On Mon, Jan 18, 2016, Marcos Bontempo wrote:
> Hello,
> I wrote a C code which enter in FIPS mode with fips_mod_set(1).
> But, when I call MD5 functions after setting FIPS mode, I get this error:
> md5_dgst.c(75): OpenSSL internal error, assertion failed: Low level API call
> to digest MD5 forbi
On Tue, Jan 19, 2016, Nounou Dadoun wrote:
> That actually worked reasonably smoothly, the only thing that I have to fix
> now is that it's obviously taking the time zone into account - is there a way
> of telling it to do everything in UTC?
>
The routines don't take any account of local timez
Hi All:
We will be using OpenSSL FIPS modules on our Linux appliances and we
have some Python and PHP applications which need to invoke crypto related
functionalities provided by OpenSSL.
I was wondering has anyone integrated Python and PHP with OpenSSL FIPS
modules?
Since for each application w
Hi,
We will be using OpenSSL FIPS modules on our Linux server and was wondering
if we need to do any work on the Apache server in order to make it working
seamlessly with OpenSSL when the FIPS mode is enabled.
My questions are:
1) How to make Apache server enable the FIPS mode on OpenSSL? My
und
That actually worked reasonably smoothly, the only thing that I have to fix now
is that it's obviously taking the time zone into account - is there a way of
telling it to do everything in UTC?
And I still don't see any programmatic way of accessing whether a key usage is
"critical" or not.
Tha
MD5 is not considered a safe function to use hence it is forbidden in FIPS
mode. Can you use a different hash function ( such as SHA-something ) for
your use case?
On Mon, Jan 18, 2016 at 4:43 PM, Marcos Bontempo wrote:
> Hello,
>
> I wrote a C code which enter in FIPS mode with fips_mod_set(1).
> I wrote a C code which enter in FIPS mode with fips_mod_set(1).
>
> But, when I call MD5 functions after setting FIPS mode, I get this error:
>
> md5_dgst.c(75): OpenSSL internal error, assertion failed: Low level API call
> to digest MD5 forbidden in FIPS mode! Aborted.
>
> Does anybody know wha
Hello,
I wrote a C code which enter in FIPS mode with fips_mod_set(1).
But, when I call MD5 functions after setting FIPS mode, I get this error:
md5_dgst.c(75): OpenSSL internal error, assertion failed: Low level API call to
digest MD5 forbidden in FIPS mode! Aborted.
Does anybody know what is wr
On Mon, Jan 18, 2016, Nounou Dadoun wrote:
> Hi folks,
>
> I'm trying to do some simple conversions (I need to push some certificate
> data across a soap interface).
>
> I'm trying to do an ASN1 time conversion to tm (and eventually time_t but tm
> would be fine).
>
The equivalent of time_t
Upon further investigation I've discovered that they're declared in asn1_locl.h
but marked as:
/* Internal ASN1 structures and functions: not for application use */
They seem to be generally useful and making them available would keep people's
hands out of opaque data structures, any reason why
Hi folks,
I'm trying to do some simple conversions (I need to push some certificate data
across a soap interface).
I'm trying to do an ASN1 time conversion to tm (and eventually time_t but tm
would be fine).
Earlier mailing list entries said that this was not available but I've now
found:
htt
Hi everybody, I do not know if this is the best place to discuss it, but I
would like to have your opinions on the best place to include Time Attribute
Certificate (TAC) into TST. By defult, the Thales timestamp system puts the
hash of TAC in the field signing certificate as discussed here. Here ar
12 matches
Mail list logo
