Re: [openssl-users] sha256 digest support in v102l build missing; present in v110f. missing build flag?

> Then I've misunderstood the presence of the "-DSHA256_ASM" flag. > > What's it specifically used for? To remind me to double-check my answers? :( Sorry, they are present. The difference is that the help message in 1.0.2 isn't complete. Did you try the commands directly? -- openssl-users

Re: [openssl-users] automating my CA

> Alot of Online certificate providers have some kind of REST API. > > Is there such an API available as OSS or do i have to write one myself You might want to look at the IETF ACME protocol. There are many clients around. And the LetsEncrypt code is open source. -- openssl-users mailing

Re: [openssl-users] X509 subject public key id-RSASSA-PSS

1.0.2 does not have full RSA-PSS support; you can’t use it. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] X509 subject public key id-RSASSA-PSS

> Does your response mean, that RSA-PSS meanhile _is_ fully supported in 1.1.0? I hesitate to say fully, because there are no doubt parts that don't work. But RSAPSS signatures are supported. But more importantly, 1.1.1 not 1.1.0 > Any estimations about how much work has to be done for

Re: [openssl-users] Compatibility of OpenSSL (Debian)

A file DES3 encrypted here by OpenSSL 1.0.1t 3 May 2016 (Debian 7 or earlier version) is not accessible by OpenSSL 1.1.0f 25 May 2017 (Debian 9). Is this expected behavior? https://www.openssl.org/docs/faq.html#USER3 -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] documentation for 1.1.0

Links across versions don’t really work since we moved from “crypto” “ssl” to man3, etc. Perhaps we should just take them down. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] reading DER format public keys

➢ pkey = PEM_read_bio_PUBKEY(bio, NULL, ossl_pem_passwd_cb, (void *)pass); That only reads PEM files. If docs say otherwise, they are wrong. ➢ There must be a way to read DER format public keys. A raw public key? Or a cert? Or a pkcs object? Anyhow, doc/man3/d2i_X509.pod in master.

Re: [openssl-users] [openssl-dev] 20170914 snapshots

We did some system upgrades and they were down during the update time. As I’ve said before, please wait for at least a second day before writing about the snapshots. On 9/14/17, 8:09 AM, "The Doctor" wrote: They are missing in action! -- openssl-users mailing

Re: [openssl-users] Certificate Comparison

Convert from PEM to DER (via the X509_PEM_read_ funtions) and use X509_cmp. PEM format is not guaranteed – you could have differnet linebreaks, for example. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Un-signed CSRs

Ø Has anyone had success parsing un-signed CSRs? By its definition a CSR is signed. So this will not work. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Why wasn't the fix for IP name restrictions included in 1.0.2 ?

➢ However for some unknown reason, this was not included in 1.0.2 which thus still rejects all such certificate chains. Because it was seen to be a feature, not a bug-fix? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Why wasn't the fix for IP name restrictions included in 1.0.2 ?

➢ But the patch was put in git almost 10 months before 1.0.2 initial release. We weren’t using git back then. So maybe it’s a bad/confusing import. Maybe matt can explain. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

Openssl 0.9.8 is old and obsolete and has security issues; you should upgrade. But even if you upgrade, the ocsp command will not listen on HTTPS; that is not supported. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Research papers on TLS 1.3

You should look at the IETF TLS working group. Also, there was a mini conference, TLS Ready or Not, that has a bunch of useful papers. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DH_generate_key Hangs

1.0.2 and 1.1.0, whatever the highest letter is, are the supported releases. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DH_generate_key Hangs

Okay, you seem to be looking for an answer and there isn’t one. The release you are using has problems when it decided to walk the heap. The release you are using WILL NOT BE FIXED. Change your code, backport the fix, or move to a more modern release. Sorry, there is no other way. --

Re: [openssl-users] DH_generate_key Hangs

You could try to backport the win_rand file from a more recent release. Far better, as Michael first said, to move to 1.0.2 or later. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Why is this OCSP response reporting a hash using SHA1?

Ah, put -sha256 in the CLIENT request. Seems kind of backward. Or at least the server should have some control over the hash used? Well, it is the client that is making the request, so therefore the client needs to hash the cert information. A production-quality OCSP

Re: [openssl-users] Query on usage of openssl 1.1.0f with openssl-FIPS

Ø I am unable to find the openssl-fips module for 1.1.0f. Do you know when it will be available? We have no date. Work hasn’t fully started, and isn’t fully funded. Perhaps your company would like to help? :) See our blog for updates (look in the archive for postings with FIPS in the title;

Re: [openssl-users] Env variables in config file to add a whole line

… $crlDP $ocspIAI This is not supported. You can only put variables in *values* -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt regarding O-SSL and setting the duration of certificates

An X509v3 certificate has “notBefore” and “notAfter” fields. If either of those is not present, then it is not an X509v3 certificate. The time marked by those fields is the validity period. If you want “never expires” X509v3 certificates, the best you can do it put a very large value in the

Re: [openssl-users] How to emulate EVP_PKEY_meth_get_sign() on OpenSSL-1.0.2?

Ø Is there a way to emulate the above calls, and achieve similar result on OpenSSL-1.0.2? Just pull the fields out of the struct directly? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Manually shutdown the library

The original issue was discussed here:

Re: [openssl-users] ERR_add_error_data

Ø What happens if I call the ERR_add_error_data twice? Will it add the arguments or replace them? It replaces, free’ing the old. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] problem with -aes256 and -outform der in cmmand

➢ But if I use format=der I do not get prompted for the password. DER does not support encryption. The bug is that the command does not tell you this. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] problem with -aes256 and -outform der in cmmand

➢ OK. And why does DER not support encryption Because it is not defined. If you want to encrypt keys, you need to use PKCS12 which might be too much for your application. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Using set_serial to control serial number size directly

But in doing this, I can't figure out if there is a risk on serial number size for a root CA cert as there is for any other cert. I don’t understand what attack you are concerned about, but the size of the serial number should not matter for *any* certificate. -- openssl-users

Re: [openssl-users] Using set_serial to control serial number size directly

If the root is going to be trusted, make its serial number be one. ☺ Otherwise use eight bytes of random as the serial number, if you follow CABF guidelines. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Using set_serial to control serial number size directly

➢ Thus how large does this random number have It’s also to protect against predicting serial numbers and being able to leverage that. It’s not just (nor really mainly) the MD5 digest attacks. According to CABForum, you need 8 octets. No reason not to use more if you can. ➢ page was

[openssl-users] CVE 2017-3735 OOB read

From https://www.openssl.org/news/secadv/20170828.txt OpenSSL Security Advisory [28 Aug 2017] Malformed X.509 IPAdressFamily could cause OOB read (CVE-2017-3735) === Severity: Low If an

Re: [openssl-users] Cant seem to get prompt no to work

In the CA section, you have to specify which fields you need/want in the DN. This is the “policy” identifier which points to a section that names the RDN’s you want/need. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Cant seem to get prompt no to work

Use the –batch flag to avoid all prompting -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] how to compile out selected ciphers

What version of openssl are you building? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] [openssl-dev] How to use BIO_do_connect(), blocking and non-blocking with timeout, coping with errors

FWIW, there’s a ‘libtls’ library from the libre folks that might be worth looking at. If you come up with useful snippets we can start by posting them to the wiki, for example -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DH_generate_key Hangs

* Compared code of RAND_poll(void) between 1.0.1 and 1.0.2 and it seems no change Sorry, then try 1.1.0 The HEAPWALK bug/issue is fixed there. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Openssl FIPS 186-4 Patch

➢ This FIPS186-4 is not just about SHA. It basically about the key generation parameters. Especially I am looking for RSA key generation parameters wrt FIPS 186-4. I do not know how you got the opinion that OpenSSL has 186-4 support. It does not. Perhaps other people have written

Re: [openssl-users] CRL signature verification

➢ I was more talking about the parsing. Currently I have 40 LOC [1] to Look at X509_get1_ocsp which is in crypto/x509v3/v3_utl.c That’s in 1.0.2 and later ➢ > X509_CRL_verify. And yes, looking through to find the serial# is what you have to do. ➢ That's 1.1-specific, correct?

Re: [openssl-users] CRL signature verification

➢ I used libcrypto to parse out the OCSP URL from the certificate validate it against a whitelist of valid OCSP URLs, send an OCSP request and validate the response and its signature against a custom certificate store, and then parse out the result. Two points on that: ➢ -

Re: [openssl-users] Issue with DTLS for UDP

Can you build with debugging enabled? IT might make things easier. But note that BIO_method_type is a trivial function, return b->method->type; which implies that a pointer got clobbered as being a likely cause. Are you sure your code didn’t smash something? #5

Re: [openssl-users] Compiling OpenSSL 1.0.2l static library with FIPS -2.0.16 on Windows

* FYI, I came up with following manual solution to correctly build 1.0.2l static library with FIPS - 2.0.16 on Windows, using Visual Studio 2015. This seems to work, and I no longer need to carry run time DLLs along with the application. I feel this should be an acceptable solution. Does

Re: [openssl-users] Compatibility between different openssl versions

* Whether openssl 1.0.x and 1.1.x can interwork ? Yup. As long as they share a TLS version, no problem. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] How to get SNI info from s_client debug logs?

* 1. Why does s_server need option "-servername"? For debugging, so that you can test that clients are sending the right SNI extension and properly handling the TLS error when they don’t. * 2. It looks options -servername and -alpn cannot work together. Yes, kind-of. The s_client

Re: [openssl-users] How to get SNI info from s_client debug logs?

The “server name” is something that the client sends to the server. This allows a single host to server multiple “virtual hosts” From: John Jiang Reply-To: openssl-users Date: Sunday, November 26, 2017 at 9:59 PM To: openssl-users

Re: [openssl-users] FIPS certification for openssl

> That said, it wouldn't hurt for the OMC to post a message to the list stating > that business will continue as planned, since two very key figures have left > the project. I have two reactions, just my personal view. First, it’s premature to say anything, we’re still figuring things out.

Re: [openssl-users] FIPS certification for openssl

We are no longer doing additional platforms for the existing certifications. We are working on a plan for future FIPS validation, based on the 1.1.x line. From: Sandeep Umesh Reply-To: openssl-users Date: Wednesday, November 29, 2017 at 7:30 AM

Re: [openssl-users] FIPS certification for openssl

> My number one complaint is that it seems like the defaults are generally set > up to do the wrong things, and the application has to either explicitly set > "yes, you should be secure" options or do stuff on its own. This seems to > have been getting better - gaining hostname validation, for

Re: [openssl-users] FIPS certification for openssl

➢ It probably wouldn't hurt to post something to the lists when there's a blog post with news like this - items that subscribers would likely feel is important. Blog posts like the recent "OpenSSL in China" series probably don't need to be mentioned on the lists. But it's subjective, and I

Re: [openssl-users] Lattice Ciphers

Okay, FF does ECDHE not DHE/EDH. The whole industry does that, and most are using X25519 which was developed by Dan Bernstein. The Guardian article you referenced didn’t even have the word curve in it. My question – do you have a reference that shows Schneier says not to use elliptic curve –

Re: [openssl-users] FIPS 2.0 build_tests using cross for ppc64

* My target can’t support native build environment, so I must use cross. * Is there any way to fix those errors? If you make any changes to the FIPS build procedure, then the result is not FIPS validated. I think the build procedure does not support cross-compiling very well, because

Re: [openssl-users] Lattice Ciphers

* I find that Firefox refuses to do any ephemeral ciphers whatsoever. What the heck? Why am I surprised. Somebody paid them. I don’t know what server you are testing against, but FF does ECDHE all the time with no problems. * If you follow Schnieder, elliptic curve is not an

Re: [openssl-users] Multiple parallel connections in s_server?

The s_server program is not multi-threaded, it does one connection at a time. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Latest releases missing from website

➢ Hmmmits working for me. Perhaps an Akamai issue Rich Salz? Don’t know, looked okay to me. I re-flushed the cache -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Potential memory leak in RSA_private_decrypt

➢ http://openssl.6102.n7.nabble.com/Memory-issues-with-ssl-handshake-td20851.html#a20854. ➢ Don't understand why this issue is not encountered by other users and why it has not been fixed for so many years. The first part answer the second. It is not encountered by others,

Re: [openssl-users] Help with making a SHA >1 certificate

➢ -days on req when generating a request does noting, and should perhaps produce a warning, since this option is only meaningful when used with the -x509 option to produce a self-signed cert instead of a request. https://github.com/openssl/openssl/pull/4692 -- openssl-users mailing

Re: [openssl-users] Potential memory leak in RSA_private_decrypt

There is something strange with the RSA private key or it’s BN_CONT object. Are you sure that you are properly releasing all OpenSSL objecdts in your code? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] FIPS 186-4 RSA CAVS

➢ Please share if any patch available for CAVS algorithm test support for RSA 186-4. There is not. Unless someone in the community has one they are willing to share. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Wanted details on ./config or Configure options

> remove unwanted engine files to go away from compilation. OpenSSL 1.01x 1.0.1 or 1.1.0 release? I’m guessing 1.0.1, since many of those engines are removed from 1.1.0 -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Troubleshooting SSL connections

Have you thought of putting a packet-capture on, say, the client side and then viewing it? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Serial Number with OpenSSL

* When I see SSL certificates, their serial number is like this : 0A:8D:9A:4Q:8X:1A:0B:88:18:1Z Serial numbers are displayed as hex values, so my guess is you just typed that “as an example” since Q X Z aren’t valid hex characters. Or perhaps it was an extension (like device serial) that

Re: [openssl-users] FIPS certification for openssl

>My personal priority list for OpenSSL is bug fixes and code cleanup > (static and dynamic analysis of the 1.1.x codebase would be good, and one of > these days I'll get around to doing it myself), We do run coverity weekly, and anyone can sign up to see the results BTW -- openssl-users

Re: [openssl-users] ECC ciphers in OpenSSL and Citricom Patent/License terms

README.ECC has never been part of 1.0.2 and is always part of the the 1.1.0 tarballs; do you have evidence otherwise? I don’t think the team is going to answer any questions beyond what is already in the distrubtuion and website except to say that the license is NOT limited to the FIPS

Re: [openssl-users] ECC ciphers in OpenSSL and Citricom Patent/License terms

➢ The OP claimed the file was only in the FIPS tarballs, and not in the OpenSSL tarballs. My questions were based on that. So the OP is wrong. ➢ Saying "in the distribution and website" is also quite vague and thus another example of a non-answer. No it’s not. The OpenSSL

Re: [openssl-users] Disable SSL_ERROR_WANT_READ / WRITE ?

➢Or at least that used to be the case. TLSv1.3 got rid of renegotiation, so if you have a TLSv1.3 connection, it will never renegotiate. But it could ask for a certificate, which would trigger SSL_WANT_WRITE -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] [openssl-dev] A question DH parameter generation and usage

You can re-use the keys, but then you get no forward secrecy, and sessions generated with one connection are vulnerable to another. Why are you using DH? Unless you have compelling reasons (interop with legacy), you really should use ECDHE. -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] Generating CSR based on an x25519 public key

They are NOT using a 25519 certificate; it says “key exchange” From: Codarren Velvindron Date: Saturday, October 21, 2017 at 9:38 AM To: Rich Salz , openssl-users Subject: Re: [openssl-users] Generating CSR based on an x25519

Re: [openssl-users] Generating CSR based on an x25519 public key

* How would we be able to achieve this? I have read somewhere on a 2016 mail in the archives that it is an "encrypt-only" algorithm and that is not possible. X25519 is a key-exchange-only algorithm. Ed25519 is a signing algorithm. Unlike classic RSA, the signing and the key exchange are

Re: [openssl-users] freeing of X509_CRL object

5537: asn1_do_lock (tasn_utl.c:79) ==31919==by 0xB352767: asn1_item_embed_free (tasn_fre.c:88) ==31919==by 0xB3528D4: ASN1_item_free (tasn_fre.c:20) Regards, Raghavendra On Fri, May 11, 2018 at 3:40 PM, Salz, Rich via openssl-users <openssl-users@openssl.org<mailto:openssl-u

Re: [openssl-users] freeing of X509_CRL object

The print routine does not free anything. From: Raghavendra a Reply-To: openssl-users Date: Friday, May 11, 2018 at 5:53 AM To: openssl-users Subject: [openssl-users] freeing of X509_CRL object Hi All, In my program,

Re: [openssl-users] freeing of X509_CRL object

fre.c:88) ==31919==by 0xB3528D4: ASN1_item_free (tasn_fre.c:20) Regards, Raghavendra On Fri, May 11, 2018 at 3:40 PM, Salz, Rich via openssl-users <openssl-users@openssl.org<mailto:openssl-users@openssl.org>> wrote: The print routine does not free anything. From: Raghavendra a <r

Re: [openssl-users] Receive throttling on SSL sockets

There are TLS control messages which could flow in either direction, spontaneously. Renegotiation (pre TLS 1.3), tickets (TLS 1.3), and so on. I cannot comment on if your proposal would work or not, sorry. From: Alex H Date: Saturday, May 19, 2018 at 5:03 AM To: Rich

Re: [openssl-users] Proper syntax for -header host switch

>In 1.1.0 and later it is documented: And in 1.0.2 it was documented in January, 2017. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Proper syntax for -header host switch

In 1.1.0 and later, the flag takes a single parameter in name=value. Yes that’s strange, but it means that in the common case you don’t need to do any quoting: -header Host=ocsp.example.com In 1.0.2 it takes two parameters -header Host ocsp.example.com --

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

What version of OpenSSL are you using? Using the time to seed the RNG is horrible; DO NOT DO THAT. Not trying to be insulting, but if you think time is a good source, then you really don't know what you're doing for RNG's. Consider looking at the master branch, with its highly-improve seeding

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

>Well what I was alluding to is this the correct use of the RAND_add > function to seed the Key generation. Its a bit confusing certainly. You are calling the API correctly. That should have been clear from the manpage. You still did not tell us what version of OpenSSL you are using.

Re: [openssl-users] Receive throttling on SSL sockets

TLS is a bidirectional protocol. You can’t throttle only one side. From: Alex H Reply-To: openssl-users Date: Friday, May 18, 2018 at 7:21 PM To: openssl-users Subject: [openssl-users] Receive throttling on SSL

Re: [openssl-users] Error compiling openssh with openssl

* So is there is any other way we can still make it work without disabling FIPS mode ? No. The version of openssh you are using makes API calls that are not allowed in FIPS mode. I suspect later versions of OpenSSH also do this, and therefore “FIPS mode openssh” will require some coding

Re: [openssl-users] Error compiling openssh with openssl

>This is one of several reasons why FIPS 140-2 is a problem. Unfortunately > the FIPS 140-3 effort seems to be moribund, and I haven't heard anything > about "ISO FIPS" in some time. If I understood what was said at the ICMC conference last month, the FIPS 140-3 plan is to just point to

Re: [openssl-users] OpenSSL 1.1.0: No X509_STORE_CTX_set_cert_crl() function?

It looks like in OpenSSL 1.1.0 I can no longer do that. There are only functions available that return various function pointers from a X509_STORE_CTX structure (like X509_STORE_CTX_get_cert_crl), but there are no corresponding counterparts to set the function pointers. This

Re: [openssl-users] OpenSSL 1.1.0: No X509_STORE_CTX_set_cert_crl() function?

>Should I file an issue on GitHub about the missing setters? That would be great, thanks. Glad you got something to work. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] OpenSSL patch for CHACHA cipher support in OpenSSL 1.0.2

>Just curious, is there a possibility to patch CHACHA cipher specific > changes to OpenSSL 1.0.2 version still and get SSL handshake succeed? It can be done; CloudFlare posted some patches at https://github.com/cloudflare/sslconfig/tree/master/patches but I think they used the pre-IETF

Re: [openssl-users] Blog post on the new LTS release

>This didn't show up in my RSS client. Is the RSS feed not working, or is > it just my client? It probably sat in draft form for too long, and went out with the old date. Oops. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] PRNG is not seeded

>I know this is caused by a lack of available entropy in the system; but what >can I do to address this? Is it just a matter of waiting until enough entropy >has been collected? Is there any kind of workaround? Assuming you don’t have another source of randomness that you can add in, then

Re: [openssl-users] Fwd: basic constraints check

* We generated intermediate02 such that it has "basicConstraints" extension and "keyUsage" missing. Now we used this intermediate 02 CA to sign server certificate. If those extensions, which are *optional,* are not present, then there is no limit on how the keys may be used, or how long

Re: [openssl-users] Fwd: basic constraints check

is there. But it is getting called only for server certificate. Thanks Sandeep On Thu, May 31, 2018, 11:39 PM Salz, Rich via openssl-users mailto:openssl-users@openssl.org>> wrote: * We generated intermediate02 such that it has "basicConstraints" extension and "keyUsage&

Re: [openssl-users] Selection of DHE ciphers based on modulus size of DH

Without commenting on whether or not your understanding is correct (the client gets the params and can see how big the key is, no?), I will point out that the way DHE works is defined by the IETF RFC’s, and they have not changed. -- openssl-users mailing list To unsubscribe:

[openssl-users] Blog post on the new LTS release

We just posted a new blog entry on long-term support, the different phases, and so on. It’s here: https://www.openssl.org/blog/blog/2018/05/18/new-lts/ TL;DR is that the upcoming 1.1.1 will be our next LTS release. -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] Polling fd before SSL_read() and renegotiations

>The code above does what I want - except for renegotiations! Do you absolutely, positively, HAVE TO support renegotiation? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] How to send alert in handshake?

As in sending a non-fatal alert? There's no API to do that. And it probably wouldn't work anyway, as most runtimes treat any alert as fatal. Your best bet is to implement the right callback (depends on which version of openssl you are using) and return an error if the SNI isn't one of your

Re: [openssl-users] License change still scheduled for 1.1.1 ?

* Do you still plan to switch to Apache license for the final 1.1.1 release? That is still our goal, as stated. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Double TLS 1.3 session ticket?

>connecting s_client to s_server with TLS 1.3 seems to cause two successive session tickets to be sent by the server (see below). >Is this expected? Yes. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Double TLS 1.3 session ticket?

>Thanks, it does not happen with mozzilla implementation (tls13.crypto.mozilla.org), is this openssl specific or part of the specification? The specification allows a server to send one or more tickets, at its discretion. -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] Call for testing TLS 1.3

>Interoperability issues with middle-boxes or existing software written for > TLS 1.2. Facebook, Google, and Mozilla did lots of testing with TLS 1.3 and middleboxes. If something was missed, the whole Internet will have problems. Existing software is the question we are trying to

Re: [openssl-users] Posting a question

* I have posted my question into the forum. Please kindly approve it as soon as possible. Which forum? The fact that you were able to post to the openssl-users mailing list means you should just post your question, well, to the openssl-users mailing list. ☺ -- openssl-users mailing list

Re: [openssl-users] Call for testing TLS 1.3

Akamai has had millions of connections with megabytes of data exchanged. This is with partial deployment on our network, and requiring customers to opt in to enable beta-testing. We have found no issues. We don't do 0RTT. We are using our own server. I was surprised by how many connections

Re: [openssl-users] Call for testing TLS 1.3

Sorry, typo. We've had hundreds of millions of connections, with megabytes of data exchanged." On 4/30/18, 11:52 AM, "Salz, Rich" wrote: Akamai has had millions of connections with megabytes of data exchanged. This is with partial deployment on our network, and

Re: [openssl-users] Call for testing TLS 1.3

>The issue is most likely that no one "in the wild" has done any testing of significance. I thought the Akamai numbers were significant. I can certainly see tls1.2 exchange but there is nothing for tls1.3 and so I am working on getting a site up pronto ( in the wild ) to

Re: [openssl-users] How to prove a Certificate is Signed or not

On 5/3/18, 4:24 AM, "morthalan" wrote: No, technically not. I am just searching for a simple method just to check a certificate is signed by CA or not. Because. Something like signing check, I am not quite sure, I do not have proper knowledge on

Re: [openssl-users] How to prove a Certificate is Signed or not

>After the generation of SignedCertificate.pem. I would like to write function to verify the SignedCertificate.pem, whether it is signed or not. That is still not an accurate description. By definition, a certificate is *signed data.* It appears as a bitstring in the X509 data

Re: [openssl-users] SSL Cert serial number non-uniqueness impact

The combination of (issuer,serial#) is the only way to get a unique identifier for a certificate. Lots of software depends on certs being uniquely identifiable. What happens if that assertion is not true? Some things will break. What? Well, it depends on the software, and which certs are

Re: [openssl-users] OpenSSL error message when decrypting Ethereum encrypted private key

For CBC the encrypted text will be a multiple of the cipher size. So your use of CBC is wrong. The quoted post uses aes256; you were using aes-cbc -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

<    1   2   3   4   5   >