I'm aware of the symmetric/asymmetric differences. But the EVP_Enrypt...
API takes the key as a bunch of bytes. It shouldn't care whether it's an
RSA key or not, correct? (Though perhaps it would truncate to, in my case,
the first 128 bits since I'm using AES-128-XTS.)
But assuming that I can't
On 01/04/2020 17:34, Andrew Felsher wrote:
> Hi,
>
> I'm trying to do what I assumed would be a very common and typical use
> of OpenSSL. I'm just encrypting and decrypting some data (in code; not
> from command line). EVP_EncryptInit_ex (and decrypt, update, and final
> variants) are the
Dear Andrew,
You should take a look at CMS implementation as a model.
For example, you can generate a symmetric key for content encryption and
algorithm-specific way to pass the symmetric key to the recipient using
EVP_PKEY_encrypt.
On Wed, Apr 1, 2020 at 7:35 PM Andrew Felsher
wrote:
> Hi,
Hi,
I'm trying to do what I assumed would be a very common and typical use of
OpenSSL. I'm just encrypting and decrypting some data (in code; not from
command line). EVP_EncryptInit_ex (and decrypt, update, and final variants)
are the standard way to do this.
However, the init functions take a
> Le 1 avr. 2020 à 15:19, Salz, Rich a écrit :
>
>> - Do you think any use for supporting some kind of alias for families of
>> cipher in SSL_set_ciphersuites, like for example "TLSv1.3"
>
> Suppose someone finds out that chacha/poly is insecure and the IETF issues a
> new RFC that says
>- Do you think any use for supporting some kind of alias for families of
> cipher in SSL_set_ciphersuites, like for example "TLSv1.3"
Suppose someone finds out that chacha/poly is insecure and the IETF issues a
new RFC that says "TLS 1.3 MUST NOT use" that cipher. Should the openssl alias
On 01/04/2020 10:34, Romain GEISSLER via openssl-users wrote:
> Hi,
>
> We are using OpenSSL 1.1.1 for quite some time, and we have been able to
> migrate over time to the different version of SSL/TLS, up to TLS 1.2 with
> success.
>
> Now we wish to prepare the migration to TLS 1.3. The
Hi,
We are using OpenSSL 1.1.1 for quite some time, and we have been able to
migrate over time to the different version of SSL/TLS, up to TLS 1.2 with
success.
Now we wish to prepare the migration to TLS 1.3. The people used to configure
our SSL connection tries to set the cipher list as they
Hi,
On 31/03/20 19:42, Viktor Dukhovni wrote:
On Tue, Mar 31, 2020 at 04:51:32PM +0200, Christoph Pleger wrote:
I have here a self-written server program and the corresponding
self-written client program. These run well together with libssl 1.1.0l,
but with libssl 1.1.1d, the same programs
