I assume it says it is a FIPS 140-2 approved mode because it is approved
by FIPS 140-2 ;). Don't confuse the concepts of being 'FIPS approved' or
'FIPS compliant' with being 'secure'. They are not the same thing, and
can sometimes conflict.
On 20/03/2015 12:01, Philip Bellino wrote:
Hello,
Hello,
I am using the Openssl-1.0.2 with openssl-fips-2.0.9 and have a question?
If AES CBC Encryption is considered vulnerable to an attacker with the
capability to inject arbitrary traffic into the plain-text stream, then why is
it listed as an approved algorithm/option in table 4A on page 14
On 6/12/2013 10:17 PM, Thaddeus Fuller wrote:
Hi,
Is it possible to create a PKCS8 RSA Private Key using a non-password
based encryption algorithm? There doesn’t appear to be an option through
the command line `openssl pkcs8`. If it is not possible to do this
through OpenSSL (which seems to be
Hi,
Is it possible to create a PKCS8 RSA Private Key using a non-password based
encryption algorithm? There doesn't appear to be an option through the command
line `openssl pkcs8`. If it is not possible to do this through OpenSSL (which
seems to be the case), is it not a valid way to en
We only use OpenSSL_add_all_algorithms during SSL initialization, no other
SSL_[CTX]_set_cipher_list calls are made, therefore the cipher used should be
the default DHE-RSA-AES256-SHA then.
Alex
On Oct 14, 2012, at 3:01 PM, Dave Thompson wrote:
>> From: owner-openssl-us...@openssl.org On Behal
>From: owner-openssl-us...@openssl.org On Behalf Of Alex Chen
>Sent: Friday, 12 October, 2012 21:31
>The 'openssl cipher -v' command shows the following cipher suites:
>If both the client and server uses the sample version of openssl
>library and they only calls OpenSSL_add_all_algorithms()
>t
The 'openssl cipher -v' command shows the following cipher suites:
$ openssl ciphers -v
DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1
DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1
AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256)
Hi allI want to use TEA encryption algorithm with OpenSSL.Is there any engine
to provide implementation of TEA algorithm ?gost engine is an example of
adding new cryptoalgorithms into OpenSSL but gost example is a bit complex.
Thanks in advance,
Siavash
TEA source code :
https
Hi allI want to use TEA encryption algorithm with OpenSSL.Is there any engine
to provide implementation of TEA algorithm ?gost engine is an example of
adding new cryptoalgorithms into OpenSSL but gost example is a bit complex.
Thanks in advance,
Siavash
TEA source code :
https
Hello,
Is there a function to implement the ecc encryption ? not ecc
signature. Thank you .
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@op
On Fri November 7 2008, Chris Cheung wrote:
> Hi all,
>
> my question may not be directly related to OpenSSL, but I don't know
> where else better to seek for answer, so...
>
It is a general question -
Give it a bit of thought, the answer should be obvious -
If the encryption is "perfect" then
Hi all,
my question may not be directly related to OpenSSL, but I don't know
where else better to seek for answer, so...
I'm curious to know, given a number of cipher texts, how hard it is to
know, if at all possible, what algorithm was used to generate that?
Chris
_
Is it possible to change the algorithm used to encrypt private keys
(when used with 'openssl req -newkey ...)? I'd like to use AES256
instead of triple-DES.
Thanks!
--
Ian Pilcher[EM
basic questions:
ColetteG>
ColetteG> - What encryption algorithm does openSSL use when generating
ColetteG> the asymmetric keys?
Technically none. However, you may have meant to ask what algorithm
is used to encrypt the generated key. By default it's not encrypted,
but with the argume
Hi everyone,
Another set of very very basic questions:
- What encryption algorithm does openSSL use when generating the asymmetric
keys?
- Is it something that the developer has to specify, or is there a default?
Thank you
Colette
Hi
The browsers send a prioritised list of ciphers to the server for selection,
strong first, followed by the weaker ones.
The server selects the first cipher that matches. So the server should typically
select the strongest possible common cipher.
:) Amit.
[EMAIL PROTECTED] wrote:
> Steve,
Steve,
The server is WN 2.3.3 (see also http://www.wnserver.org). It works with both
'strong' and 'weak' browsers, but I can't figure out if it uses strong encryption
where possible (e.g. strong browsers).
Jon
Dr Stephen Henson wrote:
> [EMAIL PROTECTED] wrote:
> >
> >
> > That's right! Now we
> > After installing a Verisign test certificate; when testing with
> > ./openssl s_client -connect www.takeitnow.nl:443 and GET / HTTP/1.0
> > everything seems to work; the HTTP GET is recorded in the server
> > logging. But when accessing the server with Netscape (4.5) I get a popup
> > box 'Net
Dear Steve,
You're right: I've downloaded a 128bit IEX security upgrade and now it works.
But, now we've to find out how to install 'weak' encryption.
Thanks again
Jon Petersen
Dr Stephen Henson wrote:
> [EMAIL PROTECTED] wrote:
> >
> > Hi all,
> >
> > Our first attempt to install a secure w
[EMAIL PROTECTED] wrote:
>
> Hi all,
>
> Our first attempt to install a secure webserver was not succesfull. We
> did install Openssl (0.9.4) and WN webserver (2.3.3) on a Linux box.
>
> After installing a Verisign test certificate; when testing with
> ./openssl s_client -connect www.takeitnow.
20 matches
Mail list logo
