RE: Setting a group to an existing EVP_PKEY in OpenSSL 3

Kory, Thanks for your response. I want to preserve the rest of the EC public key params. I did this. I haven’t test yet. OSSL_PARAM* extracted_params = NULL; char curve_name[64]; OSSL_PARAM* param_ecgroup = NULL; // sigkey is the EVP_PKEY ECDSA public key if

Re: Setting a group to an existing EVP_PKEY in OpenSSL 3

I haven’t done exactly what you are trying, but something similar. See EVP_PKEY_set_params: https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_set_params.html The specific parm to set the group could be set like this:

Setting a group to an existing EVP_PKEY in OpenSSL 3

Hi, How can I set a GROUP to an existing EC type EVP_PKEY in OpenSSL 3? In 1.0.2 I was using this code having the EC_KEY: EC_KEY_set_group(eckey, EC_GROUP_new_by_curve_name(nid)); In OpenSSL 3 still EC_GROUP_new_by_curve_name(nid) can be used, but I don't know how to go from that

RE: CVE-2022-37454 SHA-3 buffer overflow

That is good to hear as it touches many things. Thanks for letting me know. Job -Original Message- From: Tomas Mraz Sent: Monday, October 24, 2022 1:58 AM To: Job Cacka ; openssl-users@openssl.org Subject: Re: CVE-2022-37454 SHA-3 buffer overflow The implementation of SHA-3 in

RE: [building OpenSSL for vxWorks on Windows using Cygwin]

> From: openssl-users On Behalf Of ??? > Sent: Friday, 21 October, 2022 02:39 > Subject: Re: openssl-users Digest, Vol 95, Issue 27 Please note the text in the footer of each openssl-users digest message: > When replying, please edit your Subject line so it is more specific > than "Re:

Re: OpenSSL 1.1.1 Windows dependencies

On 22/10/2022 16:02, David Harris wrote: On 21 Oct 2022 at 13:50, Michael Wojcik via openssl-users wrote: That was my initial thought too, except that if it were firewall-related, the initial port 587 connection would be blocked, and it isn't - the failure doesn't happen until after

Re: CVE-2022-37454 SHA-3 buffer overflow

The implementation of SHA-3 in OpenSSL is different from the vulnerable one. There is a plain C implementation and also assembly implementation for various CPU architectures. See crypto/sha/keccak1600.c and crypto/sha/asm/keccak1600*.pl. None of these should suffer from the CVE-2022-37454. The

Re: OpenSSL 3 ECC Key use question

What do you need the NID for? Maybe the code could be changed to use names instead of NIDs? The NIDs are somehow legacy thing that might eventually be completely internal at some point. However, if you need the NID, you should be able to use OBJ_sn2nid() to obtain the NID if the curve name is in