Re: Quantum-Resistant Cryptographic Algorithms

The project will once they are formally standardised. In the meantime, the Open Quantum Safe project has a provider that implements all of the candidate algorithms (https://github.com/open-quantum-safe/oqs-provider). Pauli On 1/11/22 15:14, ad...@redtile.com wrote: Will OpenSSL persue

Quantum-Resistant Cryptographic Algorithms

Will OpenSSL persue/support the four new NIST Quantum Cryptographic Algorithms? https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms

Quantum-Resistant Cryptographic Algorithms

Will OpenSSL persue/support the four new NIST Quantum Cryptographic Algorithms? https://www.nist.gov/news-events/news/2022/07/nist-announces-first-four-quantum-resistant-cryptographic-algorithms

Re: command 'openssl ciphers -v -provider fips' shows not complain algorithms

On 26/01/2022 11:27, Jan Lana wrote: Hi, When I run   openssl ciphers -v -provider fips | grep TLS_CHACHA20_POLY1305_SHA256 it shows this non complain cipher is available. This looks correct behaviour to me. Your openssl.cnf file is explicitly activating the default provider. The "-provi

command 'openssl ciphers -v -provider fips' shows not complain algorithms

Hi, When I run openssl ciphers -v -provider fips | grep TLS_CHACHA20_POLY1305_SHA256 it shows this non complain cipher is available. To add '-propquery fips=yes' argument does not help. IMHO it is not correct behavior. I have the default and fips providers enabled in openssl.cnf: ope

enable/disable algorithms at build time

I want to reduce the size of EDK2 CryptoPkg by enabling, at build time, only the OpenSSL algorithms I want supported in my code. Is this possible via a configuration mechanism? I can't find anything in documentation. Does this violate the GPL license? Thanks.Lee

Algorithms Used for openssl- pkcs12

Hello We're unable to find documentation on the specific standards/algorithms used by the openssl -pkcs12 command for OpenSSL version 1.1.1k. Specifically, when a password is used (-password) for private key wrap key derivation, is the algorithm compliant with NIST SP 800-132? Also, whe

modern algorithms performance in TLS 1.3

Dear, Actually I'm doing the final project degree about modern algorithms performance in TLS 1.3. I would like to know if you can confirm some questions: -The calculation of the shared secret of ECDH/DH for TLS 1.3 in the library openssl is calculated in the function ssl_derive from the

Useable digest algorithms with signature

Dear All, Which digest algorithms can be used for signature with a RSA key ? sha and ripemd160 work well, but - whirlpool that works in 1.0.2o, doesn't anymore (1.1.1j) - the same applies to blake, shake Error setting context 6116:error:0408C09D:rsa routines:check_padding_md:in

Re: Integration of new algorithms

GINE that integrates > post-quantum algorithms (new NIDs). During integration I > need to modify OpenSSL code to add custom function, but would > prefer not to need add anything to OpenSSL code (so engine > can be dynmicaly loaded by any modern OpenSSL). > > So, In three cases, na

Integration of new algorithms

Hello, I'm working on development of OpenSSL ENGINE that integrates post-quantum algorithms (new NIDs). During integration I need to modify OpenSSL code to add custom function, but would prefer not to need add anything to OpenSSL code (so engine can be dynmicaly loaded by any modern Op

Re: Digest algorithms for Ruby

P_get_digestbyname(), > - EVP_MD_CTX_create(3), > - EVP_DigestInit_ex(3), > - EVP_DigestUpdate(3), > - EVP_DigestFinal_ex(3), > - EVP_MD_CTX_destroy(3) > > which can they use *any* available digest algorithm (by name). > > > That avoids having *your* software

Re: Digest algorithms for Ruby

EVP_DigestUpdate(3), > - EVP_DigestFinal_ex(3), > - EVP_MD_CTX_destroy(3) > > which can they use *any* available digest algorithm (by name). > That avoids having *your* software be dependent on the digest algorithms, but it does so by exporting the dependency out to your caller. The bottom lin

Re: Digest algorithms for Ruby

On 31/10/2019 11:59, Samuel Williams wrote: > I am maintaining the OpenSSL bindings for Ruby, and I'm considering > exposing SHA3 and BLAKE digests. > > In addition, for the first time, I wrote some tests to test ALL > algorithms we expose, and found that "DSS&quo

Re: Digest algorithms for Ruby

> On Oct 31, 2019, at 7:59 AM, Samuel Williams > wrote: > > I am maintaining the OpenSSL bindings for Ruby, and I'm considering exposing > SHA3 and BLAKE digests. > > In addition, for the first time, I wrote some tests to test ALL algorithms we > expose, and foun

Digest algorithms for Ruby

I am maintaining the OpenSSL bindings for Ruby, and I'm considering exposing SHA3 and BLAKE digests. In addition, for the first time, I wrote some tests to test ALL algorithms we expose, and found that "DSS", "DSS1" and "SHA" no longer exist. I'm going to

Re: new algorithms

Apr 2019, at 03:50, Giovanni Fontana > wrote: > > Thank you every one for the answers and tips, really a great and active group! > > Thank you also to Teja and Tobias who has just wrote some suggestion on how I > can have a technical shortcut to prove the functionalit

Re: new algorithms

o OpenSSL manually, > but you won't be able to communicate with any other software that does > not implement them. (And as Rich said, there is little reason for > people to trust and use non-standard algorithms.) But, if your goal is private testing of your stuff, then an

Re: new algorithms

Thank you every one for the answers and tips, really a great and active group! Thank you also to Teja and Tobias who has just wrote some suggestion on how I can have a technical shortcut to prove the functionality of my algorithms in very limited environment. What I asked is to move a first step

Re: new algorithms

ach > algorithm for x509 certificates. You can add those to OpenSSL manually, > but you won't be able to communicate with any other software that does > not implement them. (And as Rich said, there is little reason for people > to trust and use non-standard algorithms.) >

Re: new algorithms

h any other software that does not implement them. (And as Rich said, there is little reason for people to trust and use non-standard algorithms.)

Re: new algorithms

expired, but nobody really trusts private algorithms any more. There’s too much good stuff readily available. To answer your other question: OpenSSL is covered by the Apache license and any contributions should also use the same license or they will not be accepted. And cryptography, in

Re: new algorithms

Cha20. If, for some reason, you believe that an important security problem we're facing is an insufficient number of available algorithms, you can study how these recent algorithms are integrated into OpenSSL generally, X.509, CMS and TLS, and integrate your algorithms in a similar manner.

Re: new algorithms

Hi Clarke, Thanks for the email. Sure, I want to publish the algorithm, but not yet... waiting for establishing a company. For similar reasons no github usage at moment. Giovanni Il giorno lun 8 apr 2019 alle 18:06 Dennis Clarke ha scritto: > On 4/8/19 11:48 AM, Giovanni Fontana wrote: > > H

Re: new algorithms

On 4/8/19 11:48 AM, Giovanni Fontana wrote: > Hello everybody, > > my name is Giovanni Fontana. I made a new symmetric crypto algorithm > (let’s call it *algo1*) and a new asymmetric crypto algorithm (let’s > call it *algo2*). > > I use algo2 for key exchange and with that I can create a session

new algorithms

can communicate each other in secure way. I wish to import those algorithms inside OpenSSL in order to use some features of this suite (i.e. creation of x509 certificate with algo1 and algo2, and/or TLS and SSL connection always with algo1 and algo2). My first tries were not successful. Could you

Re: [openssl-users] How to select supported signature algorithms

On Mon, Mar 16, 2015, Jacques FLORENCE wrote: > Hello, > I am developing a simple client/server application with openSSL. > > Using wireshark, I can see in the Client Hello message that there is an > extension signature_algorithms, in which are fields Signature Hash > Algorit

[openssl-users] How to select supported signature algorithms

Hello, I am developing a simple client/server application with openSSL. Using wireshark, I can see in the Client Hello message that there is an extension signature_algorithms, in which are fields Signature Hash Algorithms. I can see a lot of supported algorithms, such as RSA, DSA, ECDSA in the

BN_GF2m algorithms

Hey. Can I somehow know which algorithms are used in functions BN_GF2m_* For example Montgomery reduction, Barrett reduction or something else for BN_GF2m_mod_arr function.

RE: SSL/TLS encryption algorithms

> From: owner-openssl-users On Behalf Of Viktor Dukhovni > Sent: Friday, November 01, 2013 18:12 > > > $ openssl ciphers -v DHE-RSA-CAMELLIA256-SHA > > > DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA > Enc=Camellia(256) Mac=SHA1 > > > > > > $ openssl ciphers -v AES128-SHA256 > > >

Re: SSL/TLS encryption algorithms

On 03.11.2013 18:27, Viktor Dukhovni wrote: On Sun, Nov 03, 2013 at 06:18:38PM +0100, Walter H. wrote: how would I define forward-secrecy on Apache webserver? If the server negotiated both ciphers, it already supports forward-secrecy (aka PFS) if the client does too. What about a browser that

Re: SSL/TLS encryption algorithms

On Sun, Nov 03, 2013 at 06:18:38PM +0100, Walter H. wrote: > > >how would I define forward-secrecy on Apache webserver? > > > > If the server negotiated both ciphers, it already supports > > forward-secrecy (aka PFS) if the client does too. > > What about a browser that shows this > > SSL_CIPHER

Re: SSL/TLS encryption algorithms

On 01.11.2013 23:12, Viktor Dukhovni wrote: $ openssl ciphers -v DHE-RSA-CAMELLIA256-SHA DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) Mac=SHA1 $ openssl ciphers -v AES128-SHA256 AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) Mac=SHA

Re: SSL/TLS encryption algorithms

> > $ openssl ciphers -v DHE-RSA-CAMELLIA256-SHA > > DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=DH Au=RSA Enc=Camellia(256) > > Mac=SHA1 > > > > $ openssl ciphers -v AES128-SHA256 > > AES128-SHA256 TLSv1.2 Kx=RSA Au=RSA Enc=AES(128) > > Mac=SHA256 > > > >Does your ap

Re: SSL/TLS encryption algorithms

Hello, On 01.11.2013 22:34, Viktor Dukhovni wrote: On Fri, Nov 01, 2013 at 09:56:10PM +0100, Walter H. wrote: Which one of the following two is better (1) or (2)? (1) SSL_CIPHER=DHE-RSA-CAMELLIA256-SHA $ openssl ciphers -v DHE-RSA-CAMELLIA256-SHA DHE-RSA-CAMELLIA256-SHA SSLv3 Kx=D

Re: SSL/TLS encryption algorithms

void it. The latter requires OpenSSL 1.0.1 which (IIRC) introduces support for TLSv1.2. - These are available at different minimum protocol versions. - These use different bulk crypt algorithms - At different key lengths - With different key exchange algorithms. Does your appli

SSL/TLS encryption algorithms

Hello, Which one of the following two is better (1) or (2)? (1) SSL_CIPHER=DHE-RSA-CAMELLIA256-SHA SSL_CIPHER_ALGKEYSIZE=256 SSL_CIPHER_EXPORT=false SSL_CIPHER_USEKEYSIZE=256 SSL_COMPRESS_METHOD=NULL SSL_PROTOCOL=TLSv1 SSL_SECURE_RENEG=true (2) SSL_CIPHER=AES128-SHA256 SSL_CIPHER_ALGKEYSIZE=

List of available digest algorithms

OBJ_sn2nid() doesn't contain the full list of supported digest methods. How can I find this list using the library? I cannot fork/exec 'openssl list-digest-algorithms' and crack the output as a solution. -- Harlan Stenn http://networktimefoundation.org

Re: Encumbered EC crypto algorithms in openssl?

On Sat, Aug 17, 2013 at 8:49 PM, Scott Doty wrote: > That's actually a handy reference, for in looking at Curve25519, I came > across... > > http://cr.yp.to/ecdh/patents.html That's half the point, yes. It'd be all of the point if Curve25519 didn't also rock perf-wise. __

Re: Encumbered EC crypto algorithms in openssl?

On 08/16/2013 08:02 PM, Michael Sierchio wrote: > > On Fri, Aug 16, 2013 at 10:40 PM, Nico Williams > wrote: > > If only we could agree to use DJB's Curve25519... > > > +1 > That's actually a handy reference, for in looking at Curve25519, I came across... http:

Re: Encumbered EC crypto algorithms in openssl?

On Fri, Aug 16, 2013 at 10:40 PM, Nico Williams wrote: > If only we could agree to use DJB's Curve25519... > > +1

Re: Encumbered EC crypto algorithms in openssl?

If only we could agree to use DJB's Curve25519... __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager

Encumbered EC crypto algorithms in openssl?

Hello, As you may or may not know, Red Hat has vetoed use of ECC in openssl in their stock Fedora. The bug regarding this is here: https://bugzilla.redhat.com/show_bug.cgi?id=319901 In a nutshell: Red Hat is so afraid of patent trolls, th

Re: KDF algorithms

Thanks so much for answering my question, Matthew. -- View this message in context: http://openssl.6102.n7.nabble.com/KDF-algorithms-tp45762p45779.html Sent from the OpenSSL - User mailing list archive at Nabble.com

Re: KDF algorithms

ALT1_SHA1 (SP 800-56A) > • HU_KDF_NIST_ALT1_SHA224 (SP 800-56A) > • HU_KDF_NIST_ALT1_SHA256 (SP 800-56A) > • HU_KDF_NIST_ALT1_SHA384 (SP 800-56A) > • HU_KDF_NIST_ALT1_SHA512 (SP 800-56A) > > Now my company is going to use OpenSSL instead. I checked OpenSSL > and it seems to me that OpenSSL doesn'

KDF algorithms

800-56A) Now my company is going to use OpenSSL instead. I checked OpenSSL and it seems to me that OpenSSL doesn't support these KDF algorithms. My question is - is there any way to implement these algorithms in OpenSSL? Thanks so much in advance, Aaron -- View this message in co

Fwd: [openssl-users] OpenSSL: RC4 and IDEA algorithms

Thanks for information. just confirmation: In OpenSSL 0.98x, is RC5 and Camellia disabled in Configure file ? *code* <<< # All of the following is disabled by default (RC5 was enabled before 0.9.8): my %disabled = ( # "what" => "comment" [or special keyword "experimental"]

RE: OpenSSL: RC4 and IDEA algorithms

- > us...@openssl.org] On Behalf Of Jeffrey Walton > Sent: Wednesday, January 23, 2013 7:27 PM > To: openssl-users@openssl.org > Subject: Re: OpenSSL: RC4 and IDEA algorithms > > On Wed, Jan 23, 2013 at 3:02 PM, John A. Wallace > wrote: > > I also have questions about t

Re: OpenSSL: RC4 and IDEA algorithms

around 2010 or so. Plus, there are modern algorithms with improved designs, faster speeds, and better security. There's no need to live 20 years in the past. With improved cipher's, there's no need to waste time with that sales department either (I actually spent some time trying to

RE: OpenSSL: RC4 and IDEA algorithms

said message. Does that sound right? > -Original Message- > From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of sarju tambe > Sent: Wednesday, January 23, 2013 10:36 AM > To: openssl-users@openssl.org > Subject: OpenSSL: RC4 a

Re: OpenSSL: RC4 and IDEA algorithms

(I am not a lawyer, this is not legal advise) On 1/23/2013 5:36 PM, sarju tambe wrote: In OpenSSL(README File, openssl version-0.98x), there are 4 patented algorithms RC5, RC4, IDEA, Camellia out of which RC5 and Camellia are disabled in Configure file. Because OpenSSL 0.9.8 is old, the

Re: OpenSSL: RC4 and IDEA algorithms

RC4 is not patented - RC4 is a Trademark of RSA Security. On Wed, Jan 23, 2013 at 8:36 AM, sarju tambe wrote: > In OpenSSL(README File, openssl version-0.98x), there are 4 patented > algorithms RC5, RC4, IDEA, Camellia out of which RC5 and Camellia are > disabled in Confi

Re: [openssl-users] OpenSSL: RC4 and IDEA algorithms

i (oui, je sais, celui-là est particulièrement capillotracté) Le 23/01/2013 17:36, sarju tambe a écrit : In OpenSSL(README File, openssl version-0.98x), there are 4 patented algorithms RC5, RC4, IDEA, Camellia out of which RC5 and Camellia are disabled in Configure file. In README file, for RC4

OpenSSL: RC4 and IDEA algorithms

In OpenSSL(README File, openssl version-0.98x), there are 4 patented algorithms RC5, RC4, IDEA, Camellia out of which RC5 and Camellia are disabled in Configure file. In README file, for RC4 we need to take RSA Security's permission. IDEA algorithm is patented by Ascom and they shou

Re: How to disable non-FIPS approved algorithms - DH and RAND_bytes?

Thanks Steve. So, that means, I don't need to add FIPS_rand_* function. For DH key exchange algorithm, do I need to explicitly disable calling of DH function in my code if it is in FIPS? Or is there any DH algorithms loading issue in openssl-fips-1.2 that I am consuming? Thanks, ~Vimol O

Re: How to disable non-FIPS approved algorithms - DH and RAND_bytes?

On Mon, Jan 23, 2012, Vimol Kshetrimayum wrote: > Hi, > > > I have an application which uses RSA or Diffie Hellman (DH) algorithms for > key exchange and RAND_seed and RAND_bytes to generate pseudo random number. > > > Now, I have added FIPS_mode_set(1) to enable F

How to disable non-FIPS approved algorithms - DH and RAND_bytes?

Hi, I have an application which uses RSA or Diffie Hellman (DH) algorithms for key exchange and RAND_seed and RAND_bytes to generate pseudo random number. Now, I have added FIPS_mode_set(1) to enable FIPS. As per openSSL-fips security policy document, my expectation is DH and RAND_seed and

Re: cryptographic algorithms

On Thu, May 05, 2011, Alona Rossen wrote: > > > Hello, > > > > Please list all encryption algorithms supported by OpenSSL 0.9.8e, > 0.9.8m and 1.0.0d. > > It looks like that http://www.openssl.org/docs/crypto/crypto.html has > not been updated for

Re: cryptographic algorithms

On Thu, May 05, 2011 at 02:29:07PM -0400, Alona Rossen wrote: > Please list all encryption algorithms supported by OpenSSL 0.9.8e, > 0.9.8m and 1.0.0d. To list all ciphers $ openssl ciphers -v ALL:eNULL:@STRENGTH just use the appropriate openssl(1) binary to find which ciphe

cryptographic algorithms

Hello, Please list all encryption algorithms supported by OpenSSL 0.9.8e, 0.9.8m and 1.0.0d. It looks like that http://www.openssl.org/docs/crypto/crypto.html has not been updated for a while and does not list ECC and possibly some other algorithms. Thank you, Alona

Re: SSL algorithms vs. all algorithms...

On Wed, Apr 07, 2010, Sad Clouds wrote: > On Tue, 6 Apr 2010 21:17:01 +0200 > "Dr. Stephen Henson" wrote: > > > Well that actual manual page is rather old and it still talks about > > PRNG initialisation which dates from the time OpenSSL didn't handle > > that automatically on many platforms. >

Re: SSL algorithms vs. all algorithms...

On Tue, 6 Apr 2010 21:17:01 +0200 "Dr. Stephen Henson" wrote: > Well that actual manual page is rather old and it still talks about > PRNG initialisation which dates from the time OpenSSL didn't handle > that automatically on many platforms. So are you saying there is no need to seed PRNG? Is th

Re: SSL algorithms vs. all algorithms...

On Tue, Apr 06, 2010 at 09:17:01PM +0200, Dr. Stephen Henson wrote: > > Has the guidance to developers who use OpenSSL for TLS/SSL rather than > > as general-purpose cryptography toolkit changed wrt. library initialization? > > [...] > > I suppose it makes sense to ad

Re: SSL algorithms vs. all algorithms...

rformed separately. > +SSL_library_init() mainly adds ciphers and digests used directly by > SSL/TLS. > +In some cases this is not sufficient and errors about unknown algorithms > +will occur: for example when an attempt is made to use a certificate using > +SHA256. Thi

SSL algorithms vs. all algorithms...

SSL/TLS. +In some cases this is not sufficient and errors about unknown algorithms +will occur: for example when an attempt is made to use a certificate using +SHA256. This can be resolved by also calling OpenSSL_add_all_algorithms(). I find the last two sentences a bit confusing. Are

Symmetric algorithms with Cell architecture

Is there anyone working with symmetric algorithms in Cell platform, i want suggestions to work with AES, taking advantage of the IBM Cell SPUs Thanks in advance smime.p7s Description: S/MIME cryptographic signature PGP.sig Description: This is a digitally signed message part

PKCS#7 SignedData and multiple digest algorithms

Hi, I'm investigating upgrading the applications I'm responsible for from SHA1 as the default PKCS#7 SignedData digest algorithm to stronger digests such as SHA256, in ways that preserve backwards compatibility for signature verifiers which do not support digest algorithms other than SH

Re: which algorithms are enabled by default with fips?

It has already been released. Pick up the openssl-fips-1.2.tar.gz distribution, and the openssl-0.9.8j.tar.gz distribution. Also be aware that you MUST configure the openssl-fips package *EXACTLY* as described in the Security Policy. I am not going to try to reiterate the rules here, nor the com

Re: which algorithms are enabled by default with fips?

Hi All, Will the Openssl community will release all the openssl with fips support ie next release of openssl will support fips capability? Thanks Joshi Chandran On Mon, Jan 12, 2009 at 7:23 PM, Steve Marquess wrote: > PGNet wrote: > >> On Sun, Jan 11, 2009 at 3:42 PM, Steve Marquess < >> ma

Re: which algorithms are enabled by default with fips?

PGNet wrote: On Sun, Jan 11, 2009 at 3:42 PM, Steve Marquess wrote: Long story short, OpenSSH really needs some source mods to gracefully invoke and run in FIPS mode. Hrm ... I'd have thought that openssh would be amoong the 1st/best @ compliance. Me too. I embarked on this FIPS validation

Re: which algorithms are enabled by default with fips?

On Sun, Jan 11, 2009 at 3:42 PM, Steve Marquess wrote: > Long story short, OpenSSH really needs some source mods to gracefully invoke > and run in FIPS mode. Hrm ... I'd have thought that openssh would be amoong the 1st/best @ compliance. > Several people, myself included, have created patches >

Re: which algorithms are enabled by default with fips?

ifications at runtime. Stock OpenSSH doesn't even default to a FIPS compatible ciphersuite. The FIPS capable OpenSSL with FIPS mode enabled will reject attempts to use non-allowed algorithms, but that rejection will not necessarily occur at the appropriate place from the perspective of th

Re: which algorithms are enabled by default with fips?

FIPS-capable builds are not subject to any restrictions as to the algorithms they can implement. The only restriction is that, while in FIPS mode (enabled by FIPS_mode_set()), the code within the fipscanister is used for all cryptographic operations (including encryption, decryption, hashing, and

Re: which algorithms are enabled by default with fips?

d and reference the ... ... Clear & thorough. Thanks. > The OpenSSL FIPS Object Module *itself* doesn't have the concept of > "enabling" algorithms ... > When FIPS mode is enabled > at runtime that FIPS compatible distribution will automatically disable the > use o

Re: which algorithms are enabled by default with fips?

PGNet wrote: With the addition of fips object to the 'mix' of available build options, is openssl configure with ./Configure ... enable-rc5 enable-mdc2 fips (iiuc, CHANGES' stmt that 'idea' *is* enabled by default still holds?) sufficient to enable _all_ avail

which algorithms are enabled by default with fips?

With the addition of fips object to the 'mix' of available build options, is openssl configure with ./Configure ... enable-rc5 enable-mdc2 fips (iiuc, CHANGES' stmt that 'idea' *is* enabled by default still holds?) sufficient to enable _all_ available algorithms, w

Re: Please help: very urgent: Query on patented algorithms

At 01:20 PM 6/16/2008, Michael Sierchio wrote: RC4 is owned (and trademarked) by RSA Security Inc, but they are no longer enforcing the patent, RC4 was never protected by patent, but by trade secret. When the details of the algorithm were published, Ron Rivest himself suggested calling the "a

Re: Please help: very urgent: Query on patented algorithms

RC4 is owned (and trademarked) by RSA Security Inc, but they are no longer enforcing the patent, RC4 was never protected by patent, but by trade secret. When the details of the algorithm were published, Ron Rivest himself suggested calling the "alleged RC4" "ARCFOUR". It is indeed a tradema

Re: Please help: very urgent: Query on patented algorithms

On 6/16/08, bagavathy raj <[EMAIL PROTECTED]> wrote: > Hi, > Is there any binary distribution where I can find SSL dlls without > patented algorithms like IDEA,MCD2,RC4,RC5 etc. I tried compiling > without them. I could exclude other algos but not RC4. Some linking > issues.

Re: Please help: very urgent: Query on patented algorithms

Hi, Is there any binary distribution where I can find SSL dlls without patented algorithms like IDEA,MCD2,RC4,RC5 etc. I tried compiling without them. I could exclude other algos but not RC4. Some linking issues. So i need to know if there is any ssl release without the patented algorithms. On 6

Re: Please help: very urgent: Query on patented algorithms

http://www.idrix.fr On Mon, June 16, 2008 3:55 pm, bagavathy raj wrote: > Hi, > > I have openssl dlls(i.e.libeay32.dll, ssleay32.dll). I need to know if > these > libaries are using any of the patented algorithms like IDEA, RC4, RC5,MDC2 > etc. Can you please let me know if there is a

Please help: very urgent: Query on patented algorithms

Hi, I have openssl dlls(i.e.libeay32.dll, ssleay32.dll). I need to know if these libaries are using any of the patented algorithms like IDEA, RC4, RC5,MDC2 etc. Can you please let me know if there is any way to find out this? Any help would be highly appreciated. Thanks in adavance, Bagavathy

Re: cipher algorithms

4, 2008, at 5:28 AM, Baur, Mateus (Brazil R&D-CL) wrote: Hi All, I have some doubts regarding OpenSSL cipher algorithms and I was wondering if someone could help me with that. 1) If my understanding is correct, the client sends the list of supported cipher algorithms and th

RE: cipher algorithms

Hello, > One last question, can an algorithm or cipher suite be enabled or disabled on OpenSSL by > an user (I mean, without needing to recompile and redistribute OpenSSL binaries)? Yes, from server or client point of view you can control this with SSL_CTX_set_cipher_list() function call. Best

RE: cipher algorithms

Thanks very much! > -Original Message- > From: [EMAIL PROTECTED] [mailto:owner-openssl- > [EMAIL PROTECTED] On Behalf Of Shaw Graham George > Sent: quarta-feira, 5 de março de 2008 09:51 > To: openssl-users@openssl.org > Subject: RE: cipher algorithms > > > Su

RE: cipher algorithms

Surely http://www.openssl.org/docs/ssl/SSL_CTX_set_cipher_list.html. G. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Baur, Mateus (Brazil R&D-CL) Sent: 05 March 2008 12:25 To: openssl-users@openssl.org Subject: RE: cipher algorithms Yes, I

RE: cipher algorithms

Yes, I know you can enable/disable the algorithms at build time. However, my question is if a user could enable/disable an algorithm when the library is already built (even by the application using OpenSSL or some generic configuration of OpenSSL). I thought there was actually no way to do

RE: cipher algorithms

t programs that use OpenSSL, including the build in 'openssl' executable permit you to change the algorithms used one way or another. I do not believe that OpenSSL provides a generic way to do this for other applicati

RE: cipher algorithms

t; [EMAIL PROTECTED] On Behalf Of [EMAIL PROTECTED] > Sent: quarta-feira, 5 de março de 2008 05:51 > To: openssl-users@openssl.org > Subject: Re: cipher algorithms > > Hello, > > I have some doubts regarding OpenSSL cipher algorithms and I was > wondering if someone > > could

Re: cipher algorithms

Hello, > I have some doubts regarding OpenSSL cipher algorithms and I was wondering if someone > could help me with that. > > 1) If my understanding is correct, the client sends the list of supported cipher > algorithms and the server will choose one algorithm of such li

AW: cipher algorithms

Hi, The browser can be configured for example: Firefox: security-prefs.js pref("security.ssl3.rsa_1024_des_cbc_sha", false); pref("security.ssl3.rsa_1024_des_cbc_sha", false); pref("security.ssl3.rsa_1024_des_cbc_sha", false); will disable these combinations. The server can be configured for e

cipher algorithms

Hi All, I have some doubts regarding OpenSSL cipher algorithms and I was wondering if someone could help me with that. 1) If my understanding is correct, the client sends the list of supported cipher algorithms and the server will choose one algorithm of such list in order to establish

CA certificate and signature algorithms

Hi All, I have a CA certificate with Signature Algorithm md21RSA. Can I create a server certificate with Signature Algorithm sha1RSA and sign the server certificate using the above CA certificate. Will there be any problems. Thanks in advance. Jaya ___

X509 v3 extensions and Digest Algorithms

extension? iii) Does OpenSSL-0.9.7 support SHA256 and SHA512 digest algorithms? i read that OpenSSL-0.9.7k (for exmaple) has support to these algorithms but it is completely necessary to compiling and installing OpenSSL FIPS Module before. OpenSSL-0.9.8 does support these algorithms. i found a post that

Re: What are the requirements for using Openssl crypto algorithms without openssl installation?

 Thanks Girish, Marek and all Girish, what you mean " remove dependencies"? I start the main function from hmactest.c I gathered relevant included files such as  hmac md5 evp.h e_os but each calls other include files...until when I compile without error but i show you some of linking errors : cry

Re: What are the requirements for using Openssl crypto algorithms without openssl installation?

Hello, > openssl-0.9.8a/crypto/sha directory has the sha > implementation and Yes, but you must pay attention on target platform. For example with ssh256-512 there are some defines which are enabled with "configure" step and are different on different platforms (for example SHA_LONG, SHA_LONG_LOG

Re: What are the requirements for using Openssl crypto algorithms without openssl installation?

, Girish --- Aidaros Dev <[EMAIL PROTECTED]> wrote: > Dear all, > What are the requirements for using Openssl crypto > algorithms without > openssl installation? > For instance, i want to seperate and compile HMAC > code without errors

What are the requirements for using Openssl crypto algorithms without openssl installation?

Dear all, What are the requirements for using Openssl crypto algorithms without openssl installation? For instance, i want to seperate and compile HMAC code without errors. Thanks in advance.

Re: Which algorithms are need for PKCS12_parse?

On 2/16/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote: On Thu, Feb 16, 2006, Chris wrote:It is documented in doc/openssl.txt and that file is referred to in the FAQ...http://www.openssl.org/support/faq.html#MISC2 At some point I'll tidy that up and place it in an appropriate manual page orbetter

Re: Which algorithms are need for PKCS12_parse?

On Thu, Feb 16, 2006, Chris wrote: > On 2/16/06, Dr. Stephen Henson <[EMAIL PROTECTED]> wrote: > > > Its a password based encryption (PBE) algorithm. Probably 40 bit RC2 > > and/or > > 3DES using the PKCS#12 key derivation algorihtm. > > > > Try calling PKCS12_PBE_add(). > > > > Steve. > > > Th

  1   2   >