Hi Jacob,
I have used openssl-fips-1_2_4 with openssl 0.9.8zf and not found any
issue. For my environment, just I upgraded my openssl version from 0.9.8zf
to zg.
Thanks,
Gayathri
On Wed, Jul 15, 2015 at 12:36 AM, Jakob Bohm wrote:
> On 14/07/2015 12:35, Gayathri Manoj wrote:
>
>> Hi All,
>>
Hello OpenSSL folks,
I noticed that the OpenSSL command line utility 'openssl' built in Solaris
11.1 does not use SunSPARC crypto accelerators.
>From the change log of OpenSSL 1.0.2, I saw the following description.
Changes between 1.0.1l and 1.0.2 [22 Jan 2015]
...
*) Support for SPARC Arch
Some additional information here. When testing the default openssl installed
in /usr/bin/ on Solaris 11, I saw a much better result below. Hence I
believe OpenSSL utility 'openssl' built by me does not use the hardware
crypto accelerators at all.
Anyone knows the reason?
Thanks,
Aaron
ksol1% /
I am doing some tests using OpenSSL command line utility 'openssl'. My tests
show regarding to the performance of executable ‘openssl’ there is no
difference between 1.0.1p and 1.0.2d.
Here is the test results.
ksol1% ./1.0.1p/shared64bit/openssl/bin/openssl speed -evp aes-128-cbc
WARNING: can
>if ASN1_TINE_set_string() avoids that limitation, despite Victor's suggestion
>to never use it.
It does avoid the limitation, using only |struct tm| to hold parsed fields, and
not building a |time_t| from it. Not sure why Viktor doesn't like it. It seems
to me it's the only portable thing t
Hello,
I¹ve made several attempts to compile various versions of OpenSSL, the
latest being 1.0.2d for Win32. Although many attempts to compile have been
successful and the dlls (and .exe) usable, I have not been able to
successfully disable SSLv3.
I attempted on a Windows 7 box using VC 2010, I
On 14/07/2015 21:50, Salz, Rich wrote:
This is important when creating root certs with expiry dates after 2038
Not an issue for openssl. As long as you use ASN1_TIME values, it's okay.
Might be an issue if converting to time_t on 32-bit platforms.
Victor suggested to use only ASN1_TIME_set()
On Tue, Jul 14, 2015 at 01:23:52PM -0400, Colin Edwards wrote:
> Thank you, Kurt. The information I was getting (from some sources) was that
> the vulnerability was only present in configurations where the server was
> authenticating a client certificate. The fact is, the vulnerability applies
>
> This is important when creating root certs with expiry dates after 2038
Not an issue for openssl. As long as you use ASN1_TIME values, it's okay.
Might be an issue if converting to time_t on 32-bit platforms.
___
openssl-users mailing list
To unsubs
(continuing top posting to keep thread consistent)
Note that the point of using an X.509 signature at file creation time
and/or client approval time was to reuse the internal file structure
that is already designed to hold that particular signature format
(specifically, the internal file struc
On 14/07/2015 12:35, Gayathri Manoj wrote:
Hi All,
Please let me know what is the compatible openssl-fips package for the
0.9.8zg version.
As far as I know you need to use the file
http://www.openssl.org/source/openssl-fips-1.2.4.tar.gz
with the specific HMAC checksum specified in the appl
On 13/07/2015 12:22, Victor Wagner wrote:
On Mon, 13 Jul 2015 12:25:40 +0530
Nayna Jain wrote:
Hi all,
I am programmatically generating the self signed certificate and need
to specify the "Not Before" and "Not After" date,
Wanted to understand what all formats are acceptable by this API ?
X
Thank you, Kurt. The information I was getting (from some sources) was that
the vulnerability was only present in configurations where the server was
authenticating a client certificate. The fact is, the vulnerability applies
to certificate validation regardless of if it's on the client or server
On Mon, Jul 13, 2015 at 01:03:09PM -0400, Colin Edwards wrote:
> I've been reading/hearing different opinions on the recent vulnerability
> for cert chain forging that was patched (CVE-2015-1793).
>
> Some people are saying the vulnerability only exists if a system is using
> certificate-based cli
Hi All,
Please let me know what is the compatible openssl-fips package for the
0.9.8zg version.
When i try with with openssl-1_2_4, I am getting the below error
bash 3.2:90>gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m32 -DL_ENDIAN -DTE
Script started on Mon Jul 13 09:31:31 2015
doctor.nl2k.ab.ca//usr/source/openssl-1.0.2-stable-SNAP-20150713$ make test
testing...
(cd ..; make build_libcrypto)
making all in crypto...
ar r ../libcrypto.a cryptlib.o mem.o mem_dbg.o cversion.o ex_data.o cpt_err.o
ebcdic.o uid.o o_time.o o_str.o o
16 matches
Mail list logo
