Hi,
I need to add the following in the certificate request.
id-ce-subjectAltName OBJECT IDENTIFIER ::= { id-ce 17 }
subjectAltName = GeneralNames
otherName [0] OtherName
OtherName ::= Sequence {
Id-on-hardwareModuleName OBJECT IDENTIFIER ::= iso(1)
identified-organization(3) dod(6)
internet(1)
loading.?
fipsinstall.conf should be protected from corruption or modification? If
yes, current mechanism is able to that or not?
Regards
Manish
On Thu, 16 Jan 2020, 8:29 pm Matt Caswell, wrote:
>
>
> On 14/01/2020 04:51, Manish Patidar wrote:
> > Hi
> >
> > Can any guid
Hi,
Can some one clarify if below usage is allowed by fips
According to FIPS 140-2 IG document, CSP defined in approved mode of
operation shall not be accessed or shared with non-approved mode of
operation.
If both default and fips provider are loaded and application generate Rsa
key pair(2048
Hi
Can any guide me how to use fips api in openssl?
I try to use like below but it always returns null.
ctx = EVP_CIPHER_CTX_new() ;
ciph = EVP_CIPHER_fetch(NULL, "aes-128-cbc", "fips=yes") ;
I am doubting fips provider is not loaded.
Regards
Manish
Hi
What is the difference in libfips.a and fips.so.?
Selftest.c and fipsprov.c is extra in fips.so library compilation. Does it
mean that it just add provider entry function and self test, which is
required for fips certification.?
Once openssl3.0 is fips certified, can we use libfips.a directl
Hi
Is there any update on Openssl3.0 fips release date. When we can expect
the formal version ?
Regards
Manish
Hi
I am trying latest master code to install the fips, but it is not working.
openssl fipsinstall -module ./fips.so -out fips.conf -provider_name fips -
section_name fipsinstall -mac_name HMAC -macopt digest:SHA256 -macopt
hexkey:000102030405060708090A0B0C0D0E0F10111213
It is failing in verify
Hi
This vulnerability is fixed based on pid of process. Currently we are
geting pid only where pthread is enabled, does it mean that this
vulnerability does not impact to other environment like Windows etc.?
Regards
Manish
Hi
Is truncated hmac extension is supported in openssl1.1.1 ?
is TLS1. 2 and lower TLS version supports supported group extension for
Finite Field GROUPS (DHE) ?
Regards
Manish
Hi
There is DRBG kat test data in fips_drbg_selftest.h. (Openssl-fips-2.0.16)
Can anyone let me know, What is the source of this constant arrays. NIST
link or any other source will be helpful?
Regards
Manish
Hi
Can you please tell me what is the plan for fips certification for
openssl1.1.1, when the fips version will be available ?
Regards
Manish
Hi
is there any standard/rfc for EVP_SealInit .
Regards
Manish
Does CVE-2019-1559 is related to these vulnerability.
On Wed, 27 Feb 2019, 4:48 pm Matt Caswell, wrote:
>
>
> On 27/02/2019 11:07, Manish Patidar wrote:
> >
> > Hi,
> > There has been two vulnerability reported: golden doodle and zombie
> poddle.
> > D
Hi,
There has been two vulnerability reported: golden doodle and zombie poddle.
Does it impact openssl 1.1.1 or 1.0.2 version ?
https://www.tripwire.com/state-of-security/vulnerability-management/zombie-poodle-goldendoodle/
Regards
Manish
Hi
I want to use fips certify crypto libs. Is it possible to use crypto lib
from Openssl-fips 2.0.16 and ssl lib from Openssl1.1.1?
If yes, how we can use, pleas provide details?
Regards
Manish
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Hi,
I have doubt regarding the bn change in Openssl version 1.0.2p.
There is new flag introduced BN_FLG_FIXED_TOP, value of this flag is zero
untill BN_DEBUG is defined. By default BN_DEBUG is not defined. So what
is the purpose of this flag.?
Regards
Mwnish
--
openssl-users mailing list
To
Hi
I want to take backup of existing ssl connection. Use this backup
connection in other slave board. This backup include keys and sequence no,
ssl version etc.
Is Openssl support any api to take backup of existing ssl connection?
Regards
Manish
--
openssl-users mailing list
To unsubscribe: htt
17 matches
Mail list logo
