Re: Fw: Reg: Memory leaks Using OpenSSL API - Unsure

Any chance of running your server under valgrind or similar? This should make the leaks more concrete. Pauli On 10/4/22 6:07 pm, Ram Chandra via openssl-users wrote: Hi, I have recently started developing using OpenSSL and i am confused/unclear about below topic. Request you to help me

Re: EVP_KDF-SSHKDF man page error?

It is correct, the KDF is expecting the characters 'A' through 'F' here.  This is what is specified in the RFC: https://datatracker.ietf.org/doc/html/rfc4253#section-7.2 That line of code ought to have cast to (char *) or type defined simply as char, but it is essential

Re: is there any working example of how to use verify_hostname in command line?

Ask LibreSSL for support here.  LibreSSL it **not** OpenSSL. Pauli On 4/3/22 3:55 pm, Edward Tsang via openssl-users wrote: the openssl I'm using is in mac openssl version -a LibreSSL 2.8.3 On Thu, Mar 3, 2022 at 8:05 PM Edward Tsang wrote: Ok here is what I tried but still compla

Re: error with cipher EVP_des_ede3_cbc in openssl 3.0

Have you loaded the legacy provider before trying this? Pauli On 23/2/22 5:03 pm, Srinivas, Saketh (c) wrote: Hi I am trying to encrypt and decrypt using EVP_des_ede3_cbc() type.  iam using openssl3.0 _ _ the functions i am using are encryption side

Re: Question about OpenSSL 3.0 and static linking

There is a define to allow this: STATIC_LEGACY but I don't remember how to specify it on the configuration command line. We should probably turn this on in a no-shared build. Pauli On 22/2/22 5:37 pm, Shunichi Shinohara wrote: Hi List, I have a question about OpenSSL 3.0 and static li

Re: [EXTERNAL] Re: Not able to perform FIPS self-tests

Shane, any thoughts? Pauli On 11/2/22 5:23 pm, Gahlot, Ashish Kumar wrote: Hi, Thanks Pauli, the API worked but also I have a callback defined as below which is failing at corrupt phase: int SelfTestCb(const OSSL_PARAM params[], void *arg) {     int ret = 0;     const OSSL_PARAM *p

Re: OpenSSL 3 FIPS on iOS

This does not mean we wouldn't be interested in having better iOS support if someone was willing to contribute. Paul Dale On 3/2/22 5:38 pm, pa...@openssl.org wrote: The FIPS provider will likely not work with iOS as it currently stands. The development team are not up to speed on iOS and n

Re: OpenSSL 3 FIPS on iOS

The FIPS provider will likely not work with iOS as it currently stands. The development team are not up to speed on iOS and not much effort was put into supporting it (or Android for the same reason).  We didn't even get remotely close to having code signed. Paul Dale On 27/1/22 4:41 am, K

Re: Openssl 3.0 support

It does support both.  I think a configuration time option might be required and neither is supported by the FIPS provider. Paul Dale On 3/2/22 4:32 pm, Srinivas, Saketh (c) wrote: Hi, Does openssl 3.0 still support TLSv 1.0 and TLSv1.1. or they are deprecated, because there were some depre