OpenSSL 1.1.1 (full support) expires 2022-09-11, any plans for a full bug fix release?

OpenSSL 1.1.1 full support expires on 2022-09-11; it then enters security-fix-only mode until 2023-09-11. Are there any plans for a final bug-fix release of 1.1.1 in the next couple weeks (and hopefully a 3.0 release as well)? -- -Todd Short // tsh...@akamai.com // "One if by land, two if by

Re: OpenSSL 3.0 LTS

Apple uses LibreSSL, not OpenSSL, in their recent OSes: ~$ openssl version -a LibreSSL 2.8.3 built on: date not available platform: information not available options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx) compiler: information not available OPENSSLDIR: "/private/etc/ssl" ~$

Time for OpenSSL 1.1.1l?

The cadence of 1.1.1 release is supposed to be quarterly (I seem to recall reading that somewhere, but I can't find it)? It has been almost 4 months since 1.1.1k (25-March-2021) was released. Are there any plans for 1.1.1l (ell)? -- -Todd Short // tsh...@akamai.com // “One if by land, two if

Re: Serialize/Deserialize SSL state

Not without a lot of work. It’s not part of the current API. We have tried doing an internal implementation; it was over 1K of new code, and it wasn’t complete. -- -Todd Short // tsh...@akamai.com // “One if by land, two if by sea, threeif by the Internet." > On Aug 9, 2019, at 3:42 PM, Osama

SSL_check_chain() broken

Hi, It looks as though SSL_check_chain() use within the cert_cb (as recommended) was broken by PR 7257. PR 7257 moves setting the shared_sigalgs to after the cert_cb takes place, but deep down in the call stack, SSL_check_chain() has a dependency on shared_sigalgs being set. In 1.1.1, the

Re: AES-cipher offload to engine in openssl-fips

No. The OpenSSL FIPS Module is not written that way. It should not be permitting any non-FIPS implementations (see Rich's email regarding a bug). You could write your own engine, get that FIPS certified, and run it with plain, vanilla OpenSSL. There's a design spec out for OpenSSL 3.0.0 that

Re: Stitched vs non-Stitched Ciphersuites

et." On Feb 26, 2019, at 10:40 AM, Matt Caswell mailto:m...@openssl.org>> wrote: On 26/02/2019 15:03, Short, Todd via openssl-users wrote: The latest security advisory: https://www.openssl.org/news/secadv/20190226.txt mentions stitched vs. non-stitched ciphersuites, but doesn’t really

Stitched vs non-Stitched Ciphersuites

The latest security advisory: https://www.openssl.org/news/secadv/20190226.txt mentions stitched vs. non-stitched ciphersuites, but doesn’t really elaborate on which ciphersuites are stitched and non-stitched. "In order for this to be exploitable "non-stitched" ciphersuites must be in use.

Re: [openssl-users] Extracting decrypt key for AES from openssl on client side

I have seen this done for hardware acceleration; where the crypto chip can do everything except the handshake. (In fact, this mechanism protected at least one device that I know of from the Heartbleed debacle, since the hardware crypto did not understand the record type.) Look at how the

Re: [openssl-users] How to build libcrypto64*.lib and libssl64*.lib on Windows 64-bit?

Could that be LibreSSL? (Or some similar wrapper for OpenSSL?) https://github.com/Ruzzz/LibreSSL This above repo creates libraries in the named format below; to match how Microsoft provides multiple versions of libraries. Looks to be debug (d) and multi-thread (MT?) versions of the libraries;

Re: [openssl-users] Re-enable 3DES on NGINX + OpenSSL 1.1.1

3DES is considered to only be 112 bits in strength. The default security level is 1 (which allows most things), perhaps nginx resets the security level to 3 or greater (which means a minimum of 128-bit ciphers). -- -Todd Short // tsh...@akamai.com // "One if by land,

Re: [openssl-users] QNX 6.5 OpenSSL Build

You can add the "no-dso" option to the command line to avoid this feature, but you lose access to loading engines. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Sep 16, 2018, at 1:04 PM, Viktor Dukhovni

Re: [openssl-users] Problems with man page code example at EVP_EncryptInit

PRs on GitHub to fix documentation are always welcome. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Sep 5, 2018, at 10:18 AM, Sam Habiel mailto:sam.hab...@gmail.com>> wrote: I had to double check something--I was

Re: [openssl-users] Regarding Openssl 1.0.2p bn changes

https://github.com/openssl/openssl/commit/327b2c01 -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Aug 24, 2018, at 12:18 AM, Manish Patidar mailto:mann.pati...@gmail.com>> wrote: Hi, I have doubt regarding the bn

Re: [openssl-users] Backup of existing ssl connection

Agreed, Iooked at this when creating a failover service, and trying to replicate all the TCP and TLS data ended up using significant CPU processing and network bandwidth that it wasn’t worth it; in addition to intrusive OpenSSL changes. You should try to have a way to detect and re-establish a

Re: [openssl-users] TLS-Session

TCP Nagle + TCP Delayed ACKs can cause what appears to be the ClientHello being retransmitted. Tweaking these TCP options will give you better initialization performance. TCP_NODELAY TCP_QUICKACK This may not help the "end session" issue. -- -Todd Short //

Re: [openssl-users] About 1.0.2p version release !!

M To: "openssl-users@openssl.org" Subject: Re: [openssl-users] About 1.0.2p version release !! On 08/10/2018 08:27 PM, Short, Todd via openssl-users wrote: RFC 8446 (TLS 1.3) was just published about ~30 minutes ago. Wonderful ! Todd are you okay[1] with your name being here :

Re: [openssl-users] About 1.0.2p version release !!

RFC 8446 (TLS 1.3) was just published about ~30 minutes ago. -- -Todd Short // Sent from my iPhone // "One if by land, two if by sea, three if by the Internet." > On Aug 8, 2018, at 4:22 PM, Matt Caswell wrote: > > > >> On 08/08/18 21:15, The Doctor wrote: >>> On Wed, Aug 08, 2018 at

Re: [openssl-users] Packet capture SSL traffic

wireshark.org; it will decode it for you as well. EKR used to have a utility on this website, but it’s likely out of date. Wireshark has been more frequently updated. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if

Re: [openssl-users] Error compiling openssh with openssl

You will need to patch OpenSSH to not call the SHA256_XXX() APIs directly. To work with FIPS enabled, the EVP API must be used for all crypto operations. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Jun 11, 2018,

[openssl-users] Fwd: [openssl-dev] QUIC

FYI: Matt Caswell realized how critical TLSv1.3 (and subsequently OpenSSL) is to QUIC. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." Begin forwarded message: From: Benjamin Kaduk via openssl-dev

Re: [openssl-users] [openssl-dev] verify depth behavior change from 1.0.2 to 1.1.0?

Ben Kaduk: Do we know the values that are being passed to SSL_CTX_set_Verify_depth() match the -verify_depth argument, or do they differ? If they differ, do identical arguments to the function behave the same in 1.1.0 and 1.0.2? Viktor: What we’re getting at here, is that this appears to be a