Hi,
I'm using openssl on a platform/OS that supports multiple CPU architectures.
The context switching does not save SIMD registers unless the thread has a
special options set. This creates some challenges when using openssl, which use
SIMD registers in several assembler optimizations. I would
Hi,
I'm using openssl on a platform/OS that supports multiple CPU architectures.
The context switching does not save SIMD registers unless the thread has a
special options set. This creates some challenges when using openssl, which use
SIMD registers in several assembler optimizations. I would
Hi,
I'm using openssl on a platform/OS that supports multiple CPU architectures.
The context switching does not save SIMD registers unless the thread has a
special options set. This creates some challenges when using openssl, which use
SIMD registers in several assembler optimizations. I would
Hi,
I'm
experimenting a bit with the tpm engine (openssl_tpm_engine-0.4.2). My
objective is to see how easy it is use this engine with openssl-1.0.1.
Since the README file states that openssl-0.9.8 is a requirement I
started using that openssl version. However, I have tried to use the tpm
Hi,
I need to do RSA encryption/decryption using OAEP according to rfc 3447/PKCS#1
v2.1. The documentation for RSA_public_encrypt states that with the
RSA_PKCS1_OAEP_PADDING padding flag you get 'EME-OAEP as defined in PKCS #1
v2.0 with SHA-1, MGF1 and an empty encoding parameter'. This is
Hi,
I would like to have a look at the new FIPS 140-2 module. From what I've been
able to find out, it is targeting openssl-1.0.1. I've downloaded openssl-1.0.1
and a fips snapshot (openssl-fips-2.0-test-20120331.tar.gz). Is there a how-to
or similar description of how to configure and build
Hi,
I'm trying to understand if openssl is a good base when implementing a system
that is to be compliant with rfc 5280. Are there any limitations or missing
parts in openssl?
Regards Roger
I should perhaps mention that the title of rfc 5280 is PKIX Certificate and CRL
Profile.
The system we are implementing is an 'end entity'.
Regards Roger
From: roger_no_s...@hotmail.com
To: openssl-users@openssl.org
Subject: openssl and rfc 5280
Date: Thu, 22 Sep 2011 16:10:12 +0200
From: dthomp...@prinpay.com
To: openssl-users@openssl.org
Subject: RE: Using self-signed certificates with openssl
Date: Fri, 13 May 2011 22:06:55 -0400
From: owner-openssl-us...@openssl.org On Behalf Of Roger No-Spam
Sent: Friday, 13 May, 2011 04:15
We have decided
Hello,
We have decided to use openssl to protect a connection in our system with TLS.
Clients will be authenticated using X509 certificates. To cut a long story
short, a decision has been taken to use self-signed certificates. On the
server, each client's self-signed cert will be loaded by a
Hello,
We are currently using openssl-0.9.8l and the gnu compiler on Intel CPUs. We
only use the source code from openssl and have our proprietary build system. We
are now considering switching to the Intel C compiler. Is openssl and Intel C
compiler a combination that works well, or are
Hello,
When building openssl in FIPS 140-2 mode, the MD5 algorithm is not available
for use. There are, however, several RFCs that mandate the use of MD5. Would it
be possible to partition a system into a FIPS 140-2 part (more security
critical parts, e.g SSL) and one other part that can
Recently there has been some discussion on the Internet regarding so called
null-prefix attacks, see
http://www.thoughtcrime.org/papers/null-prefix-attacks.pdf. Is openssl
vulnerable to this attack?
/Roger
_
Med Windows Live kan
Hi,We have included openssl in our product, a proprietary OS and development
environment. Customers have requested that we include the FIPS validated
version of openssl. We have included the openssl 0.9.8 base line and I am now
trying to clarify what the implications are of including the 0.9.8
Hello,
In appendix B of the openssl FIPS security policy it is stated that the module
must be built with a particular tar file (openssl-fips-1.1.2.tar.gz) and a hmac
hash value for the tar file is specified. Furthermore it is stated that there
shall be no additions, deletions, or alterations
Hello,
I need to create a certificate chain. The inputs are my own certificate, a list
of root certificates, a list of intermediate certificates and the distinguished
name of the root CA the peer trusts. The certificate chain I need to create
shall start with my own cert, and end with the
16 matches
Mail list logo
