On Fri, Jul 28, 2017 at 12:15 AM, Swetha Hariharan
wrote:
>
>
> I am trying test the rsa 186-2 openssl fips module 2.0.16 implementation
> using the NIST Testvectors. Using the fips_rsastest.c file the
> FIPS_rsa_x931_generate_key_ex(rsa, keylen, bn_e, NULL) function called to
> generate the modu
I am trying test the rsa 186-2 openssl fips module 2.0.16 implementation
using the NIST Testvectors. Using the fips_rsastest.c file the
FIPS_rsa_x931_generate_key_ex(rsa, keylen, bn_e, NULL) function called to
generate the modulus n as the output and taking modulus size as the input
i,e [mod=1024]
The __current__ code for this function returns values if the **BIGNUM is
not NULL. Thus, it appears safe to pass in NULL for values not needed.
However, the documentation is silent on this behavior.
If this behavior is guaranteed, it would be nice if it was documented.
If not, a comment in th
On 07/25/2017 06:05 PM, Neetish Pathak wrote:
>
>
> Please provide any comments if you have or how I should go about
> debugging it. Correct me if I am doing it wrong
>
I don't really have any good suggestions for debugging it. It might be
interesting to run in a debugger and collect full backtra
On 07/27/2017 02:49 PM, Todd Blum wrote:
> SSLv2 Record Layer: Client Hello
SSLv2-compatible ClientHello is pretty old and probably unneeded
> [Version: SSL 2.0 (0x0002)]
> Length: 46
> Handshake Message Type: Client Hello (1)
> Version: SSL 3.0 (0x0300)
>
Hello,
I have an Apache 2.4.27/OpenSSL1.1.0f server running with mod_dav enabled.
One of my WebDAV clients can't connect to it, but all other WebDAV clients
(WinSCP, etc.) are connecting OK.
Apache sends a 'Handshake Failure' immediately:
No. TimeSourceDe
On 07/27/2017 09:18 AM, Robert Moskowitz wrote:
> Rich,
>
> Meant to ask you about this at IETF.
>
> Given draft-ietf-curdle-pkix-05.txt sec 10, is there openssl code to
> produce these???
>
There is code to validate them, per commit
4328dd41582bcdca8e4f51f0a3abadfafa2163ee. I didn't look hard en
Rich,
Meant to ask you about this at IETF.
Given draft-ietf-curdle-pkix-05.txt sec 10, is there openssl code to
produce these???
And, relatedly, what do you think about CBOR encoding rather than
ASN.1? Kill ASN.1 in constrained devices and save on transmission costs?
Thanks
Bob
On 03/16