Hello Dennis,
here are answers to your questions.
* All CRL signatures are (by default) verified - otherwise status
checking by CRLs would be insecure. The function used is
def_crl_verify() in crypto/x509/x_crl.c
* All CRLs are kept in the X509_STORE such that they can be reused for
I would like some advice as to why I am getting NULLs returned as a result of
calling SSL_CTX_new.
The library I'm using is OpenSSL 1.1.1k.
The argument to SSL_CTX_new is TLS_server_method().
The message retrieved by ERR_get_error and ERR_error_string was the following.
"error:140A90F2:SSL
It is not a bug, the pairwise test is sufficient. It's just a
misleading name. And I do not think it will cause any problem with FIPS
validation, this can be documented.
Tomas
On Mon, 2021-08-30 at 16:53 +0530, Nagarjun J wrote:
> Hello,
>
> Then, is this a bug in ECDSA POST ? Or have to rename
Hello,
Then, is this a bug in ECDSA POST ? Or have to rename the test , as it is
misleading and can cause problems in FIPS certification ?
Thanks,
Nagarjun
On Mon, Aug 30, 2021 at 3:51 PM Tomas Mraz wrote:
> The question was about the fips module POST (power on self test) and
> there what I
The question was about the fips module POST (power on self test) and
there what I wrote applies. Having special RNG providing constant data
to ECDSA/DSA would be possible to do but it is not required, it would
needlessly complicate the code, and add a risk of having such constant
RNG being
This is not really true. At least, for some of the tests.
https://github.com/openssl/openssl/blob/master/test/ecdsatest.c#L73
That hijacks the RNG to feed the expected nonce, so it can check vs a KAT.
Cheers,
BBB
On Mon, Aug 30, 2021 at 12:40 PM Tomas Mraz wrote:
>
> Hello,
>
> your analysis
Thank you for the report.
This is already fixed on both 1.1.1 and master branches with:
https://github.com/openssl/openssl/pull/16409
Tomas Mraz
On Fri, 2021-08-27 at 13:34 -0400, Scott Lasley via openssl-users
wrote:
> Building openssl-1.1.1l with Xcode 10.1 under macOS 10.13.6 fails with
>
Hello,
your analysis is right. It does only pairwise consistency test as the
KAT is impossible to do for regular DSA and ECDSA due to random nonce
being input of the signature algorithm and thus the signature always
changes.
Tomas
On Fri, 2021-08-27 at 22:47 +0530, Nagarjun J wrote:
> Hi,
>
>
On 29/08/2021 20:41, Nobuo Aoki wrote:
I am trying to identify the implementation
where “ephemeral public key” and “ephemeral private key” can be added,
I am unclear from your question whether you are asking how to add a new
public/private key scheme for integration into TLS. Or whether