On Thu, Jan 07, 2021 at 05:10:29PM -0800, Quanah Gibson-Mount wrote:
> Using wireshark, we can see the following signature algorithms are offered
> from the client side (which uses TLSv1.2) for both the working and failing
> servers:
>
> 0x0403 ECDSA-SHA256
> 0x0503 ECDSA-SHA384
> 0x0603 ECDSA-
Working on a migration for an application (OpenLDAP) where the old version
is linked to OpenSSL 1.0.2 to where the new version is linked to OpenSSL
1.1.1h.
Most client applications are working without issue. However, one Windows
client application consistently fails to connect to the OpenSSL
Hi,
I’m trying to use passphrase-protected keys with BC-FIPS, but whatever I do, I
get an exception complaining about not enough salt.
Exception in thread "main"
org.bouncycastle.crypto.fips.FipsUnapprovedOperationError: salt must be at
least 128 bits
at org.bouncycastle.crypto.fips
On Thu, Jan 7, 2021 at 3:08 AM Ken Goldman wrote:
> On 1/6/2021 12:10 PM, Gimhani Uthpala wrote:
>
> > I am getting seg-faults at openssl level. This only occurred very
> randomly and the following are stacks that seg faults at openssl level in
> the given 2 cases. We are using openssl 1.0.2k.
>
On Thu, Jan 7, 2021 at 1:53 PM Jan Just Keijser wrote:
> On 06/01/21 21:57, Michael Wojcik wrote:
> >
> > The same way you'd track down an intermittent cause of Undefined
> Behavior in any other program: some combination of dynamic monitoring,
> symbolic execution, static code analysis, source co
On Thu, Jan 7, 2021 at 1:51 PM Jan Just Keijser wrote:
> Hi,
>
> On 06/01/21 18:10, Gimhani Uthpala wrote:
>
> Dear team,
> I'm running an application which uses openssl for secure communication
> between processes. I am getting seg-faults at openssl level. This only
> occurred very randomly and
John,
I guess you received this mail because you are subscribed to the openssl-users
mailing list.
(You might also be subscribed to the openssl-announce mailing list, but that's
less likely.)
To unregister from the list, please visit
https://mta.openssl.org/mailman/listinfo/openssl-users resp
On 1/7/2021 10:11 AM, Michael Wojcik wrote:
$ cat /etc/redhat-release && openssl version
CentOS Linux release 7.9.2009 (Core)
OpenSSL 1.0.2k-fips 26 Jan 2017
Ugh. Well, OP should have made that clear in the original message.
And this is one of the problems with using an OpenSSL supplied by t
> From: Jan Just Keijser
> Sent: Thursday, 7 January, 2021 01:23
>
> On 06/01/21 21:57, Michael Wojcik wrote:
> >
> >
> > But you're asking the wrong question. The correct question is: Why are you
> > using an outdated version of OpenSSL?
>
> possibly because:
>
> $ cat /etc/redhat-release && open
Please remove my email from your distribution
> On Jan 7, 2021, at 9:08 AM, OpenSSL wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
>
> OpenSSL version 3.0 alpha 10 released
> =
>
> OpenSSL - The Open Source toolkit for SSL/TLS
> htt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 3.0 alpha 10 released
=
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
OpenSSL 3.0 is currently in alpha.
OpenSSL 3.0 alpha 10 has now been made availab
On 06/01/2021 17:10, Gimhani Uthpala wrote:
> I am setting context to use SSLv23_method() s. However, I can see
> ssl3_ methods being called. Is there any issue with that?
Just answering this one side question: no, this is normal behaviour.
Matt
Please remove my email
> On Jan 7, 2021, at 3:23 AM, Jan Just Keijser wrote:
>
> On 06/01/21 21:57, Michael Wojcik wrote:
>>
>> The same way you'd track down an intermittent cause of Undefined Behavior in
>> any other program: some combination of dynamic monitoring, symbolic
>> execution, st
On 06/01/21 21:57, Michael Wojcik wrote:
The same way you'd track down an intermittent cause of Undefined Behavior in
any other program: some combination of dynamic monitoring, symbolic execution,
static code analysis, source code review, testing variants, tracing, fuzzing,
post-mortem analys
Hi,
On 06/01/21 18:10, Gimhani Uthpala wrote:
Dear team,
I'm running an application which uses openssl for secure communication
between processes. I am getting seg-faults at openssl level. This only
occurred very randomly and the following are stacks that seg faults
at openssl level in the g
15 matches
Mail list logo