plz how can automatically recover this problam On Wed, 12 Feb 2020, 14:59 , <openssl-users-requ...@openssl.org> wrote:
> Send openssl-users mailing list submissions to > openssl-users@openssl.org > > To subscribe or unsubscribe via the World Wide Web, visit > https://mta.openssl.org/mailman/listinfo/openssl-users > or, via email, send a message with subject or body 'help' to > openssl-users-requ...@openssl.org > > You can reach the person managing the list at > openssl-users-ow...@openssl.org > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of openssl-users digest..." > > > Today's Topics: > > 1. Re: Questions about using Elliptic Curve ciphers in OpenSSL > (Salz, Rich) > 2. Re: Questions about using Elliptic Curve ciphers in OpenSSL > (Jason Schultz) > 3. Re: Questions about using Elliptic Curve ciphers in OpenSSL > (Salz, Rich) > 4. sendfile (Jeremy Harris) > > > ---------------------------------------------------------------------- > > Message: 1 > Date: Tue, 11 Feb 2020 16:37:27 +0000 > From: "Salz, Rich" <rs...@akamai.com> > To: Jason Schultz <jetso...@hotmail.com>, "openssl-users@openssl.org" > <openssl-users@openssl.org> > Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL > Message-ID: <ae157c29-5e4c-4eb7-8415-3b9c98cea...@akamai.com> > Content-Type: text/plain; charset="utf-8" > > The first thing I would suggest is to separate ECDH, the session key > exchange, from ECDSA, the signature. Try to make ECDH with RSA work. Then > just load your ECDSA cert; you can load one cert of each type (RSA DSA) and > the runtime will figure out what to do, depending on what the client offers. > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://mta.openssl.org/pipermail/openssl-users/attachments/20200211/bcbf7649/attachment-0001.html > > > > ------------------------------ > > Message: 2 > Date: Tue, 11 Feb 2020 17:49:13 +0000 > From: Jason Schultz <jetso...@hotmail.com> > To: "Salz, Rich" <rs...@akamai.com>, "openssl-users@openssl.org" > <openssl-users@openssl.org> > Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL > Message-ID: > < > ch2pr10mb4214d81c779843835b2d13c2c7...@ch2pr10mb4214.namprd10.prod.outlook.com > > > > Content-Type: text/plain; charset="iso-8859-1" > > Rich- > > Thanks for your reply. At this point I'm 99% sure I have ECDH with RSA > working. My question in the previous post was just to confirm. But I have > my RSA cert and key pair, and a client can successfully connect to my > server using ECDHE_RSA* ciphers. > > My questions are more related to ECDSA. For example, you said "just load > your ECDSA cert", which is easy enough. My question is, is that all I need? > For example, with DSA (which we don't really use anymore), I also needed a > DH parameters file, which I read in with PEM_read_DHparams(). Do I need to > do something similar with "EC params" or "ECDSA params"? I've seen > references to both, and I'm not sure if and when I need them. > > As I pointed out, it looks like there are "EC PARAMETERS" in my private > key file. Are these needed? If so, how and when do I use them? Or do I need > them in a separate file? > > > > ________________________________ > From: Salz, Rich <rs...@akamai.com> > Sent: Tuesday, February 11, 2020 4:37 PM > To: Jason Schultz <jetso...@hotmail.com>; openssl-users@openssl.org < > openssl-users@openssl.org> > Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL > > > The first thing I would suggest is to separate ECDH, the session key > exchange, from ECDSA, the signature. Try to make ECDH with RSA work. Then > just load your ECDSA cert; you can load one cert of each type (RSA DSA) and > the runtime will figure out what to do, depending on what the client offers. > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://mta.openssl.org/pipermail/openssl-users/attachments/20200211/1cb043f3/attachment-0001.html > > > > ------------------------------ > > Message: 3 > Date: Tue, 11 Feb 2020 17:54:26 +0000 > From: "Salz, Rich" <rs...@akamai.com> > To: Jason Schultz <jetso...@hotmail.com>, "openssl-users@openssl.org" > <openssl-users@openssl.org> > Subject: Re: Questions about using Elliptic Curve ciphers in OpenSSL > Message-ID: <baa87396-ff2b-492d-9028-54d272309...@akamai.com> > Content-Type: text/plain; charset="utf-8" > > I believe you just load your ECDSA cert and the other stuff ? Dhparams!! ? > is not needed. > > > -------------- next part -------------- > An HTML attachment was scrubbed... > URL: < > http://mta.openssl.org/pipermail/openssl-users/attachments/20200211/f0333664/attachment-0001.html > > > > ------------------------------ > > Message: 4 > Date: Wed, 12 Feb 2020 11:08:26 +0000 > From: Jeremy Harris <j...@wizmail.org> > To: openssl-users@openssl.org > Subject: sendfile > Message-ID: <695c87c3-5bd6-33eb-2e53-18002be32...@wizmail.org> > Content-Type: text/plain; charset=utf-8 > > I see that an SSL_sendfile() is due in 3.0 :- > https://www.openssl.org/docs/manmaster/man3/SSL_write.html > > Will there be a matching SSL_recvfile() ? > -- > Cheers, > Jeremy > > > ------------------------------ > > Subject: Digest Footer > > _______________________________________________ > openssl-users mailing list > openssl-users@openssl.org > https://mta.openssl.org/mailman/listinfo/openssl-users > > > ------------------------------ > > End of openssl-users Digest, Vol 63, Issue 19 > ********************************************* >