[openssl-dev] Master thesis: implementation of a new ciphersuite into OpenSSL -- feedback wanted

[Jan Žák]

Hi,

Last year I successfully finished my Master studies at Czech Technical
University by a thesis defense about implementing a new CAESAR ciphersuite
(specifically with NORX, but not restricted to it) into OpenSSL. I was
supervised by prof. Wu Hongjun from Nangyang Technological University,
Singapore, a member of CAESAR comitee.

https://dl.dropboxusercontent.com/u/433404/DP_Zak_Jan_2015.pdf

I'd be really grateful for a feedback from any member of this mailing list.


Sincerely,

Jan Zak
-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

[Jan Žák via RT]

This implementation is not enough, beacuse it works only for openssl
s_client app. However it should work for all apps using openssl as a
library (eg. curl, nginx).

SSLKEYLOGFILE env var is a good current standard, so I think openssl should
use it as well.

Regards,

Jan Zak

On Tue, Dec 29, 2015 at 12:53 AM, Matt Caswell via RT 
wrote:

> On Mon Dec 28 22:01:04 2015, rs...@akamai.com wrote:
> > Yes we would be interested in this but someone would almost definitely
> > have to be provided as a complete patch because it seems unlikely
> > anyone on the team will get around to doing it by 1.1 release.
> >
>
> Actually I think this capability is already in 1.1.0...or rather it *was*
> but
> now seems to be broken.
>
> See commit 189ae368d91 and RT ticket 3352.
>
> I suspect the big apps cleanup broke it.
>
> Matt
>
> ___
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4228] Feature request: Support AEAD ciphers in enc app

[Jan Žák via RT]

Is there any particiular reason, why AEAD ciphers are not supported in the
enc app? https://github.com/openssl/openssl/blob/700b4a4/apps/enc.c#L294

I have implemented it as a small part of my Master thesis, maybe I could
polish it and submit a PR.
Regards,
Jan Zak

___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

[Jan Žák via RT]

I have updated Judson's patch to match with master branch. See GitHub PR
https://github.com/openssl/openssl/pull/570

Jan

On Mon, Jan 11, 2016 at 12:34 PM, Judson Wilson via RT 
wrote:

> Here is an OpenSSL port of a patch in BoringSSL. It requires a call from
> the application to set a file BIO.  You could probably do this from within
> SSL_CTX_new or something like that if you want a solution that doesn't
> change the application.
>
>
> https://github.com/JudsonWilson/openssl/commit/20e035a293756976b519ce028d5bcfe95544794b
>
>
>
> On Mon, Jan 11, 2016 at 2:08 AM, Matt Caswell via RT 
> wrote:
>
> > On Mon Dec 28 23:53:02 2015, matt wrote:
> > > On Mon Dec 28 22:01:04 2015, rs...@akamai.com wrote:
> > > > Yes we would be interested in this but someone would almost
> > > > definitely
> > > > have to be provided as a complete patch because it seems unlikely
> > > > anyone on the team will get around to doing it by 1.1 release.
> > > >
> > >
> > > Actually I think this capability is already in 1.1.0...or rather it
> > > *was* but
> > > now seems to be broken.
> > >
> > > See commit 189ae368d91 and RT ticket 3352.
> > >
> > > I suspect the big apps cleanup broke it.
> >
> > This is now fixed. Keeping this ticket open for now because of the
> request
> > for
> > support beyond just the apps.
> >
> > Matt
> >
> > ___
> > openssl-dev mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
> >
>
> ___
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4201] Feature Request: Support dumping session keys in NSS key log format

[Jan Žák via RT]

It automatically opens a BIO for the keylogfile. Also if this patch is
merged, RT 3352 can be reverted because it covers only a special case in
the s_client app.

On Tue, Jan 19, 2016 at 8:33 PM, Jan Žák <r...@openssl.org> wrote:

> I have updated Judson's patch to match with master branch. See GitHub PR
> https://github.com/openssl/openssl/pull/570
>
> Jan
>
> On Mon, Jan 11, 2016 at 12:34 PM, Judson Wilson via RT <r...@openssl.org>
> wrote:
>
> > Here is an OpenSSL port of a patch in BoringSSL. It requires a call from
> > the application to set a file BIO.  You could probably do this from
> within
> > SSL_CTX_new or something like that if you want a solution that doesn't
> > change the application.
> >
> >
> >
> https://github.com/JudsonWilson/openssl/commit/20e035a293756976b519ce028d5bcfe95544794b
> >
> >
> >
> > On Mon, Jan 11, 2016 at 2:08 AM, Matt Caswell via RT <r...@openssl.org>
> > wrote:
> >
> > > On Mon Dec 28 23:53:02 2015, matt wrote:
> > > > On Mon Dec 28 22:01:04 2015, rs...@akamai.com wrote:
> > > > > Yes we would be interested in this but someone would almost
> > > > > definitely
> > > > > have to be provided as a complete patch because it seems unlikely
> > > > > anyone on the team will get around to doing it by 1.1 release.
> > > > >
> > > >
> > > > Actually I think this capability is already in 1.1.0...or rather it
> > > > *was* but
> > > > now seems to be broken.
> > > >
> > > > See commit 189ae368d91 and RT ticket 3352.
> > > >
> > > > I suspect the big apps cleanup broke it.
> > >
> > > This is now fixed. Keeping this ticket open for now because of the
> > request
> > > for
> > > support beyond just the apps.
> > >
> > > Matt
> > >
> > > ___
> > > openssl-dev mailing list
> > > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
> > >
> >
> > ___
> > openssl-dev mailing list
> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
> >
>
> ___
> openssl-dev mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
>

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev