RE: Crashes when generating certificate

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of > Karl Denninger > Sent: Tuesday, May 14, 2019 09:22 > On 5/14/2019 09:48, Michael Wojcik wrote: > > I can't think of what remnant of the old certificate would be there, > > except the ce

RE: Crashes when generating certificate

ackup. Encrypting the key helps but then you're relying on the entropy in the key passphrase.) -- Michael Wojcik Distinguished Engineer, Micro Focus

Re: SSL_read() returning SSL_ERROR_SYSCALL with errno 11EAGAIN

ly means using a mechanism such as select or poll to determine when the socket is readable, then trying the OpenSSL receive again. But looking at the return value of SSL_want_write() seems safe enough. That's my understanding. Someone else may know better. -- Michael Wojcik

Re: partial SSL_read()

, the attack succeeds. Even just attempting to decrypt and log the partial data could be dangerous, for example if the log is later displayed using a web-based tool that has an XSS vulnerability, or some sort of binary parser with an exploitable overflow (e.g. a buggy Wireshark dissector). -- Michael Wojcik

RE: Shall I expect SHA3 support in OpenSSL-1.0.2 series?

pted) when it's available. The alternative is to support 1.0.2 yourself, and I'd estimate that 99% of OpenSSL users aren't qualified to do that. -- Michael Wojcik Distinguished Engineer, Micro Focus

RE: rand interface while upgrading openssl

the way of internal noise sources such as clock skew. Some CPUs have entropy sources, such as Intel's RDRAND; if you trust them (and in an embedded application you may not have much choice) you can use that. -- Michael Wojcik Distinguished Engineer, Micro Focus

RE: libssl 1.1 blocking with multi-forking application

ry to trace it back to confirm what was locked after the fork (put a breakpoint on the child side of the fork, then inspect the mutex object at that point). Then you can try to figure out why it was locked when you forked. OpenSSL 1.1.1b doesn't seem to provide a way to reinitialize the mutexe

RE: i2d_X509_REQ() -> d2i_X509_REQ() = asn1 encoding routines:c2i_ASN1_OBJECT:invalid object encoding:a_object.c:287

hey prefer. I'm by no means an ASN.1 expert, so this may be a dumb idea. -- Michael Wojcik Distinguished Engineer, Micro Focus

RE: Using (not building) openssl with mingw on Windows 10

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of > Ken Goldman > Sent: Thursday, March 21, 2019 13:44 > To: openssl-users@openssl.org > > On 3/20/2019 12:41 PM, Michael Wojcik wrote: > > > > > Sounds like you might have i

RE: Using (not building) openssl with mingw on Windows 10

ft C runtime if you were building static libraries, whereas we wanted static libraries linked with the dynamic runtime. (I don't remember offhand if we had to do the same for 1.1.1.) -- Michael Wojcik Distinguished Engineer, Micro Focus

RE: OpenVPNGui 2.4.7 fails: format error in certificate's notAfter field

for use by non-TLS X.509 applications). (See e.g. http://openssl.6102.n7.nabble.com/openssl-org-1854-GeneralizedTime-support-in-openssl-ca-td38848.html.) Personally, I find that argument persuasive too, and think that it would be appropriate to have a mechanism to disable the 5280 checks. Maybe I&#

RE: ECC keypair generation with password

> From: Michael Wojcik > Sent: Thursday, February 28, 2019 15:55 > > Have you tried just changing the PEM header and footer? ... Whoops. Just saw Viktor's response. Never mind. -- Michael Wojcik Distinguished Engineer, Micro Focus

RE: ECC keypair generation with password

hat (it expects an unencrypted EC keypair for "EC PRIVATE KEY"), but maybe this other library does. Are you sure the other library is expecting an encrypted key? Have you tried with an unencrypted one, but using the "EC PRIVATE KEY" header/footer? -- Michael Wojcik Distinguished Engineer, Micro Focus

RE: Stitched vs non-Stitched Ciphersuites

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of > Matt Caswell > Sent: Wednesday, February 27, 2019 12:07 > > On 27/02/2019 16:47, Michael Wojcik wrote: > > > > Frankly, this latest vulnerability in OpenSSL 1.0.2 feels pretty minor in > &

RE: Stitched vs non-Stitched Ciphersuites

econd if the first succeeds), and it has to have different behavior that's visible to the attacker for the two cases, in order to be a useful oracle. AND it has to be using a non-stitched implementation of a vulnerable cipher. It's a relatively narrow branch of the attack tree. -- Michael Wojcik Distinguished Engineer, Micro Focus

RE: How to not use a configured engine?

figuration issue? That's the approach I've taken with my test CA. See https://www.openssl.org/docs/man1.1.1/man5/config.html. Unfortunately I haven't looked at how the engine system may have changed in 1.1.1, so I can't respond to your main question. -- Michael Wojcik Distinguished Engineer, Micro Focus

Re: [openssl-users] How to use a specific ip interface while testing TLS/SSL connectivity.

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of > Viktor Dukhovni > Sent: Friday, February 08, 2019 13:00 > > > On Feb 8, 2019, at 12:55 PM, Michael Wojcik > wrote: > > > > For IPv4: Create your socket, bind it to the local interfac

Re: [openssl-users] How to use a specific ip interface while testing TLS/SSL connectivity.

alue. Then connect using that, create BIO, etc. Note that all of this will only work if the peer can actually be reached using that interface. Another alternative is to configure your routing table with a host route to the peer using the desired interface. -- Michael Wojcik Distinguished

Re: [openssl-users] Smartcard cert used for encrypt\decrypt

x27;t have it, you'll have to build it. opensc-pkcs11.dll is the PKCS#11 driver from the OpenSC open-source smartcard interface project. OpenSC has a configuration file which needs to be set up to match your particular hardware. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Compiling openssl 1.0.2q for OS390-Unix

IG_new, and X509_SIG_free. Similarly, there's PKCS12_AUTHSAFES but no PKCS12_AUTHSAFES_it. It's possible those were introduced after 1.0.2n, though. My suggestion would be to scan all the generated .o files with nm to see where those symbols are being introduced (apparently they

Re: [openssl-users] crypto/objects/o_names.c problem with Solaris 10 and strict Oracle Studio 12.6 c99

would have been with OpenSSL 1.0.2 or possibly earlier. I'm not sure when we switched to gcc on Solaris. So unfortunately I don't have any more-specific advice for building 1.1.1 using the Developer Studio toolchain. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] crypto/objects/o_names.c problem with Solaris 10 and strict Oracle Studio 12.6 c99

for it to be a shared object) with a case-insensitive string comparison function named cmpstrci. It can use strcasecmp if it must, or you can implement your own. Or the problem might be something else, of course, but the fact that strings.h does appear in the output but strcasecmp isn't declared do

Re: [openssl-users] in the department of "ain't no perfect"

t told us what version of OpenSSL you're using. Or your platform, though since this is an API question that shouldn't matter (unless someone can suggest an alternative API - which, come to think of it, someone might, if only we knew more about your platform and application). -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] SSL_CTX_set_cert_verify_callback and certificate access

ggest many, likely most, SSH users practice poor key hygiene, accepting public keys without checking their provenance. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Close TCP socket after SSL_clear()?

/handles, but it does send a FIN (for SHUT_WR) or flush inbound data and refuse to receive any more (for SHUT_RD) on the conversation, which of course affects all descriptors/handles. So if your application creates multiple references to the conversation, then depending on your design, you might wa

Re: [openssl-users] Close TCP socket after SSL_clear()?

plications used shutdown(SHUT_RDWR) + getsockopt(SO_ERROR) + close, and reported the error (if there is one) for diagnostic purposes. But beyond that there isn't a lot most applications can do, and for most a simple close is probably going to be fine. But as I said I may have overlook

Re: [openssl-users] SSL_CTX_set_cert_verify_callback and certificate access

r approach than inventing your own mechanism. Regarding Corey's original note: SSL/TLS does not have a "username" concept because it would be redundant or inconsistent. A certificate is a peer identifier; it takes the place of a username. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Session params output fails via cron

he intention clear. (Yes, the intention of your version is clear to old UNIX hands. It might not be to other people.) I'm ignoring portability considerations, since I personally don't think this would be a great thing to implement in the apps, so I'm not going to be submitting a PR

Re: [openssl-users] Session params output fails via cron

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of > Jakob Bohm via openssl-users > Sent: Thursday, January 03, 2019 09:52 > To: openssl-users@openssl.org > Subject: Re: [openssl-users] Session params output fails via cron > > > Maybe cron jobs are run without a valid std

Re: [openssl-users] How can I compile nginx with openssl to support 0-rtt TLS1.3

or in whatever version of nginx you're running. It's also possible that there's some issue with the Firefox build you're running and its 0-RTT support. My suspicion though is that nginx is not enabling 0-RTT in nginx. -- Michael Wojcik Distinguished Engineer, Micro Focus

Re: [openssl-users] Decrypting an OpenSSL encrypt AES256-CBC data

tocol to know which would be appropriate in your case. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] How to find the right bug

e are at least a few labeled "good first issue" (I'm not sure how many because I'm not enabling a bunch of scripts just to get github's filtering to work), and in any case there are plenty there to choose from. -- Michael Wojcik Distinguished Engineer, Micro

Re: [openssl-users] AssAccess was passed with no amendments

have expressed, and continue to express, their opinions of the Assistance and Access Bill. That includes numerous cryptography and security experts, and representatives of organizations which are active in those areas. Some random posts in openssl-users will not materially change the course or

Re: [openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Michael Ströder > Sent: Saturday, December 08, 2018 06:59 > > On 12/7/18 11:44 PM, Michael Wojcik wrote: > > Homograph attacks combined with phishing would be much cheaper and > > easier

Re: [openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

those requirements can't be verified by the vast majority of users. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] [EXTERNAL] Re: Self-signed error when using SSL_CTX_load_verify_locations CApath

ven better, two different error codes: > > - "Only self-signed end certificate provided" > > - "Provided chain ends with unknown root certificate" > > (Deciding which one keeps the old error code is left as > an exercise). I can raise that as a possibilit

Re: [openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

ten there are better things to address first. TLS configuration is important, but certainly for the software projects I work on there are any number of important areas for further work. You can't do everything at once. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] [EXTERNAL] Re: Self-signed error when using SSL_CTX_load_verify_locations CApath

mostly consistent, safe naming conventions for external identifiers, thank goodness.) -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] [EXTERNAL] Re: Self-signed error when using SSL_CTX_load_verify_locations CApath

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Viktor Dukhovni > Sent: Saturday, December 01, 2018 13:53 > > On Sat, Dec 01, 2018 at 07:12:24PM +, Michael Wojcik wrote: > > > > Are there compatibility concerns around changing error m

Re: [openssl-users] [EXTERNAL] Re: Self-signed error when using SSL_CTX_load_verify_locations CApath

; I agree the text could be better, but not sure in what releases > if any to change the text, since the change may cause issues > for some users. Sure, this is always a concern. Maybe the change could be considered for OpenSSL 3.0, since that's a major release. -- Michael Wojcik

Re: [openssl-users] Self-signed error when using SSL_CTX_load_verify_locations CApath

developers (at least in my experience), I wonder whether changing the text to "Untrusted self-signed certificate in certificate chain" would help. That would suggest to the user that the problem might be an issue with the trust store. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] error message oddity

You might want to check what strerror_r gives you, rather than strerror, since on GCC platforms that's what OpenSSL uses. Also, OpenSSL builds its table of error strings at startup (or, for older versions, when you tell it to). It's conceivable an application's NLS settings changed between the

Re: [openssl-users] configuring OpenSSL to split handshake messages

context) should not try to control how messages appear on the wire, aside from attempting to avoid small sends when there is additional data available to send. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Exclude unwanted ciphers during build

time you post a question to any public forum about any software product. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] compile warning on 32bit platform:integer constant is too large for 'long' type

ed sources to fail when the implementation doesn't support unsigned long long. That's better than a bunch of warnings which many people are likely to ignore. If there are platforms which support 64-bit integer constants but not the "ULL" suffix, we could hide this behind a

Re: [openssl-users] OpenSSL vs GPG for encrypting files? Security best practices?

e use cases. > I want to keep at least two copies of data in different locations for > disaster recovery. Each copy itself should > have a backup stored with it in case of a bit error. OK. It's good to consider and mitigate various failure modes. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] OpenSSL vs GPG for encrypting files? Security best practices?

> From: openssl-users on behalf of Nicholas > Papadonis > Sent: Friday, November 2, 2018 14:29 > I read Where? It's hard for us to determine the quality of your source, or your interpretation of it, if we don't know what it is. > that the OpenSSL AES-CBC CLI mode is prone to a malleable atta

Re: [openssl-users] Reg issue in alert message

TLS is mightly confusing in general. It is interesting to note that those two options happen to have the same value, though, particularly given the similarity of the two function names. This is one of those cases where C's weak type system is a problem. Though it would be nice if OpenSSL use

Re: [openssl-users] CAPI-Engine doc

rting ancient Windows OS and SDK versions which, while unsupported by Microsoft, are still used in far too many places. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Openssl Build Error- module unsafe for SAFESEH image/Unable to generate SAFESEH image

; error. You appear to have added /SAFESEH to the generic linker flags, so it's being used for both x86 (32-bit) and x64 (64-bit). It's only allowed for x86. The error you showed (and, by the way, it's better to copy and paste text than to send a screenshot) is for the x64 build

Re: [openssl-users] openssl commandline client use

-own cryptosystems are a Bad Idea. I think providing advice like "use an AEAD mode" is bad, because it implies that crypto non-experts can safely create cryptosystems that avoid well-known pitfalls. History suggests otherwise. -- Michael Wojcik Distinguished Engineer, Micr

Re: [openssl-users] openssl commandline client use

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Viktor Dukhovni > Sent: Wednesday, October 10, 2018 23:12 > > On Thu, Oct 11, 2018 at 01:23:41AM +, Michael Wojcik wrote: > > > - Data recovery from an encrypted backup is tough. With CBC,

Re: [openssl-users] openssl commandline client use

, but in my opinion your question is severely underdetermined, and it sounds like you're potentially open to some rather serious failures. That may not be a concern - again, I don't know what your use case or threat model is. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] How to build libcrypto64*.lib and libssl64*.lib on Windows 64-bit?

ns of their libraries. Todd may well be correct that OP is looking at a LibreSSL package, not an OpenSSL one. (LibreSSL isn't "a wrapper for OpenSSL", but whatever.) -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Need help for porting RSA_verify

etting only openssl man pages. Yes, because OpenSSL provides an API for applications. Use it. > Any other suggestions for porting RSA_verify will also be welcomed. Don't. Use OpenSSL properly instead. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Checksum for openssl-1.0.2p download

e > code incorrectly, unless you are merely compiling other peoples > software exactly as instructed. Yes. And this is a much more likely source of problems than a counterfeit OpenSSL distribution. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Checksum for openssl-1.0.2p download

server, for example via DNS cache poisoning. And due to the systemic brokenness of the web PKI, it's pretty easy to fool a lot of people with a counterfeit server.) So do the work now to set yourself up for verifying the signature, and inculcate a good habit. -- Michael Wojcik Distinguish

Re: [openssl-users] Problem in Building openssl_1.0.2p in Visual Studio 2015

a 64-bit version of Windows, you should be using a Visual Studio x64 x86 Cross Tools window. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Implementing help

applications without a cryptography background is likely to produce insecure systems. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Shutdown details

e no possibility for the server to send back a response." That's clearly wrong, for transports such as TCP that support half-close; but it handily eliminates any problem of a UA trying to delimit a request message-body with half-close when running over TLS. -- Michael Wojcik Disting

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

the other parts of the message, I assume. (I'm no CMS expert so I may be missing something there.) And, of course, both sender and recipient would have to support that algorithm. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Christian Böhme > Sent: Tuesday, July 31, 2018 10:16 > > On 30.07.2018 20:12, Michael Wojcik wrote: > > > FWIW, SUS Issue 5 defines RLIMIT_AS as applying to both malloc and mmap, > > b

Re: [openssl-users] Initialising OpenSSL more than once - how do we handle this?

#x27;t know the source of your "leaks", then I can't say I'm particularly impressed with a zero-"leak" policy. That amounts to "let's burn a lot of cycles during process termination, rather than understand what we're doing". -- Micha

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

at is, mmap'd pages do not count against the data limit.) > If you're a 32-bit process, then malloc'ing or mmap'ing a 2GB object will be > difficult at best. Agreed. And I'm not endorsing the mmap approach for this problem anyway - I'd use a streaming ap

Re: [openssl-users] Initialising OpenSSL more than once - how do we handle this?

mory "leaks". If the leak isn't growing over the lifetime of the process, it's not causing any trouble. I've seen some teams obsessing about getting clean reports from dynamic-analysis tools like Valgrind. In most environments that's pointless "optimization&quo

Re: [openssl-users] openssl cms -decrypt failing due to malloc(3) failure

can be /very/ conveniently > mmap(2)'ed > into the process' address space, ignoring possible limits. Not portably, it can't. There are operating systems other than Linux and UNIX, and OpenSSL supports a number of them. -- Michael Wojcik Distinguished Engineer, Micro Focus

Re: [openssl-users] request for TLBleed information / non-constant-time vulnerabilities

s complicated and likely to be durable. > What does this confirm (or not confirm) about openssl's vulnerability > (or knowable status) to TLBleed? Specifically? Not much. It goes more to the general principle that systems leak information as they do work. Ultimately it comes down to

Re: [openssl-users] request for TLBleed information / non-constant-time vulnerabilities

e been picking up speed. And the issues peripheral to cryptography - applications, infrastructure, users - haven't gone away. More and better cryptography; more and better attacks against it. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] request for TLBleed information / non-constant-time vulnerabilities

> From: Michael R. Hines [mailto:mrhi...@digitalocean.com] > Sent: Friday, July 27, 2018 07:48 > > > On 07/27/2018 08:35 AM, Michael Wojcik wrote: > > > > (I'm only commenting on TLBleed here because I'm not sure what you > > mean by "non-constant-t

Re: [openssl-users] request for TLBleed information / non-constant-time vulnerabilities

uthors of the original Spectre paper, and many other researchers have pointed out, microarchitecture side channels are a large class of vulnerabilities. Spot defenses against particular variants rarely help protect against other variants. Microarchitecture side channel attacks will be with us f

Re: [openssl-users] conversion of RAND_bytes to rand in fips apporved way

again, that CHAR_BIT is 8). By the way, sizeof is an operator. There's no need to parenthesize its operand, unless the operand is a type. Of course, as Viktor pointed out, this all may be pointless anyway; it's not clear that the OP needs this functionality. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] conversion of RAND_bytes to rand in fips apporved way

id. Also, calling it "rand" would be a violation of the C specification, so if you want your C applications to conform to the spec, you'll have to change them anyway. Or use a macro, provided the application code never suppresses a macro definition for rand. -- Michael Wojci

Re: [openssl-users] Android AOSP Stuck due to 'libcrypto.so'

ers list. It is in no way specific to Linux, or to any other operating system. (You would know that if you lurked for a while before posting, which is generally a good idea.) -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.o

Re: [openssl-users] Android AOSP Stuck due to 'libcrypto.so'

er entropy during OpenSSL initialization, perhaps? I have not looked into how OpenSSL usually gathers entropy in Android. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Appropriate use of SSL_CTX_set_cipher_list()

lied one, if there is one - so this isn't an issue I have to deal with professionally. But we do make the cipher-suite list configurable, with a default that tries to strike a reasonable compromise between strength and compatibility. -- Michael Wojcik Distinguished Engineer, Micro Focus

Re: [openssl-users] Appropriate use of SSL_CTX_set_cipher_list()

mend Ivan Ristic's /Bulletproof TLS/ e-book (or the /OpenSSL Cookbook/ free excerpt, if you can't afford the full book) for cipher-suite recommendations, and much more besides. It's available from the Feisty Duck website. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Deployment

so - why 0.9.8za? That's *ancient*. This seems like a lot of work for a result of rather dubious value. What problem are you trying to solve? -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] FIPS 140-2 certification

ic subject and sometimes people come up with pointless requirements.) I've known people who don't need FIPS validation to ask for some FIPS claim anyway, even when that claim is essentially meaningless. If that's the case, just make it possible for the customer to enable FIPS mode and let them go their merry way. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Windows 7 cryptbase.dll failing to load

L, so I can't say what would need to be done with Configure to get that into the generated makefile. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Advantech openssl compatibility issue

to see whether the OpenSSL sources for 1.0.2h or 1.0.2i include Atom assembly modules; that would be something else to check. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Error compiling openssh with openssl

I haven't looked into it). This is one of several reasons why FIPS 140-2 is a problem. Unfortunately the FIPS 140-3 effort seems to be moribund, and I haven't heard anything about "ISO FIPS" in some time. -- Michael Wojcik Distinguished Engineer, Micro Focus -- opens

Re: [openssl-users] openssl problems

ght be informative, if the problem isn't obvious from inspecting the software and configuration being used by the origin server. Wireshark's SSL/TLS dissector does a decent job with the unencrypted parts of the conversation, and it doesn't look like you're getting fa

Re: [openssl-users] PRNG is not seeded

> From: openssl-users on behalf of Jakob > Bohm > Sent: Tuesday, June 5, 2018 02:46 > Hence my solution of using a hardware TRNG shared over the > network with devices that lack the ability to have one added > locally. Yes, I think that's a good approach. It reduces the attack surface, since t

Re: [openssl-users] PRNG is not seeded

Of course people have been harvesting entropy, or trying to, from network sources for decades. There's a famous paragraph regarding it in RFC 4086, which is an expanded version of a similar statement from RFC 1750 (1994): Other external events, such as network packet arrival times and le

Re: [openssl-users] stunnel 5.46 released

tems are still deployed. As do some other products that use OpenSSL. There's a great deal of FUD regarding ECC. For the record, I'm with Viktor on this. WeakDH does not justify disabling finite-field DHE entirely; that's a misinterpretation of the WeakDH discovery. There&#x

Re: [openssl-users] PRNG is not seeded

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of FooCrypt > Sent: Wednesday, May 30, 2018 10:46 > To: openssl-users@openssl.org > Subject: Re: [openssl-users] PRNG is not seeded > > > On 30 May 2018, at 11:55 PM, Michael Wojcik > wrote:

Re: [openssl-users] PRNG is not seeded

opy by asking them to bang on the keyboard or wiggle the mouse, or that sort of thing. Again, it really depends on what your device and application are. This topic is discussed at some length in the technical literature; see for example section 3 of RFC 4086. -- Michael Wojcik Distinguished Eng

Re: [openssl-users] Blog post on the new LTS release

blog entry on long-term support, the different phases, > and so on. It’s here: This didn't show up in my RSS client. Is the RSS feed not working, or is it just my client? -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https

Re: [openssl-users] Proper syntax for -header host switch

of those quote characters - it'd be a strange thing to do, but it's possible. Or be running something like bash, but have IFS set to include the "." character. The basic point is solid - those three variants may well be indistinguishable to the application (almos

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

vements regarding random seeding, so it may be worth doing that now. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

#x27;s better than nothing, and indeed better than what many people do for seeding. Oh, and asking questions about OpenSSL, a smart move is to mention what version of OpenSSL you're using, platform details, and something about the problem you're trying to solve. -- Micha

Re: [openssl-users] Receive throttling on SSL sockets

ation from the peer application. In any case, this has drifted far afield from the purpose of openssl-users. I pesonally don't think flow control should be part of TLS, but I don't care strongly enough to, for example, argue against it on the IETF TLS mailing list. Michael Wojcik Distin

Re: [openssl-users] Receive throttling on SSL sockets

> From: Jordan Brown [mailto:open...@jordan.maileater.net] > Sent: Saturday, May 19, 2018 14:08 > To: openssl-users@openssl.org; Michael Wojcik; Alex H > Subject: Re: [openssl-users] Receive throttling on SSL sockets > TLS could (but as far as I can tell does not) have such a

Re: [openssl-users] Receive throttling on SSL sockets

ol message flows don't happen that frequently; relatively short-lived conversations may never see one (until the final close_notify alert). So throttling may often work. But in the general case, sooner or later you'll have to buffer at the application level. Michael Wojcik Distinguished En

Re: [openssl-users] How to prove a Certificate is Signed or not

fraught with difficulties. Trying to code for it without the basic technical background will be an exercise in frustration and likely lead to errors that greatly weaken the security of your application. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] HTTPAS (was RE: engine interface for genrsa)

e situation here). Asking questions is one thing; paid assistance is quite another. I hope this is helpful. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] What does this error mean?

It may be how the (probably somewhat outdated) version of wget is using the openssl API. Try "openssl s_client -connect server:port", using the server and port you're trying to get wget to connect to. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl

Re: [openssl-users] What does this error mean?

The server is rejecting the connection because it doesn't like the SSL/TLS version range that wget is offering. Anything prior to TLSv1.1 suffers from vulnerabilities that can be exploited under practical conditions, so many servers reject older protocol versions. You don't have to upgrade the

Re: [openssl-users] get type of PEM data

} return PEM_TYPE_NONE; } Untested. Extending to the remainder of the PEM types (see pem.h) is left as an exercise for the reader. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] CSR verify failure

rsa_padding_mode, for example; I just tried it, and it didn't produce an error, but didn't seem to have any effect either. -- Michael Wojcik Distinguished Engineer, Micro Focus -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

<    1   2   3   4   5   6   >