Re: libressl vs openssl
On Fri, 2022-01-28 at 21:18 +, Stuart Henderson wrote: > On 2022-01-28, Laura Smith wrote: > > ‐‐‐ Original Message ‐‐‐ > > > > On Friday, January 28th, 2022 at 14:43, dansk puffer > > wrote: > > > > > Are there any major security differences between libressl and openssl > > > nowadays? From what I read the situation for openssl improved and some > > > Linux distros switched back to openssl again with mostly? OpenBSD > > > remaining to use libressl. > > > > For me at least, my main beef with Libressl is that it has seemingly mostly > > achieved its security posture by removing functions. > > > > Unfortunatley the functions removed are not obscure ones, but more common > > ones such as, IIRC, various very useful certificate and PKCS11 related > > functions. > > I think you'll need to back that up with some examples. Lots of code has > been removed but much of that is not API-affecting. In particular *common* > ones are not removed. > > Almost nothing in the ports tree uses OpenSSL. The exceptions > are nsca-ng (PSK was removed; almost nothing uses that), > opensmtpd-filter-dkimsign (libressl doesn't have all of the ed25519 api > from newer openssl yet), > To be more precise, this only goes for the -ed25519 flavor. The main flavor is compiled with libressl. For most people, ed25519 dkim signatures aren't even interesting yet, since most verifiers out there (including the major players last time I checked) don't even support it yet. > sslscan (uses a special build with some > outdated protocols enabled so that it can scan a server to see what it's > using), and libretls (implementation of the libtls API against OpenSSL > backend, used for testing portable versions of some OpenBSD software). > That's all. > > There are some functions from OpenSSL 1.1+ API that haven't been added > to LibreSSL yet, though these days many of the ones which are _actually_ > used by various software have been added. > > (Besides, not adding new functions that were added to OpenSSL after > LibreSSL was forked is not the same thing as removing functions.) > >
Re: libressl vs openssl
> On Jan 28, 2022, at 11:53 AM, Laura Smith > wrote: > > ‐‐‐ Original Message ‐‐‐ > >> On Friday, January 28th, 2022 at 14:43, dansk puffer >> wrote: >> >> Are there any major security differences between libressl and openssl >> nowadays? From what I read the situation for openssl improved and some Linux >> distros switched back to openssl again with mostly? OpenBSD remaining to use >> libressl. > > For me at least, my main beef with Libressl is that it has seemingly mostly > achieved its security posture by removing functions. > > Unfortunatley the functions removed are not obscure ones, but more common > ones such as, IIRC, various very useful certificate and PKCS11 related > functions. > Not to be rude, but you obviously don’t know anything about how code security works. The less code surface area that attackers have to play with, the safer you are. It is mathematically proven. Now, removing code that had known quality and cultural SDLC issues that prevent the code from being secure, yes, I’m absolutely for removing that crap from the face of the earth. If nobody else joins us, who gives a shit.
Re: libressl vs openssl
On 2022-01-28, Laura Smith wrote: > ‐‐‐ Original Message ‐‐‐ > > On Friday, January 28th, 2022 at 14:43, dansk puffer > wrote: > >> Are there any major security differences between libressl and openssl >> nowadays? From what I read the situation for openssl improved and some Linux >> distros switched back to openssl again with mostly? OpenBSD remaining to use >> libressl. > > For me at least, my main beef with Libressl is that it has seemingly mostly > achieved its security posture by removing functions. > > Unfortunatley the functions removed are not obscure ones, but more common > ones such as, IIRC, various very useful certificate and PKCS11 related > functions. I think you'll need to back that up with some examples. Lots of code has been removed but much of that is not API-affecting. In particular *common* ones are not removed. Almost nothing in the ports tree uses OpenSSL. The exceptions are nsca-ng (PSK was removed; almost nothing uses that), opensmtpd-filter-dkimsign (libressl doesn't have all of the ed25519 api from newer openssl yet), sslscan (uses a special build with some outdated protocols enabled so that it can scan a server to see what it's using), and libretls (implementation of the libtls API against OpenSSL backend, used for testing portable versions of some OpenBSD software). That's all. There are some functions from OpenSSL 1.1+ API that haven't been added to LibreSSL yet, though these days many of the ones which are _actually_ used by various software have been added. (Besides, not adding new functions that were added to OpenSSL after LibreSSL was forked is not the same thing as removing functions.)
Re: libressl vs openssl
On Fri, 28 Jan 2022 14:43:04 +, dansk puffer wrote:
> Are there any major security differences between libressl and openssl
> nowadays? From what I read the situation for openssl improved and
> some Linux distros switched back to openssl again with mostly?
> OpenBSD remaining to use libressl.
Hmm. How could one know?
https://www.cvedetails.com/product/383/Openssl-Openssl.html?vendor_id=217
https://www.cvedetails.com/product/30688/Openbsd-Libressl.html?vendor_id=97
That's not the only place one could look, but it does seem a useful
starting point. OpenSSL clearly has made improvements: they're in
single-digit reports each year after 2017.
Amy!
--
Amelia A. Lewisamyzing {at} talsever.com
It's is not, it isn't ain't, and it's it's, not its, if you mean it is.
If you don't, it's its. Then too, it's hers. It isn't her's. It isn't
our's either. It's ours, and likewise yours and theirs.
--OUP Edpress News
Re: libressl vs openssl
> On Jan 28, 2022, at 9:46 AM, dansk puffer wrote: > > Are there any major security differences between libressl and openssl > nowadays? From what I read the situation for openssl improved and some Linux > distros switched back to openssl again with mostly? OpenBSD remaining to use > libressl. I’m not sure you can fix cultural software quality issues in 2 years, but ok.
libressl vs openssl
Are there any major security differences between libressl and openssl nowadays? From what I read the situation for openssl improved and some Linux distros switched back to openssl again with mostly? OpenBSD remaining to use libressl.
Re: LibreSSL vs. OpenSSL enc command
Dieter Rauschenberger: > This was serveral years ago before Libressl was invented. Now I wanted > to decrypt the docs with: > > openssl enc -aes-256-cbc -d < FOO.aes256 > FOO > > This did not work. The password did not work anymore. The default message digest function used for key derivation changed from MD5 to SHA256 in OpenSSL 1.1.0 and LibreSSL followed suit. openssl enc -aes-256-cbc -d -md md5 < FOO.aes256 > FOO -- Christian "naddy" Weisgerber na...@mips.inka.de
Re: LibreSSL vs. OpenSSL enc command
Hi Jeff openssl enc -aes-256-cbc -d -md md5 < FOO.aes256 > FOO did the trick. Thank you very much. -Dieter On Wed, Dec 04, 2019 at 01:12:08PM -0500, Jeffrey Walton wrote: > On Wed, Dec 4, 2019 at 1:05 PM Dieter Rauschenberger > wrote: > > > > i have encrypted several documents with > > > > openssl enc -aes-256-cbc -e < FOO > FOO.aes256 > > > > This was serveral years ago before Libressl was invented. Now I wanted > > to decrypt the docs with: > > > > openssl enc -aes-256-cbc -d < FOO.aes256 > FOO > > > > This did not work. The password did not work anymore. I had to install > > openssl-1.0.2t via packages. This works: > > > > eopenssl enc -aes-256-cbc -d < FOO.aes256 > FOO > > > > My password is accepted. The document appeared in plaintext. > > Is there a trick to do this with libressl from base? > > OpenSSL changed the hash used in the key derivation function sometime > around OpenSSL 1.0.2. Formerly is was MD5. I believe it was changed to > SHA256. > > I believe the command line option to changed the derivation hash is > -md. You might try adding -md md5 or -md sha1. > > Jeff
Re: LibreSSL vs. OpenSSL enc command
On Wed, Dec 4, 2019 at 1:05 PM Dieter Rauschenberger wrote: > > i have encrypted several documents with > > openssl enc -aes-256-cbc -e < FOO > FOO.aes256 > > This was serveral years ago before Libressl was invented. Now I wanted > to decrypt the docs with: > > openssl enc -aes-256-cbc -d < FOO.aes256 > FOO > > This did not work. The password did not work anymore. I had to install > openssl-1.0.2t via packages. This works: > > eopenssl enc -aes-256-cbc -d < FOO.aes256 > FOO > > My password is accepted. The document appeared in plaintext. > Is there a trick to do this with libressl from base? OpenSSL changed the hash used in the key derivation function sometime around OpenSSL 1.0.2. Formerly is was MD5. I believe it was changed to SHA256. I believe the command line option to changed the derivation hash is -md. You might try adding -md md5 or -md sha1. Jeff
LibreSSL vs. OpenSSL enc command
Hi, i have encrypted several documents with openssl enc -aes-256-cbc -e < FOO > FOO.aes256 This was serveral years ago before Libressl was invented. Now I wanted to decrypt the docs with: openssl enc -aes-256-cbc -d < FOO.aes256 > FOO This did not work. The password did not work anymore. I had to install openssl-1.0.2t via packages. This works: eopenssl enc -aes-256-cbc -d < FOO.aes256 > FOO My password is accepted. The document appeared in plaintext. Is there a trick to do this with libressl from base? Regards -Dieter
