Re: [openssl-users] Call for FIPS 140-2 stakeholders

I'm not currently interested in the given platforms, and while I really hope to never be interested again, I can't rule it out. It'd be nice to be able to follow the discussions, without necessarily contributing. But I also understand I if those involved don't want to include those in my

Re: [openssl-users] Implementing ECDSA in an engine

Hello Reinier, On Fri, Jun 26, 2015 at 7:47 PM, Reinier Torenbeek reinier.torenb...@gmail.com wrote: Hi, The mechanism for implementing ECDSA in my own engine is unclear to me. Unfortunately, none of the example engines implement ECDSA so it is hard for me to find answers. Invoking

Re: [openssl-users] Implementing ECDSA in an engine

Hi Dmitry, Thanks for the response. I suppose I have to do the same thing as well then. I wonder why the ECDSA_METHOD structure and the associated mechanism to insert it into an engine is so much different from the DSA_METHOD struct. The latter seems more straightforward to use and does not

Re: [openssl-users] Implementing ECDSA in an engine

On Fri, Jun 26, 2015, Reinier Torenbeek wrote: The mechanism for implementing ECDSA in my own engine is unclear to me. Unfortunately, none of the example engines implement ECDSA so it is hard for me to find answers. Invoking ENGINE_set_ECDSA() does not seem to be sufficient: my setup,

[openssl-users] Implementing ECDSA in an engine

Hi, The mechanism for implementing ECDSA in my own engine is unclear to me. Unfortunately, none of the example engines implement ECDSA so it is hard for me to find answers. Invoking ENGINE_set_ECDSA() does not seem to be sufficient: my setup, sign and verify methods never get invoked. Stepping

[openssl-users] S/MIME Mails signed with SHA256 certificate and/or SHA256 Hash

Hello, has anybody got a reliable source or knowledge about which mail clients - especially which Thunderbird release - should be capable of verifying such mails correctly? this openssl smime -verify -CAfile trusted.crt -in mail.eml successfully verifies such an e-Mail; Thanks, Walter --

Re: [openssl-users] Implementing ECDSA in an engine

Hello Reinier, No, I do not. And may be for your purposes you can use this or that ECDSA_METHOD setting it into the EC_KEY struct. On Fri, Jun 26, 2015 at 9:09 PM, Reinier Torenbeek reinier.torenb...@gmail.com wrote: Hi Dmitry, Thanks for the response. I suppose I have to do the same thing

[openssl-users] New FIPS 140-2 SE Validation Approved

If you don't know or care what FIPS 140-2 is, a hysterical giggle of pure delight and whoop of relief before moving on is fully justified. The SE (Salavge Edition) validation has been approved: http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#2398 This actually appeared on