Re: Need help on self test post failure - programmatically load FIPS provider

What do you get by loading the provider via the "openssl list" command, i.e. what is the output from: $ openssl list --providers -provider fips -provider base Matt On 24/05/2024 15:48, murugesh pitchaiah wrote: Thanks Neil for your response. Please find more details below. Yes we run

Re: Blocking on a non-blocking socket?

On 24/05/2024 02:30, Wiebe Cazemier wrote: Can you show me in the code where that is? It's here: https://github.com/openssl/openssl/blob/b9e084f139c53ce133e66aba2f523c680141c0e6/ssl/record/rec_layer_s3.c#L1038-L1054 The "retry" codepath occurs where we hit the "goto start". My main

Re: Blocking on a non-blocking socket?

On 23/05/2024 15:08, rsbec...@nexbridge.com wrote: On Thursday, May 23, 2024 9:56 AM, Wiebe Cazemier wrote: From: "Neil Horman" from: [ https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_mode.html | https://www.openssl.org/docs/man1.0.2/man3/SSL_CTX_set_mode.html ]

Re: OpenSSL version 3.3.0 published

On 13/05/2024 02:42, Neil Horman wrote: We added support for RCU locks in 3.3 which required the use of atomics (or emulated atomic where they couldn't be supported), but those were in libcrypro not liberal Right - its supposed to fallback to emulated atomic calls where atomics aren't

Re: No data available to red after SSL_ERROR_WANT_READ error.

On 08/05/2024 18:15, Rahul Shukla wrote: The issue I'm encountering here occurs after the first SSL_read() call in myread(). Despite encountering SSL_ERROR_WANT_READ, upon checking for available data using isReadable(),there appears to be no activity or pending data. This inconsistency

Re: SSL_peek() removes the session ticket from the underlying BIO ??

is available (if a blocking socket is in use). Matt --Rahul On Thu, May 2, 2024 at 12:33 PM Matt Caswell <mailto:m...@openssl.org>> wrote: On 02/05/2024 06:19, Rahul Shukla wrote: > Hi All, > As per the OpenSSL doc : > / > / > /&qu

Re: SSL_peek() removes the session ticket from the underlying BIO ??

On 02/05/2024 06:19, Rahul Shukla wrote: Hi All, As per the OpenSSL doc : / / /"SSL_peek_ex() and SSL_peek() are identical to SSL_read_ex() and SSL_read() respectively except no bytes are actually removed from the underlying BIO during the read, so that a subsequent call to SSL_read_ex()

Re: TLS1.3 change_cipher_spec as part of application data

On 24/11/2022 07:57, Neelabh Mam wrote: Hi, With my openssl based FTPS client (non-blocking bio) targeting TLS1.3, I see that immediately after a successful data channel handshake (with session reuse), a dummy change_cipher_spec record and a non-application data record are sent as part of

Re: Regarding TLS call failure on Openssl3.0 with cipher : ECDH-ECDSA-AES256-SHA384

On 18/11/2022 05:53, Viktor Dukhovni wrote: On Fri, Nov 18, 2022 at 05:12:09AM +, Raman, Ina wrote: I was trying to test TLS call with cipher suite : tls_ecdh_ecdsa_with_aes_256_cbc_sha384 but it fails. You probably actually wanted "ecdhe" not "ecdh", but see below. Support for the

Re: EVP_PKEY_get_raw_public_key fails with OpenSSL 3.0

On 11/11/2022 12:41, f...@plutonium24.de wrote: My apologies. I tested the code you supplied and of course it also fails with 1.1.1. The code was changed without my knowledge when updating to 3.0 and the version that was working used the deprecated "EC_POINT_point2oct". During my test I

Re: EVP_PKEY_get_raw_public_key fails with OpenSSL 3.0

On 11/11/2022 00:49, James Muir wrote: On 2022-11-10 18:35, f...@plutonium24.de wrote: I have been using EVP_PKEY_get_raw_public_key with OpenSSL 1.1.1 without any problems to extract a raw public key (secp521r1, NIST curve P-521). With OpenSSL 3.0 this fails. I'm using this call to get

Re: Not able to retreive session ticket both at server and client level

On 08/11/2022 06:09, Sethuraman Venugopal wrote: Dear Team, *Problem Statement* : The session is resumable, but still the session does not have any tickets after calling SL_CTX_sess_set_new_cb() and SSL_new_session_ticket() This is the method *TLS_server_method* and *TLS_client_method*

Re: OpenSSL 3.0.7 make failure on Debian 10 (buster)

On 04/11/2022 12:06, John Boxall wrote: apps/lib/libapps-lib-app_libctx.o apps/lib/app_libctx.c In file included from /usr/lib/gcc/x86_64-linux-gnu/8/include-fixed/syslimits.h:7, from /usr/lib/gcc/x86_64-linux-gnu/8/include-fixed/limits.h:34, from

Re: Output buffer length in EVP_EncryptUpdate for ECB mode

On 03/11/2022 14:21, Wiktor Kwapisiewicz via openssl-users wrote: Hello, I'd like to clarify one aspect of the API regarding EVP_EncryptUpdate [0] that is the length of the output buffer that should be passed to that function ("out" parameter). (Actually I'm using EVP_CipherUpdate but the

New Blog Post: CVE-2022-3786 and CVE-2022-3602: X.509 Email Address Buffer Overflows

Please see the new blog post here: https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/ OpenPGP_0xD9C4D26D0E604491.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature

Re: How to handle TLS alerts

On 26/10/2022 18:33, pepone.onrez wrote: Hi, I'm trying to understand how to handle TLS alerts, I have set up a callback with SSL_CTX_set_info_callback(_ctx, ssl_info_callback); And I can see alerts sent by the peer, does the application need to call SSL_shutdown upon receiving a fatal

Re: Forthcoming OpenSSL Bug Fix Release

On 26/10/2022 12:17, Matan Giladi wrote: Does 1.1.1s is going to include any security fix? 1.1.1s is a bug fix release only. There are no security fixes. Can you please confirm that the critical issue found in 3.0.6 version is irrelevant for 1.1.1? The critical issue applies to 3.0.0 -

Re: OpenSSL 1.1.1 Windows dependencies

On 24/10/2022 10:17, Matt Caswell wrote: On 22/10/2022 16:02, David Harris wrote: On 21 Oct 2022 at 13:50, Michael Wojcik via openssl-users wrote: That was my initial thought too, except that if it were firewall-related, the initial port 587 connection would be blocked, and it isn't

Re: Setting a group to an existing EVP_PKEY in OpenSSL 3

On 25/10/2022 00:21, Kory Hamzeh wrote: I haven’t done exactly what you are trying, but something similar.  See EVP_PKEY_set_params: https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_set_params.html The specific parm to

Re: OpenSSL 1.1.1 Windows dependencies

On 22/10/2022 16:02, David Harris wrote: On 21 Oct 2022 at 13:50, Michael Wojcik via openssl-users wrote: That was my initial thought too, except that if it were firewall-related, the initial port 587 connection would be blocked, and it isn't - the failure doesn't happen until after

Re: Fwd: Proper API usage with DTLS over custom net transport

On 20/10/2022 20:33, Павел Балашов wrote: So now the questions: (1) If we receive some dtls data at the line above with '' what should we do in terms of OpenSSL API calls ?  I assume this dtls data could be a client's retransmission due to server's last flight was lost or this could be

Re: Need help on OpenSSL windows build errors

On 17/10/2022 13:10, Ashok Kumar Sarode via openssl-users wrote: NOTE: I have re-named file openssl\*configuration.h.in* to openssl\*configuration.h* Likewise i re-named err.h, ssl.h, opensslv.h, crypto.h Don't do that. That is almost certainly the cause of these errors. The ".h.in"

Re: Problems with ECDSA signature and verification

On 17/10/2022 09:34, Fernando Elena Benavente wrote: Hi guys, we are having problems with the implementation of the signature and verification of messages with ECDSA, because the demo of ECDSA in github  us does not allow us to determine the type of ECDSA curve, I assume you are looking at

Withdrawal of OpenSSL 3.0.6 and 1.1.1r

We have received a report of a significant regression in the latest 3.0.6 and 1.1.1r versions. The regression is not thought to have security consequences. While the regression is further investigated we have taken the decision to withdraw the 3.0.6 and 1.1.1r versions and instead recommend that

OpenSSL Security Advisory

Supercomputing Center. The fix was developed by Matt Caswell. References == URL for this Security Advisory: https://www.openssl.org/news/secadv/20221011.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity

OpenSSL version 3.0.6 published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 3.0.6 released == OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 3.0.6 of our open source

OpenSSL version 1.1.1r published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 1.1.1r released === OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 1.1.1r of our open

Re: porting openssl to vxWorks

VxWorks is an "unadopted" platform. This means there is some claimed support for it but there is no named maintainer for it and it is not regularly tested. It may or may not work. See our platform policy here: https://www.openssl.org/policies/platformpolicy.html On that page we can see the

Forthcoming OpenSSL Releases

Hello, The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 3.0.6 and 1.1.1r. These releases will be made available on Tuesday 11th October 2022 between 1300-1700 UTC. OpenSSL 3.0.6 is a security-fix release. The highest severity issue fixed in OpenSSL

Re: OpenSSL 1.1.1 (full support) expires 2022-09-11, any plans for a full bug fix release?

On 01/09/2022 16:41, Short, Todd via openssl-users wrote: OpenSSL 1.1.1 full support expires on 2022-09-11; it then enters security-fix-only mode until 2023-09-11. Are there any plans for a final bug-fix release of 1.1.1 in the next couple weeks (and hopefully a 3.0 release as well)?

Re: parsing invalid DER

On 01/09/2022 13:21, Dave Coombs via openssl-users wrote: So! Is it possible to work around these, using ASN1_MACRO trickery or what-have-you? It's pretty clear I should end up with an empty bit- string and integer value 0x42, so is there a way to loosen the parser's pickiness and achieve

OpenSSL 3.0 FIPS 140-2 Validation Certificate Issued

Please read the blog post about this here: https://www.openssl.org/blog/blog/2022/08/24/FIPS-validation-certificate-issued/ Matt

Re: Find out IV length

On 17/08/2022 06:30, Kreissl, Jochen wrote: Hi, given an SSL* or respectively an SSLCIPHER* struct, how can I figure out the length of the IV used by the negotiated cipher of the handshake? I noticed that EVP_CIPHER has a metod to query this information, but I also don’t find a way to

Re: "no OPENSSL_Applink " in OpenSSL3.0.5

On 12/08/2022 03:34, Imazu Setsuo wrote: On 2022/08/10 18:44, Matt Caswell wrote: On 10/08/2022 00:11, Imazu Setsuo wrote: Hello, my name is Imazu. I am using OpenSSL3.0.5 to develop a windows program. When I call PEM_read_PrivateKey() I get the following error: OPENSSL_Uplink

Re: "no OPENSSL_Applink " in OpenSSL3.0.5

On 10/08/2022 00:11, Imazu Setsuo wrote: Hello, my name is Imazu. I am using OpenSSL3.0.5 to develop a windows program. When I call PEM_read_PrivateKey() I get the following error: OPENSSL_Uplink(7FF8011DD3E0,08): no OPENSSL_Applink The source that calls PEM_read_PrivateKey() includes

Re: Pulling Certs from the Root Cert Store

On 06/08/2022 04:22, Osman Zakir wrote: In my current code I'm using the Windows API to do this, but I want to know how I can do it using just the OpenSSL crypto library instead. What functions do I need to use and what header(s) do I need to #include?  My current code pulling root certs

Re: SSL_CTX_set_alpn_select_cb and Other OpenSSL API ALPN Functions + Their Callbacks

On 29/07/2022 17:21, Angus Robertson - Magenta Systems Ltd wrote: I don't understand how to write the callback functions some of the OpenSSL ALPN functions expect, and the manual really isn't helping there either, so I'd like some help. Use SSL_CTX_set_client_hello_cb to set a

Re: I May Have a HTTP/2 Upgrade Request in ClientHello in Server App, But I Don't Know How to Parse ClientHello

On 21/07/2022 01:11, Osman Zakir wrote: Hello, everyone. I have this C++ server app I'm hosting on my computer (source code on GitHub  -- I'm using Google Maps as a GUI, and it's basically a currency converter app).  I was recently having

Re: Openssl upgrade to 1.1.1o on Red Linux 5.11

ot;: No such file or directory Regards, Gaurav Mittal -----Original Message- From: Matt Caswell Sent: 23 June 2022 02:56 PM To: Gaurav Mittal11 ; openssl-users@openssl.org Subject: [EXTERNAL] Re: Openssl upgrade to 1.1.1o on Red Linux 5.11 On 22/06/2022 15:32, Gaurav Mittal11 wro

Re: Openssl upgrade to 1.1.1o on Red Linux 5.11

On 22/06/2022 15:32, Gaurav Mittal11 wrote: This system (linux-x86_64) is not supported. See file INSTALL for details. That is very odd. I would expect linux-x86_64 to always be reported as supported by config. Do you get sensible output from: $ perl Configure LIST You should see a

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [21 June 2022] The c_rehash script allows command injection (CVE-2022-2068) Severity: Moderate In addition to the

OpenSSL version 3.0.4 published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 3.0.4 released == OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 3.0.4 of our open source

OpenSSL version 1.1.1p published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 1.1.1p released === OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 1.1.1p of our open

Re: memory still reachable post calling SSL_CTX_free

On 21/06/2022 11:42, Tomas Mraz wrote: This is actually not a memory allocated by the SSL_CTX_new() itself but error string data that is global. There is no real memory leak here. You can call OPENSSL_cleanup() to explicitly de-allocate all the global data however please note that you can do

Re: SSL error (78c0100): malloc failure while implementing tls 1.3

On 16/06/2022 05:52, Ramaiah, Ravichandran Bagalur wrote: *SSL error (78c0100): malloc failure Do you get anything in the OpenSSL error stack for this (e.g. try "ERR_print_errors_fp(stdout);"). We need a bit more to go on to figure out where specifically the malloc failure is

Re: Serializing SSL state

Thank You James On 6/20/22, 10:13 AM, "Matt Caswell" wrote: On 20/06/2022 15:11, Rouzier, James via openssl-users wrote: > Hey Guys, > > Is it possible to serialize/deserialize an ongoing TLS session in any way? > > We are trying to

Re: Serializing SSL state

On 20/06/2022 15:11, Rouzier, James via openssl-users wrote: Hey Guys, Is it possible to serialize/deserialize an ongoing TLS session in any way? We are trying to create a stateless RADIUS server. Where we place multiple RADIUS servers behind a UDP loader balancer. Each part of EAP-TLS

Re: Forthcoming OpenSSL Releases

On 15/06/2022 03:31, Dennis Clarke via openssl-users wrote: On 6/14/22 08:03, Ing. Martin Koci, MBA wrote: Hello, The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 3.0.4, 1.1.1p. These releases will be made available on Tuesday 21st June 2022

Re: TLS Observer with openssl

On 13/06/2022 14:56, Kreissl, Jochen wrote: Hi everyone, currently looking into setting up a TLS Observer, which can decrypt a TLS message sequence. Imagine a scenario where a GUI wants to inspect recorded TLS traffic, between backend and some peer (and the GUI does/should not have

Re: nmake test error on 80-test_ssl_new.t

On 10/06/2022 10:38, Mohammad Ghasemi wrote: I'm trying to build openssl 3 in Windows 10 using msvc 143 Test Summary Report --- 80-test_ssl_new.t                (Wstat: 256 Tests: 30 Failed: 1)   Failed test:  12   Non-zero exit status: 1 Files=243, Tests=3106, 2594

Re: baffled on old Red Hat Enterprise Linux 6 with OpenSSL 3.0.3

On 09/06/2022 21:13, Dennis Clarke via openssl-users wrote: On 6/9/22 15:33, Dmitry Belyavsky wrote: It happens because of certificates expiration. Try applying the patch from https://github.com/openssl/openssl/pull/18444 Oh cool. Thank you.  Sadly I do not see a patch file there. You

OpenSSL is looking to hire a Platform Engineer

OpenSSL is looking to hire a Platform Engineer (a sysadmin role). Details of the role are here: https://www.openssl.org/blog/blog/2022/05/30/hiring-platform-engineer/ Matt

Re: How to reject a certificate with access_denied?

On 07/06/2022 13:46, Michael Richardson wrote: Matt Caswell wrote: > On 06/06/2022 18:08, Christian Schmidt wrote: >> Hi, >> I am building a server application that allows a user to log in by >> providing a certificate. In order to do custom

Re: How to reject a certificate with access_denied?

On 06/06/2022 18:08, Christian Schmidt wrote: Hi, I am building a server application that allows a user to log in by providing a certificate. In order to do custom checks, I have added a verify callback to my code to check the certificate on top of its cryptographic features (CA Valid, etc).

Re: using TLS (>1.2) with more than one certificate

On 24/05/2022 13:52, tobias.w...@t-systems.com wrote: I’ve a server application and need to support RSA and ECC clients at the same time. I don’t know which certificate from my local keystore I have to send to the client, btw I have a rsa and a ecc certificate in my keystore already. I

OpenSSL is looking to hire a Business Operations Administrator

Please see the following blog post for details of the role: https://www.openssl.org/blog/blog/2022/05/18/hiring-business-operations-administrator/ Matt

Re: AES and EVP_CIPHER question

On 17/05/2022 16:25, Philip Prindeville wrote: Thanks, and for 1.1.x? There's nothing equivalent in 1.1.x AFAIK. Matt

Re: AES and EVP_CIPHER question

On 16/05/2022 23:48, Philip Prindeville wrote: Sorry, I shouldn't have phrased that inartfully. There is no EVP_CIPHER_CTX_get_padding(), so how does one achieve something analogous? From 3.0, assuming you are using provided ciphers (i.e. not engine ones), then OSSL_CIPHER_PARAM_PADDING

Re: openssl 1.1.1 minor patches to build on SCO OpenServer 5.0.7

Hi Kevin, The patch in s_socket.c is likely to be acceptable. It looks reasonable to me, it may well be useful on other systems and can probably be described as a bug fix. The other changes require the new OPENSSL_SYS_SCO5 define and are essentially adding support for a new platform into

Re: AES and EVP_CIPHER question

On 13/05/2022 16:49, Philip Prindeville wrote: Hi, I'm trying to rewrite some legacy AES_* code to use EVP_CIPHER_* so it's forward compatible into 3.x. My code, in a nutshell, looks like: static int evp_cipher_aes_decrypt(const unsigned char *in, unsigned char *out, unsigned inlen,

Re: Use SSL in multiple connections

On 11/05/2022 10:05, Souheila Hechaichi wrote: With my actual configuration, an SSL client established more connections with the SSL server. Each process (server or client) creates only one thread for Its sockets,  I observe a strange behavior. Some server sockets remain blocked on the call

Re: X509_STORE_CTX object doubt

On 05/05/2022 13:02, Srinivas, Saketh (c) wrote: Hi, for X509_STORE_CTX object we have a function X509_STORE_CTX_set_cert to set the cert pointer  (x509* cert) is there any get function for this variable. X509_STORE_CTX_get_current_cert**is not for cert. Because, there is another

Re: EC_POINT_get_affine_coordinates replacement in 3.0

On 03/05/2022 23:29, Kory Hamzeh wrote: You would have to use EVP_PKEY key type. You can use EVP_PKEY_get* to get key params. Yes this is probably the best way to do this. Specifically you can use the function EVP_PKEY_get_bn_param() documented here:

OpenSSL Security Advisory

s issue was reported to OpenSSL on the 6th April 2022 by Raul Metsma. The fix was developed by Matt Caswell from OpenSSL. Incorrect MAC key used in the RC4-MD5 ciphersuite (CVE-2022-1434) = Severity: Low The OpenSSL 3.0 implement

OpenSSL version 1.1.1o published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 1.1.1o released === OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 1.1.1o of our open

OpenSSL version 3.0.3 published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 3.0.3 released == OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 3.0.3 of our open source

Re: Forthcoming OpenSSL Releases

: https://www.openssl.org/policies/secpolicy.html#moderate Yours The OpenSSL Project Team On 19/04/2022 20:51, Matt Caswell wrote: The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 3.0.3 and 1.1.1o. These releases will be made available on Tuesday 26th

Re: Mac OS X and openssl 3

On 24/04/2022 00:13, The Doctor via openssl-users wrote: Just wondering if Apple OS is compatible with OPenssl 3 . MacOS should work just fine with OpenSSL 3.0. At least master is regularly tested, e.g. https://github.com/openssl/openssl/runs/6151999376?check_suite_focus=true Matt

Re: Unable to load Legacy Provider

On 22/04/2022 08:26, Gahlot, Ashish Kumar wrote: Hi, I’m trying to load the Legacy Provider by following this guide here https://wiki.openssl.org/index.php/OpenSSL_3.0 using this following code: /* Load Multiple providers into the default

Forthcoming OpenSSL Releases

The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 3.0.3 and 1.1.1o. These releases will be made available on Tuesday 26th April 2022 between 1300-1700 UTC. These are security-fix releases. The highest severity issue fixed in these releases is MODERATE:

Re: Reg: Freeing of SSL_CTX object through SSL_free Function

On 13/04/2022 11:55, Ram Chandra via openssl-users wrote: I am using OpenSSL 1.1.1k Version, From that I see following are done in OpenSSL code, pls correct me if I am wrong. Inside SSL_new: SSL *SSL_new(SSL_CTX *ctx) {     SSL *s;      ...      ...      s =

Re: Is there a simple implementation of hooking external private key with openssl-3.0 API?

On 11/04/2022 16:53, Alon Bar-Lev wrote: On Mon, Apr 11, 2022 at 11:52 AM Matt Caswell wrote: On 10/04/2022 19:18, Alon Bar-Lev wrote: Hello, I am trying to migrate to openssl-3.0 API, it seems to be very complicated to hook primitive private key usage to a custom function

Re: Is there a simple implementation of hooking external private key with openssl-3.0 API?

On 10/04/2022 19:18, Alon Bar-Lev wrote: Hello, I am trying to migrate to openssl-3.0 API, it seems to be very complicated to hook primitive private key usage to a custom function. This is required, for example, to use private keys that reside on hardware devices or when an application

Re: KDF_TLS1_PRF for TLS v1.0 and v1.1

On 29/03/2022 23:49, Kory Hamzeh wrote: Hi, I am using the TLS1_PRF KDF method to derive the master secret for TLS 1.0, 1.1, and 1.2. My code works with TLS 1.2, but for 1.0 and 1.1, the master secret is not correct. I have a snippet of the code below. From what I understand by reading

Re: Openssl v1.1.1d: pubkey_cb() returning SUCCESS for x509_pubkey_decode() Failure

On 28/03/2022 13:11, Brahmaji K wrote: Hi Team, I'm trying to store the invalid EC certificate as a negative test for my application. My application calls the X509_STORE_load_locations() to load the certificate from a specific path. For invalid EC certificate it is expected to FAIL but it

Re: Static OpenSSL 3 library with FIPS

this was a deliberate day 1 design decision. Matt -Original Message- *From*: Matt Caswell <mailto:matt%20caswell%20%3cm...@openssl.org%3e>> *To*: openssl-users@openssl.org <mailto:openssl-users@openssl.org> *Subject*: [EXTERNAL] Re: Static OpenSSL 3 library with FIPS *Date*: F

Re: Static OpenSSL 3 library with FIPS

On 25/03/2022 18:33, Paul Spencer wrote: Q: Is it possible to have a static (.a) OpenSSL 3 library with FIPS support? This was possible with OpenSSL 1.0.2 and the FIPS 2.0.x module (and special linking in the Makefile). However, with SSL3, if I go Configure no-module enable-fips then it

Re: [External] Re: SSL_connect() failing on SSL3_MT_NEWSESSION_TICKET on Raspberry Pi

On 23/03/2022 18:08, Helde, Paavo wrote: Great! That does suggest an unknown bug exists in master though... If you can manage it would be useful for us if you tried the latest master version of OpenSSL with the "no-asm" config option. My guess is new assembler code might be the cause of

Re: [External] Re: SSL_connect() failing on SSL3_MT_NEWSESSION_TICKET on Raspberry Pi

On 23/03/2022 14:00, Helde, Paavo wrote: - I notice that you are using the latest master version 3.1.0-dev. The master branch is where all dev work goes on and consequently may be unstable. You might be better off using the latest 3.0 stable version, i.e. 3.0.2 Thanks Matt, downgrading to

Re: [External] Re: SSL_connect() failing on SSL3_MT_NEWSESSION_TICKET on Raspberry Pi

On 23/03/2022 12:39, Helde, Paavo via openssl-users wrote: It would be interesting to see what output you get from s_client when you use the "-trace" argument. Also, is this TLSv1.3 specific? If you add the argument "-no_tls1_3" to s_client does it start working? Thanks for looking into

Re: SSL_connect() failing on SSL3_MT_NEWSESSION_TICKET on Raspberry Pi

On 23/03/2022 07:39, Helde, Paavo via openssl-users wrote: Hi, We are in a process of porting our software to aarch64 (Raspberry Pi). One problem what we have is with openssl, it appears that our build of it always fails in SSL_connect(). I have debugged it a bit and it seems the problem

Re: [openssl/openssl] bio_dgram vs IPv6

On 22/03/2022 16:22, Michael Richardson wrote: Michael Wojcik wrote: > The RFC specifically mentions using this API to retrieve and set > addresses, so it seems like a fix for issue 5257 does need to use it, > if that's to be done in a portable way. > 3542 is only

Re: [openssl/openssl] bio_dgram vs IPv6

OpenSSL already supports IPv6 but we've never needed to include that header, I am wondering what is in that header that needs to be used? Matt Caswell wrote: > Nit; We insert an extra space when enclosed within a "#if", i.e. I assume that this applies recursively? Yes.

Re: OpenSSL version 1.1.1n published

On 15/03/2022 21:03, Michael Wojcik wrote: From: openssl-users On Behalf Of Yann Droneaud Sent: Tuesday, 15 March, 2022 14:19 At the time of writing neither https://www.openssl.org/news/openssl-1.1.1-notes.html nor https://www.openssl.org/news/changelog.html#openssl-111 are updated to match

Re: OpenSSL version 1.1.1n published

Those 2 links should be ok now. A problem with our scripts to flush the CDN cache. Matt On 15/03/2022 20:18, Yann Droneaud wrote: Hi, Le 15/03/2022 à 17:34, Matt Caswell a écrit :    OpenSSL version 1.1.1n released    ===    OpenSSL - The Open Source toolkit

OpenSSL Security Advisory

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL Security Advisory [15 March 2022] Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)

OpenSSL version 1.1.1n published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 1.1.1n released === OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 1.1.1n of our open

OpenSSL version 3.0.2 published

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 OpenSSL version 3.0.2 released == OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 3.0.2 of our open source

Re: SSL_TLSEXT_ERR_NOACK not working as expected

null BIO (BIO_s_null). In the tlsext_servername callback, change the write BIO for the SSL object (SSL_set0_wbio) to the null BIO causing all subsequent writes to just "disappear". Matt -----Original Message- From: Matt Caswell Sent: Thursday, 10 March 2022 13:25 To: Tal Dery ; openssl

Re: SSL_TLSEXT_ERR_NOACK not working as expected

That would be a protocol violation. Don't do that. Matt Thanks -Original Message----- From: Matt Caswell Sent: Thursday, 10 March 2022 12:54 To: Tal Dery ; openssl-users@openssl.org Subject: Re: SSL_TLSEXT_ERR_NOACK not working as expected On 10/03/2022 10:26, Tal Dery wrote: Hi, I am im

Re: SSL_TLSEXT_ERR_NOACK not working as expected

On 10/03/2022 10:26, Tal Dery wrote: Hi, I am implementing an SSL server. Using SSL_CTX_set_tlsext_servername_callback I'm checking the SNI. When SNI meets my requirements (for example does not contain offensive words) I allow the handshake by returning SSL_TLSEXT_ERR_OK. When there is

Forthcoming OpenSSL releases

The OpenSSL project team would like to announce the forthcoming release of OpenSSL versions 3.0.2 and 1.1.1n. These releases will be made available on Tuesday 15th March 2022 between 1300-1700 UTC. These are security-fix releases. The highest severity issue fixed in these releases is HIGH:

OpenSSL 3.0 LTS

OpenSSL 3.0 has recently been designated as a Long Term Support (LTS) release. This means that it will now be supported until 7th September 2026 (5 years after its initial release). Our previous LTS release (1.1.1) will continue to be supported until 11th September 2023. We encourage all

Re: EVP_PKEY_fromdata_init returns unsupported.

On 25/02/2022 22:07, William Roberts wrote: Hello, In openssl 3.0.1 the following code hits the ctx->keymgt is null check and thus returns -2 in pmeth_gn.c: static int fromdata_init(EVP_PKEY_CTX *ctx, int operation) { if (ctx == NULL || ctx->keytype == NULL) goto not_supported;

Re: error with cipher EVP_des_ede3_cbc in openssl 3.0

3DES is in the default provider - only normal DES is in the legacy provider. So you should not need to load the legacy provider for this to work. Matt On 23/02/2022 06:20, pa...@openssl.org wrote: Have you loaded the legacy provider before trying this? Pauli On 23/2/22 5:03 pm, Srinivas,

Re: Question about OpenSSL 3.0 and static linking

On 22/02/2022 07:54, pa...@openssl.org wrote: There is a define to allow this: STATIC_LEGACY but I don't remember how to specify it on the configuration command line. We should probably turn this on in a no-shared build. Configure with "no-module". Matt Pauli On 22/2/22 5:37 pm,

Re: Error: write EPROTO 0006601201000000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:ssl/statem/extensions.c:880

2022 at 1:50 AM Matt Caswell <mailto:m...@openssl.org>> wrote: On 18/02/2022 19:53, Brian Pilati wrote: > I am receiving this error > > Error: write EPROTO 000660120100:error:0A000152:SSL > routines:final_renegotiate:unsafe legacy renegotia

Re: Error: write EPROTO 0006601201000000:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:ssl/statem/extensions.c:880

On 18/02/2022 19:53, Brian Pilati wrote: I am receiving this error Error: write EPROTO 000660120100:error:0A000152:SSL routines:final_renegotiate:unsafe legacy renegotiation disabled:ssl/statem/extensions.c:880 after upgrading to macOS Monterey v12.2.1 I am running Nodejs v16.13.2

Re: What is plan of the next LTS version?

There is an ongoing OMC vote (started earlier today) to answer this question. The proposal is that 3.0 will be made the LTS. You can track the vote here: https://github.com/openssl/general-policies/issues/9 Matt On 16/02/2022 12:06, Chenxinping via openssl-users wrote: 3.0 is not LTS

Re: need some help with the block size value

On 15/02/2022 12:13, Srinivas, Saketh (c) wrote: Hi, i am trying to get the block size of EVP_des_ede3_cbc cipher using the below function but it's not returning anything. EVP_CIPHER_get_block_size(EVP_des_ede3_cbc()) This code looks fine to me, and I just tested this and it returned

  1   2   3   4   5   6   7   8   9   10   >