Cool. Thanks.
On Mon, Aug 10, 2020 at 9:09 AM Matt Caswell wrote:
> On 10/08/2020 16:25, Vijay Chander wrote:
> >
> > Thank you Matt.
> >
> > Our FIPS compliance vendor is recommending the following for openssl 1.1
> > from Oracle.
> >
> >
>
Thank you Matt.
Our FIPS compliance vendor is recommending the following for openssl 1.1
from Oracle.
https://github.com/oracle/solaris-userland/tree/master/components/openssl/openssl-fips-140/fipscanister-dev/patches
Thanks,
-vijay
On Mon, Aug 10, 2020 at 8:08 AM Matt Caswell wrote
Hi,
This link here below only seems to talk about 1.0.x
https://wiki.openssl.org/index.php/FIPS_Library_and_Android
Is there a wiki for openssl fips for openssl-1.1.0x ?
Thanks,
-vijay
Mike,
I was native compiling on A72 (64 bit) using libgmp version 10.2.
Thanks,
-vijay
On Feb 7, 2017 7:21 PM, "Mike Mohr" wrote:
> Licensing issues are indeed thorny. Why can't openssl perform a dynamic
> link? The soversion should handle any ABI issues introduced i
Yes. Already took Andy's word from his previous replies for precisely this
reason.
GMP exercise was easy enough to get it out of the way.
Thanks,
Vijay
On Feb 7, 2017 4:46 PM, "Jakob Bohm" wrote:
> OpenSSL also has a lot of handwritten assembly language for ARM,
> x86 etc
Mike,
Tried with GMP. Same result for A72.
Thanks,
Vijay
On Tue, Feb 7, 2017 at 3:31 PM, Mike Mohr wrote:
> Have you considered using GMP as a big integer backed for openssl? It has
> support for several arm variants using handwritten assembly code and the
> developers go
Andy,
1:2.5 is pretty in my opinion for ARM !
We will check out Mongoose.
Hmm - will try to get to the bottom of those cache misses (at a lower
priority).
Thanks,
-vijay
On Tue, Feb 7, 2017 at 11:07 AM, Andy Polyakov wrote:
> > A72 is running 1GHz compared to x86 at 2.1G
crypto intellectual property like synopsis
for example which can help in asymmetric crypto part of TLS handshake ?
Thanks,
Vijay
On Feb 7, 2017 7:06 AM, "Andy Polyakov" wrote:
> Is big number montogomery multiplication as optimized as it can be for
> ARM64 as compared to X86-64
Code looks different between x86 and ARM64. Is it due to the ISA or ARM64
not yet catching up with
super efficient X86-64.
Basically are we stuck with 1:5 (if we extrapolate A72 to 2Ghz) or is there
an optimal code that
we need to pick up for ARM64. I compiled openssl from github (lat
different interfaces for
DTLS and srtp separately.
Please clear me about the possible architecture for handling this case.
Please correct me, if I my understating is not clear at some point.
,Vijay
DISCLAIMER: The information in this message is confidential and
add to any of the above leaks?
[4] We are closing the socket before the ssl cleanup would that cause any issue?
It will be of great help you can clarify my queries.
Thank you so much in advance.
Regards
Vijay
__
OpenS
Hi,
Could somebody please clarify if there are any timeouts defined in
OpenSSL for incoming messages as part of SSL handshake on the client
side. If yes,
(1) What are those values?
(2) Is there a way to configure/change them?
Please clarify.
Thanks in advance for your help.
Regards
Vijay
Hi Kyle,
We would have surely done that if the implementation is from scratch. But
currently we are just trying to add a small enhancement to the existing
functionality...:)
Thanks for your help.
Regards
Vijay
-Original Message-
From: Kyle Hamilton [mailto:aerow...@gmail.com]
Sent
an invalid OCSP response (i.e., OCSP failure), or
d) time out.
[Vijay] Blocking in the callback function is not feasible as our product
operates in a single thread model for what so ever reason may be. If we block
in the callback function there will be huge number of other events which will
not be pr
function itself in a synchronous manner. Where as in our scenario, the cert
validation status is reported back in an Asynchronous manner as I explained
earlier.
I am just wondering how can I realize that scenario.
Thanks again.
Regards
Vijay
-Original Message-
From: Kyle Hamilton
art of the
handshake? It will be of great help if anybody can provide me the
pointers in this regard.
Thanks for your help in advance.
Regards
Vijay
<>
i have attatched server & client programs with this mail.
Thanks & regards
VIJAY SANKAR LALAM
EMPLOYEE NO:ZZ2077
PHILIPS CONSUMER LIFESTYLE
PHILIPS INNOVATION CAMPUS
MANYATA TECH PARK
NAGAVARA
BANGALORE
cli.cpp
Description: Binary data
serv.cpp
Description: Binary data
And he has got a name to match it too. ;)
P.S.: I do know the difference between a hacker and a cracker, but could'nt
resist it. :)
On Sun, Jul 6, 2008 at 6:02 PM, Vishal Rao <[EMAIL PROTECTED]> wrote:
> On Sun, Jul 6, 2008 at 4:48 PM, Hacker SF <[EMAIL PROTECTED]> wrote:
> > You can download t
ciphers that you feel are weak.
Regards,
Vijay K.
On Mon, Jun 30, 2008 at 12:33 PM, Lutz Jaenicke <[EMAIL PROTECTED]>
wrote:
> Forwarded to openssl-users for public discussion.
>
> Best regards,
>Lutz
>
> - Forwarded message from Soverin
http://www.tc.umn.edu/~brams006/selfsign.html
On Mon, Jun 30, 2008 at 10:23 AM, rajatg <[EMAIL PROTECTED]> wrote:
> Hi,
>
> I am facing problem in generating SSL version 3 certificated.Could you
> please help in certificate generation
>
> Regards,
> Rajat Gupta
>
> ___
contexts, one for decrypting
and another for encrypting. But I am not too sure, if your code does not
work, then you probably should try it this way, because everything else
looks ok.
Regards,
Vijay K.
On Sat, Jun 28, 2008 at 5:01 PM, Razack <[EMAIL PROTECTED]> wrote:
> I'm not s
d be followed by some amount
of padding and 20 Bytes of MAC, which is not available here. But I can
clearly see that the algorithm being used is DHE-RSA-AES256-SHA, specifying
that SHA is being used. Even, the debug mode in s_server program that I am
using shows the same data being transmitted.
Re
What exactly do you mean? What other possible kinds of authentication do you
have available? If you just want a TLS-based client and server, then OpenSSL
can serve your purpose.
Vijay K.
On Wed, Jun 25, 2008 at 9:01 PM, Patel Dippen-CDP054 <
[EMAIL PROTECTED]> wrote:
> Is it possib
same. It will be interesting to see
what the time turns out be when we extrapolate the graph for your 102400 bit
key depending on the average time complexity for creating the RSA key.
Now, if only someone can point me to the average time complexity for this...
;)
Vijay K.
On Thu, Jun 26, 2008
ll puzzled as to why I got the error as
before? Because I am using CBC, if my decryption fails at any one stage, I
should not be able to decrypt any further packets right?
Thanks and Regards,
Vijay K.
*
*On Wed, Jun 25, 2008 at 12:07 PM, Vijay Kotari <[EMAIL PROTECTED]>
wrote:
> I am u
I am using the traffic obtained from s_server and s_client sample programs
and the keys that have been negotiated by both the programs to decrypt the
encrypted traffic between the two. That would mean that I am using TCP.
Also, I am running them under the CBC mode.
Vijay K.
On Wed, Jun 25, 2008
e merged
together and hence treated as a single packet of size 0x40 or should
packet be processed separately. Since, we are using a block cipher of
size 256 bits(32 bytes), will it even make a difference?
Thanks and Regards,
Vijay Kotari
10), should it be interpreted as a Finish packet with encrypted data
whose first byte also happens to be 14 or a ServerHelloDone packet?
Regards,
Vijay K.
On Tue, Jun 17, 2008 at 6:32 PM, <[EMAIL PROTECTED]> wrote:
> Hello,
>
> [EMAIL PROTECTED] wrote on 06/17/2008 02:11:14 PM:
ng and will be more than happy to elaborate on any part of it that
is ambigous. I am obviously wrong somewhere and it would be great if someone
can point where exactly.
Thanks a lot,
Vijay K.
On Tue, Jun 17, 2008 at 4:53 PM, lakshmi prasanna <[EMAIL PROTECTED]>
wrote:
> Hi,
>
>
@DS
Nicely put.
So, if I was to try to decrypt/encrypt one of these messages, I would need
the key and the iv and something else? Because if just the key and iv are
sufficient to encrypt/decrypt the data, then how are the different encrypted
messages generated for the same cleartext?
On Tue, Jun
packet
dumps wrong?
Thanks and Regards,
Vijay K.
that you are using OpenSSL,
you should probably use the s_server and s_client programs that were given
along with the openssl source package instead of some sample file as these
programs work and hence remove any doubt associated with the correctness of
the program itself.
Regards,
Vijay K.
On Mon
Hi,
I am trying to extract the keying material (HMAC's, private key and
public key) of an already established SSL session. Is there any single
function that will allow me do this? If not, is there any data structure
that actually stores all the keys?
Thanks and regards,
Vijay K.
on how to proceed.
Many Thanks.
Vijay Bala
internally calls the above
function rand().
I would like the know what version of openSSL is compatible with Vxworks
board MPC 8560. Any immediate response on this will be appreciated.
Regards,
Vijay.
SSL_CTX_use_certificate_chain_file() to load the
appropriate certificate in the SSL context. When done, it
unloads the file.
Does anyone see something blatantly wrong with this? Or a
better way to accomplish what I want to do?
Thanks,
- vijay
--
Vijay K. Gurbani [EMAIL PROTECTED],research.bell
Theodore Olen wrote:
Hello,
I'll look into Attribute Certificate, as I've never heard of this term
before. Thanks!
See http://www.ietf.org/rfc/rfc3281.txt
- vijay
--
Vijay K. Gurbani [EMAIL PROTECTED],research.bell-labs.com,acm.org}
Bell Laboratories, Lucent Technologies, Inc.
2
sent *ALL* the valid DNS names of the subject.
I don't have an RFC reference for such an interpretation. Anyone have
a handy reference?
RFC 3280, Section 4.2.1.7.
Thanks,
- vijay
--
Vijay K. Gurbani [EMAIL PROTECTED],research.bell-labs.com,acm.org}
Bell Laboratories, Lucent Technologies,
are currently trying to tease out the meaning of identities in
SAN and how they should be used in the context of TLS.
Thanks,
- vijay
--
Vijay K. Gurbani [EMAIL PROTECTED],research.bell-labs.com,acm.org}
Bell Laboratories, Lucent Technologies, Inc.
2701 Lucent Lane, Rm. 9F-546, Lisle, Illinois
guidance,
the HTTPS recommendations have been adopted in other application areas.
True; there is a fair amount of work going on in SIP that is based
on the use of X.509 certs in HTTPS.
- vijay
--
Vijay K. Gurbani [EMAIL PROTECTED],research.bell-labs.com,acm.org}
Bell Laboratories, Lucent
sent *ALL* the valid DNS names of the subject.
I don't have an RFC reference for such an interpretation. Anyone have
a handy reference?
RFC 3280, Section 4.2.1.7.
Thanks,
- vijay
--
Vijay K. Gurbani [EMAIL PROTECTED],research.bell-labs.com,acm.org}
Bell Laboratories, Lucent Technologies,
ibrary, so it should be there
(at least the 'openssl ciphers' command appears to indicate that
AES support is in there).
Thanks for your help.
- vijay
--
Vijay K. Gurbani [EMAIL PROTECTED],research.bell-labs.com,acm.org}
Lucent Technologies/Bell Laboratories, 2000 Lucent Lane, R
-I\$(WIND_BASE)/host/x86-win32/i386-pc-mingw32/sys-include:::VXWORKS:-rranlibmips:"
hope this solves ur problem
regards
vijay
Start your day with Yahoo! - make it your home page
-I\$(WIND_BASE)/host/x86-win32/i386-pc-mingw32/sys-include:::VXWORKS:-rranlibmips:"
hope this solves ur problem
regards
vijay
Yahoo! Mail for Mobile
Take Yahoo! Mail with you! Check email on your mobile phone.
hi
i have compiled openssl for vxworks big_endian and it seemed to work fine.
The changes to be done in configure file is replace DL_ENDIAN by DB_ENDIAN, -EL by -EB, include these -mips2, -DCPU=MIPS32, -DMIPSLE
regards
vijayKrishna M Singh <[EMAIL PROTECTED]> wrote:
Hi AllI am trying to compil
hi
i have compiled openssl for vxworks big_endian and it seemed to work fine.
The changes to be done in configure file is replace DL_ENDIAN by DB_ENDIAN, -EL by -EB, include these -mips2, -DCPU=MIPS32, -DMIPSLE
regards
vijayKrishna M Singh <[EMAIL PROTECTED]> wrote:
Hi AllI am trying to compil
http should be
used or https ?
regards
vijay
__
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
__
OpenSSL Project
ether http should be used or https ?
regards
vijay
Yahoo! Mail
Stay connected, organized, and protected. Take the tour
hi
i am working on vxworks using openssl-0.9.7e . SSL_read is giving me problems. when checked with error number it says cswift engine error? what could be the problem?
could somebody help me out
thaks in advance
vijay
Do you Yahoo!?
Yahoo! Small Business - Try our new resources site!
bc is calculator generally available in linux. u need to to install this(select bc option when installing cygwin).
vijay
hao chen <[EMAIL PROTECTED]> wrote:
When I use cygwin to run the test of openssl, I gotthe following error:running bcbc: not foundcat: tmp.bctest: No such f
old mails of this group? mail-archieve.com stores only the recent ones.
vijay
vijay basav <[EMAIL PROTECTED]> wrote:
hi
yes i have called SSL_library_init() at the beginning. SSL_connect is returning -1 whereas ERR_get_error() is returning 0. (SYS_ERROR_SYSCALL) what should be done?
thank
On Behalf Of vijay >basav> Sent: Monday, March 07, 2005 8:22 AM> To: openssl-users@openssl.org> Subject: SSL_connect problem> > hi>> i have ported openssl on to vxworks mips processor. i havewritten a simple code for sercure >server-client interaction. SSL_connect isgiving me p
hi
i have ported openssl on to vxworks mips processor. i have written a simple code for sercure server-client interaction. SSL_connect is giving me problems. the error is SSL_ERROR_SYSCALL. ERR_get_error is returning a 0. but ERR_error_string_n( ..) is returning error: :lib(0):func(0):re
)
can't relocate ; recompile module with -mlong-calls flag(which i have already done)
ld error: error reading file(errno = 0x3d0001)
could anyone tell me what could be wrong.
thank you
vijay
Do you Yahoo!?
Yahoo! Search presents - Jib Jab's 'Second Term'
hi
i have configured openssl-0.9.7e for vxworks-mipsle. when i do make i get the error
collect2: vfork :No more processes
make[2]: *** [fips-standalone_sha1] Error 1
make[2]: leaving directory openssl-0.9.7e/fips/sha1
could somebody please help me
regards
vijay
Do you Yahoo!?
Yahoo! Search
vijay
Do you Yahoo!?
Yahoo! Search presents - Jib Jab's 'Second Term'
in openssl subdir not found). the problem is all the files in the openssl dir are links . what should be done?
thank you in advance
vijay
Do you Yahoo!?
Yahoo! Search presents - Jib Jab's 'Second Term'
Hello Guys,
Can we generate Personal Certificates with
openssl tool.
If so, How can we generate personal
certificates.
Thanks and have a nice time.
Vijay
Vangara
(SeeBeyond
Consultant)
Misys Healthcare
Systems
Ph: (512) 329-0070
x2852
[EMAIL PROTECTED]
I have configured all the SSL parameters and
when i start the Apache,
i am getting "Unable to configure verify
locations for client authentication".
PS: I am using opensa.
Thanks and have a nice time.
Vijay
Vangara
(SeeBeyond
Consultant)
Misys Healthcare
Systems
Ph: (512
hi all
Can anyone please guide me in porting Openssl to VxWorks. Am urgently in
need of documents regarding it . Any help would be appreciated.
Thanks
Vijay
__
OpenSSL Project http
Hi
I have the client key and the certificate and i want to add it to the CA
list which the server needs for client authentication. Can any one
please guide me in creating the CA_LIST.
Regards
Vijay
__
OpenSSL Project
Thanks. I was not interested in any particular cipher suite. Actually
we are trying to run some experinments to determine the impact on tput
on going from 40 to 128 bit ciphers. I am assuming that EXP-RC4-MD5 is 40
bit
while RC4-MD5 is 128 bit .
Thanks
Regards
Vijay
-Original Message
Hi,
How would I support 40 bit encryption in
an SSL application built using OpenSSL.
Regards
Vijay
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL
Thanks to all. it does work fine.
Page Info says,
Security: This is a secure document that uses a
high-grade encryption key for U.S. domestic use only
(RC4, 128 bit).
The page info says 128 bit strong cipher has
been used
Thanks
Vijay
--- Dr Stephen Henson <[EMAIL PROTECTED]> wrote:
&
en the
SSLEngine is ON i wont be able to start the server at
all.
Can someone help me on this ?
Thanks a lot
Vijay
__
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com
Hi !
i am trying to order a Global Server ID from
verisign for apache openssl. The site does not
list apache as supported list of servers. and
without selecting one of the suported servers
i cannot get the GSID.
Can someone tell me how i can get GSID for
apache openssl ?
thanks
Vijay
Hi !
How do i know if the SSL session is cached
on the server ? How can i find out if the
server is reusing the previously negotiated
SSL session or not ? can i find this out in
some log file ??
Thanks
Vijay
__
Do You Yahoo!?
Talk to your
i specify the conf file path during
runtime ? How do i get around this problem ?
Thanks
Vijay
__
Do You Yahoo!?
Talk to your friends online with Yahoo! Messenger.
http://im.yahoo.com
rsaref library. I thought this
should not create any patent/license related issue !
Can you please tell me what i should be doing
to avoid patent/license related issues !
Let me know if i am doing anything legally wrong !
Thanks to Tim for raising this issue !
Thanks
Vijay
--- Tim Milligan
69 matches
Mail list logo
