-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Forthcoming OpenSSL releases
The OpenSSL project team would like to announce the forthcoming release
of OpenSSL versions 1.0.2b, 1.0.1n, 1.0.0s and 0.9.8zg.
These releases will be made available on Thursday 11th June.
On Fri, Jun 05, 2015 at 04:39:36PM +, Zooko Wilcox-OHearn via RT wrote:
One of the coreutils maintainers suggested that we should ask OpenSSL
to add BLAKE2, because coreutils itself will probably just use a
portable C implementation, but it would use an optimized
implementation if
I'd support adding 2b and 2s, in spite of the fact that the names are really
really bad. I'm less interested in seeing the parallel variants added. FWIW.
Well, the reason I'm here is that the GNU coreutils maintainers rely
on openssl for high-performance crypto, and blake2sp might be the
(re-sent because I wasn't subscribed to openssl-dev first time and it
bounced from there but went through to rt@.)
Dear Rich Salz et al.:
b is for big — fits well with 64-bit architectures, and s is for
small — fits well with 32-bit architectures.
p is for parallel — has several parallel
Fixed in 1.1:
prompt$ ./openssl -cert no.way xx yy ; echo $?
Invalid command '-cert'; type help for a list.
1
prompt$
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To unsubscribe:
(re-sent because I wasn't subscribed to openssl-dev first time and it
bounced from there but went through to rt@.)
Dear Rich Salz et al.:
b is for big — fits well with 64-bit architectures, and s is for
small — fits well with 32-bit architectures.
p is for parallel — has several parallel
So if you're going to replace md5sum... which one should you use? Which ONE
HASH should replace MD5?
Or why not just use sha256 and sha512.
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Blake2s is 256-bit, while Blake2d is 512-bit. These are the ones I assume
that would be best for addition. The other two, Blake2sp and Blake2bp are
multi-threaded, and are optimized for multi-core CPUs.
It is unfortunate that 's' and 'd' mean different algorithms, while 2sp and 2bp
are,
Dear Rich Salz et al.:
b is for big — fits well with 64-bit architectures, and s is for
small — fits well with 32-bit architectures.
p is for parallel — has several parallel threads that each compute
the hash of a different subset of the input data, and then those
hashes get hashed together to
I'd support adding 2b and 2s, in spite of the fact that the names are really
really bad. I'm less interested in seeing the parallel variants added. FWIW.
Well, the reason I'm here is that the GNU coreutils maintainers rely
on openssl for high-performance crypto, and blake2sp might be the
On Tue, Jun 9, 2015 at 12:57 AM, Salz, Rich rs...@akamai.com wrote:
So if you're going to replace md5sum... which one should you use? Which ONE
HASH should replace MD5?
I'd suggest blake2sp. It's currently the fastest on my machine, and I
guess that there will often be multiple cores in
I could be wrong, but I did not see any assembler. SIMD is done with
standard Intel macros.
Hooking up looks simple to me. So you need a volunteer? I've been poking
around the code lately.
On Jun 8, 2015 4:11 PM, Salz, Rich rs...@akamai.com wrote:
Anyway, I think we should add it.
I am in
If the goal is replace md5sum, then one thing to think about is which digest
will have the widest reach for everyone? Can all four versions be
implemented in (mostly?) portable C code? Is performance the only real
difference? Suppose we took just blake2s?
All four are available in
$ openssl version -a
OpenSSL 1.0.2a 19 Mar 2015
built on: reproducible build, date unspecified
platform: linux-x86_64
options: bn(64,64) rc4(8x,int) des(idx,cisc,16,int) blowfish(idx)
compiler: gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DZLIB
-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN
Anyway, I think we should add it.
I am in favor of doing that, too. But there's some work that needs to be done:
hooking it up to the EVP API, and tweaking the assembler stuff to use our
perl-based structure, right?
___
openssl-dev mailing list
To
So it's really a request to add four hash functions. Bummer.
In practice the parallel mode works nicely on modern systems.
Well, on clients. On servers, presumably, those cores would be busy ;)
I'd support adding 2b and 2s, in spite of the fact that the names are really
really bad. I'm
Well, the reason I'm here is that the GNU coreutils maintainers rely on
openssl for high-performance crypto, and blake2sp might be the best
algorithm for the new b2sum tool, which I hope will replace md5sum
in the toolboxes of system administrators everywhere.
Yes, I went and read the thread
Hi,
I need to verify if the certifiate I have received is having its content in
PEM/DER format.
Is there any API which if given file pointer like (fp) will tell me whether
it has valid format of certificate and if yes then whether it is PEM/DER
format ?
If no API, then what is the other way to
On Sun 2015-06-07 16:16:24 -0400, Kurt Roeckx wrote:
You can set a callback on the creation of a new session. See the
SSL_CTX_sess_set_new_cb() manpage. The SSL_CTX_sess_get_new_cb()
get function returns that callback function back.
There are no internal users in OpenSSL as far as I can
Hi,
I am writing an application which will configure, make and copy libssl.so
to custom location. Since tester does not know which version of openssl he
is testing, i wanted to know that is there any api which will be used
through C code to print openssl full version string.
NOTE: i have only
On Jun 9, 2015, at 4:07 AM, Zooko Wilcox-OHearn zo...@leastauthority.com
wrote:
On Tue, Jun 9, 2015 at 12:57 AM, Salz, Rich rs...@akamai.com wrote:
So if you're going to replace md5sum... which one should you use? Which ONE
HASH should replace MD5?
I'd suggest blake2sp. It's
On Friday 05 June 2015 16:39:36 Zooko Wilcox-OHearn via RT wrote:
Dear OpenSSL folks:
I'm one of the authors of the BLAKE2 hash function
(https://blake2.net). I've been working with the maintainers of GNU
coreutils to make a tool named b2sum, which I hope will eventually
replace md5sum.
On Jun 8, 2015, at 1:37 PM, Hubert Kario via RT r...@openssl.org wrote:
On Friday 05 June 2015 16:39:36 Zooko Wilcox-OHearn via RT wrote:
Dear OpenSSL folks:
I'm one of the authors of the BLAKE2 hash function
(https://blake2.net). I've been working with the maintainers of GNU
coreutils
On Jun 8, 2015, at 1:37 PM, Hubert Kario via RT r...@openssl.org wrote:
On Friday 05 June 2015 16:39:36 Zooko Wilcox-OHearn via RT wrote:
Dear OpenSSL folks:
I'm one of the authors of the BLAKE2 hash function
(https://blake2.net). I've been working with the maintainers of GNU
coreutils
Not that my opinion here counts, but I'll second the call for BLAKE2
support. The SIMD implementation is one of the finest works of efficient
cryptographic code I've run across. It's so efficient, it became by far
the most popular hash function in the Password Hashing Competition. BLAKE2
rocks.
Is anyone having problems building 1.0.2-stable on FreeBSD? It appears
the following commit may have broken the build:
https://github.com/openssl/openssl/commit/f877da9cedb95df94105d7292f8e0963175e58dc
Here's the error we're seeing:
[jenkins@freebird ~/tmp/openssl-OpenSSL_1_0_2-stable]$ gmake
On 8 June 2015 at 13:27, John Foley fol...@cisco.com wrote:
Is anyone having problems building 1.0.2-stable on FreeBSD? It appears
the following commit may have broken the build:
https://github.com/openssl/openssl/commit/f877da9cedb95df94105d7292f8e0963175e58dc
Here's the error we're
27 matches
Mail list logo