[openssl-dev] Master thesis: implementation of a new ciphersuite into OpenSSL -- feedback wanted
Hi, Last year I successfully finished my Master studies at Czech Technical University by a thesis defense about implementing a new CAESAR ciphersuite (specifically with NORX, but not restricted to it) into OpenSSL. I was supervised by prof. Wu Hongjun from Nangyang Technological University, Singapore, a member of CAESAR comitee. https://dl.dropboxusercontent.com/u/433404/DP_Zak_Jan_2015.pdf I'd be really grateful for a feedback from any member of this mailing list. Sincerely, Jan Zak -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format
This implementation is not enough, beacuse it works only for openssl s_client app. However it should work for all apps using openssl as a library (eg. curl, nginx). SSLKEYLOGFILE env var is a good current standard, so I think openssl should use it as well. Regards, Jan Zak On Tue, Dec 29, 2015 at 12:53 AM, Matt Caswell via RTwrote: > On Mon Dec 28 22:01:04 2015, rs...@akamai.com wrote: > > Yes we would be interested in this but someone would almost definitely > > have to be provided as a complete patch because it seems unlikely > > anyone on the team will get around to doing it by 1.1 release. > > > > Actually I think this capability is already in 1.1.0...or rather it *was* > but > now seems to be broken. > > See commit 189ae368d91 and RT ticket 3352. > > I suspect the big apps cleanup broke it. > > Matt > > ___ > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #4228] Feature request: Support AEAD ciphers in enc app
Is there any particiular reason, why AEAD ciphers are not supported in the enc app? https://github.com/openssl/openssl/blob/700b4a4/apps/enc.c#L294 I have implemented it as a small part of my Master thesis, maybe I could polish it and submit a PR. Regards, Jan Zak ___ openssl-bugs-mod mailing list openssl-bugs-...@openssl.org https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format
I have updated Judson's patch to match with master branch. See GitHub PR https://github.com/openssl/openssl/pull/570 Jan On Mon, Jan 11, 2016 at 12:34 PM, Judson Wilson via RTwrote: > Here is an OpenSSL port of a patch in BoringSSL. It requires a call from > the application to set a file BIO. You could probably do this from within > SSL_CTX_new or something like that if you want a solution that doesn't > change the application. > > > https://github.com/JudsonWilson/openssl/commit/20e035a293756976b519ce028d5bcfe95544794b > > > > On Mon, Jan 11, 2016 at 2:08 AM, Matt Caswell via RT > wrote: > > > On Mon Dec 28 23:53:02 2015, matt wrote: > > > On Mon Dec 28 22:01:04 2015, rs...@akamai.com wrote: > > > > Yes we would be interested in this but someone would almost > > > > definitely > > > > have to be provided as a complete patch because it seems unlikely > > > > anyone on the team will get around to doing it by 1.1 release. > > > > > > > > > > Actually I think this capability is already in 1.1.0...or rather it > > > *was* but > > > now seems to be broken. > > > > > > See commit 189ae368d91 and RT ticket 3352. > > > > > > I suspect the big apps cleanup broke it. > > > > This is now fixed. Keeping this ticket open for now because of the > request > > for > > support beyond just the apps. > > > > Matt > > > > ___ > > openssl-dev mailing list > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > > > > ___ > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format
It automatically opens a BIO for the keylogfile. Also if this patch is merged, RT 3352 can be reverted because it covers only a special case in the s_client app. On Tue, Jan 19, 2016 at 8:33 PM, Jan Žák <r...@openssl.org> wrote: > I have updated Judson's patch to match with master branch. See GitHub PR > https://github.com/openssl/openssl/pull/570 > > Jan > > On Mon, Jan 11, 2016 at 12:34 PM, Judson Wilson via RT <r...@openssl.org> > wrote: > > > Here is an OpenSSL port of a patch in BoringSSL. It requires a call from > > the application to set a file BIO. You could probably do this from > within > > SSL_CTX_new or something like that if you want a solution that doesn't > > change the application. > > > > > > > https://github.com/JudsonWilson/openssl/commit/20e035a293756976b519ce028d5bcfe95544794b > > > > > > > > On Mon, Jan 11, 2016 at 2:08 AM, Matt Caswell via RT <r...@openssl.org> > > wrote: > > > > > On Mon Dec 28 23:53:02 2015, matt wrote: > > > > On Mon Dec 28 22:01:04 2015, rs...@akamai.com wrote: > > > > > Yes we would be interested in this but someone would almost > > > > > definitely > > > > > have to be provided as a complete patch because it seems unlikely > > > > > anyone on the team will get around to doing it by 1.1 release. > > > > > > > > > > > > > Actually I think this capability is already in 1.1.0...or rather it > > > > *was* but > > > > now seems to be broken. > > > > > > > > See commit 189ae368d91 and RT ticket 3352. > > > > > > > > I suspect the big apps cleanup broke it. > > > > > > This is now fixed. Keeping this ticket open for now because of the > > request > > > for > > > support beyond just the apps. > > > > > > Matt > > > > > > ___ > > > openssl-dev mailing list > > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > > > > > > > ___ > > openssl-dev mailing list > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > > > > ___ > openssl-dev mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev > ___ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev