Re: [openssl-users] RNG behavior by default

I know that iOS (which was listed) has a good randomness source (SecRandomCopyBytes ) but I don’t think OpenSSL uses it yet. I’m not sure about the quality of Android’s sources, but would expect them to be decent.

Re: [openssl-project] OpenSSL 3.0 and FIPS Update

I don’t think that that new OIDs or NIDs are considering breaking. Changing existing ones definitely is, but that’s an entirely different proposition. Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7 3031 7217 Oracle Australia > On 25 Feb 2019, at

Re: FIPS module for OpenSSL 1.1.1x

In answer to the second question: there will *never* be a FIPS module for any 1.1.1 OpenSSL version. The next version of OpenSSL will be 3.0.0 and it will support FIPS. There will be a gap in FIPS support between the end of life of 1.0.2 and the validation of 3.0.0. Pauli -- Dr Paul Dale

Re: Dyanmic engine for OpenSSL 1.1.1b

, there is a space saving. Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7 3031 7217 Oracle Australia > On 4 Jun 2019, at 6:30 pm, shiva kumar wrote: > > Hi, > when I am performing make test while building OpenSSL 1.1.1b I got error as : > &

Re: Race Condition

The SSL sessions are not thread safe. It is up to the calling application to ensure that this race condition does not occur. Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7 3031 7217 Oracle Australia > On 14 Jun 2019, at 8:09 pm, Serti Ayoub

Re: Race Condition

I did confuse things, apologies. One day I’ll learn that I shouldn’t answer questions late on a Friday evening after a long week. Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7 3031 7217 Oracle Australia > On 15 Jun 2019, at 5:33 am, Viktor D

Re: Compiling openssl executable as static binary

Link against the generated .a files rather than the .so ones? Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7 3031 7217 Oracle Australia > On 23 May 2019, at 4:26 pm, Raveendra Padasalagi via openssl-users > wrote: > > Hi, >

Re: Building OpenSSL with Emscripten

Configure with the _no-asm_ option. It will be a **lot** slower. Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7 3031 7217 Oracle Australia > On 10 May 2019, at 3:33 pm, Sunghyun Park wrote: > > Nice to meet you all :) > > I fa

Re: Openssl1.1.1 fips certification

would likely occur next year. I’ll reiterate: there is no definite timeline, FIPS will happen when it happens and not before. Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7 3031 7217 Oracle Australia > On 10 May 2019, at 3:16 pm, Manish Patidar w

Re: Custom secure heap implementation

are the important calls. I’m not sure the size and allocated calls are used widely (but it’s worth a check). Secure memory *always* cleanses currently and I don’t see that changing — if something is important enough to put in secure memory, it’s important enough to zero on free. Pauli -- Dr Paul Dale

Re: Will my application be FIPS 140-2 Certified under following conditions?

The FOM is stand alone in theory. I.e. it isn’t mandatory to use OpenSSL 1.0 but the two are designed to work together and are very closely intertwined. Moving the FIPS canister forward to 1.1 would be a lot of effort. Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryp

Re: Will my application be FIPS 140-2 Certified under following conditions?

the end of this year, it is available: https://www.openssl.org/support/contracts.html <https://www.openssl.org/support/contracts.html> I’d also be interested to know what is wrong with the policy page? Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone

Re: Will my application be FIPS 140-2 Certified under following conditions?

I think it’s worth pointing out that OpenSSL is itself a non-profit and that FIPS validations cost a significant amount of money. Until about a year ago, there was also a notable absence of FIPS sponsors. Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7

Re: Enabled weak cipher suites

Yes there is but it will require a reconfigure and a recompile. The big question is: "why?” RC4 and MD5 are both considered broken. Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +61 7 3031 7217 Oracle Australia > On 26 Jun 2019, at 11:41 am, John

Re: Acquire Entropy for embedded platform

difficult, if not impossible, to tell if the hardware RNG is good or not. This doesn’t mean that they should not be used, it just means that using them involves another risk assessment. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia

Re: Acquire Entropy for embedded platform

, timers and the like. You didn’t specify what operating system/kernel you are using so further advise is less than useful. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 16 Aug 2019, at 7:26 pm, Chitrang Srivast

Re: Acquire Entropy for embedded platform

t/doc/CPU-Jitter-NPTRNG.html>. The gathering is well researched and performed, no hidden tricks are present and the bits produces are equiprobable. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 16 Aug 2019, at

Re: Question regarding lock of the master drbg during the fork

negatively impact performance (by locking). Спасибо, Pauli (my Русский is very rusty) -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 28 Aug 2019, at 6:51 pm, Сергей Юнаковский wrote: > > Hello, > I hav

Re: Support for /dev/*random in OpenSSL 1.1.1

that calls the system call? The linker should find that before glibc’s. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 12 Sep 2019, at 1:48 am, Michael Brunnbauer wrote: > > > hi all, > > I have glib

Re: Problem in trying EVP Key Derivation example in openssl

The example is wrong. The KDF API changed recently to better match the way the rest of the project is moving. I’ll update the example. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 15 Sep 2019, at 7:28 am, Bhu

Re: Problem in trying EVP Key Derivation example in openssl

And done. This also pointed out a mistake in the man page code. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 15 Sep 2019, at 9:16 am, Dr Paul Dale wrote: > > The example is wrong. > > The KDF API c

Re: logarithm in OpenSSL

I’m wondering why you need the log function? If you’re measuring performance, could the analysis tool perform the logarithm? A first order approximation to log_2(n) where n is a BIGNUM would be BN_num_bits(n). Pauli -- Dr Paul Dale | Cryptographer | Network Security & Encryption Phone +

Re: Regarding using OpenSSL along with optee

architectural changes. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 30 Sep 2019, at 8:13 pm, Nagesh shamnur wrote: > > Dear OpenSSL Group, > Greetings. I was checking for the support

Re: OpenSSL 1.0.2 EOL and new FIPS-validated crypto module

Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 21 Oct 2019, at 9:11 pm, Salman Baset wrote: > > Hello everyone, > > I was wondering if there is any update on getting a new FIPS-validated module >

OpenSSL blog post by APNIC

An APNIC article loosely based on the OpenSSL presentation at AusCERT earlier this year: https://blog.apnic.net/2019/10/21/openssl-3-0-accelerating-forwards/ <https://blog.apnic.net/2019/10/21/openssl-3-0-accelerating-forwards/> Pauli -- Dr Paul Dale | Distinguished Architect | Cryptog

Re: OpenSSL 1.0.2 EOL and new FIPS-validated crypto module

The FIPS module source code can’t be changed without losing validation. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 22 Oct 2019, at 11:46 pm, Salman Baset wrote: > > Thank you very much. This i

Re: Are RAND_bytes and RAND_priv_bytes thread safe?

Yes. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 11 Feb 2020, at 9:56 am, Hal Murray wrote: > > I didn't find any mention of threads in their man pages. > > > -- > These are my opinions. I hate spam. > > >

Re: OpenSSL 3.0

You should be able to set the environment variable OPENSSL_CONF to test/fips.cnf which will then load a FIPS only configuration. Teething problems are expected. Not everything has been activated in the FIPS module but enough has to do some TLS. Pauli -- Dr Paul Dale | Distinguished

Re: CRYPTO_secure_malloc_init() fails without error message

Do this instead: CRYPTO_secure_malloc_init(OPENSSL_MIN_HEAP_SIZE, 16); Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 21 Feb 2020, at 8:33 pm, Clay Shields wrote: > > Unfortunately that didn’t seem to be it. Upda

Re: openssl-fips-2.0.16 : RSA key generation !!

FOM will not be revalidated. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 2 Jan 2020, at 3:11 pm, Hareesh D wrote: > > Hi, > > In the openssl-fips-2.0.16 version, I see that some validati

Re: Openssl3.0. Fips release

The expected date for submission to NIST for validation is Q4 2020. The actual validation will occur at some point after this. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 24 Dec 2019, at 3:01 pm, Manish Pati

Re: New inlcudes needed for OpenSSL V1.1.1 sockets

All of the include files mentioned are standard ones which have always been used. You are building 1.1.1 differently to 1.0.2. Debug your build environment first. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On

Re: liblegacy.a does not work unless compiled with -static

I’ve been wondering if an option to build the legacy provider into libcrypto (like the null and default providers) is worthwhile. Given this conservation, it seems it might be. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia

Re: Extracting the public modulus from an RSA public key?

Might I suggest reading the documentation? RSA_get0_n() is the function you are wanting. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 6 May 2020, at 2:20 pm, Thomas Dwyer III wrote: > > I'm porting

Re: Integration of new algorithms

the ground up to support what you want. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 27 Aug 2020, at 2:21 am, Kris Kwiatkowski wrote: > > Hello, > > I'm working on development of OpenSSL ENGINE

Re: New NID for acmeIdentifier

This would require a line in crypto/objects/objects.txt and a "make update”. A pull request would be the way to get this in. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 26 Aug 2020, at 11:41 pm, Angus R

Re: Asymetric crypto and OpenSSL 3.0 deprecated functions

I’ll note that encryption is _not_ an integrity check. Depending on how the AES encryption is done, this could be a significant hole. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 25 May 2020, at 10:12 pm, To

Re: OpenSSL shared library in FIPS mode

are not and never have been FIPS compliant. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 7 Jul 2020, at 3:36 pm, Shirisha Dasari via openssl-users > wrote: > > Hi All, > > We have been trying to in

Re: PKEY CMAC timings

I honestly believe that the various contexts should be reusable. Without this, the recent provider additions will impose a significant overhead. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 18 Jun 2020, at 4:27

Re: PKEY CMAC timings

How does it look for large input? As in many kilobytes or megabytes? Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 18 Jun 2020, at 1:18 pm, Hal Murray wrote: > > Intel(R) Core(TM) i5-3570 CPU @ 3.40GHz &

Re: OpenSSL user guide for 1.1.1g

There is not and never will be FIPS support for OpenSSL 1.1.1. You’ll have to wait for the upcoming 3.0 release for FIPS support. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 25 Jul 2020, at 12:32 am, Faraj Ra

Re: openssl fipsinstall

on a pull request that allowed either or both options. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 28 Jul 2020, at 6:19 am, Thomas Dwyer III wrote: > > Hi all, > > I'm replacing OpenSSL 1.0.2 w

Re: openssl fipsinstall

e next planning meeting. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 28 Jul 2020, at 9:51 am, Thomas Dwyer III wrote: > > On Mon, Jul 27, 2020 at 3:39 PM Dr Paul Dale <mailto:paul.d...@

Re: Question related to default RAND usage and update with engine RAND

Have you tried RAND_set_rand_method()? This should replace the RNG with yours. In 3.0, there will be a different scheme and an engine isn’t the ideal way to go. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 1

Re: HMAC is deprecated in 3.0 getting error 'HMAC' was not declared in this scope

There is no direct replacement for the MHAC call at this point, EVP_MAC needs to be used. I’d suggest reading the EVP_MAC(3) man page. There is an example down the bottom. Does SSL_set_mtu() do what you require? Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations

Re: PRNG not available when multiple providers are configured?

Adding: config_diagnostics = 1 At the same level as the openssl_conf line should produce more output. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia > On 4 Nov 2020, at 4:41 am, Thomas Dwyer III wrote: > > On

Re: PRNG not available when multiple providers are configured?

us() started working for me. So > THANKS for that! :-) Not producing any diagnostic output for a failed checksum seems like a bug. Pauli -- Dr Paul Dale | Distinguished Architect | Cryptographic Foundations Phone +61 7 3031 7217 Oracle Australia

Re: OpenSSL 1.1.1g Windows build slow rsa tests

On 21/1/21 10:37 am, Michael Wojcik wrote: From: openssl-users On Behalf Of Dr Paul Dale Sent: Wednesday, 20 January, 2021 16:19 Try building without the no-asm configuration option. That was my first thought, but according to Dan's message, the firedaemon version is also built with no-asm

Re: OpenSSL 1.1.1g Windows build slow rsa tests

Try building without the no-asm configuration option. Pauli On 21/1/21 6:18 am, Dan Heinz wrote: Hello, I’m building openssl 1.1.1g  on multiple platforms and I found that the rsa speed tests are significantly slower in my build than on the other OS platforms (Linux and macOS). I

Re: PKCS12 APIs with fips 3.0

I'm not even sure that NIST can validate the PKCS#12 KDF. If it can't be validated, it doesn't belong in the FIPS provider. Pauli On 26/1/21 10:48 pm, Tomas Mraz wrote: On Tue, 2021-01-26 at 11:45 +, Matt Caswell wrote: On 26/01/2021 11:05, Jakob Bohm via openssl-users wrote: On

Re: PKCS12 APIs with fips 3.0

ward that would allow reading and writing to a key store while only using the fips provider? Thanks, Zeke Evans Micro Focus -Original Message----- From: openssl-users On Behalf Of Dr Paul Dale Sent: Tuesday, January 26, 2021 5:22 PM To: openssl-users@openssl.org Subject: Re: PKCS12 A

Re: PKCS12 APIs with fips 3.0

quot;default" provider remains available? Remember that in other software systems, such as OpenSSL 1.0.x and MS CryptoAPI, FIPS mode causes all non-validated algorithms to fail hard, so all higher level operations are guaranteed to use only FIPS- validated crypto. On 2021-01-27 0

Re: OpenSSL version 3.0.0-beta1 published

However, I was wondering if anyone has ported/refactored the pkcs11 engine stuff for OpenSSL 3.0 already?  is this on the TODO list for the OpenSC/pkcs11 team?  If I wanted to try to refactor the opensc-pkcs11 module, how would I start? PKCS #11 support is one (of many) possible items

Re: Switch hangs for significant amount of time when using RAND_write_file API with openssl version 1.1.1h and above.

My guess would be that OpenSSL is waiting for the system randomness source to properly seed.  This was an intentional change.  Without it security will likely be lost. Paul Dale On 6/5/21 8:34 pm, Sravani Maddukuri via openssl-users wrote: Hi, I have updated the openssl version running on

Re: Load and unload of engines at runtime

Why would you believe that ENGINE_register / ENGINE_unregister are the calls to load/unload an engine?  These calls are for _after_ the engine has been loaded: /*- Manage registration of ENGINEs per "table". For each type, there are 3  * functions;  *   ENGINE_register_***(e) -

Re: Openssl-3.0.0 POST

Have a look at the openssl-fipsinstall manual page. The self tests are run when the FIPS provider is installed. You can run the install manually using: openssl fipsinstall -module ./fips.so -out fips.cnf -provider_name fips I think that a verify command will also run them: openssl

Re: OpenSSL 3.0 - providing entropy to EVP_RAND ?

RAND_add() forces a reseed to the DRBGs and uses the passed material (not as entropy but as additional input). EVP_RAND_reseed() is a more direct interface but remember that the built in DRBGs are free to ignore what the user claims is /entropy/. History has shown us time and again that

Re: How to store openSSL EVP_MD and EVP_MD_CTX in local buffers

Structures are opaque after OpenSSL 1.0.  There is no way to do what you want. The recommended path is to call EVP_MD_CTX_dup() to create a copy of the context and use that the second time around. Pauli On 24/3/21 2:03 pm, Vuthur Pavankumar wrote: Hi All, I was implementing SHA3

Re: FIPs algorithm code vs default implementation

1> Can you please help to understand the differences in the FIPs algorithm implementation code vs default? Are there additional validations performed in FIPs code? There are some additional validations, there are other differences. Grep the source code for FIPS_MODULE to find all the

Re: Regarding RAND_set_rand_method

There isn't an easy a way to do what you want in 1.1.1. RAND_set_rand_method replaces the RNG for all of OpenSSL.  In theory your RAND_METHOD could detect which thread it is running in and do different things for each.  I'm not sure this is a good idea however. Why aren't the random number

Re: EVP_MAC_init() in 3.0 alpha 13

Does EVP_MAC_CTX_dup() after the MAC context has been initialised do what you want? Pauli On 5/4/21 10:51 pm, Hal Murray wrote: It used to take just a ctx. Now it also wants a key+length and a params. I have some simple/hack code to time 2 cases. The first gives it the key each time. The

Re: openssl-users Digest, Vol 77, Issue 4

openssl-users-requ...@openssl.org You can reach the person managing the list at     openssl-users-ow...@openssl.org When replying, please edit your Subject line so it is more specific than "Re: Contents of openssl-users digest..." Today's Topics:    1. Re: Regarding RAND_set_rand_method (Dr Pa

Re: openssl-users Digest, Vol 77, Issue 6

of openssl-users digest..." Today's Topics:    1. Re: openssl-users Digest, Vol 77, Issue 4 (Dr Paul Dale) -- Message: 1 Date: Sat, 3 Apr 2021 18:48:48 +1000 From: Dr Paul Dale To: openssl-users@openssl.org Subject: Re: openssl

Re: Why does OpenSSL report google's certificate is "self-signed"?

Perhaps ask Qualys to answer your concerns directly?  They must have a reason for including this warning. Pauli On 1/4/21 5:43 pm, Jan Just Keijser wrote: On 31/03/21 19:43, Michael Wojcik wrote: From: openssl-users On Behalf Of Viktor Dukhovni Sent: Wednesday, 31 March, 2021 10:31

Re: Unable to load the FIPs config file OpenSSL 3.0

Our general suggestion is to keep the FIPS configuration in it's own file and include that -- this helps when updating. Does a full path to the providers directory help? Could you try a build with debugging symbols so it's possible to see what's going on better? Set a breakpoint on

Re: EVP_MAC_init() in 3.0 alpha 13

Did you attempt to pass NULL for the key and zero for it's length to the EVP_MAC_init() call? Pauli On 5/4/21 10:51 pm, Hal Murray wrote: It used to take just a ctx. Now it also wants a key+length and a params. I have some simple/hack code to time 2 cases. The first gives it the key each

Re: OpenSSL 3.0 - providing entropy to EVP_RAND ?

3.0? Thank you for your help in this. Thanks Bala On Wednesday, 24 March, 2021, 11:56:18 am IST, Dr Paul Dale wrote: RAND_add() forces a reseed to the DRBGs and uses the passed material (not as entropy but as additional input). EVP_RAND_reseed() is a more direct interface but remember tha

Re: Sp800 56a rev3

These are all questions for your FIPS lab. Pauli On 15/4/21 4:19 am, Nagarjun J wrote: Hi, Suppose if any one submitted for FIPS 140-2 certification in Nov 2020 , what is the deadline to meet sp800 56 a rev3 revision requirement to avoid certificate going into historical list. And if we

Re: OpenSSL 3.0 - providing entropy to EVP_RAND ?

ctors 0 acvp_test.c 1341 const struct drbg_st *tst = _data[id]; 1 acvp_test.c 1468 ADD_ALL_TESTS(drbg_test, OSSL_NELEM(drbg_data)); Try: grep drbg_data test/* Thanks Bala On Wednesday, 14 April, 2021, 05:02:22 pm IST, Dr Paul Dale wrote: For setting up a parent for a DRBG, look at /provi

Re: error: redefinition of ‘struct rsa_meth_st’

You shouldn't be accessing the internal of a private structure. That structure was made private for a reason and duplicating it in your engine will break when we change the structure's contents. Your engine should be using the EVP_PKEY_meth_set_* function to do what you want (for 1.1.1).  For

Re: Replacement for AES_set_encrypt_key and AES_encrypt to support 3.0

You don't want to use these and there is no direct replacement.  You want to use the EVP calls instead:  EVP_CipherInit_ex2, EVP_CipherUpdate, EVP_CipherFinal_ex and friends. See this manual page:     https://www.openssl.org/docs/manmaster/man3/EVP_EncryptInit.html Pauli On 17/8/21 5:11 pm,

Re: Help Needed for deprecated functions and macros like "CRYPTO_num_locks()" , "CRYPTO_LOCK" ......etc

Locking in OpenSSL 1.1.1 and later is completely different.  You no longer need to and should not try to register the locking callbacks. Pauli On 17/8/21 11:59 pm, Kumar Mishra, Sanjeev wrote: Hi All, I am upgrading the code from OpenSSL 1.0.1 to OpenSSL 3.0. I am getting compilation errors

Re: One iOS App - 2 OpenSSL libraries.

There shouldn't be a limitation.  Although if two different versions of OpenSSL are being used, it is possible that they could interact together in odd ways. OpenSSL will automatically use assembly implementations of algorithms unless: * the "no-asm" option is specified at configuration

Re: Hi team, I modified openssl code and make test failed. What should I do with the failed cases. Thx in advance.

I suggest working out why they failed and getting them working again.  You've broken something with your modifications, you need to understand what's broken and why before continuing. Paul Dale On 14/8/21 9:56 am, Ma Zhenhua wrote: Hi team, I modified openssl code and make test failed.

Re: Congratulations! Missing 3.0.0 tag?

With the change to (almost) semantic versioning, we also decided to make the tags easier to type. Pauli On 9/9/21 9:03 am, Steffen Nurpmeso wrote: Benjamin Kaduk wrote in <2021090848.gx19...@akamai.com>: |On Thu, Sep 09, 2021 at 12:15:44AM +0200, Steffen Nurpmeso wrote: |> |>

Re: Reducing the footprint of a simple application

> ...low security RNGs and other antifeatures. Huh  Where?  Why plural? The only **one** I'm aware of is the one I added to stochastically flush the property cache where it doesn't need to be cryptographically secure. Pauli

Re: Reducing the footprint of a simple application

15/9/21 11:34 pm, Jakob Bohm via openssl-users wrote: On 2021-09-14 12:14, Dr Paul Dale wrote: > ...low security RNGs and other antifeatures. Huh  Where?  Why plural? The only **one** I'm aware of is the one I added to stochastically flush the property cache where it

Re: Openssl 3.0.0. EVP_PKEY RSA is NULL

On 15/9/21 9:19 am, Ken Goldman wrote: irc = EVP_PKEY_fromdata_init(ctx); irc = EVP_PKEY_fromdata(ctx, (EVP_PKEY **)rsa_pub_key, /* freed by caller */     EVP_PKEY_PUBLIC_KEY, params); Do you mean :     irc = EVP_PKEY_fromdata(ctx, _pub_key, EVP_PKEY_PUBLIC_KEY,

Re: OpenSSL 3.0.0 custom entropy source

Try working from providers/implementations/rands/seed_src.c  You'll need to reimplement seed_src_generate() to use your RNG. To use your custom seed source, you can either use the OpenSSL configuration file to set a "random" section that includes a "seed" setting or you can call

Re: EVP_MAC_init - specify the hash algorithm

, but are they documented? Case sensitive?  Which is preferred? You use EVP_MAC_new, which is undocumented.  The doc sample uses EVP_MAC_fetch.  Which is preferred? On 7/13/2021 7:06 PM, Dr Paul Dale wrote: Your code should look more like:     OSSL_PARAMS params[2];     EVP_MAC *mac = EVP_MAC_new(NULL

Re: OpenSSL 3.0.0 two tests fail on Solaris 10 SPARC64 ( Oracle/Fujitsu )

What Ben suggests is a great start. Note that none of the core developers have Solaris access, so that debugging could be problematic. Pauli On 12/9/21 1:39 pm, Benjamin Kaduk via openssl-users wrote: On Sat, Sep 11, 2021 at 10:29:07PM -0400, Dennis Clarke via openssl-users wrote: This

Re: EVP_MAC_init - specify the hash algorithm

Please don't do it the PKEY way :) Your code should look more like: OSSL_PARAMS params[2]; EVP_MAC *mac = EVP_MAC_new(NULL, "HMAC", NULL); EVP_MAC_CTX *mac_ctx = EVP_MAC_CTX_new(mac); EVP_MAC_free(mac); /* Now or later is all good and depends on the app reusing it or not */

Re: OpenSSL Beta 2, report of successful migration

Thanks! The OpenSSL team has wondered how many people were trying out 3.0 during the beta period without any way of knowing for sure.  That you've had what seems like a fairly smooth transition is wonderful. Pauli On 2/8/21 8:10 pm, Olivier Mascia via openssl-users wrote: Hello, Just

Re: openssl 3.0 genpkey

GitHub issues would be better.  They are harder to missing accidentally. Pauli On 6/8/21 7:59 am, Ken Goldman wrote: Should these be posted here or as github issues?  (May be user error) 1 openssl genpkey -algorithm rsa -outform der -out key.der -quiet returns: genpkey: Option -quiet

Re: openssl 3.0 genpkey

Ken, I've created issue #16238 for these.  Any chance you could add version information or other useful tidbits? Thanks, Pauli On 6/8/21 7:59 am, Ken Goldman wrote: Should these be posted here or as github issues?  (May be user error) 1

Re: Accessing bignums of a RSA key with OpenSSL 3.0?

Try: include/openssl/core_names.h The names are "n", "e" and "d" in this case. Pauli On 30/7/21 10:57 pm, Olivier Mascia via openssl-users wrote: Dear all, Testing migration to OpenSSL 3.0. Got to update some code building a JWK (in relation to ACME LetsEncrypt protocols). Having an

Re: OpenSSL beta testing on Solaris and z/OS

Dennis, Thanks for the information.  Solaris and z/OS are not tested by the project, so it's good to know they aren't too far from working out of the box. We would definitely be interested in a pull request with your fixes at some stage -- post 3.0 since it's almost certainly too late now.

Re: OpenSSL 3.0.0 FIPS compatible ECDH-KAS

eed source? The whole purpose of this exercise was to create a NIST SP-800-90B compliant entropy source for FIPS. Thanks, Kory On Sep 22, 2021, at 3:51 PM, Dr Paul Dale wrote: If you are only using functions that are deprecated, you'll get away without for the moment. Pauli On 23/9/21 8:45 am, Kory Ha

Re: tpm2-openssl, a TPM 2.0 provider for OpenSSL 3.0 released

Great work! Pauli On 30/9/21 4:13 am, Petr Gotthard wrote: Hello, I just released a first version of the tpm2-openssl provider. TPM is a hardware crypto-processor, which can generate, store, and use cryptographic keys. The tpm2-openssl is a provider for integration of TPM 2.0 to OpenSSL

Re: openssl 3.0.0 equivalent to RSA_get0_key

No. The deprecated functions are not going away any time soon but there is no direct replacement. Pauli On 21/9/21 6:46 am, Ken Goldman wrote: ... and RSA_get0_factors. I know about EVP_PKEY_get_bn_param().  However, that allocates new bignums.  Therefore, the caller has to say, if

Re: Openssl aes-256 ctr drbg

The number you asked for typically. Pauli On 21/9/21 4:49 pm, Nagarjun J wrote: Hi, What is the Number of Bytes Returned by aes-256 ctr drbg ? Thanks, Nagarjun

Re: fips 140-2 module conditions and compilation target app

I think you've got the fist of the restriction.  You cannot make any changes to the source code, build files or the commands you use to build the FOM.  None are acceptable if you want a FIPS validate outcome.  I.e. you will lose the FIPS 140-2 validation state if you change anything. Pauli

Re: RSA provider use example

What about: apps/rsa.c, apps/rsautl.c and apps/genrsa.c 3.0 doesn't use the RSA structure in the non-deprecated public API. You probably want the EVP_PKEY_fromdata call. Pauli On 24/9/21 8:55 pm, Antonio Santagiuliana wrote: Hello Is there any app or command in the current Openssl master

Re: RSA provider use example

On 24/9/21 9:15 pm, Angus Robertson - Magenta Systems Ltd wrote: I've been wondering if this is more efficient than getting the parameters one at a time using multiple EVP_PKEY_get_xx_param which also calls EVP_PKEY_get_params. I'd be surprised if there was a lot of difference. If I had to

Re: OpenSSL 3.0.0 FIPS compatible ECDH-KAS

Adding that should be enough to force only FIPS validated algorithms are used. Just doing that isn't enough, there is more you are going to need to do.  E.g. you will need to load the FIPS and base providers either via config or explicitly. It's possible to set the default properties via

Re: OpenSSL 3.0 FIPS questions

*From:* openssl-users on behalf of Dr Paul Dale *Sent:* Sunday, October 24, 2021 12:28 AM *To:* openssl-users@openssl.org *Subject:* Re: OpenSSL 3.0 FIPS questions Oops, the second time this occurs "defp = OSSL_PROVIDER_load(non_fips_libctx, &qu

Re: Need Replacement for Deprecated function.

They are documented in provider-mac(7) and EVP_MAC-HMAC(7) respectively. The key is the MAC key -- a string of bytes. The digest is the name of the digest that is to be

Re: EVP_PKEY_get_int_param is not getting degree from EC key

Also it's bit weird that responder *may* choose to return error if data_size is not suitable. What else it might do? Is it valid (from responder's point of view) to just truncate the value to that it would fit into unsigned int (that would obviously be useless behavior, I'm just curious if it

Re: useless search box on openssl.org

It would be nice if the search engines checked for URL validity and cleaned their caches from time to time. Apart from keeping dross around from old unsupported versions, I don't think there is much the project can do about this unfortunately. Pauli On 19/11/21 7:48 am, Michael Richardson

Re: OpenSSL-3.+ how to configure [random]?

There is documentation: https://www.openssl.org/docs/man3.0/man5/config.html I don't think the rdrand engine takes any extras. Pauli On 10/11/21 1:38 pm, Blumenthal, Uri - 0553 - MITLL wrote: On 11/9/21, 22:23, "Dr Paul Dale" wrote: Currently I've no idea and can't reprodu

  1   2   >