[openssl-dev] [GitHub PR] RFC 7714 DTLS-SRTP profiles

[Dmitry Sobinov]

Hi,

I’ve created a pull request with simple changes to support two new AEAD 
profiles for DTLS-SRTP.

https://github.com/openssl/openssl/pull/521 



Regards,
Dmitry Sobinov___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4213] Error defining ciphersuite 0x0300ff87

[Dmitry Belyavsky via RT]

Hello,

I've found I made a typo introducing the GOST ciphersuite 0x0300ff87.
It's a ciphersuite with NULL encryption and so it is rarely used, that's
why I did not catch this mistake during the testing.

This specification requires using the "stream MAC" mode for this
ciphersuite. The patch is attached.

Thank you!

-- 
SY, Dmitry Belyavsky

diff --git a/ssl/s3_lib.c b/ssl/s3_lib.c
index e3e4fd3..50dbbc5 100644
--- a/ssl/s3_lib.c
+++ b/ssl/s3_lib.c
@@ -3284,7 +3284,7 @@ OPENSSL_GLOBAL const SSL_CIPHER ssl3_ciphers[] = {
  SSL_GOST12_256,
  SSL_TLSV1,
  SSL_STRONG_NONE,
- SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256,
+ SSL_HANDSHAKE_MAC_GOST12_256 | TLS1_PRF_GOST12_256 | TLS1_STREAM_MAC,
  0,
  0},
 #endif
___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4194] engine command regression in 1.1

[Roumen Petrov via RT]

Rich Salz via RT wrote:
> [SNIP]
> out = dup_bio_out(FORMAT_TEXT);
> - prog = opt_init(argc, argv, engine_options);
> if (!engines || !pre_cmds || !post_cmds)
> goto end;
> + while ((argv1 = argv[1]) != NULL && *argv1 != '-') {
> + sk_OPENSSL_STRING_push(engines, *argv1);
> + argc--;
> + argv++;
> + }
> + prog = opt_init(argc, argv, engine_options);
>
[SNIP]
Above patch is not complete. It seems to opt_init stop processing on 
first non-option argument.
In sample like :
openssl engine dynamic \
  -pre SO_PATH:/lib/libfoo.so \
  -pre ID:foo \
  -pre LOAD \
  -pre "CMD_FOO:some input data"

Arguments after dynamic are considered as engines The code try to use 
engines like "-pre",  "ID:foo" and "CMD_FOO:some input data".


Another sample is "Or to simply see the list of commands supported 
by the "foo" ENGINE;

openssl engine - dynamic \
  -pre SO_PATH:/lib/libfoo.so \
  -pre ID:foo \
  -pre LOAD
"
In above case engine is between "normal" arguments.

Roumen


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] i2c_ASN1_INTEGER not exposed in github master

[Douglas E Engert]

In OpenSSL-1.0.2   opensssl/asn1.h defines  both i2c_ASN1_INTEGER and 
i2c_ASN1_BIT_STRING
These are not in development version in github.

Was this intentional?

--

Douglas E. Engert 
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4214] [GitHub PR] RFC 7714 DTLS-SRTP profiles

[Dmitry Sobinov via RT]

Hi,

I’ve created a pull request with simple changes to support two new AEAD 
profiles for DTLS-SRTP.

https://github.com/openssl/openssl/pull/521 



Regards,
Dmitry Sobinov
___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4194] engine command regression in 1.1

[Salz, Rich via RT]

Please see this:
https://github.com/openssl/openssl/compare/master...richsalz:rt4194?expand=1


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev