subject:"Re\: \[openssl\-users\] DSA with OpenSSL\-1.1"

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-05 Thread Philip Bellino

Well, since we will never go to 1.1, I guess we don't have to worry about it.


From: openssl-users <openssl-users-boun...@openssl.org> on behalf of Kurt 
Roeckx <k...@roeckx.be>
Sent: Saturday, July 2, 2016 5:53:20 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] DSA with OpenSSL-1.1

On Fri, Jul 01, 2016 at 05:17:35PM +0100, Matt Caswell wrote:
>
> "ALL:!COMPLEMENTOFDEFAULT:!eNULL"

Maybe we should use "-" instead of "!"?


Kurt

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[E-Banner]<http://www.mrv.com/products/os-v>


MRV Communications is a global supplier of packet and optical solutions that 
power the world's largest networks. Our products combine innovative hardware 
with intelligent software to make networks smarter, faster and more efficient.



The contents of this message, together with any attachments, are intended only 
for the use of the person(s) to whom they are addressed and may contain 
confidential and/or privileged information. If you are not the intended 
recipient, immediately advise the sender, delete this message and any 
attachments and note that any distribution, or copying of this message, or any 
attachment, is prohibited.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-02 Thread Kurt Roeckx

On Fri, Jul 01, 2016 at 05:17:35PM +0100, Matt Caswell wrote:
> 
> "ALL:!COMPLEMENTOFDEFAULT:!eNULL"

Maybe we should use "-" instead of "!"?


Kurt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-02 Thread Kurt Roeckx

On Fri, Jul 01, 2016 at 03:54:45PM +, Salz, Rich wrote:
> 
> > In short: Removing support for DSA in OpenSSL would prevent some of our
> > products from updating to 1.1.x for a significant length of time, probably
> > years.
> 
> We have no plans to do that.

But we do change defaults, and it no longer works by default.


Kurt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-01 Thread Matt Caswell

On 01/07/16 16:57, pepone.onrez wrote:
> On 1 July 2016 at 16:51, pepone.onrez  wrote:
>> On 1 July 2016 at 16:40, Matt Caswell  wrote:
>>>
>>>
>>> On 01/07/16 15:22, pepone.onrez wrote:
 On 1 July 2016 at 15:39, Matt Caswell  wrote:
>
>
> On 01/07/16 14:29, pepone.onrez wrote:
>> Hi,
>>
>> After upgrade my software to use OpenSSL-1.1 one of the test is
>> failing, the test in question client and server are configured to use
>> DSA certificates. The server is configured to request a client
>> certificate.
>>
>>SSL error occurred for new outgoing connection:
>>remote address = 127.0.0.1:47812
>>error # = 336151568
>>message = error:14094410:SSL routines:ssl3_read_bytes:reason(1040)
>>location = ssl/record/rec_layer_s3.c, 1467
>>data = SSL alert number 40
>
> Is this the error you get on the server or the client? The above
> indicates the connection was aborted because a HandshakeFailure alert
> was received from the peer. Therefore you need to look at the other end
> of the communication and see if there is some error message that
> indicates why the alert was sent.
>
> Matt
 That was on the client, looking at the server I see it reports there
 is no shared
 cipher

SSL error occurred for new incoming connection:
remote address = 127.0.0.1:36951
error # = 337092801
message = error:1417A0C1:SSL
 routines:tls_post_process_client_hello:no shared cipher

 I have try to enable all ciphers with ALL:@SECLEVEL=0, but still get
 the same error,
 it is not clear why server client don't find a common cipher here.
> 
> I was not correctly setting the ciphers, Adding DHE to my ciphers and things
> work fine.
> 
> With 1.0.0 I only have DEFAULT:DSS, I guess DHE is not longer in the DEFAULT
> set

There are DHE ciphersuites in the default set, but there are no DSS
ciphersuites.

"DEFAULT" is treated as a special case when processing a cipher string -
and works completely differently to other keywords that you might use.
Most keywords are aliases for a set of ciphersuites, so "DHE" is the set
of all ciphersuites that use DHE; "DSS" is the set of all ciphersuites
that use DSS; "AES" is the set of all ciphersuites that use AES and so
on. "DEFAULT" on the other hand must appear first in a cipher string and
is just shorthand for saying:

"ALL:!COMPLEMENTOFDEFAULT:!eNULL"

COMPLEMENTOFDEFAULT is the set of ciphersuites that we don't switch on
by default (excluding eNULL based ciphersuites), and the "!" means
permanently switch off. So in other words DEFAULT is shorthand for
saying take ALL ciphersuites, and then permanently remove all of those
in the COMPLEMENTOFDEFAULT set, and permanently remove all of those in
the eNULL set.

All DSS based ciphersuites are in COMPLEMENTOFDEFAULT. Therefore
"DEFAULT:DSS" is permanently removing DSS (because its in
COMPLEMENTOFDEFAULT), and then attempting to add it back in again (which
it won't do because its been permanently removed).

Matt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-01 Thread pepone.onrez

On 1 July 2016 at 16:51, pepone.onrez  wrote:
> On 1 July 2016 at 16:40, Matt Caswell  wrote:
>>
>>
>> On 01/07/16 15:22, pepone.onrez wrote:
>>> On 1 July 2016 at 15:39, Matt Caswell  wrote:


 On 01/07/16 14:29, pepone.onrez wrote:
> Hi,
>
> After upgrade my software to use OpenSSL-1.1 one of the test is
> failing, the test in question client and server are configured to use
> DSA certificates. The server is configured to request a client
> certificate.
>
>SSL error occurred for new outgoing connection:
>remote address = 127.0.0.1:47812
>error # = 336151568
>message = error:14094410:SSL routines:ssl3_read_bytes:reason(1040)
>location = ssl/record/rec_layer_s3.c, 1467
>data = SSL alert number 40

 Is this the error you get on the server or the client? The above
 indicates the connection was aborted because a HandshakeFailure alert
 was received from the peer. Therefore you need to look at the other end
 of the communication and see if there is some error message that
 indicates why the alert was sent.

 Matt
>>> That was on the client, looking at the server I see it reports there
>>> is no shared
>>> cipher
>>>
>>>SSL error occurred for new incoming connection:
>>>remote address = 127.0.0.1:36951
>>>error # = 337092801
>>>message = error:1417A0C1:SSL
>>> routines:tls_post_process_client_hello:no shared cipher
>>>
>>> I have try to enable all ciphers with ALL:@SECLEVEL=0, but still get
>>> the same error,
>>> it is not clear why server client don't find a common cipher here.

I was not correctly setting the ciphers, Adding DHE to my ciphers and things
work fine.

With 1.0.0 I only have DEFAULT:DSS, I guess DHE is not longer in the DEFAULT
set

>>
>> Did you successfully load a DSA certificate and key into the server? If
>> the server doesn't like the cert/key for some reason then it won't make
>> any DSS ciphersuites available.
>>
>
> Yes I using SSL_CTX_use_certificate and SSL_CTX_use_PrivateKey and
> reading the pkcs12 cert with PKCS12_parse, that works fine with the rest
> of my test suite.
>
>> Also, I see you are trying to use a DHE based ciphersuite. Did you set
>> DH parameters to be used? If so how did you do it?
>>
>
> I'm using a DH callback to set the DH parameters
>
> DH*
> IceSSL_opensslDHCallback(SSL* ssl, int /*isExport*/, int keyLength)
> {
> #  if OPENSSL_VERSION_NUMBER >= 0x1010L
> SSL_CTX* ctx = SSL_get_SSL_CTX(ssl);
> #  else
> SSL_CTX* ctx = ssl->ctx;
> #  endif
> OpenSSLEngine* p =
> reinterpret_cast(SSL_CTX_get_ex_data(ctx, 0));
> return p->dhParams(keyLength);
> }
> #  endif
> }
>
> SSL_CTX_set_options(_ctx, SSL_OP_SINGLE_DH_USE);
> SSL_CTX_set_tmp_dh_callback(_ctx, IceSSL_opensslDHCallback);
>
> And for default parameters I'm using d2i_DHparams to restore the DH
> parameters I previously
> saved with i2d_DHparams
>
>
>> Matt
>>
>>
>>>
>>> Regards,
>>> José




>
> When using OpenSSL 1.0.1 the connection success
>
>cipher = DHE-DSS-AES256-GCM-SHA384
>bits = 256
>remote address = 127.0.0.1:43629
>protocol = TLSv1.2
>
>
> I try to set security level to 0 for 1.1 but that doesn't make any
> difference here, any ideas what could be the issue?
>
 --
 openssl-users mailing list
 To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-01 Thread Salz, Rich


> In short: Removing support for DSA in OpenSSL would prevent some of our
> products from updating to 1.1.x for a significant length of time, probably
> years.

We have no plans to do that.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-01 Thread Michael Wojcik

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Hanno Böck
> Sent: Friday, July 01, 2016 08:40
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] DSA with OpenSSL-1.1
> 
> I can't answer your question, but I have one to you: Why do you use DSA?
> 
> There was a discussion in the TLS working group a while ago about DSA
> support and there was overwhelming support to remove it in TLS 1.3.
> The rationale was basically that DSA in TLS is rarely used at all, is
> often used with insecure key sizes (1024 bit) and has a severe weakness
> when it comes to bad random numbers. On top of that it has basically no
> advantage over the much more widely used RSA. The original reason
> (in the early 90s) to use DSA over RSA were patent issues, but those are
> long expired.
> 
> So my (and I think most others) impression is that DSA in TLS is as
> dead as it can be and probably the most sane move for OpenSSL would be
> to just remove it. Given that I'd like to know why you seem to have
> chosen to still use DSA.

We have US Federal customers who require DSA. They have existing DSA 
certificates, their certificate process generates DSA certificates, and they're 
not showing any inclination to change, regardless of what crypto experts think.

Of course, this being the US Federal Government, it's entirely possible that 
tomorrow someone will issue a directive forbidding further use of DSA. But then 
it's also very likely that any such directive would be delayed for years. The 
wheels of US government cryptography grind slowly.

In short: Removing support for DSA in OpenSSL would prevent some of our 
products from updating to 1.1.x for a significant length of time, probably 
years.

-- 
Michael Wojcik
Technology Specialist, Micro Focus

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-01 Thread pepone.onrez

On 1 July 2016 at 16:40, Hanno Böck  wrote:
> Hi,
>
> On Fri, 1 Jul 2016 15:29:53 +0200
> "pepone.onrez"  wrote:
>
>> After upgrade my software to use OpenSSL-1.1 one of the test is
>> failing, the test in question client and server are configured to use
>> DSA certificates. The server is configured to request a client
>> certificate.
>
> I can't answer your question, but I have one to you: Why do you use DSA?
>
> There was a discussion in the TLS working group a while ago about DSA
> support and there was overwhelming support to remove it in TLS 1.3.
> The rationale was basically that DSA in TLS is rarely used at all, is
> often used with insecure key sizes (1024 bit) and has a severe weakness
> when it comes to bad random numbers. On top of that it has basically no
> advantage over the much more widely used RSA. The original reason
> (in the early 90s) to use DSA over RSA were patent issues, but those are
> long expired.
>
> So my (and I think most others) impression is that DSA in TLS is as
> dead as it can be and probably the most sane move for OpenSSL would be
> to just remove it. Given that I'd like to know why you seem to have
> chosen to still use DSA.

That is part of a large test suite for a library, just trying to
ensure that everithg
still works with OpenSSL 1.1.0

>
> --
> Hanno Böck
> https://hboeck.de/
>
> mail/jabber: ha...@hboeck.de
> GPG: BBB51E42
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-01 Thread pepone.onrez

On 1 July 2016 at 16:40, Matt Caswell  wrote:
>
>
> On 01/07/16 15:22, pepone.onrez wrote:
>> On 1 July 2016 at 15:39, Matt Caswell  wrote:
>>>
>>>
>>> On 01/07/16 14:29, pepone.onrez wrote:
 Hi,

 After upgrade my software to use OpenSSL-1.1 one of the test is
 failing, the test in question client and server are configured to use
 DSA certificates. The server is configured to request a client
 certificate.

SSL error occurred for new outgoing connection:
remote address = 127.0.0.1:47812
error # = 336151568
message = error:14094410:SSL routines:ssl3_read_bytes:reason(1040)
location = ssl/record/rec_layer_s3.c, 1467
data = SSL alert number 40
>>>
>>> Is this the error you get on the server or the client? The above
>>> indicates the connection was aborted because a HandshakeFailure alert
>>> was received from the peer. Therefore you need to look at the other end
>>> of the communication and see if there is some error message that
>>> indicates why the alert was sent.
>>>
>>> Matt
>> That was on the client, looking at the server I see it reports there
>> is no shared
>> cipher
>>
>>SSL error occurred for new incoming connection:
>>remote address = 127.0.0.1:36951
>>error # = 337092801
>>message = error:1417A0C1:SSL
>> routines:tls_post_process_client_hello:no shared cipher
>>
>> I have try to enable all ciphers with ALL:@SECLEVEL=0, but still get
>> the same error,
>> it is not clear why server client don't find a common cipher here.
>
> Did you successfully load a DSA certificate and key into the server? If
> the server doesn't like the cert/key for some reason then it won't make
> any DSS ciphersuites available.
>

Yes I using SSL_CTX_use_certificate and SSL_CTX_use_PrivateKey and
reading the pkcs12 cert with PKCS12_parse, that works fine with the rest
of my test suite.

> Also, I see you are trying to use a DHE based ciphersuite. Did you set
> DH parameters to be used? If so how did you do it?
>

I'm using a DH callback to set the DH parameters

DH*
IceSSL_opensslDHCallback(SSL* ssl, int /*isExport*/, int keyLength)
{
#  if OPENSSL_VERSION_NUMBER >= 0x1010L
SSL_CTX* ctx = SSL_get_SSL_CTX(ssl);
#  else
SSL_CTX* ctx = ssl->ctx;
#  endif
OpenSSLEngine* p =
reinterpret_cast(SSL_CTX_get_ex_data(ctx, 0));
return p->dhParams(keyLength);
}
#  endif
}

SSL_CTX_set_options(_ctx, SSL_OP_SINGLE_DH_USE);
SSL_CTX_set_tmp_dh_callback(_ctx, IceSSL_opensslDHCallback);

And for default parameters I'm using d2i_DHparams to restore the DH
parameters I previously
saved with i2d_DHparams


> Matt
>
>
>>
>> Regards,
>> José
>>>
>>>
>>>
>>>

 When using OpenSSL 1.0.1 the connection success

cipher = DHE-DSS-AES256-GCM-SHA384
bits = 256
remote address = 127.0.0.1:43629
protocol = TLSv1.2


 I try to set security level to 0 for 1.1 but that doesn't make any
 difference here, any ideas what could be the issue?

>>> --
>>> openssl-users mailing list
>>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-01 Thread Hanno Böck

Hi,

On Fri, 1 Jul 2016 15:29:53 +0200
"pepone.onrez"  wrote:

> After upgrade my software to use OpenSSL-1.1 one of the test is
> failing, the test in question client and server are configured to use
> DSA certificates. The server is configured to request a client
> certificate.

I can't answer your question, but I have one to you: Why do you use DSA?

There was a discussion in the TLS working group a while ago about DSA
support and there was overwhelming support to remove it in TLS 1.3.
The rationale was basically that DSA in TLS is rarely used at all, is
often used with insecure key sizes (1024 bit) and has a severe weakness
when it comes to bad random numbers. On top of that it has basically no
advantage over the much more widely used RSA. The original reason
(in the early 90s) to use DSA over RSA were patent issues, but those are
long expired.

So my (and I think most others) impression is that DSA in TLS is as
dead as it can be and probably the most sane move for OpenSSL would be
to just remove it. Given that I'd like to know why you seem to have
chosen to still use DSA.

-- 
Hanno Böck
https://hboeck.de/

mail/jabber: ha...@hboeck.de
GPG: BBB51E42

pgppWLrwbnI5W.pgp
Description: OpenPGP digital signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-01 Thread Matt Caswell



On 01/07/16 15:22, pepone.onrez wrote:
> On 1 July 2016 at 15:39, Matt Caswell  wrote:
>>
>>
>> On 01/07/16 14:29, pepone.onrez wrote:
>>> Hi,
>>>
>>> After upgrade my software to use OpenSSL-1.1 one of the test is
>>> failing, the test in question client and server are configured to use
>>> DSA certificates. The server is configured to request a client
>>> certificate.
>>>
>>>SSL error occurred for new outgoing connection:
>>>remote address = 127.0.0.1:47812
>>>error # = 336151568
>>>message = error:14094410:SSL routines:ssl3_read_bytes:reason(1040)
>>>location = ssl/record/rec_layer_s3.c, 1467
>>>data = SSL alert number 40
>>
>> Is this the error you get on the server or the client? The above
>> indicates the connection was aborted because a HandshakeFailure alert
>> was received from the peer. Therefore you need to look at the other end
>> of the communication and see if there is some error message that
>> indicates why the alert was sent.
>>
>> Matt
> That was on the client, looking at the server I see it reports there
> is no shared
> cipher
> 
>SSL error occurred for new incoming connection:
>remote address = 127.0.0.1:36951
>error # = 337092801
>message = error:1417A0C1:SSL
> routines:tls_post_process_client_hello:no shared cipher
> 
> I have try to enable all ciphers with ALL:@SECLEVEL=0, but still get
> the same error,
> it is not clear why server client don't find a common cipher here.

Did you successfully load a DSA certificate and key into the server? If
the server doesn't like the cert/key for some reason then it won't make
any DSS ciphersuites available.

Also, I see you are trying to use a DHE based ciphersuite. Did you set
DH parameters to be used? If so how did you do it?

Matt


> 
> Regards,
> José
>>
>>
>>
>>
>>>
>>> When using OpenSSL 1.0.1 the connection success
>>>
>>>cipher = DHE-DSS-AES256-GCM-SHA384
>>>bits = 256
>>>remote address = 127.0.0.1:43629
>>>protocol = TLSv1.2
>>>
>>>
>>> I try to set security level to 0 for 1.1 but that doesn't make any
>>> difference here, any ideas what could be the issue?
>>>
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-01 Thread pepone.onrez

On 1 July 2016 at 15:39, Matt Caswell  wrote:
>
>
> On 01/07/16 14:29, pepone.onrez wrote:
>> Hi,
>>
>> After upgrade my software to use OpenSSL-1.1 one of the test is
>> failing, the test in question client and server are configured to use
>> DSA certificates. The server is configured to request a client
>> certificate.
>>
>>SSL error occurred for new outgoing connection:
>>remote address = 127.0.0.1:47812
>>error # = 336151568
>>message = error:14094410:SSL routines:ssl3_read_bytes:reason(1040)
>>location = ssl/record/rec_layer_s3.c, 1467
>>data = SSL alert number 40
>
> Is this the error you get on the server or the client? The above
> indicates the connection was aborted because a HandshakeFailure alert
> was received from the peer. Therefore you need to look at the other end
> of the communication and see if there is some error message that
> indicates why the alert was sent.
>
> Matt
That was on the client, looking at the server I see it reports there
is no shared
cipher

   SSL error occurred for new incoming connection:
   remote address = 127.0.0.1:36951
   error # = 337092801
   message = error:1417A0C1:SSL
routines:tls_post_process_client_hello:no shared cipher

I have try to enable all ciphers with ALL:@SECLEVEL=0, but still get
the same error,
it is not clear why server client don't find a common cipher here.

Regards,
José
>
>
>
>
>>
>> When using OpenSSL 1.0.1 the connection success
>>
>>cipher = DHE-DSS-AES256-GCM-SHA384
>>bits = 256
>>remote address = 127.0.0.1:43629
>>protocol = TLSv1.2
>>
>>
>> I try to set security level to 0 for 1.1 but that doesn't make any
>> difference here, any ideas what could be the issue?
>>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-01 Thread Matt Caswell



On 01/07/16 14:29, pepone.onrez wrote:
> Hi,
> 
> After upgrade my software to use OpenSSL-1.1 one of the test is
> failing, the test in question client and server are configured to use
> DSA certificates. The server is configured to request a client
> certificate.
> 
>SSL error occurred for new outgoing connection:
>remote address = 127.0.0.1:47812
>error # = 336151568
>message = error:14094410:SSL routines:ssl3_read_bytes:reason(1040)
>location = ssl/record/rec_layer_s3.c, 1467
>data = SSL alert number 40

Is this the error you get on the server or the client? The above
indicates the connection was aborted because a HandshakeFailure alert
was received from the peer. Therefore you need to look at the other end
of the communication and see if there is some error message that
indicates why the alert was sent.

Matt




> 
> When using OpenSSL 1.0.1 the connection success
> 
>cipher = DHE-DSS-AES256-GCM-SHA384
>bits = 256
>remote address = 127.0.0.1:43629
>protocol = TLSv1.2
> 
> 
> I try to set security level to 0 for 1.1 but that doesn't make any
> difference here, any ideas what could be the issue?
> 
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

Re: [openssl-users] DSA with OpenSSL-1.1

13 matches

Site Navigation

Mail list logo

Footer information