Replying to self :) On Fri, Oct 12, 2018 at 12:24 PM Selva Nair <selva.n...@gmail.com> wrote:
> Hi, > > My testing shows that OpenSSL 1.1.1 likes to use PSS even for TLS 1.2, so, > even in the short-term, this can't be worked around by just disabling TLS > 1.3. > > Now, for cryptoapicert, it would have been easy to support PSS using > Windows CNG API provided OpenSSL passes the hash and ask to sign with PSS > padding. But it doesn't. Instead, it adds the padding and ask us to sign > that padded data as is (i.e. padding none). In fact rsa_sign() callback is > not even called when padding is PSS -- it just jumps to rsa_priv_enc > callback. As far as I can see signing pre-padded hash is not supported by > CNG (does it?). > > Any suggestions on what do we do? > Looks like we can hook on to EVP_PKEY methods and get the hash and padding info to use with CNG. Still figuring out the best way to do this. Thanks, Selva
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
