Added a define in include/openssl/ssl.h:
# define SSL_TXT_MYCIPHER "MYCIPHER"
Integrated into ssl/s3_lib.c:
static SSL_CIPHER ssl3_ciphers[] = {
{
1,
TLS1_TXT_ECDHE_ECDSA_WITH_MYCIPHER_SHA384,
TLS1_CK_ECDHE_ECDSA_WITH_MYCIPHER_SHA384,
SSL_kECDHE,
SSL_aECDSA,
On 13/04/17 18:26, Martin Brejcha wrote:
>
>
> Matt Caswell wrote on 04/13/2017 03:45 PM:
>>
>>
>> On 13/04/17 10:11, mahesh gs wrote:
>>> Hi,
>>>
>>> We are running SCTP connections with DTLS enabled in our application. We
>>> have adapted openssl version (openssl-1.1.0e) to achieve the same.
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
> Dipak Gaigole
> Sent: Thursday, April 13, 2017 15:12
> I will try with disabling FIPS.
Opinions differ, but many people - including myself - recommend not enabling
FIPS mode unless it is explicitly required (genera
The OpenSSL PRNG story is currently not so great, yes. But maybe
you should try without FIPS, and also with a different cipher? AES256-SHA
is both CBC and SHA1, neither of which is really a current best practice.
-BenThanks Ben. I will try with disabling FIPS. Where can i find current best
> On 13. Apr 2017, at 19:26, Martin Brejcha wrote:
>
>
>
> Matt Caswell wrote on 04/13/2017 03:45 PM:
>>
>>
>> On 13/04/17 10:11, mahesh gs wrote:
>>> Hi,
>>>
>>> We are running SCTP connections with DTLS enabled in our application. We
>>> have adapted openssl version (openssl-1.1.0e) to ach
Matt Caswell wrote on 04/13/2017 03:45 PM:
>
>
> On 13/04/17 10:11, mahesh gs wrote:
>> Hi,
>>
>> We are running SCTP connections with DTLS enabled in our application. We
>> have adapted openssl version (openssl-1.1.0e) to achieve the same.
>>
>> We have generated the self signed root and node
> On 13. Apr 2017, at 11:11, mahesh gs wrote:
>
> Hi,
>
> We are running SCTP connections with DTLS enabled in our application. We have
> adapted openssl version (openssl-1.1.0e) to achieve the same.
>
> We have generated the self signed root and node certificates for testing. We
> have a str
On 13/04/17 10:11, mahesh gs wrote:
> Hi,
>
> We are running SCTP connections with DTLS enabled in our application. We
> have adapted openssl version (openssl-1.1.0e) to achieve the same.
>
> We have generated the self signed root and node certificates for
> testing. We have a strange problem w
Hi,
We are running SCTP connections with DTLS enabled in our application. We
have adapted openssl version (openssl-1.1.0e) to achieve the same.
We have generated the self signed root and node certificates for testing.
We have a strange problem with the incomplete DTLS handshake if we run the
DTLS