Re: Issue facing while using function "const EVP_MD *EVP_get_digestbyname(const char *name)"
Do you have to call OpenSSL_add_all_digests() first? On Aug 9, 2013, at 7:17 PM, Sanjay Kumar (sanjaku5) wrote: Hello All, I have a test program to use the function EVP_get_digestbyname as below I am not able figure out why function “EVP_get_digestbyname” return NULL ? After running the program as below I am getting the print “md is NULL” Any help ? #include #include int main(int argc, char *argv[]) { const EVP_MD *md; const char *hash_type = "SHA1"; md = EVP_get_digestbyname(hash_type); if(md == NULL) { printf("\n md is NULL\n"); } return 0; } Compilation: cc test.c –lcrypto Running: ./a.out md is NULL Thanks, Sanjay
RE: Issue facing while using function "const EVP_MD *EVP_get_digestbyname(const char *name)"
>From: owner-openssl-us...@openssl.org On Behalf Of Sanjay Kumar (sanjaku5) >Sent: Friday, 09 August, 2013 19:17 >I have a test program to use the function EVP_get_digestbyname as below >I am not able figure out why function "EVP_get_digestbyname" return NULL ? get information about an error http://www.openssl.org/support/faq.html#PROG6 get nicer information about an error http://www.openssl.org/support/faq.html#PROG7 error is you need to load the algorithm map http://www.openssl.org/support/faq.html#PROG8 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Issue facing while using function "const EVP_MD *EVP_get_digestbyname(const char *name)"
Hello All, I have a test program to use the function EVP_get_digestbyname as below I am not able figure out why function "EVP_get_digestbyname" return NULL ? After running the program as below I am getting the print "md is NULL" Any help ? #include #include int main(int argc, char *argv[]) { const EVP_MD *md; const char *hash_type = "SHA1"; md = EVP_get_digestbyname(hash_type); if(md == NULL) { printf("\n md is NULL\n"); } return 0; } Compilation: cc test.c -lcrypto Running: ./a.out md is NULL Thanks, Sanjay
SSLv3 versus TLS 1.2
What security strengths does TLS 1.2 have over SSL 3.0? Is TLS 1.2 more secure than SSLv3? If so why?
OpenSSL FIPS library fingerprint doesn't match
I am building a DLL that includes the OpenSSL FIPS object module. This is on Windows using Visual Studio 10.0. I have the 64-bit version working fine but when I build a 32-bit version, the "incore fingerprint" fails to match when I load the DLL and call FIPS_mode_set(1). I had the same problem with the 64-bit version at one point but then it seemed to just "fix itself" and I never saw the problem again. While debugging the code, I found that when linking the DLL, the .text and .rodata values are: .text:5CC1B000+302160=5CC64C50 .rodata:5CCDA134+46364=5CCE5650 But when we load the DLL, the values are: .text:5C85B000+302160=5C8A4C50 .rodata:5C91A134+46364=5C925650 (Not always exactly this, but they never match the numbers above. The sizes are always correct.) We're calculating the signature on a different chunk of memory so obviously they will not match. The question is why are the pointers different? Graeme Perrow
Crashing at BIO_free_all() in openssl
Hi All, I am using openssl-1.0.1c in our project as DTLS . I am trying to delete all memory of SSL, SSL_CTX and BIO. But it is crashing at BIO_free_all() in openssl's lib. 1. Is there any procedure to followup to free these memories ? 2. If I free SSL and SSL_CTX, will it free the BIO implicitly or I need to free BIO explicitly ? Thanks Priyaranjan
Re: Verify callback and sending of the client certificate
On 08/09/2013 01:18 PM, Peter Sylvester wrote: On 08/09/2013 11:17 AM, Florian Weimer wrote: Qt installs a verification callback like this |// Register a custom callback to get all verification errors. |X509_STORE_set_verify_cb_func(ctx->cert_store, q_X509Callback); It is not recommended to access to members in the way above, but rather: X509_STORE_set_verify_cb_func(SSL_CTX_get_store(ctx), q_X509Callback); I think you mean SSL_CTX_get_cert_store, and this is unrelated to my question. :-) -- Florian Weimer / Red Hat Product Security Team __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Verify callback and sending of the client certificate
On 08/09/2013 11:17 AM, Florian Weimer wrote: Qt installs a verification callback like this |// Register a custom callback to get all verification errors. |X509_STORE_set_verify_cb_func(ctx->cert_store, q_X509Callback); It is not recommended to access to members in the way above, but rather: X509_STORE_set_verify_cb_func(SSL_CTX_get_store(ctx), q_X509Callback); /P __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Verify callback and sending of the client certificate
Qt installs a verification callback like this |// Register a custom callback to get all verification errors. |X509_STORE_set_verify_cb_func(ctx->cert_store, q_X509Callback); ctx is an SSL_CTX *. This callback is invoked not just to verify the server certificate, but also when OpenSSL tries to complete the certificate chain before sending the client certificate. OpenSSL clears errors resulting from this, but it cannot roll back the effects of calling the callback. Are these callback invocations expected behavior? -- Florian Weimer / Red Hat Product Security Team __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org