What is the problem with truncated 96-bit HMAC value?
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
From: Jakob Bohm
Sent: Thursday, January 7, 2016 19:25
To: openssl-users@openssl.org
Reply To: openssl-users@openssl.org
Subject: Re: [openssl-users] openSSL and
I'm also speaking out of turn, but having both ends trying to be both server
and client *on the same connection* just does not make sense, TLS or DTLS.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Jeffrey Walton
Sent: Sunday, June 19,
Look at Intel SGX, available since Skylake CPU.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Salz, Rich
Sent: Thursday, June 23, 2016 08:17
To: openssl-users@openssl.org
Reply To: openssl-users@openssl.org
Cc: Dominik Straßer
Subject:
I’m not sure whether this is a bug (as I suspect – hence sending to
openssl-dev), or a poorly-documented “feature” (so copying to
openssl-users).
I am trying to use “openssl pkeyutl” to digitally sign (and verify) a file.
When the file size matches the size of the specified digest (32 bytes for
.
Original Message
From: Hubert Kario
Sent: Friday, January 15, 2016 07:00
To: Blumenthal, Uri - 0553 - MITLL
Cc: openssl-...@openssl.org; openssl-users@openssl.org
Subject: Re: [openssl-dev] [openssl-users] pkeyutl does not invoke hash?
On Thursday 14 January 2016 19:11:54 Blumenthal, Uri - 0553
On 1/13/16, 16:19 , "openssl-dev on behalf of Dr. Stephen Henson"
<openssl-dev-boun...@openssl.org on behalf of st...@openssl.org> wrote:
>On Wed, Jan 13, 2016, Blumenthal, Uri - 0553 - MITLL wrote:
>>
>>
>> If the input to "pkeyutl -sign" is suppo
On 1/14/16, 14:54 , "openssl-users on behalf of Viktor Dukhovni"
wrote:
>>On Jan 14, 2016, at 2:52 PM, Salz, Rich wrote:
>>
>> Okay, how about this. First, remove the NOTES subhead. Add this to
>>the
On 1/14/16, 13:56 , "Hubert Kario" <hka...@redhat.com> wrote:
>On Thursday 14 January 2016 14:41:20 Blumenthal, Uri - 0553 - MITLL wrote:
>> If you already know what Dr. Henson explained in the quoted emails -
>> then the man page is crystal clear. However, if you
2016 21:32:47 Blumenthal, Uri - 0553 - MITLL
wrote:
> On 1/13/16, 16:19 , "openssl-dev on behalf of Dr. Stephen Henson"
>
> <openssl-dev-boun...@openssl.org on behalf of st...@openssl.org>
wrote:
> >The reason you can specify which hash the digest is for is that
I’m struggling with the following task. I’m writing a software application
linked with OpenSSL-1.0.2. It receives an encrypted symmetric key (say, with
identifying parameters) that needs to be decrypted using hardware token,
accessible via PKCS#11. I know that engine_pkcs11 (or rather it’s current
I am writing an app that needs to use RSA keys on a PKCS11-accessible
token to encrypt and decrypt symmetric keys. For the context (no pun
intended :) think of creating or mounting an existing encrypted file
system.
To begin with, and to grasp the finer details of the programmatic
interface of
I may later regret saying this, but I think back-porting that change from 1.1.0
to 1.0.2 would be the right thing to do.
Maybe after back-porting we could give a "waiting period" to let users collect
experience with it, and either leave it in, or if the complaints are too
multiple and too
I am writing an app that needs to use RSA keys on a PKCS11-accessible token to
encrypt and decrypt symmetric keys. For the context (no pun intended :) think
of creating or mounting an existing encrypted file system.
To begin with, and to grasp the finer details of the programmatic interface of
network.
Original Message
From: Viktor Dukhovni
Sent: Thursday, March 17, 2016 17:57
To: openssl-users@openssl.org
Reply To: openssl-users@openssl.org
Subject: Re: [openssl-users] Naive: how to generate EC public key from EC
private key?
> On Mar 17, 2016, at 5:17 PM, Blumenthal,
Oh, and I'd much prefer to stay at the EVP level, rather than invoke BIO
primitives for this task.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Blumenthal, Uri - 0553 - MITLL
Sent: Thursday, March 17, 2016 18:09
To: Viktor Dukhovni
First, Stephen and Viktor - thank you!
On 3/17/16, 19:45 , "openssl-users on behalf of Dr. Stephen Henson"
wrote:
>On Thu, Mar 17, 2016, Viktor Dukhovni wrote:
>>
>>Well you can work with
Not sure I understand what you’re doing. But compiling/building eng_rsax.c
(provided by Intel) with the only mod being addition of dynamic bind,
produces the following result:
$ openssl engine rsax -t
(rsax) RSAX engine support
[ available ]
$ sync
$ openssl speed rsa512 -engine rsax
engine
Answered my own question: should use EVP_PKEY_bits(pkey) instead.
--
Regards,
Uri Blumenthal
On 3/18/16, 14:57 , "openssl-users on behalf of Blumenthal, Uri - 0553 -
MITLL" <openssl-users-boun...@openssl.org on behalf of u...@ll.mit.edu>
wrote:
>First, Stephen and
I’ve an extremely naïve question. I am generating ephemeral EC keys for
ECDH, following the example in
https://wiki.openssl.org/index.php/EVP_Key_and_Parameter_Generation
But it looks like the example ends on generation of the private key:
/* Generate the key */
if (!EVP_PKEY_keygen(kctx, )) goto
>
>> On Fri, Mar 18, 2016 at 06:59:36PM +, Blumenthal, Uri - 0553 -
>>MITLL wrote:
>>
>> > Answered my own question: should use EVP_PKEY_bits(pkey) instead.
>>
>> That's not the right way to determine the curve id.
>>
>> > >Ho
Viktor and Jeffrey,
Thank you! Now I understand. And it works. ;)
--
Regards,
Uri Blumenthal
On 3/20/16, 22:38, "openssl-users on behalf of Viktor Dukhovni"
<openssl-users-boun...@openssl.org on behalf of
openssl-us...@dukhovni.org> wrote:
>
>> On Mar 20, 2016, at
?
> On Mar 20, 2016, at 10:32 PM, Blumenthal, Uri - 0553 - MITLL
> <u...@ll.mit.edu> wrote:
>
> dup_ekey = EVP_PKEY_get1_EC_KEY(pubkey);
> group = (EC_GROUP*) EC_KEY_get0_group(dup_ekey);
Declare the group as:
const EC_GROUP *group;
Then:
group = EC_KEY_get0_group();
> nid =
Thank you - employing the pointers (no pun intended :) that you gave, the
code now is doing exactly what’s needed, and utilizes RDRAND (as required
by the specs I have, and my personal preferences as well).
> set the default RAND_method to the engine
This is what I did not do originally -
On 3/25/16, 16:10 , "openssl-users on behalf of Michael Wojcik"
wrote:
>>I'm sure I'm missing something obvious, but why isn't the operation
>> XXX_verify_xxx() idempotent? It seems very weird that two subsequent
>>
I'm sure I'm missing something obvious, but why isn't the operation
XXX_verify_xxx() idempotent? It seems very weird that two subsequent calls to
verify() wouldn't return exactly the same thing.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
On 3/25/16, 17:17 , "openssl-users on behalf of Viktor Dukhovni"
wrote:
>>If I ask “is your passport valid”, I expect to be able to repeat this
>> question and (as long as this all is within a reasonably short time) get
On 9/2/16, 12:09 , "openssl-users on behalf of Salz, Rich"
wrote:
I thought DSA was more secure than RSA? Granted, "I thought" is a newbie
understanding.
This is completely wrong.
If you have a consistently good
>> There is a need to combine algorithms of different kind. Since the security
>> of
>> the chain is that of its weakest links - it necessitates comparison between
>> those different algorithms.
>
> Only if you think everything has to be equally protected.
Usually it is not “equally” but “at
And if you want to run it on OpenSSL-1.1, see the attached. ☺
--
Regards,
Uri Blumenthal
On 9/1/16, 6:18 , "openssl-users on behalf of mowiener"
wrote:
Many thanks Mounir, this is what I was looking for.
\
Disagree? Then propose a better way to combine algorithms.
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Salz, Rich
Sent: Sunday, September 4, 2016 08:44
To: noloa...@gmail.com; openssl-users@openssl.org
Reply To:
It is *not* keyspace. It is algorithm *strength* (complexity/best known effort
required to break it) expressed through key length. Again, propose better ways
if you can.
So what's your proposed method of combining algorithms? You reject the
commonly accepted approach, but when asked to offer
There is a need to combine algorithms of different kind. Since the security of
the chain is that of its weakest links - it necessitates comparison between
those different algorithms. Thus the assertion that the algorithms combined
together should match each other in strength, to avoid both
As "-list-curves" is not supposed to work here, what would be a good way to
tell if a given installation supports X25519?
Sent from my BlackBerry 10 smartphone on the Verizon Wireless 4G LTE network.
Original Message
From: Dr. Stephen Henson
Sent: Monday, November 14, 2016 15:02
To:
I’m trying to debug the case of a (bad) email client sending encrypted S/MIME
email that the recipient cannot decrypt (we suspect the problem is that the
sender chooses a wrong public key/certificate to encrypt to).
Unfortunately, recipient email clients do not help figuring this out. All
For S/MIME input:
$ openssl cms -in cms.eml -cmsout -print
For DER input:
$ openssl cms -inform DER -in cms.der -cmsout -print
Thank you!!!
The above gave me:
CMS_ContentInfo:
contentType: pkcs7-envelopedData (1.2.840.113549.1.7.3)
. . . . .
I have no experience with engines and little interest at present in going
there.
(
For CMS decryption without engines:
$ openssl cms -decrypt -recip cert.pem -inkey key.pem -in cms.eml
Thank you!! Decryption succeeded (using the signing key – which the sender
If the message is signed and then encrypted, you can then check the
signature on the decrypted output.
This is what the decrypted message looks like (it’s first few lines):
$ head ~/Documents/test-smime-decr.txt
Content-Type: multipart/signed;
You really should peruse the cms(1) manpage, daunting as that might be. :-)
Alas, it is! ;-)
> And if I (failing to validate the certificate chain) want to just check
> whether the decrypted message was tampered with – is there a way to do
> that (without validating the
> On Apr 6, 2017, at 5:00 PM, Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu>
> wrote:
Two problems here, the "Verification successful" message is just a
diagnostic message to "stderr" and should not be considered a
reliable indication of signat
The "numeric code" is the *exit* status of the program. You can
find it in "$?" directly after the execution of the command (in
any POSIX shell).
Got it, thanks! Luckily for me, it’s zero. ;-)
> Is there an equivalent, either in openssl tool itself, or in the email
> clients
> Handshake failed
>
> The SSL handshake could not be performed.
>
> Host: Reason: error:14094416:SSL
> routines:ssl3_read_bytes:sslv3 alert certificate unknown:state
> 23:Application response 500 handshakefailed
>
>
> generated 2017-04-24 15:28:13 by
> I use a 3rd-party application that is trying to update itself (so it’s
trying to “call home”).
> Naturally, I’m behind a corporate firewall and Web proxy. The app has
been configured to use
> that proxy. It fails to connect. Packet capture reveals the following:
You're
> I went through the capture between the app (local end) and the proxy. It
appears that the sequence is:
>
> ClientHello -> (from app to proxy, with a ton of cipher suites, including
0xc02f)
> <- ServerHello (with TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 –
present in
And in most cases (except those involving TPM-based platform attestation, which
I don’t think has anything to do with OpenSSL use cases), a separate hardware
token (like a smartcard, or an HSM) would IMHO be a much better and more usable
choice. PKCS#11 engine (libp11) to access those is quite
A naïve question. A certificate that contains SAN attribute(s) – is there a
limit on how many, say, RFC822 SAN attributes can a valid certificate have?
It’s been my understanding that a cert can contain as many SAN attributes as
needed, but it appears that Apple believes it has to be only
> It’s been my understanding that a cert can contain as many SAN attributes
as needed,
> but it appears that Apple believes it has to be only one (because
certificates with
> more than one are not processed properly).
Perhaps CAs have rarely issued email certificates with
y be owned/controlled
by different organizations.
Regards,
Uri
Sent from my iPhone
> On Apr 27, 2017, at 09:41, Jochen Bern <jochen.b...@binect.de> wrote:
>
> On 04/26/2017 07:13 PM, Viktor Dukhovni was digested as writing:
>> On Apr 26, 2017, at 1:03 PM, Blumen
04/27/2017 04:09 PM, openssl-users-requ...@openssl.org digested:
>> From: "Blumenthal, Uri - 0553 - MITLL" <u...@ll.mit.edu>
>>
>> You do not "revoke" a subset of attributes aka SAN emails. When any of
>> the certified attributes changes (i.e., is c
Classic requirement is that IV is unique per key.
As theoretical crypto evolved, and attacks like Chosen Ciphertext Attack (you
can make the victim to encrypt any plaintext of your choice (aka CPA), *and*
*decrypt* any ciphertext of your choice) were developed, CBC could not hold
against such
I use a 3rd-party application that is trying to update itself (so it’s trying
to “call home”). Naturally, I’m behind a corporate firewall and Web proxy. The
app has been configured to use that proxy. It fails to connect. Packet capture
reveals the following:
Handshake failed
The SSL handshake
> extensions: 4 items
> Extension (ns_cert_exts.comment)
> Extension Id: 2.16.840.1.113730.1.13
(ns_cert_exts.comment)
> BER Error: String with tag=22 expected
but
> Thank you! So it is the *client* that breaks the connection,
> and it is unhappy either about MiTM, or the encoding. I will
> check for both (though not much I can do about either).
Presumably you've added that cert to some trust store on the system in
question.
On 4/24/17, 7:26 PM, "openssl-users on behalf of Viktor Dukhovni"
wrote:
I get slightly annoyed when I take the time to help, but my response is
skimmed over and not read carefully. Upthread I said:
I’m playing with RSA-PSS signatures, and stumbled upon a few problems. I tried
the OpenSSL manual pages, but still coming short of complete understanding. :-)
This is how I initialize the contexts (error handlers removed for brevity):
ctx = EVP_PKEY_CTX_new(privkey, NULL);
> connection and then pass the detail of the application
> from the user to the remote machine.. You do this to many
>
> Sent from Mail for Windows 10
>
> From: Blumenthal, Uri - 0553 - MITLL
> Sent: Friday, April 28, 2017 4:33 PM
> To: openssl-users@openssl.org
> Subj
gical warfare, sending us depressing messages to break our spirit.
> Fortunately, as TLS users, we have built up a tremendous tolerance for
> depressing messages.)
>
> Michael Wojcik
> Distinguished Engineer, Micro Focus
>
>
>
> From: openssl-users [mailto:openssl-u
I sincerely hope it is not so.
--
Regards,
Uri Blumenthal
On 7/28/17, 15:47, "openssl-users on behalf of Jeffrey Walton"
wrote:
I thought RDRAND was disabled as the default random engine since
1.0.1f. Has that changed
AFAIK it must.
Regards,
Uri
Sent from my iPhone
> On Aug 17, 2017, at 09:21, Robert Moskowitz wrote:
>
> Should digitalSignature be included in keyusage in CA certs?
>
>
> https://jamielinux.com/docs/openssl-certificate-authority/create-the-root-pair.html
>
> Includes
I concur with Rich. CentOS is known for having outdated packages.
Regards,
Uri
Sent from my iPhone
On May 28, 2017, at 16:43, Salz, Rich via openssl-users
wrote:
>> I am trying to compile / install a utility from Source on CentOS that
>> utilizes OpenSSL 1.1.0
, 2017, Blumenthal, Uri - 0553 - MITLL wrote:
>>
>>
>> Semi-related question. Is RSA_NO_PADDING allowed for EVP signature? When I
>> tried that (without using DigestSign of course), signing succeeded but
>> verification always failed. Was that expected? Are th
just setting the padding type?
Thanks!
Regards,
Uri
Sent from my iPhone
> On Apr 29, 2017, at 19:34, Matt Caswell <m...@openssl.org> wrote:
>
>
>
>> On 28/04/17 20:29, Blumenthal, Uri - 0553 - MITLL wrote:
>> I’m playing with RSA-PSS signatures, and stumbled u
I seem unable to figure how to configure RSA-OAEP parameters (hash and MGF
functions) for “opensl pkeyutl” command.
The man page seems to say that only thing I can do is tell openssl CLI that I
want OAEP padding, and nothing more.
File “apps/pkeyutl.c” was of no help. Where can I find
I have to report that this M2Crypto release is broken, as it cannot find
OpenSSL installed in /opt/local (apologies for spamming multiple lists and
people):
/usr/bin/clang -fno-strict-aliasing -fno-common -dynamic -pipe -Os -DNDEBUG -g
-fwrapv -O3 -Wall -Wstrict-prototypes
7-10-11, 11:35 GMT, Blumenthal, Uri - 0553 - MITLL wrote:
>> And it is not installable via PIP, though to me being placed
>> on pypi site suggested that it should be (that's how I tried
>> to install it).
>
> What’s needed for package to be pip installable? I would think
>
t; said:
>
> mcepl> On 2017-10-10, 21:17 GMT, Blumenthal, Uri - 0553 - MITLL wrote:
> mcepl> > I have to report that this M2Crypto release is broken, as it
> mcepl> > cannot find OpenSSL installed in /opt/local (apologies for
> mcepl> > spamming multiple li
I’m debugging programmatic access to a (modified) pkcs11 engine. My system has
several OpenSSL installations: Apple-provided OpenSSL-0.9.8 (kept as that came
with the OS :), Macports-installed OpenSSL-1.0.2l (the main one installed to
/opt/local, used by everything Macports builds, and what I
An engine works with OpenSSL-1.1.0+. It needs to hook some methods, and it
accesses them via EVP_PKEY_meth_get_sign(), EVP_PKEY_meth_get_decrypt(), and
EVP_PKEY_meth_get_encrypt(). And the corresponding set() calls.
I’d like to backport this engine to OpenSSL-1.0.2. But 1.0.2 does not
18:54, Dr. Stephen Henson <st...@openssl.org> wrote:
>
>> On Fri, Sep 29, 2017, Blumenthal, Uri - 0553 - MITLL wrote:
>>
>> Apologies in advance for cross-posting ??? but I???m not sure which of the
>> two mailing lists this belongs to.
>>
>> A key (sa
Apologies in advance for cross-posting – but I’m not sure which of the two
mailing lists this belongs to.
A key (say, private key) is loaded from the pkcs11 engine via privkey =
ENGINE_load_private_key(engine, ); and this operation succeeds.
However the resulting key handle has its
OpenSSL dgst manual page only days that sigopt value are algorithm-specific.
Where are they described for ECDSA and RSA PSS?
Thanks!
Regards,
Uri
Sent from my iPhone
smime.p7s
Description: S/MIME cryptographic signature
--
openssl-users mailing list
To unsubscribe:
On 9/1/17, 16:26, "openssl-users on behalf of Michael Wojcik"
wrote:
>Bob, I just want to say thanks for producing this. Even if it never makes
> it out of I-D stage, there's a lot of useful information here.
>
7-10-11, 12:11 GMT, Blumenthal, Uri - 0553 - MITLL wrote:
>> Unfortunately, not quite. Being pip-installable means to the
>> majority of users that the package in question can be
>> installed via, e.g.,
>>
>> pip install M2Crypto
>
> I understand that, m
AFAIK, at this point pkcs11 engine doesn't support key generation.
The only viable options AFAIK are OpenSC (pkcs11-tool) and vendor-specific
applications like yubico-piv-tool.
Regards,
Uri
Sent from my iPhone
> On Sep 27, 2017, at 08:23, Dmitry Belyavsky wrote:
>
>
FWIW, I'm with Viktor in this argument. From cryptography point of view he's
right. I suspect he's right from the practical point of view as well.
P.S. Those concerned that a nation-state would attack them, are advised to
change the default config anyway.
--
Regards,
Uri Blumenthal
On
Funny. I have the same problem with the current master on one of my two MacOS
High Sierra machines. Surprisingly, the other machine builds and runs the
current master just fine. Configuration and build scripts are automated and
exactly the same between the two.
The “bad” machine runs a
so waiting for the answers right?
Yes I certainly am.
2018-02-15 6:57 GMT+09:00 Blumenthal, Uri - 0553 - MITLL <u...@ll.mit.edu>:
Funny. I have the same problem with the current master on one of my two MacOS
High Sierra machines. Surprisingly, the other machine builds and runs the
Actually, it all works just fine. Viktor's point about adding terminating "\n"
to the input text helped.
-BEGIN PRIVATE KEY-
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQDGlXflMDDD8kOP
TP5y06tSXe1g8G3uJAoGHT8NewYANIONuJEZveXnfL8+bJRIu8FDzeCc4SWsCISK
Same problem on Linux.
Regards,
Uri
Sent from my iPhone
> On Aug 2, 2018, at 07:47, The Doctor wrote:
>
> While compiling today's openssl 1.1.0 snap on FreeBSD 11.2
>
> I got
>
> /usr/bin/cc -I. -Icrypto/include -Iinclude -DZLIB -DZLIB_SHARED -DDSO_DLFCN
> -DHAVE_DLFCN_H -DNDEBUG
Since this example would show how to generate certificates that people may not
have a lot of experience dealing with - I think it would make a lot of sense to
document as much as possible.
In short: yes please do include the examples of both what the certs should look
like, and how to generate
> Here's the standards OpenSSL claims to implement:
> https://www.openssl.org/docs/standards.html.
So do many others, and yet when the RFC is impractical, a more practical
alternative is implemented.
I did not see RFC 5280 in the list of the implemented/supported standards.
ssl-1.1/lib -lcrypto
$ ./ttt
OPENSSL_VERSION_NUMBER 10101010
$ gcc -o ttt ttt.c -lcrypto
$ ./ttt
OPENSSL_VERSION_NUMBER 1000210f
$
On Sun, 2018-10-21 at 00:36 +0000, Blumenthal, Uri - 0553 - MITLL
wrote:
> I'm not sure I understand what you're doing, but:
>
&g
I'm not sure I understand what you're doing, but:
$ cat ttt.c
#include
#include
int main(void)
{
printf("OPENSSL_VERSION_NUMBER %lx\n",OPENSSL_VERSION_NUMBER);
return 0;
}
$ gcc -o ttt ttt.c -lcrypto
$ ./ttt
OPENSSL_VERSION_NUMBER 1000210f
$ gcc -o ttt -I$HOME/openssl-1.1/include ttt.c
If it builds a dummy engine - then shouldn't a dummy engine respond gracefully
to requests with something like "sorry I can't do anything useful", instead of
spitting outa puke of error messages in response to "openssl engine -t capi"?
Regards,
Uri
Sent from my iPhone
> On Sep 3, 2018, at
my iPhone
> On Sep 3, 2018, at 14:31, Blumenthal, Uri - 0553 - MITLL
> wrote:
>
> If it builds a dummy engine - then shouldn't a dummy engine respond
> gracefully to requests with something like "sorry I can't do anything
> useful", instead of spitting outa puke of err
On 9/20/18, 4:39 PM, "openssl-users on behalf of Viktor Dukhovni"
wrote:
Despite (IMHO) its increasing obsolescence and irrelevance, the LibreSSL
fork of OpenSSL 1.0.2 also supports ECDSA.
Yep.
> so openssl 1.1.0 or newer, and his Mac is infested with
> 0.98letter.
Macports team is working on upgrading OpenSSL to 1.1.1. It takes time because
they plan to move all the ports that depend on OpenSSL to that level. I assume
that once that is done, 1.0.2 won't be supported/available on Macports anymore.
Installation - as Dominyk said: "sudo port install
Note that the key to reproducing this issue is compiling SoftHSMv2 with 1.1.1.
When compiled with 1.0.2p, everything else can be compiled against 1.1.1 and it
works ok.
Regards,
Uri
Sent from my iPhone
> On Sep 21, 2018, at 02:09, Paras Shah (parashah) via openssl-users
> wrote:
>
> I
The docs site is screwed up.
CMS_sign is indeed documented for 1.1.1 - but you have to go there via
https://www.openssl.org/docs/man1.1.1 -> Libraries -> CMS_sign.html, which
would bring you to https://www.openssl.org/docs/man1.1.1/man3/CMS_sign.html
On 12/27/18, 14:00, "openssl-users on
I still would like to know where all the acceptable "dgst -sigopt" parameters
are described for RSA and ECDSA.
Google search and scouring openssl.org manual pages did not bring me anything.
On 8/24/17, 5:42 PM, "Blumenthal, Uri - 0553 - MITLL" wrote:
OpenSSL dgst m
:23 PM, Blumenthal, Uri - 0553 - MITLL
>> wrote:
>>
>> I still would like to know where all the acceptable "dgst -sigopt"
>> parameters are described for RSA and ECDSA.
>>
>> Google search and scouring openssl.org manual pages did not bring me
&g
The way I understand the ECDSA standard, it is supposed to truncate the
provided hash - which is why it is possible to have ECDSA-over-P256-SHA384.
One possibility would be for you to truncate the SHA2 output yourself, IMHO.
On 11/30/18, 12:36 PM, "openssl-users on behalf of Fuchs, Andreas"
as "letting the
> perfect be the enemy of the good", which is also known as "cutting off the
> nose to spite the face". It still cuts down on a huge number of potential
> attacks, and doing away with it allows those attacks to flourish again.
> (Which, by the way
>> Quoting from Peter Gutmann's "Engineering Security",
>> section "EV Certificates: PKI-me-Harder"
>>
>> Indeed, cynics would say that this was exactly the problem that
>> certificates and CAs were supposed to solve in the first place, and
>> that
> "Provided chain ends with unknown self-signed certificate".
I like this.
IMHO "unrecognized" would be more confusing.
I hope the team makes up their mind quickly.
On 12/4/18, 6:17 PM, "openssl-users on behalf of Michael Wojcik"
wrote:
> From: openssl-users
Since OpenSSL is more than just a TLS implementation, I agree with Michael and
support relaxing these checks when appropriate.
Regards,
Uri
Sent from my iPhone
On Mar 6, 2019, at 10:22, Michael Wojcik wrote:
>> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
>>
First, let me prefix that while I don't want to badmouth anybody, even
incompetence cannot excuse deliberately generating bad/unparsable encoding.
That's one of the cases when the cure is clearly worse than the disease.
On 3/21/19, 13:58, "openssl-users on behalf of Viktor Dukhovni"
wrote:
Hmm... Registering an OID dedicated to express this case should be feasible,
and perfectly within the ASN.1 rules. One question - where in the OID tree
would it live, as offhand I don't have any idea. It can't be too deep down, and
also, it better be fairly short.
>From the ASN.1 point of
+1 to Viktor's points.
Regards,
Uri
Sent from my iPhone
> On Mar 21, 2019, at 12:52, Viktor Dukhovni wrote:
>
> On Thu, Mar 21, 2019 at 01:00:14PM +, Salz, Rich via openssl-users wrote:
>
>>> This software however is 7 years old, we’re not in a position to drop
>>> everything and
On 1/31/19, 09:19, "openssl-users on behalf of Antonio Iacono"
wrote:
> Does anybody know how to use the smartcard to encrypt and decrypt files?
Smartcard performs public-key crypto operations, which aren't suitable for bulk
processing, such as file encryption/decryption. In
On 6/18/19, 5:44 PM, "openssl-users on behalf of Viktor Dukhovni"
wrote:
We should
perhaps provide getter/setter functions for the flags, or perhaps
even a specific function for indicating the value is a bitstring,
and how many bits it holds. For now the ASN.1 string is not an
1 - 100 of 162 matches
Mail list logo