On Fri, 2022-02-11 at 08:35 +, Kevin Millson wrote:
> Hello OpenSSL Users,
>
> I’m trying to use SHA1 message digest hashing in combination with the
> FIPS provider, but seem to be running into issues. My code looks like
> the following:
>
> EVP_PKEY* privateKey = getPrivateKey();
> EVP_MD_
On Wed, Jul 16, 2014, Jason Schultz wrote:
> According to this wiki page:
>
> http://wiki.openssl.org/index.php/FIPS_mode_and_TLS
>
> When in FIPS mode, SHA1 signatures can not be used when using the TLS 1.2
> protocol: "If that wasn't enough there's another complication. For TLS v1.2
> you have
Another follow up question. The Wiki page refers to FIPS 186-4. Are these
restrictions only for FIPS 186-4, or FIPS 140-2 as well?
From: jetso...@hotmail.com
To: openssl-users@openssl.org
Subject: SHA1 signatures in FIPS mode w/ TLS 1.2
Date: Wed, 16 Jul 2014 13:31:35 +
According to this
To clean up, just call MD5_Final and ignore the result.
When I said it depended on which OpenSSL API you were
using, it was less about the version of OpenSSL and more
about the specific function names, as there is more than
one set of functions that can do the MD5. I see from
your latest mail be
Hi Jakob,
Thanks for your info. The openssl version currently we used to is 0.9.8r.
Also we need a clarification for one more thing.
Is there a way to cleanup the missed CTX from memory? Consider the below
scenario.
*File 1*
--> MD5_Init
--> MD5_Update
--> MD5_Update
--> MD5
Depends which of the OpenSSL APIs you use to do the hashing. Some give
you a usable context pointer where you can access the bytes that need
saving by following pointers into "internal" structures, others do not.
However note that there is another problem in such cases: When a
connection is i
Hi Jakob,
Thanks for your reply and we will try as you say. Is there any other way to
store the CTX at block level in RDBMS like MySQL? Say if the transfer is
interrupted at 500 MB and i know at which block the transfer has been
interrupted. In same scenario if i know the CTX of already sent block
On 1/26/2012 7:25 AM, Prabu RM wrote:
Hi,
We have been used to CRC via MD5 hash algorithm for a file to be
transferred in socket we kepp below steps.
_*At Client side:*_
1.Md5 Init()
2.MD5 Update
MD5 Update
MD5 Update
MD5 Update
.
.
.
3.MD5 Final
4.Get Checksum *C1*
_*At
Kedar Sabnis wrote:
in some specific case SHA1 digest is coming as 152 bits long instead of
160 bits long.
All possible 160 bits values have the same chance of being the output of
a SHA1 digest, *including* those that comprise long strings of all zeros
or all ones.
This mean that, statistic
On Sat, Sep 25, 2010 at 21:09, Kedar Sabnis wrote:
>
> HI,
>
> I am an openSSL User. We implemented SHA1 algorithm.
>
> Here in some specific case SHA1 digest is coming as 152 bits long instead
> of 160 bits long.
>
> Please suggest if any bug fix is there for this issue.
>
> Thanking you in anti
Would you perhaps like to explain how you implemented it (i.e., did
you include OpenSSL in your own application, or are you trying to use
it via a script?)? 152 bits is 8 bits -- one byte -- less than 160
bits. Are you using a library or framework that overwrites the last
byte of the buffer with
> From: owner-openssl-us...@openssl.org On Behalf Of PVi1
> Sent: Sunday, 19 April, 2009 13:12
> i am trying to write application used for verifying digest
> signature of text files.
> I have used this command to create sign of file e.g. index.php:
> openssl dgst -sha1 -sign private_key.pem -out
Hi there,
This seems to be going from bad to worse...
mail4:~/src/openssl-0.9.8f$ >>> su
Password:
mail4:/home/ged/src/openssl-0.9.8f# >>> make install
making all in crypto...
make[1]: Entering directory `/home2/ged/src/openssl-0.9.8f/crypto'
making all in crypto/objects...
make[2]: Entering dire
Hi there,
On Fri, 12 Oct 2007, Keith Thompson wrote:
> On Fri 07-10-12 15:02, Keith Thompson wrote:
>
> > That's not the only problem. [...]
>
> The key used to generate openssl-0.9.8f.tar.gz.asc (key ID
> 2719AF35) appears to belong to Ben Laurie, who is a member of
> the OpenSSL core team, but
On Fri 07-10-12 15:02, Keith Thompson wrote:
[...]
> That's not the only problem. As of a few minutes ago, there were
> two versions of the "openssl-0.9.8f.tar.gz.asc" file, one on the ftp
> server and another on the web server. Both are signed by the same key
> (which is *not* the key used for p
On Fri 07-10-12 16:18, Lasse Kliemann wrote:
> The file at
> http://www.openssl.org/./source/openssl-0.9.8f.tar.gz.sha1
> contains the checksum
>
>0a0a3fd9be3d46053df2e91b6eb8a3b4348c793c
>
> whereas the file at http://www.openssl.org/source/openssl-0.9.8f.tar.gz (even
> after repeated downl
-Original Message-
From: Heusden van, FJJ (Folkert) [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 12, 2004 6:01 AM
To: [EMAIL PROTECTED]
Subject: RE: sha1
Yes, that is correct.
-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Eleanor Nagai
Verzonden
thanks for your confirmation.
-Original Message-
From: Heusden van, FJJ (Folkert) [mailto:[EMAIL PROTECTED]
Sent: Wednesday, May 12, 2004 6:01 AM
To: [EMAIL PROTECTED]
Subject: RE: sha1
Yes, that is correct.
-Oorspronkelijk bericht-
Van: [EMAIL PROTECTED]
[mailto:[EMAIL
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Never mind, I just found md32_common.h...
Scott G. Kelly wrote:
| I'm using openssl in a group of embedded applications. For one of these,
| I need sha1 (and nothing else), but can't afford the space I'd need to
| link the app to libcrypto.a. I've been
By default SHA will provide binary output. You should convert the data
in the output buffer to hex (i.e. printable characters). For an example
look in $OPENSSLDIR/apps/dgst.c at the bottom of the file. Here is the
code fragment.
if(binout) BIO_write(out, buf, len);
else
Hello,
On Fri, 24 May 2002, Stella Power wrote:
> I'm having problems with SHA1() and I'm hoping some of you might be able to
> help me out.
>
> I want to calculate the sha1 checksum of a file which i have mapped into
> memory (char *mapped_encrypted_file;). I use strlen on that to get its
> le
Richard,
> Check (with 'od -c', for example) if there's a \n at the end of that
> file. In that case, you have digested "abcdefghijklmnopqrstuvwxyz\n"
> rather than "abcdefghijklmnopqrstuvwxyz". This is quite a common
> mistake.
Thanx, that was the problem. It dit show the \n as you mentioned.
From: "Zwet van der, PH (Pim)" <[EMAIL PROTECTED]>
P.H.Zwet> I'm using the datastring "abcdefghijklmnopqrstuvwxyz" in a
P.H.Zwet> file called data1 as input for the folowing command:
P.H.Zwet>
P.H.Zwet> > cat data1 | openssl sha1 -sha1
P.H.Zwet>
P.H.Zwet> This results in the folowing output:
P.
msg.pgp
Description: PGP message
On Sun, Nov 11, 2001 at 10:08:16AM -0500, Rich Salz wrote:
> > $ echo "password" |openssl dgst -sha1 -binary| openssl base64
>
> You've got a newline there; try
> echo 'password' | tr -d '\012' | openssl dgst
use echo with option -n
-n is no new-line
echo -n "password" |openssl dgst
> $ echo "password" |openssl dgst -sha1 -binary| openssl base64
You've got a newline there; try
echo 'password' | tr -d '\012' | openssl dgst
--
Zolera Systems, Securing web services (XML, SOAP, Signatures,
Encryption)
http://www.zolera.com
__
On Wed, Nov 07, 2001 at 05:32:48PM -0500, Dane Foster wrote:
> Hello,
> I'm not on the list but I'm hoping someone can help me nonetheless.
>
> I'm a Java programmer working w/ OpenLDAP on Linux. OpenLDAP supports the
> use of hashed passwords for binding, unfortunately it does do the hashin
Can you give a reference? All I can find is FIPS PUB 180-1
(http://www.itl.nist.gov/fipspubs/fip180-1.htm) and it has only three
examples, none of which match yours.
_
Greg Stark
Ethentica, Inc.
[EMAIL PROTECTED]
_
- O
"Emre A. Binisik" wrote:
>
> I've have problem with apache with mod_ssl:
>
> The server contributed to openssl accepts
> my certifikat that is signed with SHA1 RSA.
>
> Using Apache 1.3.12 with mod_ssl
> my client certificate is not accepted
> with the comment wrong Messagest digest
> in client
29 matches
Mail list logo
