I have Perl code, which uses a library that in turn uses openssl for
HTTPS connections. I have been trying to use Wireshark to diagnose
this, but I have yet to find a way to have it tell me what steps in
the SSL handshaking are happening at a given time (client hello,
server hello, c.). Thus, I
Hi All,
I have installed openssl-0.9.8za with -no-ec option. But after this i am
not able to generate ecdsa keys .
# ssh-keygen -t ecdsa -b 1024
unknown key type ecdsa
#
Earlier I am able to do the same with openssl-0.9.8y version.
Please let me know how can I solve this issue.
Thanks,
Hi All,
Please let me know how to compile openssl with -bindist option.
Thanks,
Gayathri
On 6 August 2014 11:27, Gayathri Manoj gayathri.an...@gmail.com wrote:
Hi All,
Please let me know how to compile openssl with -bindist option.
I suspect you are asking this on the wrong forum as I think this is a
gentoo thing not an openssl thing.
With the caveat that I know nothing about
Hi Matt,
Thanks Matt.
My actual issue is that I am not able to generate ecdsa keys after
upgrading openssl version from 0.9.8y to 0.9.8za. For making our openssl
fips compliant we complied the same with -no-ec option that is recommended
by openssl fourm.
For this issueIi goggled and got this
On 6 August 2014 14:12, Gayathri Manoj gayathri.an...@gmail.com wrote:
Hi Matt,
Thanks Matt.
My actual issue is that I am not able to generate ecdsa keys after upgrading
openssl version from 0.9.8y to 0.9.8za. For making our openssl fips
compliant we complied the same with -no-ec option
Hi Matt,
Is there any solution to compile openssl-0.9.8za without -no-ec option. Or
do we have any patch available to fix the fips breakage issue.
*Known issues in OpenSSL 0.9.8za:*
- FIPS capable link failure with missing symbol BN_consttime_swap. Fixed
in 0.9.8zb-dev. Workaround is to
On 6 August 2014 14:35, Gayathri Manoj gayathri.an...@gmail.com wrote:
Hi Matt,
Is there any solution to compile openssl-0.9.8za without -no-ec option. Or
do we have any patch available to fix the fips breakage issue.
Known issues in OpenSSL 0.9.8za:
FIPS capable link failure with missing
Hi,
Thanks for your update.
We tried to compile without -no-ec . but its got failed.
Thanks,
Gayathri
On Wed, Aug 6, 2014 at 7:16 PM, Matt Caswell m...@openssl.org wrote:
On 6 August 2014 14:35, Gayathri Manoj gayathri.an...@gmail.com wrote:
Hi Matt,
Is there any solution to compile
Hi,
AES_GCM is supported on OpenSSL-1.0.1
Regarding support on OpenSSL-0.9.8, have found patch on link below.
http://rt.openssl.org/Ticket/Display.html?id=2092user=guestpass=guest
From various opensource discussion, it seems it cleanly apply to old
version.
Is it ok for this patch to be used on
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.1i released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.1i of our open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 1.0.0n released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.0.0n of our open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
OpenSSL version 0.9.8zb released
===
OpenSSL - The Open Source toolkit for SSL/TLS
http://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 0.9.8zb of our open
On 06/08/14 19:32, Mukesh Yadav wrote:
Hi,
AES_GCM is supported on OpenSSL-1.0.1
Regarding support on OpenSSL-0.9.8, have found patch on link below.
http://rt.openssl.org/Ticket/Display.html?id=2092user=guestpass=guest
From various opensource discussion, it seems it cleanly apply to
The make test step for FIPS-enabled 1.0.1i is failing for me in the ectest
(elliptic curves) section with:
SEC2 curve secp160r1 -- Generator:
x = 0x4A96B5688EF573284664698968C38BB913CBFC82
y = 0x23A628553168947D59DCC912042351377AC5FB32
verify degree ... ok
verify group order ok
I assume SSL_OP_NO_TLSv1 affect TLS v1.0 only but not TLS v1.x in general?
Alex
On Wed, Aug 06, 2014 at 05:32:08PM -0700, Alex Chen wrote:
I assume SSL_OP_NO_TLSv1 affect TLS v1.0 only but not TLS v1.x in general?
Correct.
--
Viktor.
__
OpenSSL Project
On Wed, Aug 06, 2014, Porter, Andrew wrote:
The make test step for FIPS-enabled 1.0.1i is failing for me in the ectest
(elliptic curves) section with:
SEC2 curve secp160r1 -- Generator:
x = 0x4A96B5688EF573284664698968C38BB913CBFC82
y = 0x23A628553168947D59DCC912042351377AC5FB32
Hi Matt,
One more doubt.
Please let me know if I compiled my openssl 0.9.8za without -no-ec
option and I am not using this alogorithm in any of my application
then shall I can say my application is fips complaint?
Thanks,
Gayathri
On Wed, Aug 6, 2014 at 7:22 PM, Gayathri Manoj
19 matches
Mail list logo