On Thu, Mar 19, 2015, Erik Tkal wrote:
If I do not send a sessionID in the clientHello but do send a valid
sessionTicket extension, the server goes straight to changeCipherSpec and
the client generates an UnexpectedMessage alert.
Does the server send back an empty session ticket
: Thursday, March 19, 2015 11:49 AM
To: openssl-dev@openssl.org mailto:openssl-dev@openssl.org
Subject: Re: [openssl-dev] s3_clnt.c changes regarding external pre-shared
secret seem to break EAP-FAST
On Thu, Mar 19, 2015, Erik Tkal wrote:
If I do not send a sessionID in the clientHello
...
140735260517200:error:14094085:SSL routines:SSL3_READ_BYTES:ccs received
early:s3_pkt.c:1340:
---
On 17 Mar 2015, at 4:16 PM, Erik Tkal etks...@gmail.com wrote:
I don’t disagree, but I’m looking for independent confirmation that the
changes are not correct. They do not appear to specifically have
not re-enable CVE-2014-0224
(Early CCS Attack)
On 17 Mar 2015, at 18:53, Erik Tkal etks...@gmail.com
mailto:etks...@gmail.com wrote:
In upgrading from 1.0.1i to 1.0.1l I found an issue in the behaviour of a
non-resumed EAP-FAST session.
RFC 4851 indicates that the server can go
with a changeCipherSpec.
Thanks,
Erik
Erik Tkal
et...@cisco.com mailto:et...@cisco.com
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Also, the release notes list:
Fix for TLS record tampering bug CVE-2013-4353
But the list of OpenSSL vulnerabilities linked from there does not mention this
anywhere...
Erik Tkal
et...@me.com
uʍop ǝpısdn ǝɹɐ noʎ sıɥʇ pɐǝɹ uɐɔ noʎ ɟı
On 06 Jan 2014, at 10
implementation
for ECDSA signing?
Erik Tkal
Juniper OAC/UAC/Pulse Development
to forcing it up front. Or am I missing some option here?
Erik Tkal
Juniper OAC/UAC/Pulse Development
...
Erik Tkal
Juniper OAC/UAC/Pulse Development
From: John Foley [mailto:fol...@cisco.com]
Sent: Monday, October 22, 2012 3:02 PM
To: openssl-dev@openssl.org
Cc: Erik Tkal
Subject: Re: OpenSSL choosing inappropriate signature algorithm
Agreed.
This does raise an interesting design dilemma. The client
than to manually manipulate the data in cert_st,
even though that is in ssl_locl.h. Anyone have any better ideas?
Erik Tkal
Juniper OAC/UAC/Pulse Development
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Erik Tkal
that then need
to locate the DLL).
Erik Tkal
Juniper OAC/UAC/Pulse Development
__
OpenSSL Project http://www.openssl.org
Development Mailing List
: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Erik Tkal
Sent: Wednesday, August 29, 2012 2:48 PM
To: openssl-us...@openssl.org
Subject: RE: Negotiating TLS 1.0 from 1.2
TLS 1.1 would be acceptable, but the server is 1.0 (we don't have any
implementing 1.1
and SSL_OP_NO_SSLv3 does the trick.
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Erik Tkal
Sent: Thursday, August 30, 2012 4:02 PM
To: openssl-dev
If the actual issuing CA is in your trust store and can be shown to have
validly issued the server certificate, then by definition you trust that server.
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Stephen Henson via RT
Sent: Thursday, June 07, 2012 6:35 PM
To: openssl...@trk.nickurak.ca
Cc: openssl-dev
Hi Steve, thank you very much, that fixed it!
Erik
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Dr. Stephen Henson
Sent: Thursday, April 19
it occur on ILP32 or
ILP32LL64 platforms?
Thanks!
Erik Tkal
Juniper OAC/UAC/Pulse Development
.
Erik Tkal
Juniper OAC/UAC/Pulse Development
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Erik Tkal
Sent: Monday, April 16, 2012 10:02 AM
To: openssl-dev@openssl.org
Subject: ENGINE reference leak using FIPS-capable OpenSSL
I've been investigating
OpenSSL is not compatible with the usage of
engines, even in non-FIPS mode?
Erik Tkal
Juniper OAC/UAC/Pulse Development
it. Only the
EVP_MD_CTX_cleanup() call is decrementing the reference count, and thus my
ENGINE never ends up being actually freed on the ENGINE_finish() call.
Is this a known issue? Do I really need to cleanup/reinit my CTX around each
hash sequence?
Erik
actually freed on the ENGINE_finish() call.
Is this a known issue? Do I really need to cleanup/reinit my CTX around each
hash sequence?
Erik Tkal
Juniper OAC/UAC/Pulse Development
)
engine_unlocked_finish(fnd-funct, 0);
To clarify the version, it's 1.0.1 built as FIPS-capable, but OpenSSL FIPS is
not enabled during this usage.
Erik Tkal
Juniper OAC/UAC/Pulse Development
Sent: Tuesday, March 27, 2012 10:45 AM
To: openssl-dev
I looked around and found RFC 5430 - Suite B Profile for Transport Layer
Security (TLS), which states:
RFC 4492 defines a variety of elliptic curves. For cipher suites
defined in this specification, only secp256r1(23) or secp384r1(24)
may be used. …
Clients desiring to negotiate
I think the changes to support the session ticket extension and session secret
callback were not trivial, and such features would never be ported back to
previous releases (unless it addressed a security vulnerability).
I migrated my code to use 1.0.0 in order to take advantage of this
You mentioned previously that you can get it to specify none or one curve? I
don't see how you would specify this, as it appears the client hello
preparation adds all of them is any EC cipher suite is specified?
Erik Tkal
Juniper OAC/UAC/Pulse Development
So then the question is will this be addressed in 1.0.1 or later?
Erik Tkal
et...@me.com
On Mar 1, 2012, at 5:35 PM, Bodo Moeller wrote:
On Thu, Mar 1, 2012 at 4:06 PM, Erik Tkal et...@juniper.net wrote:
You mentioned previously that you can get
In t1_lib.c if any EC Cipher Suites are specified then TLS extensions are
generated that indicate the client supports all three point compression formats
and all 25 curves (I noticed the order changes between 1.0.0 and 1.0.1).
It appears there is no way to specify that only a subset should be
, iv, enc) gets a chance to test it in order to
allow it, what is the proper mechanism for creating an EVP_CIPHER usage that
will be allowed in FIPS mode?
Thanks,
Erik
Erik Tkal
Juniper OAC/UAC/Pulse Development
this flag, but the FIPS-capable implementation around it
happens to clear the flag before it can be analyzed).
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org
] On
Behalf Of Thor Lancelot Simon
Sent: Friday, February 10, 2012 10:08 AM
To: openssl-dev@openssl.org
Subject: Re: FIPS Module 2.0 -- using non-FIPS ciphers
On Fri, Feb 10, 2012 at 10:01:43AM -0500, Erik Tkal wrote:
Yes, I understand all that; we currently have our own certified FIPS module
that I
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Dr. Stephen Henson
Sent: Friday, February 10, 2012 11:15 AM
To: openssl-dev@openssl.org
Subject: Re: FIPS Module 2.0
not move to 1.0.1 once available?
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Ajit Sarnaik via RT
Sent: Wednesday, February 08, 2012 11:55 AM
Cc
I think BIO_set_ssl_renegotiate_bytes should do what you are asking (assuming
you enable SSL renegotiation). You could also trigger the renegotiation via
your application using SSL_renegotiate.
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original
, or is there
something I need to do to make this behave properly?
Thanks!
Erik Tkal
Juniper OAC/UAC/Pulse Development
Never mind, a little more experimentation answered my question. I was
unloading the engine after calling CRYPTO_cleanup_all_ex_data, so the engine
unload must leave some global ex stuff that is handled later.
Erik Tkal
Juniper OAC/UAC/Pulse Development
Hi Andy,
The specific concern is that (e.g.) the BIO seek and tell operations use long
for parameters, which on some 64-bit systems is still 32 bits.
They need to use size_t or a specific 64-bit type.
Erik
Erik Tkal
Juniper OAC/UAC/Pulse Development
Doesn't UuidCreate create a dependency to rpcrt4.dll then?
Erik Tkal
Juniper OAC/UAC/Pulse Development
-Original Message-
From: owner-openssl-...@openssl.org [mailto:owner-openssl-...@openssl.org] On
Behalf Of Kees Dekker via RT
Sent: Thursday
Can anyone answer this? How do I tell if this is a known problem with OpenSSL or if
the RFC is incorrect, or if this is just a accepted deviation?
Erik Tkal
Principal Software Engineer
Funk Software, Inc.
[EMAIL PROTECTED] 978-371-3980x123
Out the Token Ring, through the router
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Richard Levitte - VMS
Whacker
on Thu, 6 May 2004 08:24:57 -0400, Erik Tkal said:
etssl Can anyone answer this? How do I tell if this is a known
etssl problem with OpenSSL or if the RFC is incorrect
not want to give such hints to a client
and assume that clients it trusts will present proper credentials based on
proper configuration.
Erik Tkal
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Jeffrey
AltmanSubject: Re: No CAs in CertificateRequest
message
Richard
ll present proper credentials
based on proper configuration.
Erik Tkal
Can anyone answer this? How do I tell if this is a known problem with OpenSSL or if
the RFC is incorrect, or if this is just a accepted deviation?
Erik Tkal
Principal Software Engineer
Funk Software, Inc.
[EMAIL PROTECTED] 978-371-3980x123
Out the Token Ring, through the router
to the client what CAs to use in selecting a certificate?
BTW, I tried changing the server code to send a 2-byte CAs length of 3, followed by a
2-byte CA1 length of 1, followed by a null byte, but the client didn't like that at
all.
Erik Tkal
[sorry for the repost, not sure if I was subscribed
to the client what CAs to use in selecting a certificate?
BTW, I tried changing the server code to send a 2-byte CAs length of 3, followed by a
2-byte CA1 length of 1, followed by a null byte, but the client didn't like that at
all.
Erik Tkal
[sorry for the repost, not sure if I
44 matches
Mail list logo
