssl for Mac OS X 64 bit platform. The
config script ./config automatically builds the libraries for 32 bit OS X
and it displays the warning asking for manual configuration.
openssl-fips-2.0.3 Raghav$ ./config no-asm
Operating system:
May we get the code.both java and c
Regards,
Azhar
Hello,
It would be very great if my problem could be solved here.
In C I have to make a Diffie-Hellman Key Exchange and the problem is that
the corresponding Java Server expects a ASN.1 DER encoded
SubjectPublicKeyInfo, the same thing that
On 04/08/2013 10:12 PM, Raghav Varadan wrote:
Hi,
I'm trying to build fips capable openssl for Mac OS X 64 bit platform. The
config script ./config automatically builds the libraries for 32 bit OS X
and it displays the warning asking for manual configuration.
openssl-fips-2.0.3 Raghav$
On Fri, Apr 05, 2013, Tamer Refaei wrote:
I am able to compile and run version 1.0.1e in FIPS mode. What I
noticed is that it does not have a mechanism for locking in SUITE-B
algorithms (that seems to be possible in 1.1.0-dev). Is there any
guideline/sample code on how to lock SUITE-B
Hi,
We are looking for a way to securely store (potentially hardware-generated)
private keys and their associated certificates (signed by some CA).
Can you tell me if the api mentioned in store.h (combined with an store engine
implementation) might be the right way to do this ?
It seems
One of our developers here has noticed a change in behavior.
This pair of commands used to work as expected, but in 1.0.0 and later the
resulting cert is self-signed, and not signed by the CA key.
openssl req -x509 -days 999 -keyout req.key -out req.pem \
-subj /CN=testme -nodes
From: owner-openssl-us...@openssl.org On Behalf Of k...@bitzermobile.com
Sent: Monday, 08 April, 2013 18:07
TLS is a protocol, and not a cipher. just enter openssl
ciphers and you will
see no protocols are returned.
In addition to specific ciphers (suites) _set_cipher_list
accepts a
From: owner-openssl-us...@openssl.org On Behalf Of .uservorname
.usernachname
Sent: Saturday, 06 April, 2013 05:52
Thanks for your help. I tried to compile the testprogram with
gcc ssl_accept.c -o sslaccept -lssl -lcrypto -L/usr/lib
When executing ./sslaccept I get ./sslaccept: error while
From: owner-openssl-us...@openssl.org On Behalf Of Julian Melzig
Sent: Monday, 08 April, 2013 01:50
In C I have to make a Diffie-Hellman Key Exchange and the problem is
that the corresponding Java Server expects a ASN.1 DER encoded
SubjectPublicKeyInfo, the same thing that Java creates with the
13 matches
Mail list logo