Re: SSL write/read performance

On 10/04/2019 11:03, valmiki wrote: > >>> Hi All, >>> >>> I'm trying to understand server and client code over tcp using openssl. >>> >>> How does the flow work when we do SSL_write or SSL_read. >>> >>> SSL_write -> send buffer to kernel crypto subsystem -> take encrypted >>> buffer and send

Re: SSL write/read performance

On 10/04/2019 10:32, valmiki wrote: > Hi All, > > I'm trying to understand server and client code over tcp using openssl. > > How does the flow work when we do SSL_write or SSL_read. > > SSL_write -> send buffer to kernel crypto subsystem -> take encrypted buffer > and send it over network

Re: migration from openssl 1.0.2n to 1.1.1

On 08/04/2019 08:26, Chethan Kumar wrote: > Dear all, > >   > > We did openssl version upgrade from 1.0.2n to 1.1.1. While compiling some > package dependent on openssl, getting errors related to M_ASN1_ D2I AND I2D > functions. > > Digging deeper got to know that, in latest openssl

Re: PKCS#7/CMS verify reports bad signature

On 02/04/2019 17:34, Steffen wrote: > Hello, > >> What had produced the signatures? > > I received word from my end that the signatures may have been produced by > OpenSSL 1.0.2 (no idea which letter release) in the Cygwin environment but I > cannot confirm this. > If that's the case, I'd

Re: PKCS#7/CMS verify reports bad signature

On 01/04/2019 22:23, Steffen wrote: > Hello, > > I believe that I have narrowed the problem down to one specific version of > OpenSSL. Version 1.1.0b works as expected while OpenSSL 1.1.0c does not. Using the cert/data files you provided me off-list (thanks), I was able to confirm the above

Re: PKCS#7/CMS verify reports bad signature

fail to verify with an earlier version of OpenSSL 1.1.0. A workaround is to only verify the canonicalised text data and use the "-binary" flag (for the "cms" command line application) or set the SMIME_BINARY/PKCS7_BINARY/CMS_BINARY flags (if using CMS_verify()).

Re: Differences in defaults between 1.0.2 and 1.1.1

trongly advise against it since using such a sigalgs list will impact your ability to interoperate with TLSv1.3 servers. Matt > > Graeme > > -Original Message----- From: openssl-users > On Behalf Of Matt Caswell Sent: March 19, > 2019 10:23 AM To: openssl-users@openssl.org Sub

Re: Differences in defaults between 1.0.2 and 1.1.1

On 19/03/2019 13:40, Perrow, Graeme wrote: > TLS: error: accept - force handshake failure: errno 11 - moznss error -12162 > > TLS: can't accept: TLS error -12162:Unsupported hash algorithm used by TLS > peer.. Just to confirm - you've not configured client authentication? Assuming not, the

Re: Default DHE group

On 18/03/2019 23:05, Zeev Tarantov wrote: > Since openssl verion 1.1.0, code for TLS server can use > `SSL_CTX_set_dh_auto(ctx, 1);` to let openssl handle choice of DH group which > will be used to generate ephemeral keys if a DHE cipher suite is negotiated. > > TLS 1.3 limits DHE parameters

Re: Building OpenSSL 1.1.1b for WinCE700

On 19/03/2019 07:08, 田中創樹 wrote: > Hello, > > I have successfully build OpenSSL 1.1.1b (only libraries, no app) for > WINCE700-ARMV4I, though I don't do any tests. Here is what I did. I hope > original sources will be changed so as there is no need to change. It would be good if you created a

Re: DTLSv1_listen Nonblock IO failure not returning SSL_ERROR_WANT_READ

On 06/03/2019 10:51, Raja Ashok wrote: > Hi, > > When Nonblock IO failure happens on DTLSv1_listen() its returning 0. But > SSL_get_error() is not returning SSL_ERROR_WANT_READ. Instead it > returns SSL_ERROR_SYSCALL.  > > Can someone tell its intentionally kept this behaviour ? You are not

Re: Shouldn't no-pinshared be the default?

On 04/03/2019 23:37, Yann Ylavic wrote: > So my question is, why isn't no-pinshared the default? > ISTM that pinshared is enabled on linux only, That isn't correct. pinshared is the default everywhere. The way it is achieved is different for different platforms (so on Linux we use -znodelete).

Re: AW: OpenVPNGui 2.4.7 fails: format error in certificate's notAfter field

On 04/03/2019 13:16, Jan Just Keijser wrote: > On 04/03/19 10:21, Wolfgang Knauf wrote: >> Hi, >> >> the output is this: >> >> C:\Program Files\OpenVPN\bin>openssl.exe asn1parse -i -in >> ..\config\ssl_h...@l1139218.vt-security.de\l1139218.vt-security.de.user.crt >> Error: offset too large >>

Re: OpenSSL 3.0 (or 4.0) API goals

On 04/03/2019 12:57, Hubert Kario wrote: > On Monday, 4 March 2019 12:59:26 CET Matt Caswell wrote: >> On 01/03/2019 22:26, Paul Smith wrote: >>> Hi all. >>> >>> I'm reading with interest the details coming out with respect to the >>> next release o

Re: OpenSSL 3.0 (or 4.0) API goals

On 01/03/2019 22:26, Paul Smith wrote: > Hi all. > > I'm reading with interest the details coming out with respect to the > next release of OpenSSL. > > I'm curious if there's any consideration being given to updating the > API for existing interfaces, and/or checking the APIs of any new >

Re: OpenSSL 1.1.1b for WinCE700

ness Solutions (France) > 1 rue Claude Chappe - BP 345 > 07503 Guilherand Granges Cedex > > -Message d'origine- > De : openssl-users De la part de Matt > Caswell > Envoyé : 27 February 2019 18:45 > À : openssl-users@openssl.org > Objet : Re: OpenSSL 1.1.1b for W

Re: AES-cipher offload to engine in openssl-fips

On 27/02/2019 22:20, Richard Levitte wrote: >> I believe Richard is wrong here. Or at least his text could be >> misleading. If the EVP API does the digesting with one module and >> then calls another module to do the RSA signing, that is okay. > > Huh? From the design document, section

Re: OpenSSL Security Advisory

On 27/02/2019 18:43, Scott Neugroschl wrote: > Is this a client-side or server-side vulnerability? Or does it matter? It can apply to either side. Matt > > Thanks, > > ScottN > > --- > Scott Neugroschl | XYPRO Technology Corporation > 4100 Guardian Street | Suite 100 |Simi Valley, CA

Re: OpenSSL 1.1.1b for WinCE700

On 27/02/2019 17:22, Torrelli, Maxime wrote: > Hello, > >   > > Sorry to send you again an email about the same subject but I really need some > help on this topic. I will try to give as much information I can. > >   > > I am using WCECOMPAT tool to compile OpenSSL 1.1.1b for WINCE700 on a

Re: Stitched vs non-Stitched Ciphersuites

On 27/02/2019 16:47, Michael Wojcik wrote: >> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf >> Of Sam Roberts Sent: Wednesday, February 27, 2019 11:33 >> >> Even though this is fixed, would the general advice still be "avoid CBC in >> favour of AESCCM and AESGCM when

Re: Stitched vs non-Stitched Ciphersuites

On 27/02/2019 16:33, Sam Roberts wrote: > On Tue, Feb 26, 2019 at 8:42 AM Matt Caswell wrote: >>> What about AEAD ciphers? Are they considered "stitched"? >> >> No, they are not "stitched" but they are not impacted by this issue. We >> sh

Re: Zombie poddle and Goldendoodle vulnerablity

On 27/02/2019 13:46, Manish Patidar wrote: > Does CVE-2019-1559  is related to these vulnerability. > No, that is entirely different. Matt > > On Wed, 27 Feb 2019, 4:48 pm Matt Caswell, <mailto:m...@openssl.org>> wrote: > > > > On 27/02

Re: Zombie poddle and Goldendoodle vulnerablity

On 27/02/2019 11:07, Manish Patidar wrote: > > Hi,  > There has been two vulnerability reported: golden doodle and zombie poddle.  > Does it impact openssl 1.1.1 or 1.0.2 version ?  > > https://www.tripwire.com/state-of-security/vulnerability-management/zombie-poodle-goldendoodle/ These

Re: Stitched vs non-Stitched Ciphersuites

cted by this issue. We should probably make that clearer in the advisory. Matt > > -- > -Todd Short > // tsh...@akamai.com <mailto:tsh...@akamai.com> > // "One if by land, two if by sea, three if by the Internet." > >> On Feb 26, 2019, at 10:40 AM, Ma

Re: Stitched vs non-Stitched Ciphersuites

On 26/02/2019 15:03, Short, Todd via openssl-users wrote: > The latest security advisory: > > https://www.openssl.org/news/secadv/20190226.txt > > mentions stitched vs. non-stitched ciphersuites, but doesn’t really elaborate > on > which ciphersuites are stitched and non-stitched. The

Re: s_server/s_client on checking middlebox compatibility

On 26/02/2019 06:22, John Jiang wrote: > Is it possible to check if peer implements middlebox compatibility by > s_server/s_client? > It looks the test tools don't care this point. > For example, if a server doesn't send change_cipher_spec after > HelloRetryRequest, s_client still feels

Re: Missing accessor for the EVP_PKEY.engine

On 25/02/2019 13:28, Dmitry Belyavsky wrote: > Hello, > > We've started porting our 1.0.2 application to 1.1.1.  > What is a way to get an engine reference? I did not find a function like > EVP_PKEY_get1_engine Seems to be a missing accessor. Matt

Re: [openssl-project] OpenSSL 3.0 and FIPS Update

On 21/02/2019 15:02, Dmitry Belyavsky wrote: > Dear Matt > > > > On Wed, Feb 13, 2019 at 9:30 PM Matt Caswell <mailto:m...@openssl.org>> wrote: > > Please see my blog post for an OpenSSL 3.0 and FIPS Update: > > https://www.openssl.

Re: implicit connect

On 20/02/2019 20:55, Jeremy Harris wrote: > Hi, > > Is the use of SSL_write() to do an implicit SSL_connect() > expected to save any packets? With 1.1.1a (Fedora 29) I > don't see it doing so; the (TLS1.3) Change Cipher Spec, > Finished is sent in a separate TCP segment to the data > written.

Forthcoming OpenSSL Releases

The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.1.1b and 1.0.2r. There will be no new 1.1.0 release at this time. These releases will be made available on 26th February 2019 between approximately 1300-1700 UTC. OpenSSL 1.0.2r is a security-fix

Re: understand 'openssl dhparms ....'

On 19/02/2019 08:57, Matthias Apitz wrote: > > Two questions: > > 1. Why this has no input file? Shouldn't it have on, and which? The man > page says, it would read stdin, but it doesn't do so. The man page in question is here: https://www.openssl.org/docs/man1.1.1/man1/dhparam.html I draw

Re: [openssl-users] when should client stop calling SSL_read to get TLS1.3 session tickets after the close_notify?

On 16/02/2019 05:04, Sam Roberts wrote: > On Fri, Feb 15, 2019 at 3:35 PM Matt Caswell wrote: >> On 15/02/2019 20:32, Viktor Dukhovni wrote: >>>> On Feb 15, 2019, at 12:11 PM, Sam Roberts wrote: >>> OpenSSL could delay the actual shutdown until we're about to

Re: [openssl-project] OpenSSL 3.0 and FIPS Update

On 15/02/2019 19:03, Sam Roberts wrote: > I don't see a FIPS repo in https://github.com/openssl, or a FIPS > branch in https://github.com/openssl/openssl/branches/all >> Has coding started? If so, is it visible anywhere? If not, where > should we watch for when it does? All coding will be

Re: [openssl-users] when should client stop calling SSL_read to get TLS1.3 session tickets after the close_notify?

On 15/02/2019 20:32, Viktor Dukhovni wrote: >> On Feb 15, 2019, at 12:11 PM, Sam Roberts wrote: >> >> In particular, I'm getting a close_notify alert, followed by two >> NewSessionTickets from the server. >> >> The does SSL_read()/SSL_get_error(), it is returning >> SSL_ERROR_ZERO_RETURN, so I

Re: when should client stop calling SSL_read to get TLS1.3 session tickets after the close_notify?

Resending my answer, because I guess you didn't get it: On 15/02/2019 17:11, Sam Roberts wrote: > Resending, I just got banned for "bounces", though why gmail would be > bouncing I don't know. > > On Thu, Feb 14, 2019 at 2:51 PM Sam Roberts wrote: > In particular, I'm getting a close_notify

Re: [openssl-users] Comments on the recent OpenSSL 3.0.0 specification (Monday 2019-02-11)

On 15/02/2019 03:55, Jakob Bohm via openssl-users wrote: > These comments are on the version of the specification released on > Monday 2019-02-11 at https://www.openssl.org/docs/OpenSSL300Design.html > > General notes on this release: > > - The release was not announced on the openssl-users

Re: [openssl-users] when should client stop calling SSL_read to get TLS1.3 session tickets after the close_notify?

On 14/02/2019 22:51, Sam Roberts wrote: > In particular, I'm getting a close_notify alert, followed by two > NewSessionTickets from the server. This sounds like a bug somewhere. Once you have close_notify you shouldn't expect anything else. Is that an OpenSSL server? Matt -- openssl-users

Re: [openssl-users] Questions about Ciphers

On 14/02/2019 16:42, Patrice Guérin wrote: > Hello, > > I have two questions : > > * I use OBJ_NAME_do_all_sorted() with  OBJ_NAME_TYPE_CIPHER_METH to get the > list of supported cipher methods > Is there a difference between lowercase and uppercase names ? > I've noticed that

Re: [openssl-users] OpenSSL 3.0 and FIPS Update

On 14/02/2019 16:34, Jakob Bohm via openssl-users wrote: > On 13/02/2019 20:12, Matt Caswell wrote: >> >> On 13/02/2019 17:32, Jakob Bohm via openssl-users wrote: >>> On 13/02/2019 12:26, Matt Caswell wrote: >>>> Please see my blog post for an OpenSSL

Re: [openssl-users] [openssl-project] OpenSSL 3.0 and FIPS Update

On 13/02/2019 20:28, Michael Richardson wrote: > > Matt Caswell wrote: > > Please see my blog post for an OpenSSL 3.0 and FIPS Update: > > > https://www.openssl.org/blog/blog/2019/02/13/FIPS-update/ > > Thank you, it is very useful to have these plans ma

Re: [openssl-users] OpenSSL 3.0 and FIPS Update

On 13/02/2019 17:32, Jakob Bohm via openssl-users wrote: > On 13/02/2019 12:26, Matt Caswell wrote: >> Please see my blog post for an OpenSSL 3.0 and FIPS Update: >> >> https://www.openssl.org/blog/blog/2019/02/13/FIPS-update/ >> >> Matt > > Given t

Re: [openssl-users] FIPS Module for OpenSSL 1.1.1

On 13/02/2019 14:00, Jason Schultz wrote: > Thanks for your response. A follow up question based on Matt Caswell's blog > post: Does the blog post imply that the next FIPS module will be based on > OpenSSL 3.0? Or is 3.0 a longer term thing and the next FIPS module will be > for > OpenSSL

[openssl-users] OpenSSL 3.0 and FIPS Update

Please see my blog post for an OpenSSL 3.0 and FIPS Update: https://www.openssl.org/blog/blog/2019/02/13/FIPS-update/ Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Man page suggestion - SSL_get_verify_result

On 12/02/2019 22:29, Hal Murray wrote: > Is there a better place for things like this? > > Please add X509_verify_cert_error_string to the SEE ALSO section of the man > page for SSL_get_verify_result Please raise an issue on github for this sort of thing. Even better create a pull request.

Re: [openssl-users] how is it possible to confirm that a TLS ticket was used?

On 04/02/2019 23:54, Sam Roberts wrote: > And is it possible that this is different for TLS1.2 and 1.3? > > Using TLS1.3, SSL_session_reused() is always returning false, I'm not > sure if that's because I'm doing something else wrong, and the ticket > is not being accepted and a full handshake

Re: [openssl-users] is the openssl wiki down for maintenance, or is something broken?

On 30/01/2019 21:21, Sam Roberts wrote: > https://wiki.openssl.org/index.php/TLS1.3 > > is returning > > ``` > Sorry! This site is experiencing technical difficulties. > Try waiting a few minutes and reloading. > > (Cannot access the database) > ``` > Something was broken. Fixed now. Matt

Re: [openssl-users] EVP_Encrypt/EVP_Decrypt input/output buffers requirements

On 30/01/2019 09:45, Patrice Guérin wrote: > Hello to all, > > Documentation does not provide input/output buffers requirements for > encryption/decryption, so > is it safe to submit the same buffer (ie, input=output) for these operations ? > If not, what is the minimum distance 'd' required

Re: [openssl-users] RSA Digital Signing

On 27/01/2019 17:43, prithiraj das wrote: > Hi All, > > Using OpenSSL, I need to implement digital signing. My approach as of now is: > 1)  At the sender side, generate the hash of the data using sha256. > 2)  Encrypt the hash of the data using RSA Private key for the purpose of > signing. Send

Re: [openssl-users] issue with EVP_EncryptUpdate in XTS mode?

On 25/01/2019 20:16, Andrew Tucker wrote: > I was doing some comparisons of XTS and GCM mode using the EVP APIs and found > a > discrepancy that seems to be an issue with XTS. > > In GCM mode if the buffer is encrypted in one call to EVP_EncryptUpdate or > with > several calls with smaller

Re: [openssl-users] SSL_read() returns -1, and SSL_read_ex does not update readbytes where a record containing a session ticket is being read (TLS 1.3)

>> If no application data is available then you get the -1 (for SSL_read()) or >> 0 (for SSL_read_ex()) return code. You also get that return code for other >> types of issues, and you are supposed to call SSL_get_error() to interpret >> it. > > In this case SSL_get_error() returns 2

Re: [openssl-users] decrypt error

On 24/01/2019 15:33, Matt Caswell wrote: > > > On 24/01/2019 11:00, Scharfenberg, Carsten wrote: >> Thanks for your answer, Matt. >> >> Obviously the issue is caused by the server. >> >> Currently I have two servers: >> 1. The legacy server run

Re: [openssl-users] decrypt error

On 24/01/2019 11:00, Scharfenberg, Carsten wrote: > Thanks for your answer, Matt. > > Obviously the issue is caused by the server. > > Currently I have two servers: > 1. The legacy server running IIS > 2. The new server running HAProxy > I also have two clients: > 1. the actual hardware

Re: [openssl-users] decrypt error

On 24/01/2019 09:19, Scharfenberg, Carsten wrote: > Hello everybody, >   > I’ve just joined this group because I hope you guys can help me with my > problem. >   > I'm using haproxy 1.8.17 and openssl 1.1.1a from Debian testing to serve TLS > 1.2 > connections with client authentication. >

Re: [openssl-users] SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); has no effect with TLS 1.3

On 23/01/2019 13:01, Arran Cudbard-Bell wrote: > As per the subject line: > > SSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF) > > does not seem to disable generation of stateless tickets with TLS 1.3: No - nor does it disable *stateless* tickets with TLSv1.2. The purpose of the above

Re: [openssl-users] SSL_read() returns -1, and SSL_read_ex does not update readbytes where a record containing a session ticket is being read (TLS 1.3)

On 23/01/2019 14:04, Arran Cudbard-Bell wrote: > I'm working with wpa_supplicant to try and fix up its EAP-TTLS and EAP-PEAP > implementations to work correctly with TLS 1.3 and session tickets. > > Where a new_session_ticket message is sent after client/server finish, calls > to SSL_read()

Re: [openssl-users] Binary Distribution DLL Names

On 18/01/2019 11:51, Grahame Grieve wrote: > I got no response to this. I presume that mean that this is a stupid question, > but I'm afraid I don't understand why > > Grahame > > > On Mon, Jan 14, 2019 at 11:45 PM Grahame Grieve > > > wrote: > >

Re: [openssl-users] Question regarding OpenSSL compilations

On 17/01/2019 14:21, Petrescu Constantin Cezar wrote: > Dear sirs/madams, > > My name is Costin Cezar Petrescu and I am a student at Royal Holloway. I am > intending to conduct some research regarding compilation errors, tricks to fix > compiler mistakes and their affects over cryptographic

Re: [openssl-users] cipher names

On 15/01/2019 13:08, Jeremy Harris wrote: > Hi, > > RFC 8316 section 4.3 gives a need for cipher names per the > IANA registry https://www.iana.org/assignments/tls-parameters > > Those have underbars not hyphens, lead with a "TLS_" and > have an embedded "WITH_", in contrast with the strings

Re: [openssl-users] Why openssl is printing session ID where there is none sent by server, when using session ticket?

On 15/01/2019 11:29, M K Saravanan wrote: > Hi, > > When I use openssl s_client to connect to a server which uses session > ticket to resume a session (session ID is turned off), openssl is > still printing a session ID where none is sent by the server (packet > capture shows session ID length

Re: [openssl-users] is there an API to list all the TLS 1.3 cipher suite names?

On 13/01/2019 21:11, Yann Ylavic wrote: > On Tue, Jan 8, 2019 at 11:24 PM Sam Roberts wrote: >> >> node.js has an API that lists all the cipher suite names that can be >> validly passed to set_cipher_list(), but I don't see how to get them >> for TLS1.3 to list the valid inputs to

Re: [openssl-users] Openssl asynchronous operation in real network

e.g. by using SSL_get_all_async_fds() or SSL_get_changed_async_fds() to get hold of the fds, and then followed by "select" or similar. See: https://www.openssl.org/docs/man1.1.1/man3/SSL_get_all_async_fds.html mATT >     > > On Fri, Jan 11, 2019 at 3:12 PM Matt Caswell <mailto:m.

Re: [openssl-users] Openssl asynchronous operation in real network

ithub.com/openssl/openssl/pull/7573 This adds an alternative mechanism for signalling other than using fds (i.e. to use a callback instead) and will be available in OpenSSL 3.0 when it gets released. Matt > > On Thu, Jan 10, 2019 at 10:11 PM Matt Caswell <mailto:m...@openssl.o

Re: [openssl-users] Openssl asynchronous operation in real network

On 10/01/2019 09:39, Ananthu Unnikrishnan wrote: > Hi all, > >         We are not able to access the waitctx address from the job address > using > ASYNC_get_wait_ctx(job) from a thread which starts in the bind section of the > dynamic engine. The job address is the same as that we got > using 

Re: [openssl-users] SSL_sendfile

On 10/01/2019 11:49, vishwas k.n. wrote: > Hello All, > > I had a question regarding supporting sendfile with OpenSSL. Is there a branch > which supports SSL version of the sendfile() ?. No, this doesn't exist. > I wasnt able to locate it in master branch. > If yes, could you please point

Re: [openssl-users] Session params output fails via cron

On 03/01/2019 10:31, Neil Craig wrote: > Hi all > > Does anyone know why openssl (silently) fails to write session data to a file > when run from cron? (It works fine running manually) via e.g.: > /path/to/openssl > s_client -connect :443 -servername -tls1_3 –sess_out I assume you are

Re: [openssl-users] Session params output fails via cron

On 03/01/2019 10:31, Neil Craig wrote: > Hi all > > Does anyone know why openssl (silently) fails to write session data to a file > when run from cron? (It works fine running manually) via e.g.: > /path/to/openssl > s_client -connect :443 -servername -tls1_3 –sess_out > > Running the same

Re: [openssl-users] tls1_change_cipher_state

On 02/01/2019 10:14, Jakob Bohm via openssl-users wrote: > On 02/01/2019 10:41, Matt Caswell wrote: >> >> On 27/12/2018 08:37, Dmitry Belyavsky wrote: >>> Hello, >>> >>> Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are >>

Re: [openssl-users] Openssl async support

On 27/12/2018 15:07, ASHIQUE CK wrote: > Hi all, > >           Thanks for the earlier reply. But still Iam facing issue regarding > the > asynchronous job operation. > >            I have implemented asynchronous job operation partially. I am now > getting requests asynchronously ie. getting

Re: [openssl-users] tls1_change_cipher_state

On 27/12/2018 08:37, Dmitry Belyavsky wrote: > Hello, > > Am I right supposing that local variables tmp1, tmp2, iv1, and iv2 are unused > in > this function? Looks that way. They should be removed. Matt -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] Authentication over ECDHE

On 31/12/2018 11:36, C.Wehrmeyer wrote: > On 31.12.18 10:12, Richard Levitte wrote: >> Yes, it's true, new features are going in.  And it's true that it's >> often more exciting to add new features than to do the janitorial >> work. > > You realised what I have left unspoken thus far, which is

Re: [openssl-users] Authentication over ECDHE

On 28/12/2018 10:22, Christian wrote: > Thank you for the suggestions thus far. I've been working on a simple SSL > client/server system in the last couple days. Unfortunately the SSL > documentation is a right mess, so I don't know what is allowed and what is > not, > which leads to some

Re: [openssl-users] Authentication over ECDHE

On 25/12/2018 20:07, Michel wrote: > Thanks Matt for the reminder about the use of PSK in TLS 1.3. > This leads me to this other question : > Can someone please clarify what is the future of SRP starting with TLS 1.3 ? SRP is not currently supported in OpenSSL with TLSv1.3. AFAIK there is no

Re: [openssl-users] Authentication over ECDHE

On 24/12/2018 19:52, Viktor Dukhovni wrote: >> On Dec 24, 2018, at 2:44 PM, Salz, Rich via openssl-users >> wrote: >> >> Pre-shared keys (PSK) don't require certs, maybe that meets the need. A >> thing to know about PSK is that each side is fully trusted, and if one side >> gets the key

Re: [openssl-users] Authentication over ECDHE

On 24/12/2018 11:51, Christian wrote: > Hello, people. I'm a beginner with OpenSSL and with cryptography in general, > and > have been wondering how to best implement an upcoming system. > > I apologise in advance for any grammar or orthography mistakes, as English > isn't > my native

Re: [openssl-users] OpenSSL v1.1.1 static library size reduction

On 21/12/2018 06:12, prithiraj das wrote: > I am using OpenSSL 1.1.1 from OpenSSL's website and trying to build OpenSSL > on a > Windows 64 bit machine using Perl 64 bit version and nasm v2.13.03. I have > used > the *no-shared* option in the Perl Configure to only build the static library >

Re: [openssl-users] Sending empty renegotiaion_info

On 18/12/2018 08:21, Dmitry Belyavsky wrote: > Hello, > > Is it possible to send empty renegotiation_info extension instead of > TLS_EMPTY_RENEGOTIATION_INFO_SCSV using openssl s_client? No, this isn't possible. We only ever send the renegotiation_info extension on a reneg ClientHello. Matt

Re: [openssl-users] what is the relationship between (Client)SignatureAlgorithms and cipher_list()?

On 04/12/2018 04:56, Sam Roberts wrote: > Do they overlap in purpose, so the cipher list can be used to limit > the signature algorithms? Or are the signature algorithms used for > different purposes than the cipher suites in the cipher list? The answer varies depending on whether you are

Re: [openssl-users] How to disable EECDH in OpenSSL 1.0.2 and 1.1.x?

On 02/12/2018 22:13, Viktor Dukhovni wrote: > > [ While I could ask off-list, or RTFS, someone else might have the > same question later, so might as well ask on-list. ] > > Postfix added support for ECDHE ciphers long ago, back when OpenSSL > 1.0.0 was shiny and new, and the server-side

Re: [openssl-users] What is the need for 0x00 byte prefix in pubkey and prime of a static DH key pair?

On 30/11/2018 05:26, M K Saravanan wrote: > Hi, > > When I create static DH key pair using openssl, why the public key and > prime contains the prefix 0x00 byte? Because otherwise those numbers would be treated as negative (due to the most significant bit being set) which is incorrect. Matt

[openssl-users] OpenSSL Versioning and License

Please see the following blog post about OpenSSL Versioning and License: https://www.openssl.org/blog/blog/2018/11/28/version/ Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] openssl 1.1.1 opaque structures

me time. Matt > > Thanks, > Priya > > > On Tue, 20 Nov 2018 at 23:08, priya p <mailto:priyahere...@gmail.com>> wrote: > > Thanks Matt and Michael. > > On Tue, 20 Nov 2018 at 20:59, Matt Caswell <mailto:m...@openssl.org>> wrote: >

Re: [openssl-users] renegotiation expected to fail when trust configuration has changed.

On 22/11/2018 15:58, Pfluegl, Andreas wrote: > > I expect server_parse_cb() returning 0 to cause the interruption of the > connection. > > Can you confirm this? Yes. According to the docs: "If the B considers the extension data acceptable it must return 1. If it returns 0 or a negative

Re: [openssl-users] OpenSSL - Session Resumption on an On-going Connection

On 22/11/2018 11:15, Filipe Fernandes wrote: >>   You seem to be confused, and have not explained your requirements >>   clearly.  What is your *goal*? > > My goal is to have the Openssl to "perform the TLS Resumption (initiated by > the > Hello Request message from the server or > the Client

Re: [openssl-users] openssl 1.1.1 opaque structures

On 20/11/2018 15:27, Michael Richardson wrote: > priya p wrote: > > In openssl-1.1.1, few structures have been made opaque like HMAC_CTX, > > EVP_CIPHER_CTX etc., > > > There are new API to get and set those structure members. But to > > zeroize those structure members in

Re: [openssl-users] openssl 1.1.1 opaque structures

On 20/11/2018 06:49, priya p wrote: > Hi, > > In openssl-1.1.1, few structures have been made opaque like HMAC_CTX, > EVP_CIPHER_CTX etc., > There are new API to get and set those structure members. But to zeroize those > structure members in place, I dont see any API. > Eg : DH strcuture has

Re: [openssl-users] configuring OpenSSL to split handshake messages

te) { default: /* No post work to be done */ Matt > > Le jeu. 15 nov. 2018 à 12:12, Matt Caswell <mailto:m...@openssl.org>> a écrit : > > > > On 15/11/2018 10:53, Eugène Adell wrote: > > Hello, > > > > I am loo

Re: [openssl-users] configuring OpenSSL to split handshake messages

On 15/11/2018 10:53, Eugène Adell wrote: > Hello, > > I am looking for a way to configure OpenSSL then it will send handshake > records > one by one in their respective TCP packet, instead of sending one big message > containing several records. Typically, in my network captures I see the

[openssl-users] Forthcoming OpenSSL Releases

The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.1.1a, 1.1.0j and 1.0.2q. These releases will be made available on 20th November 2018 between approximately 1300-1700 UTC. These are bug-fix releases. They also contain the fixes for three LOW severity

[openssl-users] OpenSSL Security Advisory

OpenSSL Security Advisory [12 November 2018] Microarchitecture timing vulnerability in ECC scalar multiplication (CVE-2018-5407) === Severity: Low OpenSSL ECC scalar

Re: [openssl-users] Server-side visibility of signature algorithm and key exchange properties?

On 09/11/2018 19:42, Viktor Dukhovni wrote: > On Fri, Nov 09, 2018 at 06:42:28PM +0000, Matt Caswell wrote: > >>> I am having a bit of trouble finding the equivalent information for >>> the 3rd line on the server side. Anyone know how, in TLS 1.3 where &

Re: [openssl-users] Server-side visibility of signature algorithm and key exchange properties?

On 09/11/2018 08:38, Viktor Dukhovni wrote: > On the client side of a TLS connection, I'm easily able to find all > the primary parameters of interest: > > * The cipher used. > * The server signature algorithm (digest, and public key) > * The server key exchange algorithm (public

Re: [openssl-users] x509 manual

On 08/11/2018 12:44, Dmitry Belyavsky wrote: > Hello, > > can anybody clarify what for the abbreviations AVA and RDN stand for? RDN == Relative Distinguised Name AVA == Attribute Value Assertion An RDN consists of an unordered set of AVAs (but most frequently an RDN is made up of exactly one

Re: [openssl-users] a problem connecting to a specific Site ...

On 02/11/2018 21:51, Walter H. wrote: > Hello, > > when I try to connect to https://www.3bg.at/ > I get the following error > > Handshake with SSL server failed: error:1408E0F4:SSL > routines:SSL3_GET_MESSAGE:unexpected message > > but >

Re: [openssl-users] CMP protocol

On 01/11/2018 06:12, EYAL INBAR wrote: > Hello > > I have OpenSSL 1.1.1-dev that have CMP protocol implementation but > didn't find it in the  OpenSSL 1.1.1 version. Is it remove from the > release version?  There is no (and has never been) support for CMP in OpenSSL. There is a recent and

Re: [openssl-users] Reg issue in alert message

When replying, please edit your Subject line so it is more specific > than "Re: Contents of openssl-users digest..." > > > Today's Topics: > >    1. Re: Reg issue in alert message (Matt Caswe

Re: [openssl-users] openssl 1.1.1 cross compile error to vxworks 6.8

On 26/10/2018 09:47, lu zhihong wrote: > Hi，All > Now I am trying build openssl1.1.1 version libs in cross compiler > platform(susu12+Vxworks 6.8 ). the build target is vxworks-ppc860.but it > failed. > I have tried use different Vxworks versions(such as Vxworks6.4,Vxworks6.8),it > still

Re: [openssl-users] ssl_accept failure

On 24/10/2018 23:34, Skip Carter wrote: > I have a server-side application that fails when some clients connect: > > waiting for SSL accept()... > SSL_accept() (0) failure -1 > SSL_accept() (1) failure 5 How did you obtain the error number 5? Is this the return value from SSL_get_error()? If

Re: [openssl-users] Using SM2 ECIES in 1.1.1

On 24/10/2018 15:55, Akira Takahashi wrote: > Hi all, > > > Since the version 1.1.1 supports the SM2 public key cryptography suite I > am trying to test its ECIES (found in crypto/sm2/sm2_crypto.c) over > different standardized prime curves i.e. not just sm2p256v1. > > Is there CLI or

Re: [openssl-users] Reg issue in alert message

ld have the disadvantage of not > supporting ancient Windows OS and SDK versions which, while > unsupported by Microsoft, are still used in far too many places. > > -- > Michael Wojcik > Distinguished Engineer, Micro Focus > > > > > ---

Re: [openssl-users] Reg issue in alert message

send a message with subject or body 'help' to >         openssl-users-requ...@openssl.org > <mailto:openssl-users-requ...@openssl.org> > > You can reach the person managing the list at >         openssl-users-ow...@openssl.org > <mailto:openssl-users-o

<    2   3   4   5   6   7   8   9   10   11   >