Re: [openssl-users] [openssl-project] OpenSSL 3.0 and FIPS Update
Thanks for the speculation on validated platforms, Mark. Please be careful about using this resource as a medium for self-promotion. - Walt Walter Paley w...@safelogic.com SafeLogic - FIPS 140-2 Simplified
Re: Allow specifying the tag after AAD in CCM mode
I've commented on the PR, mostly about not understanding the commit message RFC-references and indentation error. Overall the PR looks good to me, but I'd like someone who is more familiar with implementation have a look at it. Best Regards Eine Kleine Blau Fisch On Tue, Feb 19, 2019 at 2:10 PM Tobias Nießen wrote: > > Hello everyone, > > in GCM and OCB mode, it is possible to set the authentication tag after > supplying AAD, but the CCM implementation does not allow that. This > isn't a problem for most applications, but in Node.js, we expose similar > APIs to interact with AEAD ciphers and these differences between cipher > modes within OpenSSL propagate to our users. Unless there is a reason > for the current behavior, I would prefer to change it. > > I opened a PR about this five months ago > (https://github.com/openssl/openssl/pull/7243). It has received zero > attention and I am hoping the mailing list is a good way to change that. > > Kind regards, > Tobias >
Forthcoming OpenSSL Releases
The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.1.1b and 1.0.2r. There will be no new 1.1.0 release at this time. These releases will be made available on 26th February 2019 between approximately 1300-1700 UTC. OpenSSL 1.0.2r is a security-fix release. The highest severity issue fixed in this release is MODERATE: https://www.openssl.org/policies/secpolicy.html#moderate OpenSSL 1.1.1b is a bug-fix release. Yours The OpenSSL Project Team signature.asc Description: OpenPGP digital signature
Allow specifying the tag after AAD in CCM mode
Hello everyone, in GCM and OCB mode, it is possible to set the authentication tag after supplying AAD, but the CCM implementation does not allow that. This isn't a problem for most applications, but in Node.js, we expose similar APIs to interact with AEAD ciphers and these differences between cipher modes within OpenSSL propagate to our users. Unless there is a reason for the current behavior, I would prefer to change it. I opened a PR about this five months ago (https://github.com/openssl/openssl/pull/7243). It has received zero attention and I am hoping the mailing list is a good way to change that. Kind regards, Tobias
Re: understand 'openssl dhparms ....'
El día Tuesday, February 19, 2019 a las 10:47:44AM +, Matt Caswell escribió: > > > On 19/02/2019 08:57, Matthias Apitz wrote: > > > > Two questions: > > > > 1. Why this has no input file? Shouldn't it have on, and which? The man > > page says, it would read stdin, but it doesn't do so. > > The man page in question is here: > > https://www.openssl.org/docs/man1.1.1/man1/dhparam.html > > I draw your attention to the description of the "numbits" value (i.e. 1024 in > your command line): > > ... Matt, thanks for the detailed explanation. matthias -- Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub October, 7 -- The GDR was different: Peace instead of Bundeswehr and wars, Druschba instead of Nazis, to live instead of to survive.
Re: openssl-users: DKIM, DMARC and all that jazz, and what it means to us
On Mon, 18 Feb 2019 22:51:09 +0100, Jakob Bohm wrote: > Having a DMARC record without DKIM signatures (including DKIM > signing mails relayed with openssl.org as From: address) is either > an RFC violation or very close to one. I suspected that. We're not quite ready for full blown DKIM yet, so I'll remove the DMARC record for now. Thank you. (I know that you have sent other recommendations, but haven't read them yet... be assured that I will give them consideration) Cheers, Richard -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/
Re: understand 'openssl dhparms ....'
On 19/02/2019 08:57, Matthias Apitz wrote: > > Two questions: > > 1. Why this has no input file? Shouldn't it have on, and which? The man > page says, it would read stdin, but it doesn't do so. The man page in question is here: https://www.openssl.org/docs/man1.1.1/man1/dhparam.html I draw your attention to the description of the "numbits" value (i.e. 1024 in your command line): "This option specifies that a parameter set should be generated of size numbits. It must be the last option. If this option is present then the input file is ignored and parameters are generated instead. If this option is not present but a generator (-2 or -5) is present, parameters are generated with a default length of 2048 bits." So by specifying 1024 you are asking to *generate* new parameters of size 1024 bits and so the input file is ignored. > > 2. When I re-run the examples today the above command does not even > produces a file 'dh1024.pem', but writes the result to stdout: > > openssl dhparam 1024 -2 -outform PEM -out dh1024.pem > (lot of random output) ... > -BEGIN DH PARAMETERS- > MIGHAoGBAIc6JqvNBSGwdBBzIJQAuq+TG+ttNNYZcUv/p3/nloWGwxeCKqWt2M4x > z6WsA3tVbykRw80A0Rja2y7IHZ9dGJc/guxrxUpNketeSddFzGicz6mrEafSdurd > ephztXEmQ63XP4ULPlcaOXzYk6GLUXFYKVYuIHnpdcJLLRMFWZ0bAgEC > -END DH PARAMETERS- > > How this is supposed to work? Thanks The options are the wrong way around the numbits value is supposed to be last - so actually the rest of your options are being ignored. The command line should be: openssl dhparam -2 -outform PEM -out dh1024.pem 1024 It seems that in OpenSSL 1.1.0 we got stricter about the ordering of the command line parameters. We probably really ought to error out if there are trailing options that we haven't processed. Note that 1024 is these days considered too short. At a *minimum* you should be using at least 2048. I would also draw your attention to the SSL_CTX_set_dh_auto() and SSL_set_dh_auto() macros that your server can use (available since OpenSSL 1.1.0). These are sadly undocumented (gr) but the use is straight forward: SSL_CTX_set_dh_auto(ctx, 1); or SSL_set_dh_auto(s, 1); By making these calls then your server will use automatic built-in DH parameters and there is no need to supply your own explicitly. Matt
understand 'openssl dhparms ....'
Hello, Some years ago (in 2012) I wrote an OpenSSL server, loosely based on the example sources 'openssl-examples-20020110' which nowadays still exist in https://github.com/smbutton/DataCommProject/tree/master/openssl-examples-20020110/openssl-examples-20020110 There was also some guiding available about how to create the necessary key material, which goes more or less like this: $ mkdir newca $ cd newca $ cp /usr/local/openssl/misc/CA.sh . $ ./CA.sh -newca will create a new CA. Remember the passphrase as you will need it to sign certificates. $ cp demoCA/cacert.pem ../root.pem Second step $ ./CA.sh -newreq will create a certificate and a certification request. Set the passphrase to 'password' as this is hard-coded in the examples' source code. It is important to set the [Common Name] to 'localhost'. Third step $ ./CA.sh -sign will sign your newly created certificate. Enter the password for your CA which you have defined in step 1. Fourth step $ cat newreq.pem newkey.pem newcert.pem > ../localhost.pem $ cd .. $ ln -s localhost.pem server.pem $ ln -s localhost.pem client.pem Maybe you also want to issue $ openssl dhparam 1024 -2 -out dh1024.pem -outform PEM in order to update the DH parameters. What I (today) do not understand is the last step about creating the file 'dh1024.pem' :-( Two questions: 1. Why this has no input file? Shouldn't it have on, and which? The man page says, it would read stdin, but it doesn't do so. 2. When I re-run the examples today the above command does not even produces a file 'dh1024.pem', but writes the result to stdout: openssl dhparam 1024 -2 -outform PEM -out dh1024.pem (lot of random output) ... -BEGIN DH PARAMETERS- MIGHAoGBAIc6JqvNBSGwdBBzIJQAuq+TG+ttNNYZcUv/p3/nloWGwxeCKqWt2M4x z6WsA3tVbykRw80A0Rja2y7IHZ9dGJc/guxrxUpNketeSddFzGicz6mrEafSdurd ephztXEmQ63XP4ULPlcaOXzYk6GLUXFYKVYuIHnpdcJLLRMFWZ0bAgEC -END DH PARAMETERS- How this is supposed to work? Thanks matthias -- Matthias Apitz, ✉ g...@unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub