You asked:
Is there a standard documentation, which says these are FIPS compliant
ciphers / macs / kex algorithms.
I haven't found such a quick reference, and I really wouldn't trust such
without doing the research myself.
So, go back to the original source material. Start with NIST's CSRC
listi
When you configure the build with no-ssl3.
From: Sanju Gurung [mailto:sanju.gur...@gmail.com]
Sent: Wednesday, July 16, 2014 11:03 AM
I was going through ssl23_client_hello function in ss23_clnt.c
Does anyone know when OPENSSL_NO_SSL3 is defined?
Regards,
Sanju.
You might want to start by reading the OpenSSL FIPS Users Guide. Then go read
FIPS 140-2, and then read the user’s guide again. In this case “FIPS” is short
for “Federal Information Processing Standard Publication 140-2”, and that
standard is the controlling document (for now, 140-3 should be
I was going through ssl23_client_hello function in ss23_clnt.c
Does anyone know when OPENSSL_NO_SSL3 is defined?
Regards,
Sanju.
Along, with this, I am also curious to know, how the call FIPS_mode_set
make an application FIPS compliant.
I have gone through the below link,
http://wiki.openssl.org/index.php/FIPS_mode_set()
But I am seeking a little more information regarding this.
On Wed, Jul 16, 2014 at 7:11 PM, Sadhana w
On Wed, Jul 16, 2014, Jason Schultz wrote:
> According to this wiki page:
>
> http://wiki.openssl.org/index.php/FIPS_mode_and_TLS
>
> When in FIPS mode, SHA1 signatures can not be used when using the TLS 1.2
> protocol: "If that wasn't enough there's another complication. For TLS v1.2
> you have
Another follow up question. The Wiki page refers to FIPS 186-4. Are these
restrictions only for FIPS 186-4, or FIPS 140-2 as well?
From: jetso...@hotmail.com
To: openssl-users@openssl.org
Subject: SHA1 signatures in FIPS mode w/ TLS 1.2
Date: Wed, 16 Jul 2014 13:31:35 +
According to this
Thanks Steve.
Is there a standard documentation, which says these are FIPS compliant
ciphers / macs / kex algorithms.
Meaning I would need to know, if aes128-cbc is FIPS compliant/ aes128-ctr
is FIPS compliant.
Similarly for macs, kex algorithms as well.
On Wed, Jul 16, 2014 at 4:47 PM, Steve M
According to this wiki page:
http://wiki.openssl.org/index.php/FIPS_mode_and_TLS
When in FIPS mode, SHA1 signatures can not be used when
using the TLS 1.2 protocol:
"If that wasn't enough there's another complication. For TLS v1.2 you have to
restrict the supported signature algorithms to
On 15/07/14 15:05, Dr. Stephen Henson wrote:
On Mon, Jul 14, 2014, Martin Basti wrote:
Hi list,
I have RSA encrypted private key as byte sequence, and I need to
export it as ASN.1 type EncryptedPrivateKeyInfo (RFC5958 section 3.)
Currently I use the following code (shortened):
unsigned char
On 07/15/2014 09:38 AM, Sadhana wrote:
> Hello All,
>
> I have a requirement to make Openssh FIPS compliant. It would be really
> helpful, if you could answer the
> below question and correct me if I am wrong.
>
> I also understand there is a module called as fipscanister.o is introduced
> in O
On Wed, Jul 16, 2014 at 4:36 AM, Saurabh Pandya
wrote:
> Hi,
>
> Is there any official information (weather its conformed, if yes then
> avilable patches..etc) avilable on this vulnarability.
>
https://www.openssl.org/news/vulnerabilities.html
__
may helps below,
https://www.mail-archive.com/openssl-users@openssl.org/msg31570.html
Depends what you want to achive with openssl, good to start with its
online documents.
-
Saurabh Pandya
On 7/14/14, Kay Shamsa wrote:
> Hi;
>
> Can anybody please specify how I can use Open SSL API?
>
> Thanks
Hi,
Is there any official information (weather its conformed, if yes then
avilable patches..etc) avilable on this vulnarability.
Qustion based on refrences below.
http://support.f5.com/kb/en-us/solutions/public/15000/400/sol15401.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2333
14 matches
Mail list logo
