"make test" fails for FIPS-capable OpenSSL build

Hi, I successfully built the FIPS 2.0 module (2010), its tests passed, and it was installed correctly in /usr/local/ssl/fips-2.0. I then build openssl 1.0.1 (2010): ./config fips shared make which all seems to go ok Then I do: make test and eventually get this error: ... Testing key g

RE: Help neede Generating a V3 self-signed certificate from a CSR

> From: owner-openssl-us...@openssl.org On Behalf Of Benoit Rouleau > Sent: Friday, 11 November, 2011 12:19 > I have a problem. I am attempting to generate a self-signed > (for internal use) certificate with multiple SAN and all I can get > is a V1 certificate with no SAN at al

RE: How to do generate PKCS#7 to embedded system

> From: owner-openssl-us...@openssl.org On Behalf Of Laerte Junior > Sent: Saturday, 12 November, 2011 14:22 >I'm working with embedded system project and I need to receive PKCS7 > and store the fields(DN, signature, public key, etc.). Before, I generate > a CSR to test (atta

RE: ECDSA with SHA384 - Verification

Thanks very much, I'll do that. Paul -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: 14 November 2011 12:31 To: openssl-users@openssl.org Subject: Re: ECDSA with SHA384 - Verification On Mon, Nov 14, 2

Re: ECDSA with SHA384 - Verification

On Mon, Nov 14, 2011, Caswell, Paul wrote: > I have a specific requirement to perform a KAT and am struggling with > setting k as per my original e-mail. Well you were on the right lines with your original email. If you look in ecdsa_sign_setup in ecs_ossl.c you'll see how it uses a random k valu

RE: ECDSA with SHA384 - Verification

I have a specific requirement to perform a KAT and am struggling with setting k as per my original e-mail. Thanks, Paul -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson Sent: 14 November 2011 12:21 To: openssl

Re: ECDSA with SHA384 - Verification

On Mon, Nov 14, 2011, Caswell, Paul wrote: > Hi Steve, > Does this mean you have something I can look at or are you trying to > tell me that I don't need to test our software as OpenSSL already tests > ECDSA? It depends on what you want to test ECDSA for. If it is part of FIPS 140-2 compliance (

RE: ECDSA with SHA384 - Verification

Hi Steve, Does this mean you have something I can look at or are you trying to tell me that I don't need to test our software as OpenSSL already tests ECDSA? Thanks, P -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephe

Re: ECDSA with SHA384 - Verification

On Mon, Nov 14, 2011, Caswell, Paul wrote: > Hellol, > > We have some software that uses OpenSSL for digital signature creation > and verification. I have to implement a means to test this against > known answers and so have fished out the test vectors for ECDSA from > http://csrc.nist.gov/group

ECDSA with SHA384 - Verification

Hellol, We have some software that uses OpenSSL for digital signature creation and verification. I have to implement a means to test this against known answers and so have fished out the test vectors for ECDSA from http://csrc.nist.gov/groups/STM/cavp/ We are using the curve 'secp384r1' and s

Re: TLS Overhead

hi, you are using cryptodev with that Atom rather than just using software-only OpenSSL? alan __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@