Re: fipscanister with assembly language optimization and non-SSE2 capable processors?

On 12/19/2012 5:15 AM, Bill Durant wrote: Hello: Is it not possible to build a FIPS-capable OpenSSL with assembly language optimization enabled in the fipscanister that works under non-SSE2 capable processors? On SUSE Linux Enterprise Server 10, I have built the fipscanister with assembly la

Re: Support for 448 bit hash value generation in opnessl.

On 12/18/2012 8:53 PM, Jeffrey Walton wrote: On Tue, Dec 18, 2012 at 3:24 AM, Matt Caswell (fr...@baggins.org) wrote: On 18 December 2012 05:30, jeetendra gangele wrote: Ok, can you expain me how ec_compute_key work and specially this last argument. Why its need hash value to calculate th

fipscanister with assembly language optimization and non-SSE2 capable processors?

Hello: Is it not possible to build a FIPS-capable OpenSSL with assembly language optimization enabled in the fipscanister that works under non-SSE2 capable processors? On SUSE Linux Enterprise Server 10, I have built the fipscanister with assembly language optimization enabled as follows:

RE: Need help in loading private key for ECDSA

> From: owner-openssl-us...@openssl.org On Behalf Of jeetendra gangele > Sent: Monday, 17 December, 2012 21:48 > Yes i used [KDF1_SHA1 for ECDH_compute_key] from ec/ecdhtest.c. > If you see the ECDH_compute_key in last argument It need some hash > function to sign the shared secret. The last argu

Re: Support for 448 bit hash value generation in opnessl.

On Tue, Dec 18, 2012 at 3:24 AM, Matt Caswell (fr...@baggins.org) wrote: > > > On 18 December 2012 05:30, jeetendra gangele wrote: >> >> Ok, >> >> can you expain me how ec_compute_key work and specially this last >> argument. >> Why its need hash value to calculate the secret key. >> I need to ge

Re: FIPS enable Apache 2.4.3 with OpenSSL 1.0.1c-fips

On 12/18/2012 08:57 AM, Jerry Blasdel wrote: > Steve, > > That was a typing error. I verified that I am building: > > Extracting OpenSSL Fips source... > openssl-fips-2.0.1/... > > Extracting OpenSSL source... > openssl-1.0.1c/ACKNOWLEDGMENTS... > > > What steps can I take to help identify th

Re: FIPS enable Apache 2.4.3 with OpenSSL 1.0.1c-fips

Steve, That was a typing error. I verified that I am building: Extracting OpenSSL Fips source... openssl-fips-2.0.1/... Extracting OpenSSL source... openssl-1.0.1c/ACKNOWLEDGMENTS... What steps can I take to help identify the problem with my FIPS capable built OpenSSL? Thanks This is a PR

RE: Which ECC curve is being used?

> If you haven't wrapped the OpenSSL struct(s) with your own and you want to > remember something(s) about an SSL connection, that's what > SSL_{set,get}_ex_data are for. Yes, thanks. I might do that if there's no other option, but a EC_get_NID seems a reasonable thing to want and, if I read S

Re: Support for 448 bit hash value generation in opnessl.

Yes I tried 64 bytes hash but I need 56 bytes only as I told. see the below code I am trying with SHA512 but I need only 56 bytes not 64. It looks like ECDH_compute_key trying to copy all 64 bytes into the shared secret buffer?. I want only 56 bytes,is there a way that I can get 56 bytes shared key

Re: Support for 448 bit hash value generation in opnessl.

On 18 December 2012 05:30, jeetendra gangele wrote: > Ok, > > can you expain me how ec_compute_key work and specially this last argument. > Why its need hash value to calculate the secret key. > I need to generate the 56 BYtes shred key. > A KDF (Key Derivation Function) is typically used to gen

Unable to decrypt an AES encrypted SMIME Message with OpenSSL - Bad Decrypt

have a two mails (SMIME encrypted) for a single recipient. One mail is encrypted using 3DES, the other one is encrypted using AES 256. The mails where created using the C# EnvelopedCms class (http://msdn.microsoft.com/en-us/library/system.security.cryptography.pkcs.envelopedcms%28v=vs.100%29.asp