RE: How to include intermediate in pkcs12?

> From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Dave Thompson > > - the truststore if -CAfile and/or -CApath specified IF NEEDED Thank you very much for your awesome detailed answer. This answers a lot of questions, but I am left wi

RE: SSL Root CA and Intermediate CA Certs.

> From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Michael Wojcik > > For someone who does want more background in cryptography, I'd > recommend Schneier's /Applied Cryptography/ over /Cryptography > Engineering/. The latte

RE: How to include intermediate in pkcs12?

> From: owner-openssl-us...@openssl.org [mailto:owner-openssl- > us...@openssl.org] On Behalf Of Tom Francis > > > openssl pkcs12 -export -out mypkcs12.pfx -inkey my.private.key -in > mycert.crt -certfile intermediate.crt -CAfile ca.crt > > (Correct?) So ...

Re: [openssl-users] stronger Kex

Hello, I also thank you. It was useful to. Best regards. benoist Le 27/12/2016 à 17:38, Jeffrey Walton wrote : >> I have two servers for testing purpose : >> - debian 6, apache 2.2, openssl 1.0.1t (mutu) >> - centos 7, apache 2.4.6, openssl 1.0.1e-fips (dedicated)

Re: [openssl-users] stronger Kex

;> I have two servers for testing purpose : >>> - debian 6, apache 2.2, openssl 1.0.1t (mutu) >>> - centos 7, apache 2.4.6, openssl 1.0.1e-fips (dedicated) >>> >>> Now, these 2 serveurs offers only those ciphers : >>> TLS_ECDHE_RSA_W

[openssl-users] Using RSASSA-PSS in command line smime / cms utility

Can i set the padding RSASSA-PSS or alg ECDSA via command line when using openssl smime or openssl cms command? I can't find an option for it.-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Some S/MIME CMS encrypted messages produce invalid key length when using the debug_decrypt option

Im using the cmd client openssl cms -decrypt with the "debug_decrypt" option to have the same behaviour as before the bleichenbach security patch to use decryption without recipient public keys. For some reason, some messages will produce the following error on OpenSSL 1.0.2d and ev

Re: [openssl-users] Some S/MIME CMS encrypted messages produce invalid key length when using the debug_decrypt option

The message is first signed then encrypted. Commands are as follows /usr/bin/openssl cms -encrypt -aes128 -in /tmp/OpenSSL5294490400891792656.eml -out /tmp/OpenSSL3519826551660167644.eml -subject 'subject' -from sen...@sender.com -to recipi...@recipient.com,recipie...@recipient.c

[openssl-users] Optimized way to encrypt data with different ivs using AES/GCM

Hello OpenSSL experts, I am encrypting a stream of data using OpenSSL C API and AES/GCM with 16-byte ivs. The stream is split into several chunks that need to be encrypted with the same key but different ivs. So far I have the following flow: ### for data_chunk: iv = newIv

[openssl-users] Building OpenSSL for Intel Xeon Phi

Hi, I try build OpenSSl for Intel Xeon Phi coprocessor. So far as I understand this problem reduced to building OpenSSL for "linux-generic64" as target. ( https://software.intel.com/sites/default/files/article/373907/intel-r-xeon-phi-tm-cluster-configuration_1.pdf <https://softw

Re: [openssl-users] Building OpenSSL for Intel Xeon Phi

Thank for your answer, it is very helpful: I build OpenSSL with a Linux installed on the virtual box. I think it's much easier than looking for solutions on a Windows. best regards, Alexander. -- Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html -- openssl-users mailing

[openssl-users] Lattice Ciphers

? I've searched until my face turned blue.-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Lattice Ciphers

want anyone to know, maybe you shouldn't be doing it in the first place. This is a profoundly undemocratic attitude. What would Thomas Paine, or Ben Franklin, or Patrick Henry say to this? > On Sun, Dec 17, 2017 at 3:58 PM, Salz, Rich via openssl-users > > openssl-users@op

Re: [openssl-users] Lattice Ciphers

27;s become almost instinctive for people to ascribe > benevolance to G**gle. I believe that Schmidt was telling us his true > position though. > > The one I am angry with is Mozilla, for not giving us a choice. Chrome is a > choice?! Safari is a choice?! IE is a choice?! No. They are not.-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Lattice Ciphers

twork-security/390). (Not that Mozilla, will implement it) For now I'm set to DHE/EDH (fruitlessly) and RSA (AES). RSA is cracked by a very few, but this is the decision I've made.-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Lattice Ciphers

he universe > to calculate, resistance is futile ;) I never allow the perfect, to become the enemy of the good. I am looking forward to lattice.-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Lattice Ciphers

> Colony.three via openssl-users wrote: > >> I've set mine to test this comprehensively. (Apache and NginX) With >> Apache Firefox -ignores- server-prescribed ciphers and chooses an EC. >> NginX does properly prevail with the algo. Was this an accident, Apache?

Re: [openssl-users] Lattice Ciphers

> On Mon, Dec 18, 2017 at 9:59 AM, Colony.three via openssl-users > openssl-users@openssl.org wrote: > >> Hear about the HP keylogging case recently? Do you think a keylogger is >> actually used in testing of a keyboard driver, in practice? >> >> Yes. >> &g

Re: [openssl-users] Lattice Ciphers

>> On Mon, Dec 18, 2017 at 9:59 AM, Colony.three via openssl-users >> openssl-users@openssl.org wrote: >> >>> Hear about the HP keylogging case recently? Do you think a keylogger is >>> actually used in testing of a keyboard driver, in practice? >>> >

Re: [openssl-users] Lattice Ciphers

ssues in this thread, and have been fought on all three. I am bored now with trying to raise awareness, so let's just all agree that nobody wants to hear it. You do your thing and I'll do mine.-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Lattice Ciphers

PS, Jakob I'm getting on your email: "This email has failed its domain's authentication requirements. It may be spoofed or improperly forwarded!" The reason is: HEADER_FROM_DIFFERENT_DOMAINS,T_DKIM_INVALID-- openssl-users mailing list To unsubscribe: https://mta.openssl.

Re: [openssl-users] Lattice Ciphers

On 18/12/2017 22:35, Colony.three via openssl-users wrote: >> PS, Jakob I'm getting on your email: "This email has failed its >> domain's authentication requirements. It may be spoofed or improperly >> forwarded!" >> The reason is: HEADER_FROM_DIFFEREN

Re: [openssl-users] Lattice Ciphers

ce encryption will be coming soon? I've searched until my face turned > blue. VPN is doing it now: https://wiki.strongswan.org/projects/strongswan/wiki/Bliss-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Polling fd before SSL_read() and renegotiations

fd until that condition is met. Then repeat calling SSL_read(). So I'm repeatedly calling SSL_read() until it reports SSL_ERROR_NONE. With this I satisfy the requirement of the OpenSSL-API to repeat an incomplete call until it completes. Although I did not read that exactly in

Re: [openssl-users] Polling fd before SSL_read() and renegotiations

The connection is open for verly long time (>24h), so I thought that the peer may force a renogatioation due to the session timeout. Or have I got something wrong and a renogatioation is not necessary for long-running sessions? -- openssl-users mailing list To unsubscribe: https://mta.openssl.

[openssl-users] error: void value not ingored as it to be crypto/err/err_all.c

I'm trying to build OpenSSL with FIPS module in a centos docker container. The FIPS module builds fine but the openssl build fails with: _USE_NODELETE -MMD -MF crypto/err/err_all.d.tmp -MT crypto/err/err_all.o -c -o crypto/err/err_all.o crypto/err/err_all.c crypto/err/err_all.c: In fun

[openssl-users] File permissions on keys, csr, and certificates

Hi - I created a question on Super User about questions on file permissions and what the file permissions should be on created files. See link here: https://superuser.com/questions/1368747/file-permissions-for-openssl-created-files-for-https-web-server-lighttpd Could someone comment on what

How to handle servername indication with openssl library from server

I've develepted some windows server side socket in c and want to add sni server name indication to support sni but servername callback never called and cant get servername is there any suggestion? I've defined some functions for initializing ssl before main function:     void init_openssl()    

1.1.1d LD_LIBRARY_PATH

Hi, On restart on my host with version 1.1.1d , I have this problem: > HOST:/ # openssl version openssl: /usr/lib/arm-linux-gnueabihf/libssl.so.1.1: version `OPENSSL_1_1_1' not found (required by openssl) openssl: /usr/lib/arm-linux-gnueabihf/libcrypto.so.1.1: version `OPENSSL_1_1_1&#x

Re: 1.1.1d LD_LIBRARY_PATH

On 14/09/2019 3:26 pm, Hal Murray wrote: > >> Would someone let me know how to add this path permanently, as currently i >> need to re-add on restart ? > > man ld, search for rpath > > Re-built with: ./config -Wl,-rpath,/os/openssl-1.1.1d Worked a treat.

trouble compiling 0.9.6a on MacOS X

e for `all'. making all in crypto/comp... make[2]: Nothing to be done for `all'. making all in ssl... make[1]: Nothing to be done for `all'. making all in rsaref... make[1]: Nothing to be done for `all'. making all in apps... rm -f openssl cc -o openssl -DMONOLITH -I../inclu

Re: Questions about secure curves

On 15/10/2019 15:43, Stephan Seitz wrote: Hi! I was looking at the output of „openssl ecparam -list_curves” and trying to choose a curve for the web server together with letsencrypt. It seems, letsencrypt supports prime256v1, secp256r1, and secp384r1. Then I found the site https

Re: Questions about secure curves

does still support P-521 but Chrome does not. Also be aware that if you set server side cipher selection and use default curves, that OpenSSL orders the curves weakest to strongest ( even with @STRENGTH) so you will end up forcing P-256. On Tue, 2019-10-15 at 17:24 +0200, Jakob Bohm via openssl

Building and testing 1.1.1t with /MT run-time library

Hi everyone, On Windows, we require both /MD and /MT builds of OpenSSL, with Control Flow Guard enabled. To do so, we tried using these steps in cmd.exe recently when compiling 1.1.1d for /MT (64-bit shown; we also build 32-bit): $ perl Configure VC-WIN64A no-asm --prefix= $ ms\do_ms $ perl

Need a .gitignore fix on master

>; git status >On branch master >Your branch is up-to-date with 'origin/master'. >Untracked files: > (use "git add ..." to include in what will be committed) > >include/openssl/opensslv.h > >noth

Re: OpenSSL 1.0.2 EOL and new FIPS-validated crypto module

* Lastly, is there any chance of extending the EOL date of OpenSSL 1.0.2 till the new FIPS module/OpenSSL 3.0 becomes available? This question gets asked a great deal. Why? The OpenSSL project has not done any 1.0.2-FIPS work for years. This means that if there are any CVE-level bugs in

Re: Should SSL_get_servername() depend on SNI callback (no-)ACK?

There's some (additional?) discussion on this topic in https://github.com/openssl/openssl/pull/10018 . A couple comments inline, though... On Tue, Oct 22, 2019 at 02:30:37PM +0200, Yann Ylavic wrote: > Hi, > > in master (and 1.1.1), SSL_get_servername() returns eithe

Re: openssl 1.0.2 with TLS 1.2

* I can’t find documentation on how to tell TLS where to look. Not sure about 1.0.2, but “openssl version -a” should show you the CERT directory. BTW, that’s an old release, you should upgrade if possible.

Re: Preferred way of passing user context void* inside SSL*

>Is there a way for me to piggyback a void* inside the SSL structure so that I can access it from within the callback? Yes, you can use SSL_set_app_data and SSL_get_app_data which are documented in https://github.com/openssl/openssl/pull/10216 (and due to be merged to master soon)

Re: Retrieve CA for client cert from SSL*

Is looking at the IssuerDN good enough?

Re: SHA_CTX h0, h1, h2, h3, h4

On 30/10/2019 04:04, ratheesh kannoth wrote: Hi, 1. what are these h0h4 ? 2. How are they generated ? 3. Could you help to locate code in openssl ? typedef struct SHAstate_st { SHA_LONG h0, h1, h2, h3, h4; SHA_LONG Nl, Nh; SHA_LONG data[SHA_LBLOCK]; unsigned int num

Re: Remove All Software Generators

Why not just change things so that if your module fails to load, the library exits? Don't change the RAND code, change the INIT code.

Re: Force the use of engine in config file

If you are changing openssl, why not just change the init function to load your engine and abort/exit/fail if it doesn’t load?

Help on Diffie Hellman key exchange

Hi We have an application that does the Diffie Hellman key exchange (OpenSSL/1.1.0f). It works fine, but under heavy loaded conditions, sometimes an invalide secret been generated and other side couldn't decrypt the data (the secret seems offset by one). The client side is c++ an

Re: static linking libssl and libcrypto

brary should be of no concern to the source code right? Or so I think. 2. when I downloaded and compiled the openssl library (from source), I followed the INSTALL read me. All it resulted was libssl.a and libcrypto.a. I didn't find any file name libSSL.so. So how will this static librar

Re: dsaparam error OpenSSL 1.1.1d

* openssl dsaparam 128 -rand file Why are you using the -rand option? Unless this is a special platform, don’t do that. * is taking long time processing the command and not producing any output. What is your hardware and software? Can you run it under a debugger, and interrupt it

Re: dsaparam error OpenSSL 1.1.1d

The question about -rand option is valid, but Viktor’s post is right and the rest of my post is wrong :( From: openssl-users Reply-To: Rich Salz Date: Monday, November 11, 2019 at 8:10 AM To: shiva kumar , openssl-users Subject: Re: dsaparam error OpenSSL 1.1.1d * openssl dsaparam 128

Problems porting Openssl 1.1.1d to zos.

Is there anyone on this group with experience with ebcdic platforms, specifically zOS?  I have built 1.1.1d on zOS and connections to my server work for firefox 60 but not newer versions.  I don't know exactly where the cut off is or what they changed but current versions get an HMAC error.  I

Re: Removing Extensions from Client Hello Header

On Mon, Nov 11, 2019 at 12:32:22PM -0700, Phil Neumiller wrote: > I am speaking TLS 1.3 with openssl to a hardware device that I can't change. > I need the client hello header to only support certain extensions, yet I > see no way in the SSL API to remove the default extensions

Re: Help on Diffie Hellman key exchange

Thanks Tomas, I will try that. On Tue, Nov 12, 2019 at 3:14 AM Tomas Mraz wrote: > On Mon, 2019-11-04 at 17:34 -0500, Jason Qian via openssl-users wrote: > > Hi > > > >We have an application that does the Diffie Hellman key exchange > > (OpenSSL/1.1.0f). >

Re: Removing Extensions from Client Hello Header

On Tue, Nov 12, 2019 at 01:13:49PM -0700, Phil Neumiller wrote: > Thanks for all the useful device. I was able to get the server to accept > this client hello message. If you're willing/able to share, it can be useful for us to know what products are buggy in that they don't implement extensions

Re: Removing Extensions from Client Hello Header

On Tue, Nov 12, 2019 at 03:08:19PM -0700, Phil Neumiller wrote: > I find the comment below about TLS 1.3 troubling. [...] > */* > * TODO(TLS1.3): These APIs cannot set TLSv1.3 sig algs so we just test > it > * for TLSv1.2 for now until we add a new API. > */* > SSL_CTX_set_ma

Re: Help on Diffie Hellman key exchange

019-11-04 at 17:34 -0500, Jason Qian via openssl-users wrote: >> > Hi >> > >> >We have an application that does the Diffie Hellman key exchange >> > (OpenSSL/1.1.0f). >> >It works fine, but under heavy loaded conditions, sometimes an >> > inv

Re: Static linking libssl.a and libcrypto.a on Linux x64 fails

On 13/11/2019 15:23, Michael Wojcik wrote: From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Aijaz Baig Sent: Wednesday, November 13, 2019 01:45 I am trying to statically link libssl.a and libcrypto.a into a static library of my own which I will be using in an

Re: Help on Diffie Hellman key exchange

>RAND_seed(seed, ::strlen(seed)); >RAND_bytes(buf, keySize / 8); I don’t know where you are getting the seed, but it is typically binary data, not a C string. If you are using 1.1.0 or later, you do not need to seed things.

Re: Help on Diffie Hellman key exchange

Thanks Rich and Tomas, Here is the code for creating the key (openssl-0.9.8h) int AESCipher::createKey(unsigned char *buf, int keySize) { char seed[256]; ::sprintf(seed, "%ldXXX_XXX_H__x__xxx_x_xxx__INCLUDED_", MiscUtils::generateId()); RAND_seed(seed, ::s

Re: Help on Diffie Hellman key exchange

>For using 1.1.0, we only need to call RAND_bytes() ? Yes. But do check the return value of RAND_bytes.

Re: Help on Diffie Hellman key exchange

Thanks Rich, On Wed, Nov 13, 2019 at 12:34 PM Salz, Rich wrote: > *>*For using 1.1.0, we only need to call RAND_bytes() ? > > > > Yes. But do check the return value of RAND_bytes. >

Outbound FTP java errors

I am a novice...so any help please Below is the stack trace on the outbound file but I cannot make any setting change workthoughts on what could be blocked me from transferring the file? log attached.  thank you!Krista FTP was not successful com.tms.common.lib.FTPClient.FTPException: Conn

Reviewer statistics

iewers; # List of OMC members who use non-openssl.org addresses my %omc_email = ( 'paul.d...@oracle.com' => 1, 'k...@roeckx.be' => 1, 'b...@links.org' => 1, 'openssl-us...@dukhovni.org' => 1, ); my %committers = ( 'matt

stunnel 5.56 released

Dear Users, I have released version 5.56 of stunnel. ### Version 5.56, 2019.11.22, urgency: HIGH * New features   - Various text files converted to Markdown format. * Bugfixes   - Support for realpath(3) implementations incompatible     with POSIX.1-2008, such as 4.4BSD or Solaris.   - Support fo

Re: Usage of Secure C (memcpy_s, strcpy_s etc) functions on OpenSSL

Unless buffer is a char* instead of a char[] in which case its completely wrong. A very common case among buggy C code. On Wed, Nov 27, 2019 at 7:09 AM Phillip Susi wrote: > > Michael Wojcik writes: > > > Some C experts have argued that the length-checking versions of the > library functions

Re: SNI disable by default on 1.0 and 1.1.0?

lly or the libssl library behavior. > openssl-1.0.2t > $ ./config enable-tlsext && make > $ echo -n "" | ./apps/openssl s_client -connect blog.imirhil.fr:443 | ./apps/ > openssl x509 -noout -subject > subject= /CN=localhost # No SNI by default, default vhost, bad ce

JSON Web Key (JWK) for public key requires x and y coordinates.

Hello, Not a genius with openssl or encryption at all. Thanks for reading. Background: * Generate a private key (really key set) with named curve:openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -pkeyopt ec_param_enc:named_curve -outform PEM -out account-privkey-prime256v1

Great answer, Nicola Tuveri!

Thanks, Nicola. You know your stuff and write well. Reading your answer was actually pleasant. Douglas Morris

X25519 Unlisted by -list_curves and Any Trusted Python Code for X, Y Coordinates

der of preference: ed25519, RSA-4096 (I suppose RSA-8196 is sorta overkill maybe. I suspect quantum computers would make it not overkill, but then mobile devises might not like it for the overhead.) My local version of openssl is:OpenSSL 1.1.1d  10 Sep 2019 When I openssl ecparam -list_curves I

Re: X25519 Unlisted by -list_curves and Any Trusted Python Code for X, Y Coordinates

* I want to us ECDSA for my Web server's SSL certificate via an ACME client to Let's Encrypt and maybe later BuyPass. That’s fine. * I thought that EC is better than RSA, but now I don't think so. The answer seems to be: it depends. There are trade-offs. The biggest one is that EC gi

Re: SSL_set_client_CA_list(ssl, NULL) problem?

Sorry for the very late response... On Sun, Nov 24, 2019 at 12:05:34PM +0100, Claus Assmann wrote: > Seems it is impossible to override the list with NULL for SSL, as > the code will then use the list from CTX (if my limited understanding > of the code is correct): > > STACK_OF(X509_NAME) *SSL_ge

Re: intermittent Apache/OpenSSL error hangs server

>Once we get that error, every time we try to serve a request in Apache using >that pid, it errors out. So, it seems like something randomly corrupts that >PID. Can someone provide some information about FIPS_CHECK_EC: pairwise test >failed. Once FIPS detects an error, it will stay stuck in e

OpenSSL Selection of Text Encoding for the -out and -text Options

ot an explicit default for text files). I wonder if OpenSSL (and generally other software) automatically uses the filesystem name encoding by default for all text output. I don't see anything about text encoding on the "Compilation and Installation" wiki page. I have OpenSSL from

Thanks for Encoding Clarification

Viktor, Thanks for meticulously answering my questions. I know the file name encoding is not necessarily the file content encoding. If a Python program were on a Windows computer, it might show a file name encoding of UTC-16, which would make UTC-16 a good guess for what openssl -text would

How text-ish are PEM files?

I expect from RFC 8555 that an ACME server issues a full chain certificate as a reply body in the PEM format. The media type is 'application/pem-certificate-chain'. I can only guess from RFC 1421, sec. 4.3.1 that the byte encoding of the certificate necessarily uses line breaks. I get US-ASCII

help on openssl api for encryption

Hi, Tried the example on: https://wiki.openssl.org/index.php/EVP_Symmetric_Encryption_and_Decryption On the Linux platform, when I set plaintext to "jason", it works fine. When I set it to "Jason", it returns an empty string. It works fine on windows platform for both cases. Thanks for your h

Poll on manpages

The next release of OpenSSL splits the “help” for commands into sections, like this: ; ./apps/openssl rehash --help Usage: rehash [options] [directory...] General options: -helpDisplay this summary -h Display this summary -compat Create both new- and old-style hash links

And that's how text-ish PEM files are.

Victor, Thanks for that walk-through explanation. I probably get it even. I should have followed the reference for the definition of eol in Section 3 of RFC 7468. It was only one more human stack call. I appreciate the clarification on the valid text encoding of explanatory text and of the heade

Cloning a CSR or Cert. for a new CSR with a new key?

I am trying to implement automated domain certificate renewal. A certificate signing request is sent to an ACME server and on success a certificate is returned. I'd like to be able to call OpenSSL to make a new key and then make a new certificate signing request just like the old one excep

Re: Cloning a CSR or Cert. for a new CSR with a new key?

k wrote: On 30 Jan 2020, at 21:38, Douglas Morris via openssl-users wrote: I am trying to implement automated domain certificate renewal. A certificate signing request is sent to an ACME server and on success a certificate is returned. I'd like to be able to call OpenSSL to ma

Re: Cloning a CSR or Cert. for a new CSR with a new key?

Thanks everyone for the replies and the community support. I don't think I got across what I am trying to do. I have experimented with subcommands req and x509. The openssl x509 -in -x509toreq -signkey does *NOT* do what I want (I'm pretty sure). openssl x509 -x509toreq may sign a c

Re: writev over OpenSSL

TLS/TLS will take your data and wrap it inside it’s own record structure. It has to, that’s the nature of the protocol. Thinking that a single writev() is “encrypt buffers and then do analogous syscall” is wrong.

Re: Openssl 3.0 fips usage

doesn’t your real question: * According to FIPS 140-2 IG document, CSP defined in approved mode of operation shall not be accessed or shared with non-approved mode of operation.If allowed, will it not break the fips rules? The OpenSSL FIPS-validated provider will only operate in FIPS mode and

QUIC support

A month ago Tim said[2] that PR 8797[1] requires on OMC decision on “whether or not QUIC in this manner of approach should be added into OpenSSL at this time.” To save you a click, this PR adds API’s to OpenSSL so that Google’s open source QUIC implementation can be built on top of OpenSSL

Re: Problems adding specific extensions to signed certificates

I think the mismatch is that CSR extensions are not carried over; they have to be added at signing time. See https://github.com/openssl/openssl/issues/10458

Re: Questions about using Elliptic Curve ciphers in OpenSSL

The first thing I would suggest is to separate ECDH, the session key exchange, from ECDSA, the signature. Try to make ECDH with RSA work. Then just load your ECDSA cert; you can load one cert of each type (RSA DSA) and the runtime will figure out what to do, depending on what the client offers

Re: Questions about using Elliptic Curve ciphers in OpenSSL

I believe you just load your ECDSA cert and the other stuff – Dhparams!! – is not needed.

OpenSSL on embedded systems

Hi, Which is the minimum footprint needed to use OpenSSL TLS 1.3 library in an embedded context? Which embedded OS are supported? i.e. FreeRTOS, VxWorks, Micirium uC-OS Thanks Michele [cid:image001.png@01D1DDF5.DD36FEF0] Michele Innocenti Sr Principal Engineer, SW Eng Baxter Healthcare

Re: CRYPTO_secure_malloc_init() fails without error message

Are you running as root? If not, that's likely to be the problem.

Re: OpenSSL 3.0

>I'd like to give this a spin, to get an idea what's going to be involved in porting from FIPS2.0 to 3.0, any pointers on where to start? Per the blog post, "most applications should just need to be recompiled." :) Get the source via instructions here: https://www.openssl.org/source

Re: OpenSSL 3.0

The 3.0 release is a work in progress and is not done yet. FIPS 3.0 === OpenSSL 3.0, using a FIPS-validated crypto provider which will be part of OpenSSL 3.0. The architecture documents are at https://www.openssl.org/docs On 2/26/20, 2:40 PM, "Sam Roberts" wrote: On Wed, Feb 2

Re: OpenSSL 3.0

> That's 5 weeks from now, I'd thought the basic structure might be present > now. It is. You probably have to look at the tests to see how to use things.

Re: Support FFDHE?

* Run the command: openssl s_client -tls1_3 -groups ffdhe2048 host:port TLS 1.3 doesn’t have those groups.

Re: OpenSSL 3.0

>It would probably be a good idea for us to pull together a "Getting Started" guide on the Wiki with some basic information on how to get things going, with some links to the various man pages etc where more detailed information is required. This needs to be real user documentat

Re: OpenSSL 3.0

* The OpenSSL FIPS Object Module will be moved to the CMVP historical list as of 9/1/2020. Since there is no OpenSSL 3.0 until Q4 2020, and a FIPS Module will be after that sometime, where does this leave 1.0.2 users who need a FIPS validated object module past that date? Without their

Re: OpenSSL 3.0

* That's fair. So the only option is to use another module? Extended 1.0.2 support does not resolve this either, correct? I do not think that is the only option. For example, you might be able to use 3.0 and say it’s “in evaluation.” There might be other options, that was all I could think

Re: OpenSSL 3.0

None of those choices address what happens in the 1.0.2 module goes to historic on Sept 1. See https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules for details.

Re: Support FFDHE?

>Per section Supported Groups in RFC 8446 [1], FFDHE groups could be supported. I was wrong, sorry for the distraction. As others have pointed out, it will be in the next (3.0) release.

Re: Support FFDHE?

On 2020-02-28 03:37, Salz, Rich via openssl-users wrote: *>*Per section Supported Groups in RFC 8446 [1], FFDHE groups could be supported. I was wrong, sorry for the distraction. As others have pointed out, it will be in the next (3.0) release. Note that the group identifiers for

Re: Which RFC explains how the mac-then-encrypt needs to be implemented

On 2020-03-03 07:46, Phani 2004 wrote: Hi Team, I am trying to implement mac-then-encrypt for aes_cbc_hmac_sha1 combined cipher. From the code i could understand that the first 16 bytes were being used as explicit IV while decrypting and the hmac is done for 13 bye AAD and 16 byte Fin record

Re: certificate verification error OpenSSL 1.1.1

On 2020-03-03 08:19, Viktor Dukhovni wrote: On Mon, Mar 02, 2020 at 01:48:20PM +0530, shiva kumar wrote: when I tried to verify the the self signed certificate in OpenSSL 1.0.2 it is giving error 18 and gives OK as o/p, when I tried the same with OpenSSL 1.1.1 there is slight change in the

Re: Problems porting Openssl 1.1.1d to zos.

Perhaps someone should writeup and submit a "NOTES.zos" file to add?

Re: TLS version 1.3 in Production servers.

* I am reading this article https://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.3

<    1   2   3   4   5   6   7   8   9   10   >