So, I can re-use g_ctx, but I need create a new g_ssl everytime, right?
BTW, X509_STORE *store = X509_STORE_new(); for store, Can I reuse it
as a global object?
On Wed, Mar 25, 2015 at 11:33 AM, Salz, Rich wrote:
>> From document, I think CTX can be initialize only once. But I do not know
>> g_
> From document, I think CTX can be initialize only once. But I do not know
> g_ssl can be initialize only once? I can reuse g_ssl for 1000 differnt URLs?
> Please correct me if anything. Thanks!
You need to create a new SSL object every time you want to do a connect.
/r$
--
Senior Ar
Hi.
Now when my application running, I will use SSL_connect() to connect
1000 different URLs.
I want to keep some openssl object as global variable then I do not
need to initialize/uninitialize again and again.
Here is my sample code.
g_ctx = SSL_CTX_new(method);
g_ssl = SSL_new(g_ctx );
//SSL_
Switching to a more recent version of nasm did the trick.
As it turns out, before I posted, I had assumed that using nasm might resolve
this. However, it appears that I grabbed nasm 2.05 which doesn't support
AES-NI instructions, either(?). So, my intial switch to nasm failed with the
same er
On 03/24/2015 01:27 PM, jonetsu wrote:
>
>
>> From: "Steve Marquess" Date: 03/24/15 12:38
>>
>
>
>> No, the OpenSSL FIPS module 2.0 code is no longer suitable (as of
>> early 2014) for use as-is in doing copycat validations. Some
>> non-trivial code hacks will be necessary.
>
>> We'll do a n
> From: "Steve Marquess"
> Date: 03/24/15 12:38
> No, the OpenSSL FIPS module 2.0 code is no longer suitable (as of early
> 2014) for use as-is in doing copycat validations. Some non-trivial code
> hacks will be necessary.
> We'll do a new open source based validation to succeed the 2.0 F
On 03/24/2015 09:53 AM, jonetsu wrote:
>
> ...
>
>> Now the code for the OpenSSL FIPS module can no longer be used
>> as-is for new "private label" or copycat validations, but that's
>> for different reasons and not because of the DRBGs.
>
> I've read the User Guide bit on private label validati
Following github repo has 1.0.2a with chacha20poly1305 patch from CloudFlare
applied to it:
https://github.com/eakraly/openssl
And this one has chacha20poly1305 implementation from different source
(1.0.2-aead branch in openssl)
https://github.com/PeterMosmans/openssl
Pavel Punsky
-Origina
> From: "Steve Marquess"
> Date: 03/24/15 09:22
> At the time that validation was obtained the four (at the time) DRBGs
> were specified by SP800-90. That document was subsequently reissued in
> several pieces; the current SP800-90A now contains the specifications
> for the three surviving DR
On 03/23/2015 02:36 PM, xxiao8 wrote:
> The key issue still remains, are the validated SP800-90 DRBGs the _same_
> as SP800-90A's DRBGs? If yes then we can probably use Openssl-FIPS with
> SP800-90A, otherwise OpenSSL-FIPS 2.0.9 probably can no longer be used
> for any new validations?
At the time
The private key is a random integer in [1, p-1], not in [2^(log2(p)-1),
(2^log2(p))-1].
In DER, an INTEGER is always expressed using the smallest possible
number of octets. "001a" is an integer equal to "001a", but it
will be represented as "1a".
--
Erwann ABALEA
Le 24/03/2015 12:10,
11 matches
Mail list logo
