Re: X52219/X448 export public key coordinates

ve there’s a good reason for it. > Anyway, thanks for your answer! > > Regards > Matt > > On 18. 11. 2022, at 17:13, Kyle Hamilton wrote: > >  > X25519? > > On Mon, Nov 14, 2022, 05:23 ORNEST Matej - Contractor via openssl-users < > openssl-users@openssl.org> wrote: &g

Re: X52219/X448 export public key coordinates

X25519? On Mon, Nov 14, 2022, 05:23 ORNEST Matej - Contractor via openssl-users < openssl-users@openssl.org> wrote: > Hi all, > > > > I need to implement support for X52219/X448 for DH key exchange (and > Ed52219/Ed448 for DSA) elliptic curves in our project. I need to export > public key for DH

Re: Questions about legacy apps/req.c code

>From a conceptual perspective, I think "creating a CSR" should be different than "signing a CSR with a given keypair", and on that reason alone I'd separate them, allowing some small code duplication. The difference between "signing with a certified key" and "signing with its own key" is really

Re: Question on "unsupported certificate purpose" error when trying to read the certificate on the web server

An EE certificate is an "end entity" certificate, which identifies an entity that isn't a certifier. On Wed, Jul 21, 2021, 18:23 Thejus Prabhu wrote: > Thanks for your reply Viktor. I would like to add that this is a self > signed certificate created on the server. What is EE certificate? > > >

Re: query on key usage OIDs

Also, OIDs for extendedKeyUsage can be defined per-application, so there's no way to compile a full list of them. -Kyle H On Fri, Jul 16, 2021 at 4:23 AM Viktor Dukhovni wrote: > > > On 15 Jul 2021, at 11:55 pm, SIMON BABY wrote: > > > > I am looking for openssl APIs to get all the OIDs

Re: Client certificate authentication

If he's trying to muck with the library, he's probably struggling with a precompiled binary he doesn't have the source code to. -Kyle H On Thu, Mar 11, 2021, 11:48 Viktor Dukhovni wrote: > > On Mar 11, 2021, at 2:16 PM, Robert Ionescu > wrote: > > > > I am searching for the functions in

Re: Question about SSL_ERROR_WANT_WRITE

If you get SSL_ERROR_WANT_WRITE, call the same function with the same parameters and same buffer content immediately. (Same with SSL_ERROR_WANT_READ.) If you need to, stash those parameters in variables for ease of reference. But don't do anything else on the SSL layer until you get a different

Re: Server application hangs on SS_read, even when client disconnects

There's another reason why you'll want to close your socket with SSL_close(): SSL (and TLS) view a prematurely-closed stream as an exceptional condition to be reported to the application. This is to prevent truncation attacks against the data communication layer. While your application may not

Re: Cert hot-reloading

Could this be dealt with by the simple removal of any caching layer between an SSL_CTX and a directory processed by openssl c_rehash? Would reading the filesystem on every certificate verification be too heavy for your use case? On Sun, Aug 30, 2020 at 7:20 PM Jordan Brown wrote: > > Well, I can

Re: Cert hot-reloading

I'm not sure I can follow the "in all cases it's important to keep the key and cert in the same file" argument, particularly in line with openat() usage on the cert file after privilege to open the key file has been dropped. I agree that key/cert staleness is important to address in some manner,

Re: OpenSSL compliance with Linux distributions

It is never recommended to upgrade you distribution's version of OpenSSL with one you compile yourself. Doing so will often break all software installed by the distribution that uses it. If you need functionality from newer versions of OpenSSL, your options are to upgrade your OS version, or to

Re: Master fails tests (mentioning # TODO Currently not supported)

(I'm not an OpenSSL developer, but I know enough of development processes to explain what I see here. Actual OpenSSL developers should correct me if I'm wrong.) Most likely, yes this is currently expected. Since it's a dev branch, not a release branch, it's not expected to have everything

Re: distributed secret key

for me.) -Kyle H On Sun, May 24, 2020, 14:59 Kyle Hamilton wrote: > From glancing at the abstract, https://patents.google.com/patent/US5799086 > looks like it might be the one? It also says that it is expired, > expiration having been anticipated on 2014-01-13. > > -Kyle H >

Re: distributed secret key

>From glancing at the abstract, https://patents.google.com/patent/US5799086 looks like it might be the one? It also says that it is expired, expiration having been anticipated on 2014-01-13. -Kyle H On Sun, May 24, 2020, 11:54 Salz, Rich wrote: > >- In any case, I am unaware of any

Re: distributed secret key

There are two ways to handle multiple authorizations needed: 1) Secret data is shared across multiple locations/holders, or 2) Secret data is stored in a trusted system which itself requires multiple authorizations. You could perhaps put together multiple trusted systems, each of which has a

Re: How to get all certs into a .der file.

application/pkix-pkipath Defined in RFC4366 (section 8) and RFC6066 (section 10.1) PkiPath ::= SEQUENCE OF Certificate Within the sequence, the order of certificates is such that the subject of the first certificate is the issuer of the second certificate, etc. (It's also defined in ITU-T

Re: How to get all certs into a .der file.

There is a format that puts all DER certificates into a single DER-formatted structure. It is called PKIpath, and it's defined as `SEQUENCE OF Certificate`. The problem with it is that its order was standardized by X.509 2001 TC1 to begin with the root and continue to the leaf, which is

Re: How to get all certs into a .der file.

If you need multiple certificates in a single DER structure, you're looking for something to create a "PKIpath". I've never heard of curl requiring such, though. Chances are it will handle the PEM chain just fine. What curl command line are you trying to use? -Kyle H On Thu, May 21, 2020,

OCSP pregeneration

Is there a way to have OpenSSL's command line generate OCSP responses for every entry in index.txt, without having to go through the process of generating a blank (no-nonce, unsigned) request and then generating a response to each one for each serial number therein? -Kyle H

Re: mutual-TLS / mTLS Example with certificate problem

On a tangent, this file format (and order) was actually finally standardized as "application/pem-certificate-chain" by RFC 8555 section 9.1 (the Automatic Certificate Management Environment protocol, or ACME). On Wed, May 6, 2020 at 2:59 PM Michael Wojcik wrote: > Get rid of the call to

Re: TLSv1 on CentOS-8

Note: This is better asked on the CentOS support forums, since it asks about changes that CentOS made to OpenSSL. This is an unsupported configuration, and will be overwritten if you audit or reinstall the crypto-policies package. Also, I haven't looked to see where

Re: tbslen parameter in EVP_PKEY_sign() and EVP_PKEY_verify()

32 bytes means you're signing using RSA-WITH-SHA-256, yes? tbs is the digest value you calculated, tbslen is the size in bytes of the digest. -Kyle H On Tue, Apr 7, 2020 at 1:07 PM Jason Proctor wrote: > > Esteemed cryptologists, > > Question regarding the "tbslen" parameter to the sign and

Re: Negotiated cipher per proto (matching cipher in list missing). No further cipher order check has been done as order is determined by the client

ssl_prefer_server_ciphers on; On Wed, Mar 11, 2020, 11:58 Kaushal Shriyan wrote: > > > On Wed, Mar 11, 2020 at 6:36 PM Michael Wojcik < > michael.woj...@microfocus.com> wrote: > >> To enforce the server's cipher order, use SSL_CTX_set_options(*ctx*, >> SSL_CTX_get_options(*ctx*) |

Re: Questions about using Elliptic Curve ciphers in OpenSSL

Be aware that you just posted your certificate's private key, and thus you should regenerate a new keypair/certificate to use. Otherwise, anyone who can manipulate traffic to your machine can execute a man-in-the-middle attack. -Kyle H On Fri, Feb 14, 2020, 07:40 Jason Schultz wrote: > >

Re: Cloning a CSR or Cert. for a new CSR with a new key?

A CSR is self-signed to provide what's called "proof of possession" -- that is, proof that the requester possesses the private key to the claimed public key. It doesn't act as a CA in that case, because the CSR is not an actual Certificate structure. -Kyle H On Thu, Jan 30, 2020, 18:26 Douglas

Re: Generate nomative certificate from wildcard certificate

No, it's not possible,to use a webserver certificate to issue other certificates of any kind. (Oh, it is technically possible with openssl to create certificates which might seem valid on the surface -- just use the webserver key to generate a self-signed CA certificate with the same Subject as

Re: Role Separation

OpenSSL is a toolkit, not a full implementation. More importantly, it is a library, so anyone who can link against it can perform all operations that the library can support, and the library has no concept of role separation built in. As such, the 'openssl' commandline tool allows the use of any

Re: 1.1.1d LD_LIBRARY_PATH

You might be able to set this in the equivalent of /etc/ld.so.conf and rerun ldconfig(8), but those specific operations rely on the GNU dynamic linker. The only clue that suggests it may be GNU's dynamic linker is the LD_LIBRARY_PATH environment variable name. If it's not, you'll have to look up

Re: CSR with only public key

If a CA signs a certificate without proof of possession of the private key, the CA is enabling whoever does have that private key to look as though they are the one who they sign the certificate for (i.e., impersonation). The entire structure of PKI (the binding of the public half of a keypair to

Re: Will my application be FIPS 140-2 Certified under following conditions?

Also, on question b: No. You need to build a compatible version of openssl as specified in the User Guide, and link that version. FIPS_mode_set() tells the library to always and only use the implementations in the FIPS canister; the canister does not replace the library entirely. -Kyle H On

Re: Will my application be FIPS 140-2 Certified under following conditions?

Step a. needs to verified the digest with an existing FIPS 140-2 validated cryptography implementation. Otherwise, to my understanding, this is the correct sequence of events. Do note that after building the fipscanister.lib, you will want to digest it and print it on a certification letter that

Re: failing in reproducing .so files

> Good luck. >> >> -Kyle H >> >> On Mon, Jun 10, 2019, 03:34 Giovanni Fontana < >> giovanni.fontan...@gmail.com> wrote: >> >>> The unmodified version works. As I said, it's sure the issue is on what >>> I added, but info from the bui

Re: failing in reproducing .so files

issing are the following files: > >- libssl.map >- libcrypto.so > - libssl.so > > > Il giorno dom 9 giu 2019 alle ore 19:30 Kyle Hamilton > ha scritto: > >> Can you try building an unmodified version of the tarball, and see if it >> has a problem?

Re: failing in reproducing .so files

Can you try building an unmodified version of the tarball, and see if it has a problem? -Kyle On Sun, Jun 9, 2019, 07:31 Giovanni Fontana wrote: > Hello Kurt, > > >- it's perl 5, version 26, subversion 1 (v5.26.1) built for >x86_64-linux-gnu-thread-multi >- ldd (Ubuntu GLIBC

Re: Internal IP Exposed

That's a configuration issue with the servers, not an issue with the openssl command itself. There's no information on what the back-end HTTP server software is being used. If it were Apache, there would be a ServerName directive that could change the server's idea of what name it should refer

Re: [openssl-users] How to use a specific ip interface while testing TLS/SSL connectivity.

It appears you could create() a socket, bind() it to the interface you want to use, possibly connect() it, and then pass it to either BIO_s_connect() or BIO_s_socket() depending on which meets your needs. -Kyle H On Sat, Feb 9, 2019 at 7:21 AM Rajinder Pal Singh wrote: > > Thanks Mark for the

Re: [openssl-users] possible C bugs in ecp_nistp521

I would expect that correct results would be provided for all valid inputs (including those inputs that are not otherwise constrained). As such, I would class this as a bug in OpenSSL. -Kyle H On Mon, Jan 7, 2019 at 7:44 PM Patrick Steuer wrote: > > Dear Bo-Yin Yang, > > I looked into your

Re: [openssl-users] Subject CN and SANs

such degenerate cases. Merry Christmas (or happy holidays!), -Kyle H On Sun, Dec 23, 2018 at 5:33 PM Viktor Dukhovni wrote: > > > > > On Dec 23, 2018, at 6:01 PM, Kyle Hamilton wrote: > > > > You're right, I typoed. SubjectDN is non-optional. But it can, as >

Re: [openssl-users] Subject CN and SANs

wrote: > > > > > On Dec 23, 2018, at 4:29 PM, Kyle Hamilton wrote: > > > > SubjectCN is an operational requirement of X.509, I believe. > > You're confusing the DN and the CN. > > > It's not optional in the data structure, at any rate. > > The subject

Re: [openssl-users] Subject CN and SANs

SubjectCN is an operational requirement of X.509, I believe. It's not optional in the data structure, at any rate. -Kyle H On Sun, Dec 23, 2018 at 9:22 AM Michael Richardson wrote: > > > Salz, Rich via openssl-users wrote: > > Putting the DNS name in the CN part of the subjectDN has been

Re: [openssl-users] Subject CN and SANs

Does Apache only examine CN=, or does it also check subjectAltNames dNS entries? -Kyle H On Sun, Dec 23, 2018 at 3:25 AM Walter H. wrote: > > On 23.12.2018 03:47, Salz, Rich via openssl-users wrote: > > > >. New certificates should only use the subjectAltName extension. > > > >> Are

Re: [openssl-users] AssAccess was passed with no amendments

Getting the key for any given communication from OpenSSL is definitely doable if you're not using an engine. If you are using an engine, it may or may not be even possible. In any case, maintaining that key once you have it is definitely out of scope of OpenSSL. As an app developer subject to

Re: [openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

Because only showing the O= is insufficient, you also need to show the jurisdiction the O= is based in. (In the case of Amazon, it's a Delaware corporation.) The fact that browsers are getting tricked into thinking EV doesn't help is only because their UX designers refuse to allow the information

Re: [openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

CAs *do* verify the attributes they certify. That they're not presented as such is not the fault of the CAs, but rather of the browsers who insist on not changing or improving their UI. The thing is, if I run a website with a forum that I don't ask for money on and don't want any transactions

Re: [openssl-users] Self-signed error when using SSL_CTX_load_verify_locations CApath

Wireshark and other packet capture tools can help you determine exactly what's in the chain sent by the client. If the self-signed root isn't being sent, then the "self-signed certificate in certificate chain" error should never have been sent, and a bug report on that issue would be appropriate.

Re: [openssl-users] What is the need for 0x00 byte prefix in pubkey and prime of a static DH key pair?

The DER (Distinguished Encoding Rules of ASN.1, which can be found in ITU-T recommendation X.680 and X.681) requirement is that if a particular number is positive, the highest-order bit can never be set (since the highest-order bit is always the negative sign indicator). The rules further explain

Re: [openssl-users] GSCheck fails for Windows 32build 'libeay32.dll' library

I thibk those are all the .asm modules. If they are, you'll probably want to Configure with no-asm and rebuild in order to get the C implementations. -Kyle H On Wed, Nov 28, 2018, 01:07 Vinay Kumar via openssl-users < openssl-users@openssl.org wrote: > Hi All, > > The 32bit OpenSSL 1.1.0i

Re: [openssl-users] updating openssl

Generally, you don't want to replace any system-provided version of OpenSSL with a different version that has a different ABI. The way you've done so (without deleting the libraries from the older version) is safe, but don't remove the system package of openssl-1.0.2. Other packages may link to

Re: [openssl-users] Wildcard: how are they correct?

If subjectAltName exists, CN= is not evaluated. All the given examples should work. (The only exceptions are validators that haven't been current for more than 20 years.) None of the examples is correct. CN= should not even be included in the certificate. If it is, (d) is the closest to

Re: [openssl-users] Limit the number of AES-GCM keys allowed in TLS

...and once again FIPS screws those who don't want to adhere to its mandates (which everyone in the know has always stated simply reduces security by requiring the use of less-secure ciphers and implementations, without allowing patches or modifications to deal with newly-discovered classes of

Re: [openssl-users] X25519 - why openssl shows server temp key as 253 bits?

Probably because the definition of X25519 requires that bits 0, 1, and 2 of the first byte of the private key are set to 0 before being used, and OpenSSL counts the number of bits including the highest-order set bit. (Really, there's an additional 2 bits that are also set to known values: bit 6 of

Re: [openssl-users] Deployment

Generally, you *really* do not want to replace the vendor-provided version. Vendors often alter things to be more compatible with their ABIs, which are the binary interfaces that other programs use to link to the vendor-provided libraries. If you find you actually do want to, it's best to figure

Re: [openssl-users] MTLS verification fails

> #$ openssl s_server -key privkey.pem -cert server.pem -accept 8446 -verify > ca.pem Change the '-verify' to '-CAfile' and it might work. -Kyle H On Sun, Mar 4, 2018 at 9:58 PM, salil GK wrote: > > #$ openssl s_client -cert tomcat.pem -key tomcat_priv.pem -CAfile >

Re: [openssl-users] Has client validated successfully?

gt; On Tue, Feb 13, 2018 at 9:33 AM, Emmanuel Deloget <log...@free.fr> wrote: >> >> Hello, >> >> On Tue, Feb 13, 2018 at 7:14 AM, Kyle Hamilton <aerow...@gmail.com> wrote: >> >> > The only thing that the server can know is whether the client has

Re: [openssl-users] Has client validated successfully?

The only thing that the server can know is whether the client has terminated the connection with a fatal alert. If the client validates presented cert chains, then its continuation with the connection means that it passed validation. If the client does not, or ignores any given error, then it

Re: [openssl-users] mail encryption with ecdsa cert

On the algorithmic side of things, the ECDSA algorithm cannot encrypt. It is signing-only. In order to use Elliptical Curves to encrypt, you would have to use the "Elliptical Curve Diffie-Hellman" algorithm to perform a key agreement. This requires that both the sender and the recipient have EC

Re: [openssl-users] SSL Cert serial number non-uniqueness impact

It's important to note that NSS-based applications (such as Firefox) will actually categorically refuse to connect to a site with an Issuer/serial collision with another certificate it has seen before. So yes, it can cause some applications to fail their SSL connections. -Kyle H On Tue, Jan 16,

Re: [openssl-users] Lattice Ciphers

On Mon, Dec 18, 2017 at 9:59 AM, Colony.three via openssl-users wrote: > > Hear about the HP keylogging case recently? Do you think a keylogger is > actually used in testing of a keyboard driver, in practice? Yes. More specifically, it's used to ensure that the

Re: [openssl-users] Lattice Ciphers

On Sun, Dec 17, 2017 at 3:58 PM, Salz, Rich via openssl-users wrote: >> If you follow Schnieder, elliptic curve is not an option. > > That’s interesting, you have a reference for that? I'm guessing OP's referring to "Applied Cryptography, 2nd Edition". There was one

Re: [openssl-users] SSL alert number 48

SSL alert number 48 is specified in the documents that define SSL/TLS. It is the code for "unknown_ca", which means that verification failed because it didn't get set up with the correct CA to verify against. You might wish to look up SSL_CTX_load_verify_locations(3). There may also be other API

Re: [openssl-users] Serial Number with OpenSSL

4Q? 8X? 1Z? Those are not octets that can show up in serial numbers. -Kyle H On Fri, Dec 1, 2017 at 2:21 PM, FOURES TOM wrote: > Hello, > > When I see SSL certificates, their serial number is like this : > 0A:8D:9A:4Q:8X:1A:0B:88:18:1Z > > So, how could I set my serial

Re: [openssl-users] How to get SNI info from s_client debug logs?

The -servername [host] is what causes the SNI extension to be sent. I don't think its sending is put into the debug output. Do you really need it there? I'm pretty certain that s_server outputs it in debug output. -Kyle H On Nov 26, 2017 18:59, "John Jiang" wrote: >

Re: [openssl-users] alert number 46:

Use a publicly-trusted certification authority, such as Let's Encrypt. The problem is from the remote side (it's sending the alert that it does not recognize your certificate issuer). -Kyle H On Sun, Nov 12, 2017 at 7:47 AM, Simon Matthews wrote: > On Sun, Nov 12,

Re: [openssl-users] Troubleshooting SSL connections

What kind of stateful packet inspection are the NATs doing? Can you run packet captures on each network that's being translated? -Kyle H On Thu, Nov 2, 2017 at 4:23 PM, Paul Greene wrote: > Yes. I've made captures on both - the production client that I manage and >

Re: [openssl-users] Generating CSR based on an x25519 public key

Out of curiosity, what are the algorithm identifiers for X25519 and Ed25519? -Kyle H On Mon, Oct 23, 2017 at 3:24 PM, Jakob Bohm wrote: > On 21/10/2017 15:38, Codarren Velvindron wrote: >> >> https://tls13.crypto.mozilla.org is using : The connection to this site is >>

Re: [openssl-users] Graceful shutdown of TLS connection for blocking sockets

Important caveat: SSL_read() and SSL_write() don't directly return SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE. Those values are returned by SSL_get_error(). I apologize for the misstatement. -Kyle H On Sun, Oct 8, 2017 at 5:58 PM, Kyle Hamilton <aerow...@gmail.com> wrote: > Do

Re: [openssl-users] Graceful shutdown of TLS connection for blocking sockets

7 4:17 AM, Kyle Hamilton wrote: >> >> The way to handle this situation is simply to never enter SSL_read() if >> there isn't anything to read on the socket. select() or pselect() are >> your >> friends, here, because they'll tell you if there's data to read from the >

Re: [openssl-users] Graceful shutdown of TLS connection for blocking sockets

The way to handle this situation is simply to never enter SSL_read() if there isn't anything to read on the socket. select() or pselect() are your friends, here, because they'll tell you if there's data to read from the underlying file descriptor. I hope this helps! -Kyle H On Oct 5, 2017

Re: [openssl-users] Hardware client certificates moving to Centos 7

openssl x509 -noout -text -in clientcertificate.pem You may need to extract the client certificate from wireshark, but you could also get it from openssl s_server. Specifically, that error message is suggesting that there's a message digest encoded into the certificate which is unknown to the

Re: [openssl-users] How can I sstart openssl ocsp in secure mode using TLS/SSL

On Fri, Sep 22, 2017 at 9:32 AM, Richard Moore wrote: > > It's also worth pointing out that CAs are banned from running OCSP servers > over HTTPS anyway and it isn't needed since the responses are already signed > - http is fine. That argument fails when you consider

Re: [openssl-users] Personal CA: are cert serial numbers critical?

Certificate serial numbers must be unique. They need not be sequential or increasing. (Mozilla's NSS will complain and refuse to work if there are duplicate serial numbers.) I tend not to re-use keys, so I've found that putting 20 bytes (while clearing the high bit) of a digest of the

Re: [openssl-users] Is there a "Golden" CA makefile?

The short answer is "no". The long answer is, OpenSSL is not in the business of vetting trust roots. Its business is ensuring that TLS-secured communications happen correctly when it is used. If you want an 'endorsed' set of roots, you can find such from other projects (that have no relation to

Re: [openssl-users] Query regarding upgrading TLS compatibility

Every new version of TLS requires code to be written. Sometimes it can be implemented in a binary compatible manner, and in those situations you can get the implementation of a new TLS version by simply replacing a DLL or equivalent dynamic library. However, it's much more likely that the

Re: [openssl-users] Cannot read exported PKCS12 cert and private key

Enhancement request: make 'pkcs12' support -inform and -outform. On Mon, Mar 13, 2017 at 9:26 AM, Gary L Peskin wrote: > Thanks VERY much Michael. That did the trick. This was a homegrown CA > cert and I needed it to sign a certificate request for testing purposes. > > >

Re: [openssl-users] General approach for keeping a client cert from openssl

You cannot keep the certificate from OpenSSL, as that's the piece that you share with the remote side. This contains the public key, and the information bound to that public key by the CA. However, you can keep the private key from being seen by OpenSSL. There exists what is called an ENGINE

Re: [openssl-users] TLS Heartbeat

disable O_NAGLE on the socket? -Kyle H On Sat, Dec 10, 2016 at 8:04 AM, Salz, Rich wrote: > Heartbeats? Yuk, why. > > > > Most likely, TCP is buffering things until you get a big enough data > packet. I don’t know how to address that. > > -- > openssl-users mailing list >

Re: [openssl-users] ECC patent status questions

On Thu, Sep 1, 2016 at 3:43 PM, Salz, Rich wrote: > > The existence of the NSA agreement is a partial answer to the first > question, > > though it seems unclear if this license is recursively sublicensed > through 3rd > > parties or not. > > They knew they were licensing an

Re: [openssl-users] Openssl and floating point

This is compiler-dependent, and because you didn't specify what platform you're targeting or what compiler you're using, there's no way for us to provide an answer. Check your compiler's documentation. GCC, for example, provides software-emulated floating point for platforms without hardware

Re: [openssl-users] Validation status of openssl-fips-2.0.11?

On 2/12/2016 2:03 PM, Steve Marquess wrote: > On 02/12/2016 04:26 PM, Kyle Hamilton wrote: >> I'm not seeing anything about openssl-fips-2.0.11 in >> http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747 >> , so I'm not quite certain what its validati

[openssl-users] Validation status of openssl-fips-2.0.11?

I'm not seeing anything about openssl-fips-2.0.11 in http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm#1747 , so I'm not quite certain what its validation/certificate status is? Also, is a new Security Policy in the works integrating the new HMAC digests for the new versions of

Re: [openssl-users] Configure and config in openssl source folder

My understanding is, you must follow the steps given in the Security Guide *exactly*, with no deviation, in order to produce a validated binary of the FIPS canister. In other words, you *must not* try to use Configure when attempting to build the FIPS canister because it does not match the steps

Re: [openssl-users] Configure and config in openssl source folder

quot;./config tips" before run the Configure script, or should I just run > "Configure fips" instead? > > Thanks, > Rich > > On Wed, Feb 10, 2016 at 12:37 PM, Kyle Hamilton <aerow...@gmail.com > <mailto:aerow...@gmail.com>> wrote: > > My u

Re: [openssl-users] Configure and config in openssl source folder

t; > Thanks, > Rich > > > On Wed, Feb 10, 2016 at 12:57 PM, Kyle Hamilton <aerow...@gmail.com > <mailto:aerow...@gmail.com>> wrote: > > ./config autodetects the platform and such, passing various > parameters to Configure. So, after you've built the

Re: [openssl-users] Configure and config in openssl source folder

On 2/10/2016 12:47 PM, Steve Marquess wrote: > Since you're required to start with the official tarball, and aren't > allowed to change the contents of the tarball, not even a teeny tiny > little bit, there is no point in dumping the tarball contents into > your local source code

Re: [openssl-users] FIPS Object Module v2.0 and openssl security patches

On 2/9/2016 12:29 PM, Steve Marquess wrote: > On 02/09/2016 03:19 PM, cloud force wrote: >> Hello everyone, >> >> Would the FIPS Object Module v2.0 supposed to only work with the vanilla >> openssl library? If I apply the security patches to the openssl library, >> should the FIPS Object Module

Re: [openssl-users] Segfault in libcrypto.so

I think you would probably do better to contact support for wanguard than for openssl. Possible issues could involve ABI incompatibility or library selection incompatibility; since there's no way for us to know how wanguard is structured (we can't track every product that uses openssl), they're

Re: Query regarding SSLv23 methods

SSL_OP_* are bitmasks. SSL_CTX_set_options(conn-ssl_ctx, SSL_OP_NO_SSLv2|SSL_OP_NO_SSLv3); -Kyle H On 11/14/2014 12:37 AM, Vaghasiya, Nimesh wrote: Hi, Thanks for the info. (a typo in previous mail). Could you please confirm whether following will ensure my SSLv23 methods will no

Can SSL_v23_method be renamed or have additional name assigned?

There's a fair amount of grumbling that I see on Twitter about how SSLv23_method is confusing -- what it does is the autonegotiation capability. So, could it perhaps get a new name (or alias) of something like SSLnegotiate_method? What would be the pros and cons of such an aliasing? -Kyle h

Re: Generating the corresponding public key of a private key

OpenSSL doesn't really have a lot to do with ssh-keygen (though ssh-keygen might link against libcrypto, SSH is not SSL). You should probably send to the OpenSSH mailing lists to get help there. -Kyle H On 10/12/2014 11:38 PM, Angelos Ching wrote: Hi, Can I always expect the following

Re: best practice for creating a CA cert?

Generally, a client doesn't bother checking a certificate that's in its local trust store. The idea is, if it's in its trusted store, there's no need to verify its integrity, because the administrator already performed that verification. Where this might have an impact is if your new

Re: Problem with Certificate Chains on Windows

Check the digests used for signing. Windows (after updates) may refuse MD5 signatures on certificates; I would recommend regenerating new certs with at least SHA256. -Kyle H On September 22, 2014 9:34:59 AM PST, Vellore-Arumugam, Jagdish (Svr Automation) jagdish.arumu...@hp.com wrote: Hi, I

Re: TLS handshake failure i/o timeout

This may sound basic, but have you verified that the firewall on the server is set up to allow communication from the client? I think Ubuntu's firewall rejects all traffic to ports that don't match what its installed and configured packages claim they run on, without external configuration.

Re: Can we have a PyOpenSSL 0.15?

I don't think this is the right place to ask on. This list is for OpenSSL itself, not the python binding to it. The PyOpenSSL folks may be watching this list, but this list is probably not the official list to discuss it. -Kyle H On September 8, 2014 8:56:35 AM PST, Eric Chazan

RE: Certificate pass phrase brute force...

At least 3DES is *some* encryption. The issue is that peoples' computers are usually infested with malware; it's better to assume (for a software distribution) that the disk is compromised, and always encrypt it before writing. Perhaps there should be a cipher option for the req -newkey

Re: Verifying authenticode signature using openssl API

http://msdn.microsoft.com/en-us/windows/hardware/gg463180.aspx is the spec for the Authenticode PE signature format. http://msdn.microsoft.com/en-us/gg463119 is the Microsoft PE and COFF Specification. Better download them now before they disappear, they appear to be deprecated in favor of

Re: Certificate pass phrase brute force...

to submit a patch. Michael Wojcik Technology Specialist, Micro Focus From: Kyle Hamilton [mailto:aerow...@gmail.com] Sent: Tuesday, 09 September, 2014 13:43 To: openssl-users@openssl.org; Michael Wojcik Subject: RE: Certificate pass phrase brute force... At least 3DES is *some* encryption

Re: Why does OpenSSL own all the prefixes in the world?

like this. And I am an old C fan programmer... Pierre Delaage Le 08/09/2014 00:04, Kyle Hamilton a écrit : The reason is legacy. Eric Young was not conscious of namespace pollution when he implemented SSLeay; since then, even after the migration to the OpenSSL name and team, the focus has

Re: How to empty a BIO buffer?

The allocated buffer needs to be sizeof(char *). What's happening is the address of the buffer (buffer[0]) gets written to the pointer-to-pointer-to-char, data. If data == NULL, you're asking to write the address of the buffer to unallocated memory. It's done this way because the return value

Re: Why does OpenSSL own all the prefixes in the world?

The reason is legacy. Eric Young was not conscious of namespace pollution when he implemented SSLeay; since then, even after the migration to the OpenSSL name and team, the focus has been more on maintaining source compatibility than in creating new interoperability opportunities. To meet the

Re: Certificate pass phrase brute force...

If someone has the encrypted key data, they can feed that data anywhere they wish. In that case, they can feed it into processing systems that do not enforce rate-limiting. Thus, there is no way to do what Dave Paxton suggests in any case. -Kyle H On September 5, 2014 12:51:04 PM PST,

  1   2   3   4   5   6   7   8   9   >