Re: bugid 2553 : openssl 1.0.1e throws SIGILL on Solaris 10 sparc64

On 3/8/2013 3:28 AM, Dr. Stephen Henson wrote: On Thu, Mar 07, 2013, Dennis Clarke wrote: cc: openssl-b...@openssl.org On Wed, Mar 06, 2013, Matt Caswell wrote: See the README for instructions, under the SUPPORT section: http://git.openssl.org/gitweb/?p=openssl.git;a=blob_plain;f=README;h

Re: bugid 2553 : openssl 1.0.1e throws SIGILL on Solaris 10 sparc64

On Thu, Mar 07, 2013, Dennis Clarke wrote: > > cc: openssl-b...@openssl.org > > > On Wed, Mar 06, 2013, Matt Caswell wrote: > > > > > See the README for instructions, under the SUPPORT section: > > > > > > http://git.openssl.org/gitweb/?p=openssl.git;a=blob_plain;f=README;hb=refs/heads/master

Re: bugid 2553 : openssl 1.0.1e throws SIGILL on Solaris 10 sparc64

For your information, this happens in code that tries to detect if the CPU is a model with a slow fmadd instruction, see crypto/sparccpuid.S According to comments in that code, some UltraSparc-T CPUs emulate some of the slow instructions by triggering a slow software emulation. So, from the

Re: AES CCM encryption of large incoming pdata (file) by blocks

On 6 March 2013 11:40, Dr. Stephen Henson wrote: > On Wed, Mar 06, 2013, Matej Kenda wrote: > > > > > I am working on a solution which includes encryption of files of > arbitrary > > size (at least up to 2 GB) to be encrypted with AES CCM with 256-bit key > > and uploaded to a server. > > > > CCM

bugid 2553 : openssl 1.0.1e throws SIGILL on Solaris 10 sparc64

cc: openssl-b...@openssl.org > On Wed, Mar 06, 2013, Matt Caswell wrote: > > > See the README for instructions, under the SUPPORT section: > > > > http://git.openssl.org/gitweb/?p=openssl.git;a=blob_plain;f=README;hb=refs/heads/master > > > > ... or the FAQ: > > http://www.openssl.org/suppor

Re: where does one file a bug report ?

On Wed, Mar 06, 2013, Matt Caswell wrote: > See the README for instructions, under the SUPPORT section: > > http://git.openssl.org/gitweb/?p=openssl.git;a=blob_plain;f=README;hb=refs/heads/master > ... or the FAQ: http://www.openssl.org/support/faq.html#BUILD16 http://www.openssl.org/support/f

Re: APIs forbidden in FIPS mode

On Wed, Mar 06, 2013, Bruce Stephens wrote: > "Dr. Stephen Henson" > writes: > > [...] > > > RSA_private_decrypt is fine [...] > > Is it? It begins with discouraging-looking code: > > int RSA_private_decrypt(int flen, const unsigned char *from, unsigned > char *to, >RSA *rsa,

Re: is openssl supports TLSv1.2

Yes, OpenSSL since *1.0.1* supports TLS1.2 http://www.openssl.org/news/news.html *Major changes between OpenSSL 1.0.0h and OpenSSL 1.0.1: ...* * Support TLS v1.2 and TLS v1.1. * * Look here for more overview. **http://en.wikipedia.org/wiki/Comparison_of_TLS_Implementations#Protocol_Support*

Re: is openssl supports TLSv1.2

Hi, is there any idea that openssl support TLSv1.2? Regards Arashad Ahamad Arashad Ahamad/India/IBM 02/28/2013 04:37 PM To openssl-users@openssl.org cc Subject is openssl supports TLSv1.2 Hi , I have gone through the change log of openssl implementation and come to

FIPS support with shared libraries on FreeBSD 9.1

I am having issues with FIPS_mode() in a shared library on FreeBSD 9.1. If I link static with 'fipsld', FIPS_mode() works correctly. As a sanity check, I tried the same openssl with fips build process on both NetBSD 6.0.1 and Ubunto 12.10. NetBSD failed and Ubunto worked. Has anyone been able to g

Re: APIs forbidden in FIPS mode

"Dr. Stephen Henson" writes: [...] > RSA_private_decrypt is fine [...] Is it? It begins with discouraging-looking code: int RSA_private_decrypt(int flen, const unsigned char *from, unsigned char *to, RSA *rsa, int padding) { #ifdef OPENSSL_FIPS if (FIPS_mo

RE: Understanding the behvaiour for openssl verify and -crl_check

I had the same problem: openssl did not find my crl file. But I found a solution to the problem not mentioned above: When I looked at the openssl source code , I found that it is possible to specify the command line option -CRLfile filename. (In the cource code the option is used by the file "op