RE: Why Openssl s_server is allowing Session Reuse on the same tcp connection

2013-04-26 Thread sajualways
Thanks Patrick. But what Use Case does this have, where client tells the server to resume the ssl session on the same tcp connection. Usually a different tcp connection makes sense to reuse the session id. -- View this message in context:

X509 custom extension

2013-04-26 Thread redpath
I am adding a custom extension to an x509 a png icon basically (bytes). Since the png icon is too large to post the data I have subsituted it with a file called sample.txt that has a text line This is a sample. The code excerpt to add the extension is below.

Re: [openssl-users] X509 custom extension

2013-04-26 Thread Erwann Abalea
Bonjour, Le 26/04/2013 15:15, redpath a écrit : I am adding a custom extension to an x509 a png icon basically (bytes). Since the png icon is too large to post the data I have subsituted it with a file called sample.txt that has a text line This is a sample. The code excerpt to add the

Re: X509 custom extension

2013-04-26 Thread redpath
Thanks and also the OID register. -- View this message in context: http://openssl.6102.n7.nabble.com/X509-custom-extension-tp44930p44933.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project

FIPS with openssl 1.0.1c strange error

2013-04-26 Thread Cipher
I cross compiled openssl 1.0.1c with FIPS with following commands: For FIPS module: ./config make for openssl ./config fips no-asm shared --with-fipsdir=/software/openssl/openssl-fips-2.0.2/ export FIPS_SIG=/software/openssl/openssl-fips-2.0.2/util/incore changed fipsld line 132 to ${FIPS_SIG}

RE: Data and Signature (envelope)

2013-04-26 Thread Dave Thompson
From: owner-openssl-us...@openssl.org On Behalf Of redpath Sent: Thursday, 25 April, 2013 09:40 To: openssl-users@openssl.org Subject: Re: Data and Signature (envelope) I looked at the latest smsign.c shown below modified with a large data item. The result is still a detached and quite

Re: Is it possible to configure only TLSv1.2 ciphers for FIPS?

2013-04-26 Thread Viktor Dukhovni
On Thu, Apr 25, 2013 at 04:40:12AM -0700, Cipher wrote: For FIPS work, we are planning to support only TLSv1.2 ciphers. Is there a configuration option to use *only* TLSv1.2 ciphers? You say ciphers here. we are using apache/mod_ssl engine(v 2.2.16). *SSLProtocol* directive does not

Re: Is it possible to configure only TLSv1.2 ciphers for FIPS?

2013-04-26 Thread Jakob Bohm
On 4/25/2013 1:40 PM, Cipher wrote: Hi, For FIPS work, we are planning to support only TLSv1.2 ciphers. Is there a configuration option to use *only* TLSv1.2 ciphers? we are using apache/mod_ssl engine(v 2.2.16). *SSLProtocol* directive does not support TLSv1.1/TLSv1.2 option. Which version