Re: [openssl-users] Reg issue in alert message

On 22/10/2018 14:56, ramakrushna mishra wrote: > Hi, > > I am facing an issue after openssl upgrade to 1.1.1.  > I have a odbc client with maximum version support up to TLSv1.2 and  my > database is running with TLSv1.2,TLsv1.3.  > > The handhake is failing and I am getting following contents

Re: [openssl-users] What to do with deprecation errors

On 21/10/2018 20:01, Skip Carter wrote: > Thats what I originally thought. > > I experimented with manually invoking the pre-compiler (cpp) and this > is what I get: > > > DEPRECATEDIN_1_2_0(int EC_GROUP_get_curve_GF2m(const EC_GROUP *group, >  

Re: [openssl-users] What to do with deprecation errors

On 19/10/2018 20:03, Skip Carter wrote: > Hello all, > > I recently installed from source, openssl-1.1.1 on a Debian box (like > most distributions the Debian version is quite old and my application > needs very recent libraries). It built and installed without warnings > or errors (Thanks to

[openssl-users] Browsers deprecating TLS1.1 and TLS1.0

In case you haven't seen these: https://security.googleblog.com/2018/10/modernizing-transport-security.html Summary: TLS1.0/TLS1.1 will be disabled in Chrome 81 in early 2020 https://blog.mozilla.org/security/2018/10/15/removing-old-versions-of-tls/ Summary: Firefox will disable TLS1.0/TLS1.1

Re: [openssl-users] no-async needs -DOPENSSL_NO_ASYNC nonetheless?

On 17/10/2018 22:07, Steffen Nurpmeso wrote: > | > |This is definitely an environmental issue. I just installed an Alpine > |Linux VM. I got the above error consistently when using clang as the > |compiler (whether or not I added "-DOPENSSL_NO_ASYNC"). I got a > |successful build if I used

Re: [openssl-users] sendmail, openssl 1.1.1, tls1.3

t, one per file). > > As for the 16K limit, and whether we should be sending client > CA names without further indication from the (TLS 1.3) client > to do so, I'm hoping Matt Caswell and or other team members > will chime in. > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] no-async needs -DOPENSSL_NO_ASYNC nonetheless?

On 17/10/2018 14:09, Steffen Nurpmeso wrote: > Matt Caswell wrote in : > |On 17/10/2018 13:43, Steffen Nurpmeso wrote: > |> Matt Caswell wrote in : > |>|On 17/10/2018 13:12, Steffen Nurpmeso wrote: > |>|> I have built final 1.1.1 yesterday on AlpineLinux

Re: [openssl-users] no-async needs -DOPENSSL_NO_ASYNC nonetheless?

On 17/10/2018 13:43, Steffen Nurpmeso wrote: > Matt Caswell wrote in : > | > | > |On 17/10/2018 13:12, Steffen Nurpmeso wrote: > |> Hello, and fyi. > |> > |> I have built final 1.1.1 yesterday on AlpineLinux musl after > |> running a prelease from

Re: [openssl-users] no-async needs -DOPENSSL_NO_ASYNC nonetheless?

On 17/10/2018 13:12, Steffen Nurpmeso wrote: > Hello, and fyi. > > I have built final 1.1.1 yesterday on AlpineLinux musl after > running a prelease from end of May before. My makefile rule for > this box is (excerpt) > > ./config --prefix=$(MYPREFIX) zlib-dynamic no-hw shared \ >

Re: [openssl-users] Manual Shutdown of OpenSSL 1.1.x library

On 11/10/18 21:56, Dan Heinz wrote: > Is there currently a way to manually shutdown the OpenSSL library? > > > > We have a DLL that statically links OpenSSL. Our DLL gets loaded and > unloaded multiple times by a process (not our process), and we need > to release OpenSSL each time. This

Re: [openssl-users] SSL_get_peer_certificate returns NULL in client_cert_cb after upgrade to openssl 1.1.1

I opened this issue to track this problem: https://github.com/openssl/openssl/issues/7384 Matt On 11/10/18 10:25, Matt Caswell wrote: > > > On 10/10/18 23:04, Dave Wang wrote: >> Hi there, >> >> I have a client can talk with server, where the client certificate is

Re: [openssl-users] SSL_get_peer_certificate returns NULL in client_cert_cb after upgrade to openssl 1.1.1

On 10/10/18 23:04, Dave Wang wrote: > Hi there, > > I have a client can talk with server, where the client certificate is > loaded in client_cert_cb  based on matching the server side certificate. > > it works perfectly in openssl 1.1.0h, however it stops working after I > upgrade to openssl

Re: [openssl-users] openssl commandline client use

On 11/10/18 09:47, Peter Magnusson wrote: > You would be better off with AES-CCM or such for your backup, that > gives you the integrity check. > i.e. you would be reasonably sure what you decrypt is encrypted with your > key. I'd just point out that CCM and other AEAD modes are not

Re: [openssl-users] client ignoring alert

On 09/10/18 22:27, Jeremy Harris wrote: > Hi, > > OpenSSL version 1.1.1 FIPS, on Fedora 29 > > (on both client and server) > > > I'm seeing a client not receiving, or ignoring, what > should be a fatal alert from the server during handshake. > > The server is requiring a

Re: [openssl-users] Backward compatibility for openSSL letter releases (openSSL 1.0.2 x)

On 09/10/18 10:43, Satish Lvr wrote: > Hi All, > > Can we assume that backward compatibility would be maintained between > letter releases of a version such as openSSL 1.0.2 (Eg: between openSSL > 1.0.2a and openSSL 1.0.2p) unless there is security bug fix ? The OpenSSL policy on this is here

Re: [openssl-users] Issue with using TLS

On 08/10/18 16:43, Sean Glazier wrote: > Hi, > > I have an issue with using a TLS client-server set up. > > on the client side I am using 32 open ssl library version 1.1 and the > same set on the server side in VA smalltalk. Both are on windows. > > On the c side I set the

Re: [openssl-users] Sign and verification using ECC 25519 curve- Bernstein

5519 (i.e. Ed25519). That is only available in OpenSSL 1.1.1. Matt > > > > > On Mon, 1 Oct 2018, 3:41 pm Matt Caswell, <mailto:m...@openssl.org>> wrote: > > > > On 01/10/18 10:11, Linta Maria wrote: > > Hi all, > > > > Does openss

Re: [openssl-users] Seeding before RSA key generation

On 04/10/18 16:14, Salz, Rich via openssl-users wrote: > Which version of OpenSSL are you using? > > 1.0.2 and 1.1.0 have a bad random number generator and must be explicitly > seeded. This is not correct. The RNG in 1.0.2 and 1.1.0 automatically seeds. There is no need to explicitly seed

Re: [openssl-users] Sign and verification using ECC 25519 curve- Bernstein

On 01/10/18 10:11, Linta Maria wrote: > Hi all, > > Does openssl supports sign and verification using ECC 25519 curve > Bernstein?  > > Yes. See: https://www.openssl.org/docs/man1.1.1/man7/Ed25519.html Matt -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] Two sessions in a single full handshake

On 30/09/18 06:05, John Jiang wrote: > Now that full handshake sends two sessions, does that mean option > -sess_out saves both of the sessions to a local file? The last session received is the one in the sess_out file. Matt > If so, when resume session via option -sess_in, which session

Re: [openssl-users] SSL routines:ssl3_read_bytes:tlsv1 alert internal error

On 28/09/18 07:06, DUPALUT, Benjamin wrote: > Hello, > > First of all, sorry if my english isn't very good. > > I'm using freeradius server to authenticate users on Eduroam Wi-Fi. I > set up a local certification authority et signed the freeradius server > certificate using openssl. > > Users 

Re: [openssl-users] openssl-users Digest, Vol 46, Issue 46

On 28/09/18 04:21, Richard Levitte wrote: > Ah, I forgot... we changed the requirements to compile that code, > from this: > > # if defined(__GNUC__) && (__GNUC__ > 3 || (__GNUC__ == 3 && > __GNUC_MINOR__ >= 1)) > > to this: > > # if defined(__SIZEOF_INT128__) &&

Re: [openssl-users] ED25519 key with openssl engine

Perhaps the pkcs11 engine does not support ed25519 keys? Matt On 17/09/18 22:05, Paras Shah (parashah) via openssl-users wrote: > I get the following error when I try to access the ed25519 key stored in > SoftHSM via the openssl engine interface using engine_pkcs11. > >   > > []:~$ openssl

Re: [openssl-users] OpenSSL 1.1.1 Compiler Warnings

On 17/09/18 19:12, Jay Foster wrote: > There were many many more of these, which I omitted for brevity.  I > looked at the source and it does look like the code is trying to stuff a > 64-bit constant into a 32-bit variable.  Does OpenSSL-1.1.1 work on > 32-bit architectures? Yes. It should work

Re: [openssl-users] Re-enable 3DES on NGINX + OpenSSL 1.1.1

On 17/09/18 16:29, Neil Craig wrote: > Hi all > > I'm trying to re-add 3DES support (a temporary move, due to business > requirements) to an NGINX (1.15.3) + OpenSSL (1.1.1) build via the NGINX > build flag --with-openssl-opt=enable-weak-ssl-ciphers which i learnt > from

Re: [openssl-users] License change still scheduled for 1.1.1 ?

On 13/09/18 11:23, Cyrus Naliaka via openssl-users wrote: > 1.1.1 release still has the legacy license. > > Should we still expect a license change? > It is still our intention to change the license at some point however issues remain. It is likely to be some while before we are able to do

Re: [openssl-users] Checksum for openssl-1.0.2p download

On 12/09/18 19:24, Chris Outwin wrote: > I’m an OpenSSL newbie and this is my first post. I’m using OpenSSL for > receipt validation in an iOS application. > > Is there a list of checksums to verify openssl download versions? Next to each download on the website there are links for

Re: [openssl-users] NMAKE fatal error, 32-bit time_t

On 12/09/18 16:23, Thomas J. Hruska wrote: > On 9/12/2018 7:03 AM, Viktor Dukhovni wrote: >> >> >>> On Sep 12, 2018, at 9:53 AM, Thomas J. Hruska >>> wrote: >>> >>> Casting to time_t appears to correct the issue and the build >>> completes successfully: >>> >>>     const time_t default_time =

Re: [openssl-users] Why was early data rejected?

elow command, > echo "M" | openssl s_client -trace -state -CAfile ca.cer -tls1_3 > -sess_out openssl.sess -connect localhost:9443 > The client exited so quickly that didn't receive sever's session ticket. Ahh! Makes sense! Matt > > On Wed, Sep 12, 2018 at 8:16 PM Matt Casw

Re: [openssl-users] Why was early data rejected?

d logs contain the full outputs in the both connections on > server and client sides. > > On Wed, Sep 12, 2018 at 7:09 PM Matt Caswell <mailto:m...@openssl.org>> wrote: > > Nothing particularly unexpected in there. Could you send me the s_server > log

Re: [openssl-users] Why was early data rejected?

ook at the attached s_client.log? > It was outputted by s_client with options -trace and -state in the > second connection. > > Matt Caswell mailto:m...@openssl.org>> 于2018年9月12 > 日周三 下午4:48写道： > > > > On 12/09/18 09:34, John Jiang wrote: > > > >

Re: [openssl-users] Why was early data rejected?

On 12/09/18 09:34, John Jiang wrote: > > It looks the session was resumed, but early data still was rejected. Hmm. Strange. I just tried the exact same sequence of commands and it was accepted. One thing to try is to recompile OpenSSL with the "enable-ssl-trace" config option. Then you can

Re: [openssl-users] Why was early data rejected?

On 12/09/18 08:07, John Jiang wrote: > I just build OpenSSL 1.1.1 on MacOSX. > Tried 0-RTT, and the commands like the followings, > openssl s_server -cert server.cer -key server.key -tls1_3 -early_data > -accept 9443 > ... > openssl s_client -CAfile ca.cer -tls1_3 -sess_in openssl.sess >

Re: [openssl-users] openssl 1.0.2 and TLS 1.3

us is now shifting from implementing TLSv1.3 to implementing the new FIPS module. Matt > > Graeme > > -Original Message- > From: openssl-users On Behalf Of Matt > Caswell > Sent: September 11, 2018 4:31 AM > To: openssl-users@openssl.org > Subject: Re: [open

Re: [openssl-users] openssl 1.0.2 and TLS 1.3

On 11/09/18 14:58, The Doctor wrote: > On Tue, Sep 11, 2018 at 09:31:23AM +0100, Matt Caswell wrote: >> >> >> On 11/09/18 09:05, Dr. Matthias St. Pierre wrote: >>>> Von: openssl-users Im Auftrag von The >>>> Doctor >>>> Gesendet:

[openssl-users] OpenSSL 1.1.1 Blog

Our new Long Term Support release, OpenSSL 1.1.1, including TLSv1.3, has been released today. Please download and upgrade! There is a blog post about the new release and the status of the older releases here: https://www.openssl.org/blog/blog/2018/09/11/release111/ Matt -- openssl-users mailing

Re: [openssl-users] openssl 1.0.2 and TLS 1.3

On 11/09/18 09:05, Dr. Matthias St. Pierre wrote: >> Von: openssl-users Im Auftrag von The >> Doctor >> Gesendet: Dienstag, 11. September 2018 08:49 >> An: openssl-users@openssl.org; openssl-...@openssl.org >> Betreff: [openssl-users] openssl 1.0.2 and TLS 1.3 >> >> Will that combination

Re: [openssl-users] SSL_connect returns SSL_ERROR_SYSCALL and errno == EWOULDBLOCK

BLOCK > But in these cases we “know” what to do (wait for readable when it > appears in SSL_read and wait for writeable when in SSL_write) > Therefore we have the feeling that same blocking happens during > SSL_connect……..? > GJ >   > -Original Message- > From:

Re: [openssl-users] SSL_connect returns SSL_ERROR_SYSCALL and errno == EWOULDBLOCK

On 07/09/18 09:16, Jahn, Gerhard wrote: > Hi, >   > We are using OpenSSl 1.0.2n in our server running on LINUX. > We call SSL_connect() on async socket (after TCP connect completion) to > establish a secure connection. > According to DOC SSL_get_error(() has to be called if SSL_connect() >

Re: [openssl-users] Engines on Mac OS X

On 03/09/18 14:56, Salz, Rich via openssl-users wrote: > *>*Gotcha. In that case why does it get built on Mac? I.e., why doesn’t > the build process exclude it automatically? > >   > > Beats me.  It ends up being a zero-length object file, more or less.  > Perhaps Richard Levitte knows. It

Re: [openssl-users] openssl 1.1.1 release

On 27/08/18 13:50, Juan Isoza wrote: > Openssl 1.1.1 pre 9 is now compatible with final RFC tls 1.3 > > but I see several recent commit , so I suppose we'll see a pre 10 before > final openssl 1.1.1 > > > Any idea for the possible date of publication of 1.1.1 final (if there > is no major

Re: [openssl-users] OpenSSL version 1.1.1 pre release 9 published

On 23/08/18 15:35, Robert Moskowitz wrote: > building my own 1.1.1 pre9 for testing. Note - you would have to build off of git master to get the usability fixes since 1.1.1-pre9 was created prior them being merged. Matt > Wait to push the draft out until 1.1.1 is fully released. > Fudge the

Re: [openssl-users] How to Implement a new PubKey method correctly

On 22/08/18 15:55, Dr. Pala wrote: > Hi all, > > I am working on providing a new Public Key method that will handle > Composite Keys (i.e., multiple keys with different algos - e.g., one RSA > and one EC) and Composite Signatures  (i.e., multiple signatures > generated with the corresponding

Re: [openssl-users] OpenSSL version 1.1.1 pre release 9 published

On 22/08/18 00:53, Robert Moskowitz wrote: > > > On 08/21/2018 06:31 PM, Matt Caswell wrote: >> >> On 21/08/18 16:24, Robert Moskowitz wrote: >>> Thanks! >>> >>> Once Fedora beta picks this up, I will run my scripts against it and see

Re: [openssl-users] OpenSSL version 1.1.1 pre release 9 published

On 21/08/18 16:24, Robert Moskowitz wrote: > Thanks! > > Once Fedora beta picks this up, I will run my scripts against it and see > if all cases of hash with ED25519 are fixed. Unfortunately the command line usability changes for this didn't make it into the beta. They should still be in the

Re: [openssl-users] Shutdown details

though doing so would introduce the possibility of >truncation. > >> As far as I know, OpenSSL has always supported this, even when the >> RFC said that the other side needs to send the close_notify back >> on receiving it. > > We might want to double-check that, I wo

Re: [openssl-users] Multi client DTLS server on OpenSSL 1.1.x broken?

Please could you raise this as a github issue? I'll try and take a look at it (although it may be a while since my current focus is on the 1.1.1 release). Matt On 11/08/18 16:22, Richard Weinberger wrote: > Hi! > > I have a hard time figuring how to write a DTLS UDP server that supports >

Re: [openssl-users] EDDSA key format

On 10/08/18 23:43, Felipe Gasper wrote: > Hi all, > > Do EDDSA keys serialize to any format other than SPKI (public) and > PKCS8 (private)? > > I ask because RSA and ECC both have “native” formats as well as SPKI > and PKCS8. > > Thanks! > No, there are no "native"

Re: [openssl-users] EDDSA crl creation woes

On 08/08/18 20:49, Robert Moskowitz wrote: > Finally back on working on my EDDSA pki. > > Working on beta Fedora29 which now ships with: > > OpenSSL 1.1.1-pre8 (beta) FIPS 20 Jun 2018 > > > To recap, there are challenges on hash specification.  In creating > certs, I cannot have default_md

Re: [openssl-users] About 1.0.2p version release !!

On 08/08/18 21:15, The Doctor wrote: > On Wed, Aug 08, 2018 at 01:46:54PM +0100, Matt Caswell wrote: >> >> >> On 08/08/18 13:39, The Doctor wrote: >>> On Wed, Aug 08, 2018 at 09:27:43AM +0100, Matt Caswell wrote: >>>> >>>> >>&

Re: [openssl-users] About 1.0.2p version release !!

On 08/08/18 13:39, The Doctor wrote: > On Wed, Aug 08, 2018 at 09:27:43AM +0100, Matt Caswell wrote: >> >> >> On 08/08/18 04:31, Juan Isoza wrote: >>> and final 1.1.1 >> >> There is no date yet. We are still waiting on the official publication >>

Re: [openssl-users] About 1.0.2p version release !!

On 08/08/18 04:31, Juan Isoza wrote: > and final 1.1.1 There is no date yet. We are still waiting on the official publication of the TLSv1.3 RFC which we anticipate happening any day now. Once that happens there will be another 1.1.1 beta release cycle soon after. Assuming no major issues are

[openssl-users] Forthcoming OpenSSL releases

Forthcoming OpenSSL releases The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 1.1.0i and 1.0.2p. These releases will be made available on 14th August 2018 between approximately 1200-1600 UTC. These are bug-fix releases.

Re: [openssl-users] openssl-1.1.0-stable-SNAP-20180802 issue

The fix is already pending: https://github.com/openssl/openssl/pull/6843 Just waiting on it being pushed. Matt On 02/08/18 13:28, Blumenthal, Uri - 0553 - MITLL wrote: > Same problem on Linux. > > Regards, > Uri > > Sent from my iPhone > >> On Aug 2, 2018, at 07:47, The Doctor wrote: >>

Re: [openssl-users] openssl-1.1.1 make test error on Red Hat Enterprise Linux 6.1.

Please can you submit this problem as a github issue: https://github.com/openssl/openssl/issues Thanks Matt On 01/08/18 09:14, 市來敏 / ICHIKI，BIN wrote: > Hello, everyone. My name is Bin Ichiki. > > I'm trying to install openssl-1.1.1-pre8 on Red Hat Enterprise Linux > 6.1(RHEL6.1). > > But

Re: [openssl-users] Initialising OpenSSL more than once - how do we handle this?

On 30/07/18 19:08, Marty G wrote: > On 07/30/2018 01:27 PM, Salz, Rich via openssl-users wrote: > >> > I never thought I'd see the day that someone would have to defend >> not leaking memory in pivotal security code like openssl however >> >>   >> >> To be accurate, it was a couple of people

Re: [openssl-users] Ed25519 and X.509

need for a separate OID for the sig/hash pair. Matt > > Thank you! > > -FG > >> On Jul 28, 2018, at 7:10 AM, Matt Caswell wrote: >> >> >> >>> On 28/07/18 03:49, Felipe Gasper wrote: >>> Hi all, >>> >>>Are there yet O

Re: [openssl-users] Ed25519 and X.509

On 28/07/18 03:49, Felipe Gasper wrote: > Hi all, > > Are there yet OIDs for Ed25519-signed X.509? I know about the drafts > for the key format but am not aware of actual OIDs to identify the signature > hash algorithm. > > Thank you! > See:

Re: [openssl-users] genpkey for ed25519

On 27/07/18 15:04, Tomas Mraz wrote: > On Fri, 2018-07-27 at 09:44 -0400, Robert Moskowitz wrote: >> Here we go again with figuring out what to put in the command >> lines. >> Dr. Google is not giving up enough answers. >> >> For ecdsa I started with: >> >> openssl genpkey -aes256 -algorithm

Re: [openssl-users] How to compile OpenSSL 1.0.x with versioned symbols ?

On 19/07/18 07:08, pratyush parimal wrote: > Hi all, > > Are people familiar with how to get symbols versioned with versions > like "OPENSSL_1.0.x" in the libcrypto.so after compiling it > yourselves? OpenSSL as sourced from the OpenSSL project does not support this in 1.0.x. > Problem is,

Re: [openssl-users] ESNI in 1.1.1?

On 17/07/18 10:00, Angus Robertson - Magenta Systems Ltd wrote: > Is there any way that Encrypted Server Name Indication will make the > 1.1.1 release, or is too late or too experimental? 1.1.1 is frozen for new features, so there is no chance this would be included. In any case this is

Re: [openssl-users] Deployment

On 16/07/18 15:32, Dean Warren wrote: > Another good question. > > I believe from the information I have been provided that 0.9.8za fixes the > issues previously described for 0.9.8h, on SLES 11 SP1 (apparently). > (Unless I am missing something here - highly possible?) 0.9.8za may fix some

Re: [openssl-users] How to send alert in handshake?

On 27/06/18 12:41, Felipe Gasper wrote: > RFC 3546, in describing the SNI extension, recommends that servers send a > warning to clients that request an unknown server name. (Page 9) > > I’d like to implement that warning .. could someone please point me to which > API functions expose this

Re: [openssl-users] Open SSL 1.1.1 release

On 22/06/18 16:07, Matt Caswell wrote: > > > On 22/06/18 16:03, Juan Isoza wrote: >> >> Hello, >> I'll soon release a software which contain openssl (static linked). >> >> I must choose between using 1.1.0, 1.1.1 pre 8, or wait some week .I >>

Re: [openssl-users] Open SSL 1.1.1 release

On 22/06/18 16:03, Juan Isoza wrote: > > Hello, > I'll soon release a software which contain openssl (static linked). > > I must choose between using 1.1.0, 1.1.1 pre 8, or wait some week .I > think TLS 1.3 support is great. > > Can we suppose 1.1.1 final will be released soon ? There is no

Re: [openssl-users] Call for testing TLS 1.3

On 21/06/18 10:44, John Jiang wrote: > If s_server doesn't use option -early_data, the NewSessionTicket won't > contain early_data extension, > and then in the second connection, s_client won't send early data even > option -early_data is used. > Right? Correct. > Is it possible to take

Re: [openssl-users] Double TLS 1.3 session ticket?

On 20/06/18 23:17, Yann Ylavic wrote: > They are not really transactions since the client isn't supposed to > send anything in between, This is not the case. The client can be sending data before, during/in between, and after the period that the server is issuing tickets. Matt --

Re: [openssl-users] Double TLS 1.3 session ticket?

On 20/06/18 22:31, Yann Ylavic wrote: >>>Thanks, it does not happen with mozzilla implementation >> (tls13.crypto.mozilla.org), is this openssl specific or part of the >> specification? >> >> The specification allows a server to send one or more tickets, at its >> discretion. > >

Re: [openssl-users] Unexpected behaviors in TLS handshake

y *two* sig algs extensions, i.e. "signature_algorithms" and "signature_algorithms_cert". The latter enables you to specify acceptable signature algorithms in a certificate chain separately from signatures algorithms in the TLSv1.3 CertificateVerify message. Hope that helps, M

Re: [openssl-users] Call for testing TLS 1.3

On 20/06/18 07:11, John Jiang wrote: > 2018-06-19 6:21 GMT+08:00 Matt Caswell <mailto:m...@openssl.org>>: > > > > On 18/06/18 21:23, Hubert Kario wrote: > > On Friday, 8 June 2018 10:26:07 CEST Matt Caswell wrote: > >&

Re: [openssl-users] Unexpected behaviors in TLS handshake

On 20/06/18 09:44, Devang Kubavat wrote: > Hi all, > > I set the signature algorithm using in client, > > /* signature algorithm list */ > > (void)SSL_CTX_set1_client_sigalgs_list(ctx, “RSA+SHA512”); > >   > > Expected behavior: client only accepts server certificate which has > signature

Re: [openssl-users] help : tls1.3 : tls1.2 test case failing after integration of openssl-1.1.1-pre7

On 19/06/18 16:18, Chakrapani Reddy wrote: > Hello  , > > Started using openssl-1.1.1-pre7 (pre-release 7) in my lab. Compiled the > code in Linux successfully. When I run the tls1.2 test case observed > that it's failing with openssl-1.1.1-pre7 but the same test case is > passing with the

Re: [openssl-users] Regarding to disable some signature algorithm in client hello message

On 19/06/18 07:16, Devang Kubavat wrote: > Hi, > >   > > I want to disable the SHA1 hash algorithm in Extension: signature > algorithm client hello message. > >   > > I have used > >   /* the signature algorithms list */ > >   constcharsignAlgo[] = "RSA+SHA256"; > >  

Re: [openssl-users] Call for testing TLS 1.3

On 18/06/18 21:23, Hubert Kario wrote: > On Friday, 8 June 2018 10:26:07 CEST Matt Caswell wrote: >> On 08/06/18 02:48, John Jiang wrote: >>> Is it possible to check Key/IV update feature via these tools? >>> Thanks! >> >> Yes. See the "CONNECTED

Re: [openssl-users] I need help to implement triple des algorithm with openssl

On 15/06/18 14:34, Fernando A wrote: > Hi all, > > I am not an expert with openssl and I need replace a component in c# > that run algorithm Triple DES. > I tried in the command line something like this  > "openssl enc -des-ede3 -k 1234567890123456ABCDEFGH -in test.txt -out > test.enc" > > but

Re: [openssl-users] OpenSSL 1.1.0: How to get X509_STORE from X509_LOOKUP?

On 12/06/18 10:58, Stephan Mühlstrasser wrote: > In OpenSSL 1.0.2 this was no problem as the "X509_STORE *store_ctx" > member of the X509_LOOKUP structure was directly accessible. But in > OpenSSL 1.1.0 the X509_LOOKUP structure is opaque, and as far as I can > see there is no API function

Re: [openssl-users] OpenSSL patch for CHACHA cipher support in OpenSSL 1.0.2

On 11/06/18 16:44, Srivalli Kuppa (srikuppa) via openssl-users wrote: > 1. Do we have a stable OpenSSL patch that can be applied to OpenSSL > 1.0.2 version to support CHACHA cipher both as a server/client? No. Chacha/Poly1305 support is only available from version 1.1.0 upwards. > 2.

Re: [openssl-users] how to import external rsa public key in openssl.

On 08/06/18 11:29, Sangsub wrote: > char buf[2] = {0,}; > memcpy(buf, pStr, sizeof(buf)); > > out[i] = (unsigned char)strtol(buf, NULL, 16); This looks wrong. "buf" is not NUL terminated so strtol could give an incorrect result.

Re: [openssl-users] Confused about client side session caching

On 08/06/18 10:18, Angus Robertson - Magenta Systems Ltd wrote: >> The get_session_cb is only ever called for servers. The >> new_sesion_cb and remove_session_cb can be called for clients and >> servers. >> >> When you refer to the the "TLSv1.3 notes" do you mean this page? >>

Re: [openssl-users] how to import external rsa public key in openssl.

On 08/06/18 08:02, Sangsub wrote: > > I would like to perform operations such as RSA signature verification > through an RSA public key file received from an external server. > Key values are given in der format or pem format as follows. > >

Re: [openssl-users] Call for testing TLS 1.3

n1/s_client.html Basically typing "k" or "K" from an s_server/s_client session will issue a KeyUpdate message. Using the capitalised form ("K"), additionally requests a KeyUpdate from the peer. Matt > > 2018-05-23 20:33 GMT+08:00 Matt Caswell <mailto:m...@open

Re: [openssl-users] openssl problems

On 07/06/18 21:40, wazzu62 wrote: > read from 0x55f11344dea0 [0x55f113455ee3] (5 bytes => 5 (0x5)) > - 48 54 54 50 2fHTTP/ Here is your problem. s_client sends a TLS ClientHello to the server. And the server responds with HTTP!!! The server is not using

Re: [openssl-users] Confused about client side session caching

On 07/06/18 19:48, Angus Robertson - Magenta Systems Ltd wrote: > I'm reading the TLSv1.3 notes that suggest SSL_CTX_sess_set_get_cb is > called for both clients and servers, but am confused by the > documentation. > The get_session_cb is only ever called for servers. The new_sesion_cb and

Re: [openssl-users] openssl problems

On 07/06/18 17:57, wazzu62 wrote: > When I run the following command on the server the reverse proxy is pointing > to I get a similar error > *openssl s_client -connect localhost:443* > CONNECTED(0003) > 140508314333632:error:1408F10B:SSL routines:ssl3_get_record:wrong version >

Re: [openssl-users] Selection of DHE ciphers based on modulus size of DH

On 07/06/18 16:02, Jordan Brown wrote: > I do not understand, however, how the 80 relates to a 1024-bit limit. It's a measure of the "security bits" of an algorithm according to table 2 in this doc: https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-57pt1r4.pdf Matt --

Re: [openssl-users] Selection of DHE ciphers based on modulus size of DH

On 07/06/18 04:10, Viktor Dukhovni wrote: > > >> On Jun 6, 2018, at 7:15 PM, Salz, Rich via openssl-users >> wrote: >> >> Without commenting on whether or not your understanding is correct (the >> client gets the params and can see how big the key is, no?), I will point >> out that the way

Re: [openssl-users] Call for testing TLS 1.3

On 24/05/18 10:58, John Jiang wrote: > Should I see PSK identity here? Or, it is the TLS session ticket. It's the session ticket. > A HelloRetryRequest will occur if the key share provided by the client > is not acceptable to the server. By default the client will send an > X25519

Re: [openssl-users] Facing issue while reading RSA private key (DER format)

On 23/05/18 12:10, Ruchi Tyagi wrote: > Hi, > >   > > I am working on a project where we are trying to Replace RSA Bsafe > crypto C library with openssl. I have a RSA key pair (attaching the key > files) generated using RSA Bsafe library. > > I am  able to read the public key using the below

Re: [openssl-users] Call for testing TLS 1.3

On 23/05/18 12:39, John Jiang wrote: > Hi, > If just using s_server and s_client, can I test the TLS 1.3 features, > likes HelloRetryRequest and resumption? Yes. To create a normal (full handshake) TLSv1.3 connection just use s_server/s_client in the normal way, e.g. $ openssl s_server -cert

Re: [openssl-users] test make_verify fails on brand new red hat enterprise 7 box

On 18/05/18 16:22, Philippe Anctil wrote: > Hi, > > I have been compiling openssl libraries on RHEL5 for a while without > issue. My build for 1.0.2k fails on a new RHEL7 server. I have narrowed > down the cause to the make_verify test.  > > > > make verify_test # from test dir I think you

Re: [openssl-users] EVP AES Wrap

On 16/05/18 18:55, Luís Martins wrote: > Hi, > >     I'm trying to use the EVP AES wrap implementations from openssl > (e.g. EVP_aes_128/192/256_wrap()) but I'm getting the following error in > EVP_EncryptInit_ex() f: >     error:0607B0AA:digital envelope routines:EVP_CipherInit_ex:wrap mode >

Re: [openssl-users] Extracting ResponderID from OCSP in OpenSSL 1.1

On 30/04/18 21:47, Johanna Amann wrote: > Hi, > > I wanted to check if it is still possible to extract the ResponderID from > a OCSP BasicResponse. > > In OpenSSL 1.0 we used this code to do this: > > resp_id is of type OCSP_RESPID*: > > if (resp_id->type == V_OCSP_RESPID_NAME) >

Re: [openssl-users] Call for testing TLS 1.3

On 30/04/18 21:55, Dennis Clarke wrote: > On 30/04/18 03:48 PM, Salz, Rich via openssl-users wrote: >>   I think that makes a very strong argument that TLS 1.3 should be >> enabled by default if it all possible. > > > Question would be "why would it not be?" TLSv1.3 behaves differently to

Re: [openssl-users] Get raw RSA public key from X509 certificate

On 27/04/18 15:01, Ken Goldman wrote: > That was it!  What threw me off is that the documentation says: > > TYPE *d2i_TYPE(TYPE **a, unsigned char **ppin, long length); > > but RSAPublicKey isn't a type.  So the pattern of TYPE being a structure > name didn't hold. Ahh. Interesting. In

Re: [openssl-users] Get raw RSA public key from X509 certificate

On 26/04/18 23:48, Ken Goldman wrote: > On 04/26/18 16:37, Matt Caswell wrote: >> >> >> On 26/04/18 21:17, Ken Goldman wrote: >>> I have to get the raw public modulus, but I cannot X509_get_pubkey() >>> because of a non-standard object identifier. >>

Re: [openssl-users] Get raw RSA public key from X509 certificate

On 26/04/18 21:17, Ken Goldman wrote: > I have to get the raw public modulus, but I cannot X509_get_pubkey() > because of a non-standard object identifier. > > I can use X509_get_X509_PUBKEY() to get part way there.  I see the DER > wrapped key in the public_key.data element, but I don't know

Re: [openssl-users] Pre-TLS Handshake Data

On 20/04/18 04:26, Gary Johnson wrote: > Hey Folks, > > I'm trying to figure out what this data is that is being sent pre-handshake: > > $ openssl s_client -connect google.com:443 > -debug -state -msg > CONNECTED(0005) > SSL_connect:before/connect initialization >

Re: [openssl-users] Applying security patches to 0.9.8a

On 17/04/18 23:36, Rob Marshall wrote: > Hi, > > The OS is SLES 10 SP3 and there are currently close to 80 binaries > that appear to use libssl.so.0.9.8. They are from a bunch of different > packages, so I would imagine that updating to anything more recent > than 0.9.8 would be a major hassle

Re: [openssl-users] CVE-201-0737

On 16/04/18 16:59, Scott Neugroschl wrote: > Hi, > > I'm trying to make sure I have grokked this advisory properly. > > The advisory says this is a cache timing side channel attack on key > generation. So am I correct in assuming that a potential attacker must > > 1) Already have access to

Re: [openssl-users] OpenSSL 1.1.0 assertion failure: ssl_free_wbio_buffer()

On 16/04/18 11:38, Matt Caswell wrote: > > > On 16/04/18 09:19, marcus.schafheu...@gmx.de wrote: >> SSL_set_bio(ssl, NULL, NULL); // free BIOs when finished > > There should be no reason to do this. The BIO's will get freed > automatically by the SSL_free() call. &

<    3   4   5   6   7   8   9   10   11   12   >