Hello,
Is there a porting guide for porting 0.9.x to 1.x version of OpenSSL
especially to be used with the latest FIPS module? For an example, it appears
that SHA1_Init... cannot be used in FIPS mode and EVP_MD_... API should be used
instead.
Thank you,
-Pandit
Thank you David and Nivedita. I think I got it.
-Pandit
From: Nivedita Melinkeri
To: Pandit Panburana
Cc: openssl-users@openssl.org
Sent: Thu, November 18, 2010 1:53:22 PM
Subject: Re: Question regarding OpenSSL Security Advisory
Hey Pandit,
>
So
Hi,
I am not clear about the condition that vulnerability when using internal
session caching mechanism. Is it the same thing as TLS session caching or this
is some thing different?
Thank you,
- Pandit
From: David Schwartz
To: openssl-users@openssl.org
C
Hello,
I would like to know whether any one have seen FIPS self-test failures on
the platforms you work on assuming that the code has been properly ported i.e.
failures found during porting do not count.
Thank you,
- Pandit
I have not seen an answer to this mail. Wouldn't applying "PIC" accomplish the
same thing?
Thank you,
-Pandit
From: William A. Rowe Jr.
To: openssl-users@openssl.org
Cc: Kyle Hamilton
Sent: Mon, January 18, 2010 6:20:11 PM
Subject: Re: FIPS linked as a shar
OpenSSL works fine on MIPS. MIPS is a big endian CPU.
-Pandit
From: Alessandro Borga
To: openssl-users@openssl.org
Sent: Thu, October 15, 2009 10:37:39 AM
Subject: RSA algorithm with big endian environment
Well
I must use RSA encrypt/decprypt
functions in
Hello Erik,
The authentication occurs during the initial setup of TLS session
(handshake phase). If the peer (or peers in case of mutual authentication) is
authenticated then both sides agree in a common secrets for the session as part
handshake phase. The messages sent in the authentica
validated crypto to zero, as well, so I dunno where
the balance lies. Neither does Steve M, and he's pretty much
openssl's most visible diplomat to the Priesthood of the CMVP.
-Kyle H
On Wed, Aug 19, 2009 at 9:27 AM, Pandit Panburana wrote:
> Hello,
> The security policy of s
Hello,
The security policy of states that the module does not allow concurrent
operators. How does API prevent concurrent operator?
Thank you,
-Pandit
I could be wrong with this but I think it might be possible to use MD5 for the
purpose of checksum (fancy). I also believe HMAC_MD5 part of SSL/TLS is
acceptable.
Regards,
- Pandit
From: David Schwartz
To: openssl-users@openssl.org
Sent: Monday, August 17,
FIPS Module version 1.2
On Fri, Aug 14, 2009, Pandit Panburana wrote:
> Hello,
>
> I have a few questions about the FIPS module.
>
>1) The current version of OpenSSL FIPS Module is 1.2. It is based on
>0.9.8e and 0.9.8f of standard OpenSSL. The latest stable vers
and then get the
result blesse^Wvalidated.
-Kyle H
On Fri, Aug 14, 2009 at 12:54 PM, Pandit Panburana wrote:
> Hello,
> I have a few questions about the FIPS module.
>1) The current version of OpenSSL FIPS Module is 1.2. It is based on
> 0.9.8e and 0.9.8f of standard OpenSSL. The
Hello,
I have a few questions about the FIPS module.
1) The current version of OpenSSL FIPS Module is 1.2. It is based on 0.9.8e
and 0.9.8f of standard OpenSSL. The latest stable version is 0.9.8k. How are
fixes get into validated FIPS module?
2) The current procedure suggests that
13 matches
Mail list logo
