If you don't know or care about FIPS 140-2 then count yourself very
lucky and move on.
In the same spirit of collaboration that underlies all of the open
source based OpenSSL FIPS Object Module validations, of which the #1747
validation is the latest, some of the stakeholders impacted by the
On Mon, Jun 22, 2015, Salz, Rich wrote:
I looked at how SSL_CTX_set_cipher_list and SSL_set_cipher_list operate,
but they don't use SSL_{CTX}_ctrl.
That API probably predates the ctrl. It's a trade-off; you lose type-safety
but have less to document :)
What is the suggested way to
Of course, the second approach is a lot faster - however, can anyone explain
the warning not from the documentation Be careful to avoid small subgroup
attacks when using this. ? AFAIK, for such attacks to be effective, they
require that the parameters are re-used multiple times. However, in
Hi,
due to a mysql screwup, whatever was sent to openssl-b...@openssl.org
after 06:00 UTC today was lost (everything before that was safely
backed up). If you did send something, I would like to kindly ask you
to resend it.
Sorry for the inconvenience.
Cheers,
Richard
--
Richard Levitte
Hi Steve,
Forgive my ignorance
From the previous postings, I *thought* that the validation only
applies to real iron, and [retroactively] was not conferred to the
VMs. But it seems like this list includes real hardware, too:
12 Ubuntu 10.04 running on Intel Core i5 with AES-NI (32 bit)
On 06/22/2015 02:36 AM, Jeffrey Walton wrote:
Hi Steve,
Forgive my ignorance
From the previous postings, I *thought* that the validation only
applies to real iron, and [retroactively] was not conferred to the
VMs. But it seems like this list includes real hardware, too:
12
Hello OpenSSL folks,
We have a product which is an OpenSSL 1.0.1 application. One of my customers
is running my product on his SunSparc Solaris 11 platform which has a Crypto
Accelerator. Around the end of last year, he complained to me that OpenSSL
doesn't utilize the accelerator at all. I then
Found this, so the feature has been implemented.
Aaron
Changes between 1.0.1l and 1.0.2 [22 Jan 2015]
...
*) Support for SPARC Architecture 2011 crypto extensions, first
implemented in SPARC T4. This covers AES, DES, Camellia, SHA1,
SHA256/512, MD5, GHASH and modular exponentiation.
Response inline below, prefixed with MW. (Unfortunately Outlook is incapable
of replying to HTML messages properly, so you'll have to excuse the formatting.)
Michael Wojcik
Technology Specialist, Micro Focus
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Marco
Hi,
My goal is to implement ECDH in my own engine. The snippet below shows
the struct that needs to be filled and set as the engine's ECDH method:
struct ecdh_method {
const char *name;
int (*compute_key) (void *key, size_t outlen, const EC_POINT *pub_key,
EC_KEY
10 matches
Mail list logo