On Sat, Mar 1, 2014 at 1:14 AM, Viktor Dukhovni
wrote:
> On Sat, Mar 01, 2014 at 01:02:28AM -0500, Jeffrey Walton wrote:
>
>> X509_EXTENSION* ex4 =
>> X509V3_EXT_conf_nid(NULL, NULL, NID_subject_key_identifier, "hash");
>> err = ERR_get_error();
>> ...
>>
>> $ openssl errstr 0x22073072
>> erro
On Sat, Mar 01, 2014 at 01:02:28AM -0500, Jeffrey Walton wrote:
> X509_EXTENSION* ex4 =
> X509V3_EXT_conf_nid(NULL, NULL, NID_subject_key_identifier, "hash");
> err = ERR_get_error();
> ...
>
> $ openssl errstr 0x22073072
> error:22073072:X509 V3 routines:S2I_SKEY_ID:no public key
Too many N
I'm building a ca cert following .../demos/mkcert.c. The program is failing at:
X509_EXTENSION* ex4 =
X509V3_EXT_conf_nid(NULL, NULL, NID_subject_key_identifier, "hash");
err = ERR_get_error();
...
$ openssl errstr 0x22073072
error:22073072:X509 V3 routines:S2I_SKEY_ID:no public key
The publ
My understanding is that k . G = (x,y)
And under the hood, 0 <= x <= p and 0 <= y <= p.
Then the next step I believe is r = x mod n and NOT r = x mod p
So in this case, because p > n - then x will wrap around the modulus from
time to time?
Otherwise, if it is r = x mod p, then x will never a
Hi folks,
I'm new to this list, so please forgive me if this is a repeat question,
but I was wondering if, now that 1.0.2 has Suite B enforcement for
TLS/DTLS, there were any plans to support enforcing Suite B in
libcrypto?
Many thanks,
/jtt
___
On 28 February 2014 17:07, Paddy wrote:
>>>On 20 December 2013 09:09, Patrick McCorry <[hidden email]> wrote:
Thanks Guys,
At the moment I'm trying to distinguish if n > p, as the x co-ordinate
does not wrap around n (so x = r >>in all cases) - to verify if this is
always
Thank you so much for the clarification.
For building my windows application, I used the fipslink.pl during the link
phase to embed the checksum. But later I figured that the utility msincore
can also read through the coff executable to embed the checksum. I
obviously wanted to confirm that using
>>On 20 December 2013 09:09, Patrick McCorry <[hidden email]> wrote:
>>> Thanks Guys,
>>>
>>> At the moment I'm trying to distinguish if n > p, as the x co-ordinate
>>> does not wrap around n (so x = r >>in all cases) - to verify if this is
>>> always the case
>>>
>>
>>n can be greater than p,
Hi all.
Why does the AES key wrap feature does not work in FIPS mode of the latest
FIPS-approved OpenSSL anymore?
Thank you
De
From: "Dr. Stephen Henson"
To: openssl-users@openssl.org
Date: 02/28/2014 04:26 AM
Subject:Re: FIPS Openssl for Mac OSX 32 bit
Sent by:owner-
On Fri, Feb 28, 2014 at 10:13:02AM +0100, Jin Jiang wrote:
> Does OpenSSL support the session reused automatically and periodically?
On servers, by default there is an in-memory session cache, and
there are optional callbacks for an out-of-process session cache.
You can control the size of the i
On Wed, Feb 26, 2014, Jeffrey Walton wrote:
> What are the limits on PEM_write_RSAPrivateKey and EVP_CIPHER? Is it
> possible to use 256-bit security levels with authentication tags?
>
> I could not get "AES-256-HMAC-SHA-256" or "AES-256-CBC-HMAC-SHA1" to
> work, and I could not get "AES-256-GCM"
Hi,
My build failed when compiling openssl 1.0.2 beta 1 with no-nextprotoneg
defined :
.\ssl\s3_clnt.c(413) : error C2065: 'SSL3_ST_CW_SUPPLEMENTAL_DATA_A'
I solved this just by moving line 636 of ssl3.h 3 lines above.
Diff file is attached.
Regards,
--- D:/openssl-1.0.2-beta1/ssl/ssl3.h Fri
On Fri, Feb 28, 2014, Michel wrote:
> Hi,
> My build failed when compiling openssl 1.0.2 beta 1 with
> no-nextprotoneg defined :
> .\ssl\s3_clnt.c(413) : error C2065: 'SSL3_ST_CW_SUPPLEMENTAL_DATA_A'
>
> I solved this just by moving line 636 of ssl3.h 3 lines above.
> Diff file is attached.
>
T
On Thu, Feb 27, 2014, Raghav Varadan wrote:
> Hi All,
>
> I'm trying to build an application that used fips capable openssl which I
> built for Mac osx 32 bit. Now I would like to embed the checksum into the
> application binary. I checked the fips user guide and I don't see any
> specific for OS
Hi everyone,
sorry for bothering you with the questions related with session resumption,
I've checked the mailing list and found no such discussion about it before.
Does OpenSSL support the session reused automatically and periodically? For
the case of session renegotiation, there is configurat
15 matches
Mail list logo
