Hi Steve,
Is there a Summary notes of what's new in FIPS module 2.0?
Thanks,
Prakash
- Original Message -
From: "Steve Marquess"
To: ;
Sent: Friday, July 08, 2011 1:54 AM
Subject: Call for testing - FIPS object module
Coding of the OpenSSL FIPS Object Module v2.
My opinion: 2 times 2 = 4 no matter what approach you take, and so no one
can sue you to doing that Math. However, if someone comes up with a math
logic (software, hardware, combo, whatever) that does the same operation in
a superior way, then that is patentable.
Similarly, ECC is based on (as th
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
oblem does not occur during manual script execution What can be the reason. Can reading random bytes from prngd in blocking mode solve this problem. regards, Prakash
Yahoo! Mail
Use Photomail to share photos without annoying attachments.
? Thanks,Prakash
Yahoo! Mail - Helps protect you from nasty viruses.
key in non fips mode. Thanks,Prakash
Yahoo! Mail - Helps protect you from nasty viruses.
he product builds successfully with the modified fips source v libcrypto.a and libcrypto.a.sha1 are generated successfully. Suppose I call this library a fips compliant library(though it is not).How can a user who uses this library ensure that it was built from the FIPS validated sources Thank
certified OpenSSL. Thanks,Prakash
What are the most popular cars? Find out at Yahoo! Autos
Hello All, I am working on HP-UX and using OpenSSL 0.9.7i I used the speed command to measure the performance of the crypto graphic algorithms I compared the results with that of 0.9.7e For rc4 the performance has increased around 3 times. 0.9.7e : rc4(16 byte block) : 62718.04k (kb processed pe
longFails
Here the commonName_max limit is referred from the openssl.cnf file and an error occurs
This seems to be an inconsistent behaviour.
I have suggested a probable solution at
Ref : http://www.mail-archive.com/openssl-dev@openssl.org/msg20091.html
Regards,
Prakash"Dr. Stephen Henson&quo
or
use the hpux64-ia64-cc (CC compiler) option.
Regards,Prakash"Fenlason, Josh" <[EMAIL PROTECTED]> wrote:
I'm running into problems building a shared distribution of OpenSSL 0.9.8a on HPUX Itanium.
On Solaris I've successfully used the following config:
-certfile
Assuming cacert.pem and cakey.pem are the corresponding certificate and key files use the following command.
# openssl pkcs12 -export -in cacert.pem -inkey private/cakey.pem -certfile newcert.pem -name "Laser" -out testcert.pem
Thanks,
Prakash
Robert Kwiencien <[EMAIL PROTECT
One more thing, the CA.sh is very outdated and has a number of bugs
I have filed a bug report and given a patch athttp://www.aet.tu-cottbus.de/rt2/Ticket/Display.html?id=1209 Please share your suggestions on this.
Thanks,Prakash
Yahoo! Music Unlimited - Access over 1 million songs. Try it free.
ty of 0.9.7 ?
Your response to these questions will help me choose the appropriate version of OpenSSL
Thanks,Prakash
Yahoo! for Good
Click here to donate to the Hurricane Katrina relief effort.
-- Prakash
Rajeshwar Singh Jenwar <[EMAIL PROTECTED]> wrote:
Hi,
How to verify a signed certificate by a CA(.pem) & coresponding private key(.pem) ?
It is just to verify that someone has played with private key or not.
Thx.
Rajeshwar Singh
Start your day with Yahoo! - make it your home page
is valid B3500880020644B6 - Serial number of the certificate /C=IN/ST=TamilNadu/O=cbe/CN=test - subject of the certificateThanks,
Prakash
Marco Klasmeyer <[EMAIL PROTECTED]> wrote:
Hello,is the format for "index.txt" database file of a CA defined somewhere?I want to run "ope
embedded path for the library using the flag -Wl,+b /usr/local/openssl-0.9.7g/lib (not sure for SunCC)
--Prakash,
Laurent Blume <[EMAIL PROTECTED]> wrote:
Hello all,I've got a relatively minor problem with OpenSSL linking, it may be a flaw in the configure script, or just me not findin
em -VAfile OCSPServer.pem -cert User.pem
1. First you must get a certificate from Verisign -User.pem2. Get the CA certificate that was used to sign your request - ROOT_CA.pem3. Trust the Verisign OCSP responder certficate - OCSPServer.pem
--Prakash
varma d <[EMAIL PROTECTED]> wrote:
Hi,
ir/bin/cacert.pem -new -keyout $ssl_dir/bin/cakey.pem -subj /C=IN/ST=TamilNadu/L=Coimbatore/O=test/CN=prakash -nodes
echo "Set us the CA using the CA.pl script"echo "$ssl_dir/bin/cacert.pem" | $ssl_dir/misc/CA.pl -newca
echo "Copy the CA private key to the private dire
brary and i have to put thesource directory?thanksignacioOn 8/17/05, prakash babu <[EMAIL PROTECTED]>wrote:> Hi Ignacio , > > I think that the problem is that your are not linking the appropriate> libraries.> > Try the following steps > # ./config zlib> # gmake>
crypto and ssl libraries that comes OS which is present in the /usr/lib directory and this may not be built with zlib support
# ./a.outcompression name: (null)
Thanks,
Prakash
Ignacio Butler <[EMAIL PROTECTED]> wrote:
hi,well, i'm using Linux, with a 2.4.xx kernel and the 0.9.8 version ofthe
Hello Ignacio,
I tried the program you attached and it seems to work fine .
#include #include int main(){COMP_METHOD *comp_method;comp_method = COMP_zlib();if(comp_method != NULL) { printf("compression name: %s\n", (comp_method->name !=NULL? comp_met
Hello Robert,
I think the problem is with your Pseudo Random Number Generator and not OpenSSL 0.9.8
i. Check if you system has the /dev/random or /dev/urandom ii. If /dev/random and /dev/urandom are not present then make sure prngd is running iii. If your answer is yes to question i or ii then
Hello Dave,
Try setting your environment variable HOME since the seed file will be written to the file $HOME/.rnd or set the variable RANDFILE in the openssl.cnf file to an existing location.
Thanks,
Prakash Dave Peterson <[EMAIL PROTECTED]> wrote:
I hope this isn't a
BIO_printf(bio_err,"%s is too long, it needs to be less than %d bytes
long\n",longname,n_max);
goto
error;
}
// ---
//
2137
if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i],
-1,-1,mval[i]))
2138
goto error;
2139
}
Thanks,
Prakash Babu
Start your day with Yahoo! - make it your home page
-
//
2137
if (!X509_NAME_add_entry_by_NID(n, nid, chtype, (unsigned char*)ne_values[i],
-1,-1,mval[i]))
2138
goto error;
2139
}
Thanks,
Prakash Babu
Start your day with Yahoo! - make it your home page
Hello Nils,
The configure option you suggested works fine for Linux.
For HPUX it did not work. It worked only after adding -DENGINE_DYNAMIC_SUPPORT to the configure option.
Thanks,
PrakashNils Larsch <[EMAIL PROTECTED]> wrote:
prakash babu wrote:> Hello All,>
the other libraries have that symbols.
Note : I have included the options
-DOPENSSL_USE_GMP -lgmp while configuring
OpenSSL.
Any suggestion would be helpful
Thanks,
Prakash
__Do You Yahoo!?Tired of spam? Yahoo! Mail has the
67{SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED); return(0);}break;
File
:s3_lib.cLine:1400{SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);return(0);}break;
File: pkcs12.cLine: 838BIO_printf (bio_err,
"\n");return 1;break;
Thanks,
Prakash
Do you Yahoo
{SSLerr(SSL_F_SSL3_CTX_CTRL,
ERR_R_SHOULD_NOT_HAVE_BEEN_CALLED);return(0);}break;
pkcs12.c
838
BIO_printf (bio_err, "\n");return
1;break;
Thanks,
Prakash
__Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
the difference between OpenSSL
0.9.7e and OpenSSL 0.9.7f ?
Thanks,
Prakash
Do you Yahoo!?
Yahoo! Small Business - Try our new resources site!
(0xL) #define
BN_TBIT
(0x8000L) #define BN_DEC_CONV
(10L) #define BN_DEC_FMT1
"%lu" #define BN_DEC_FMT2
"%09lu" #define BN_DEC_NUM
9 What may be the reason for the padding of
zeroes when I us
TY_FOUR_BIT
and asm/ia64-cpp.o in
hpux-ia64-cc causes this problem. When
SIXTY_FOUR_BIT is replaced by
BN_LLONG and
the asm/ia64-cpp.o option is removed then
hpux-ia64-cc configure option works fine.
Please correct me if I am wrong ?
Thanks,
Prakash
_
TY_FOUR_BIT
and asm/ia64-cpp.o in
hpux-ia64-cc causes this problem. When
SIXTY_FOUR_BIT is replaced by
BN_LLONG and
the asm/ia64-cpp.o option is removed then
hpux-ia64-cc configure option works fine.
Please correct me if I am wrong ?
Thanks,
Prakash
Do you Yahoo!?
Yahoo! Mail - Easier than ever with enhanced search. Learn more.
TY_FOUR_BIT
and asm/ia64-cpp.o in
hpux-ia64-cc causes this problem. When
SIXTY_FOUR_BIT is replaced by
BN_LLONG and
the asm/ia64-cpp.o option is removed then
hpux-ia64-cc configure option works fine.
Please correct me if I am wrong ?
Thanks,
Prakash
_
TY_FOUR_BIT
and asm/ia64-cpp.o in
hpux-ia64-cc causes this problem. When
SIXTY_FOUR_BIT is replaced by
BN_LLONG and
the asm/ia64-cpp.o option is removed then
hpux-ia64-cc configure option works fine.
Please correct me if I am wrong ?
Thanks,
Prakash
Do you Yahoo!?
Yahoo! Mail - Easier than ever with enhanced search. Learn more.
implementations of the above algorithms and the normal implementations for
the other algorithms are added to the crypto library.
My question is
Can we call this crypto library FIPS
compliant (or) should we disable the unsupported algorithms using no- to call it FIPS compliant
?
Thanks,
Prakash
question 1 is YES is there any option by which I can build the crypto library
with only the FIPS supported algorithm or do I have to use the
no- option to manually disable the unsupported
algorithms
? Thanks,Prakash
__Do You
Signature verification ?
Thanks,
Prakash
Do you Yahoo!?
Yahoo! Mail - You care about security. So do we.
}
Once my server
starts running and if my CRL gets updated in the
meantime. Is there a way I can load the
updated CRL without restarting the server ?.
Thanks, Prakash
__Do You Yahoo!?Tired of spam? Yahoo
l it stores the original
encoding of the signed portion of the CRL which
is >>effectively the same
thing. So the
encoding we cache is a replica of the original encoded CRL list or just the
signed portion
? Thanks,Prakash
__Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
encoded list for verification ?
Thanks,
Prakash
Do you Yahoo!?
Yahoo! Mail - Find what you need with new enhanced search. Learn more.
added to the X509_crl_info_st structure.
What is it used for
?
3. Are we caching the encoded CRL structure
?
4. Why do we write lock while
sorting the crl ?
Thanks,Prakash
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
f(bio_out," is
%sprime\n",
BN_is_prime(bn,checks,NULL,NULL,NULL) ? "" : "not ");
Please verify whether the above change is correct
and correct me if I am wrong.
Thanks,
Prakash
Do you Yahoo!?
Yahoo! Mail - Helps protect you from nasty viruses.
-CAkey ca_priv_key.pem -CAcreateserial -out ksb_cert.pem -days
365
It creates the serial file ca_cert.srl
But in 0.9.7e this serial file is not created . What may
be the reason?
Thanks,
Prakash
Do you Yahoo!?
Check out the new Yahoo! Front Page. www.yahoo.com
ibcrypto.sl.0 libcrypto.sl
Thanks,
Prakash
Do you Yahoo!?
Yahoo! Mail Address AutoComplete - You start. We finish.
Encryption Password:Memory fault(coredump) Note:it accepts and verifies the password but fails during encryption My question why am i not getting a failure message but a coredump error. Thanks,Prakash
Yahoo! India Matrimony: Find your partner
online.
n key exchange does not authenticate the participants
Reference:
http://www.hack.gr/users/dij/crypto/overview/diffie.html
regards,
Prakash Babu
www.visolve.com
Olia Kerzhner <[EMAIL PROTECTED]> wrote:
Hi all,I have a question about DH parameters. From what Iunderstand, they can either b
The "struct tm" structure is defined in wcecompat/include/time.h as
well as in "Windows CE Tools\wce300\Pocket Pc
2002\mfc\include\wcealt.h". That gives problems in compiling some
openssl programs that use MFC includes as well as wcecompat includes.
Perhaps, the wcecompat's time.h should be t
as
for this compilation.
I do not see a OLDNAMES.lib in my installation of Pocket PC 2002 SDK.
Any suggestions on how to get around the problem? Thanks.
-- Atul Prakash
__
OpenSSL Project htt
While importing the received certificate, it is unable to find the private key in
the key store. Thatswhy it is storing in the people's certificates store.
Try to store in the proper key store and check once again.
Ravi
Arnaud De Timmerman wrote:
> hi all,
>
> I'm trying to insert a certificat
Dear All,
I do not receive any reply for this.
Any pointers will be appreciated.
Ravi Prakash B.V.
"Ravi Prakash B.V." wrote:
>
> Dear all,
>
> I want to establish cross certification between two different independent
> CAs. How is it possible?
>
> Any po
Hi,
Your process is correct. But the output certificate is in DER
format. Thatswhy u r unable to see BEGIN CERTIFICATE tags...
The mime type is also correct..
How u r downloading to netscape browser?
Ravi Prakash B.V.
On Thu, 18 Oct 2001, Christopher L. Everett wrote:
> Hello:
>
You have to provide private key file also along with certificate.
It can be within your certificate file w.crt or u can provide the private
key file separately using -inkey option.
Try using -inkey option
Ravi
On Wed, 17 Oct 2001, Juan Carlos Albores Aguilar wrote:
> i'm trying to create a p
After revoking the certificate, you didnt generate the CRL file.
First generate the CRL file and then ckeck.
cheers,
Ravi Prakash B.V.
On Wed, 17 Oct 2001, Juan Carlos Albores Aguilar wrote:
> Hi, i'm using openssl and i've created my own CA so i can sign certificates,
>r
Dear all,
I want to establish cross certification between two different independent
CAs. How is it possible?
Any pointers/links/docs for the above.
Thanks in Advance,
Ravi Prakash B.V.
__
OpenSSL Project
this.
Thanks & Regards,
begin:vcard
n:Venkata Ravi Prakash;Burlagadda
tel;cell:98490 30284
tel;home:08644 26681
tel;work:040 7814515/17/19 extn:387
x-mozilla-html:FALSE
org:Tata Consultancy Services;Advanced Technology Centre
version:2.1
email;internet:[EMAIL PROTECTED]
title:ASE
adr;qu
n:Venkata Ravi Prakash;Burlagadda
tel;cell:98490 30284
tel;home:08644 26681
tel;work:040 7814515/17/19 extn:387
x-mozilla-html:FALSE
org:Tata Consultancy Services;Advanced Technology Centre
version:2.1
email;internet:[EMAIL PROTECTED]
title:ASE
adr;quoted-printable:;;1-2-10, Coramandel House,=0D
.
begin:vcard
n:Venkata Ravi Prakash;Burlagadda
tel;home:08644 26681
tel;work:040 7814515/17/19 extn:387
x-mozilla-html:FALSE
org:Tata Consultancy Services;Advanced Technology Centre
version:2.1
email;internet:[EMAIL PROTECTED]
title:ASE
adr;quoted-printable:;;1-2-10, Coramandel House,=0D=0ASardar
Hi,
will Openssl work on S/390 with MVS ??
If so, give the pointers or link to download that code.
Thanks in advance,
Ravi
--
A man without a woman is like a statue without pigeons.
__
OpenSSL Project
60 matches
Mail list logo
