Re: [openssl-users] Openssl api for signature verification using digest
> On Aug 29, 2018, at 1:05 AM, Linta Maria wrote: > > Still its not working. The code is working correctly. The real problem is that the PEM format 2048-bit RSA key you posted: > BEGIN PUBLIC KEY- > MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMjyWZfVfBpmNKmIm9HH > FnrhDLZaCmQvZz57uJHhBLwLk/UAJ+kLKV9Lox8eKfimzisPFBad/TUfwPUaQmji > bPKCp+or2EHvPFooOnPWjSd57zPCohDdo0nOLw7iTUOMCvoqvJcdor+t1zBb8MQK > yNTycuoGlT19lr8msJFtR+ulfKucj/zk5w/jr0SsxysqFsvtEfa62Wu/wSDYIfsq > lKlRGLTlqJNtQybtTVv2Uu2KFrbe0C8+FBkxgtBS+0MkhzpJ37/02J+mHFx1bsgN > 09QnQY+T05te+6/mmlsHP3PYRqXqJOLl9AkLd/9kiMhSFshowFehKmls9PYt1xGf > 5QIDAQAB > -END PUBLIC KEY- is NOT the key that was used to generate the below signature, or the signature was subsequently altered. > Signature={ > 0x24,0xb8,0xec,0xb4,0x4f,0x31,0xa6,0x8,0x72,0x61,0xc9,0xd3,0x1c,0xd0,0x9b,0xee,0x26,0x2d,0x3d,0xef,0xff,0x2c,0x5,0x78,0x4,0xd3,0xa3,0xff,0xdc,0x97,0x53,0xe6,0x6e,0x85,0x41,0x1b,0xb2,0x2c,0xed,0xbd,0xa6,0x5d,0x6f,0xac,0xbb,0xd5,0xb8,0xa0,0x9,0x2b,0xf1,0xf5,0xb6,0xce,0xdd,0x70,0x8a,0x1a,0xa1,0x20,0x11,0x2b,0xf0,0x17,0x41,0x83,0x80,0xf6,0x61,0xd4,0x6d,0x53,0x8f,0xf1,0x8c,0x19,0x42,0x93,0x96,0xa9,0xb6,0xf2,0x8f,0x27,0x9c,0x66,0x17,0xc5,0xca,0x3d,0xa9,0x3f,0xc5,0x76,0x5f,0x1b,0x31,0xf2,0xd3,0xe,0x78,0x53,0x97,0xcb,0x9d,0xc4,0xe6,0x41,0x61,0x58,0x44,0x5c,0xf5,0xc4,0x67,0x69,0x8,0xa,0x92,0xd5,0x7e,0x9c,0xb9,0x7e,0x54,0x8b,0x8a,0xb,0xa1,0x9a,0x63,0xbf,0xcc,0xed,0x63,0x2c,0xf8,0x14,0x25,0x6,0xa2,0x2,0x0,0x7,0x2e,0x1c,0xc1,0xeb,0x16,0x89,0xaa,0x69,0xe2,0x75,0x57,0x39,0x71,0x68,0xe,0xf,0xa4,0x7a,0xc5,0x14,0x97,0x88,0x67,0xd1,0x36,0x91,0x3b,0x49,0xe7,0xb4,0xf3,0xcb,0xca,0xf6,0xe9,0xb1,0x22,0xe9,0x85,0x89,0xab,0x2,0x4,0x3c,0x2e,0xbd,0x56,0x3,0x8a,0x8b,0x54,0xc6,0xe6,0xed,0x5b,0x4c,0 xa4,0x9e,0x1b,0xaa,0x90,0xc6,0xb,0x27,0x54,0xc0,0x50,0x5f,0x58,0x97,0xc,0x99,0x5c,0x2,0x74,0xfc,0x9f,0x4c,0x78,0x4e,0xc3,0xb4,0x6d,0x14,0xa1,0xdc,0x62,0xc5,0xfe,0x27,0xb8,0x7d,0x98,0x79,0x82,0x50,0x3a,0xbe,0x6f,0x83,0x79,0xd,0x8a,0xb8,0x3e,0xac,0xa,0xeb,0x62,0xd5,0x5e,0x95} $ od -tx1 < /tmp/sig 00024 b8 ec b4 4f 31 a6 08 72 61 c9 d3 1c d0 9b ee 02026 2d 3d ef ff 2c 05 78 04 d3 a3 ff dc 97 53 e6 0406e 85 41 1b b2 2c ed bd a6 5d 6f ac bb d5 b8 a0 06009 2b f1 f5 b6 ce dd 70 8a 1a a1 20 11 2b f0 17 10041 83 80 f6 61 d4 6d 53 8f f1 8c 19 42 93 96 a9 120b6 f2 8f 27 9c 66 17 c5 ca 3d a9 3f c5 76 5f 1b 14031 f2 d3 0e 78 53 97 cb 9d c4 e6 41 61 58 44 5c 160f5 c4 67 69 08 0a 92 d5 7e 9c b9 7e 54 8b 8a 0b 200a1 9a 63 bf cc ed 63 2c f8 14 25 06 a2 02 00 07 2202e 1c c1 eb 16 89 aa 69 e2 75 57 39 71 68 0e 0f 240a4 7a c5 14 97 88 67 d1 36 91 3b 49 e7 b4 f3 cb 260ca f6 e9 b1 22 e9 85 89 ab 02 04 3c 2e bd 56 03 3008a 8b 54 c6 e6 ed 5b 4c a4 9e 1b aa 90 c6 0b 27 32054 c0 50 5f 58 97 0c 99 5c 02 74 fc 9f 4c 78 4e 340c3 b4 6d 14 a1 dc 62 c5 fe 27 b8 7d 98 79 82 50 3603a be 6f 83 79 0d 8a b8 3e ac 0a eb 62 d5 5e 95 $ openssl rsa -pubin -in /tmp/key writing RSA key -BEGIN PUBLIC KEY- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMjyWZfVfBpmNKmIm9HH FnrhDLZaCmQvZz57uJHhBLwLk/UAJ+kLKV9Lox8eKfimzisPFBad/TUfwPUaQmji bPKCp+or2EHvPFooOnPWjSd57zPCohDdo0nOLw7iTUOMCvoqvJcdor+t1zBb8MQK yNTycuoGlT19lr8msJFtR+ulfKucj/zk5w/jr0SsxysqFsvtEfa62Wu/wSDYIfsq lKlRGLTlqJNtQybtTVv2Uu2KFrbe0C8+FBkxgtBS+0MkhzpJ37/02J+mHFx1bsgN 09QnQY+T05te+6/mmlsHP3PYRqXqJOLl9AkLd/9kiMhSFshowFehKmls9PYt1xGf 5QIDAQAB -END PUBLIC KEY- Which match your post, but raw public key encryption of the signature data does not yield a PKCS1 padded message: $ openssl rsautl -encrypt -pubin -inkey /tmp/key -raw -in /tmp/sig | od -tx1 00095 ca 3c b7 cf d3 19 3d 1d 4a 29 61 67 59 21 d1 02061 47 9f 09 69 23 cc 05 77 21 e6 5c 12 9b ed 39 04006 7c 23 51 5f e3 3f 48 45 df 41 89 2e d6 92 4a 060bd b2 e8 36 e6 83 2a 1e 71 5e 5b 97 52 f2 bc 18 10063 3b 45 e0 c1 0a ec 48 ae 42 a3 e5 46 dc 80 77 12087 19 a0 29 94 e7 33 2a 77 2b bb 54 39 06 92 ca 140df b2 21 04 98 d7 cb 16 a6 a0 5b ac c3 d8 20 df 160ac 8f 3a 6d b9 20 7c cb 52 5e 7f f8 69 fc 39 7f 2008b db c1 16 4c df ca ba d7 33 5f 8e 21 87 6b ae 220a8 e1 20 1b e5 1f 8c 3f 18 2d b4 c0 0d 66 ec 1e 240f2 7b 78 ab ad 3c 8c da 80 24 25 3d c8 19 ad 48 260b3 21 ca 90 40 ce dd 22 85 6d 8b 6f ed da 77 be 30081 02 d3 d5 5a ec fd 9f 6e 4a 52 f1 18 31 d4 e1 32014 43 17 02 ff 74 f8 ee cf 2c 09 bc 60 d8 65 e3 3403c c2 e1
[openssl-users] Openssl api for signature verification using digest
Thanks Viktor for the help…. Please find below the input format. Still its not working. > On Aug 28, 2018, at 7:08 AM, Linta Maria wrote: > > I have used below code, but it’s not working. Please help me to get the correct API. > > /* > * NB: assumes verify_key, sig, siglen md and mdlen are already set up > * and that verify_key is an RSA public key > */ In what form is the message digest? Is it the raw digest octets, or some hex or base64 encoding? In what form is the signature? Message digest and signature is given in hex format. Msg ={ 0x8f,0x43,0x43,0x46,0x64,0x8f,0x6b,0x96,0xdf,0x89,0xdd,0xa9,0x1c,0x51,0x76,0xb1,0x0a,0x6d,0x83,0x96,0x1d,0xd3,0xc1,0xac,0x88,0xb5,0x9b,0x2d,0xc3,0x27,0xaa,0x4}; Signature={ 0x24,0xb8,0xec,0xb4,0x4f,0x31,0xa6,0x8,0x72,0x61,0xc9,0xd3,0x1c,0xd0,0x9b,0xee,0x26,0x2d,0x3d,0xef,0xff,0x2c,0x5,0x78,0x4,0xd3,0xa3,0xff,0xdc,0x97,0x53,0xe6,0x6e,0x85,0x41,0x1b,0xb2,0x2c,0xed,0xbd,0xa6,0x5d,0x6f,0xac,0xbb,0xd5,0xb8,0xa0,0x9,0x2b,0xf1,0xf5,0xb6,0xce,0xdd,0x70,0x8a,0x1a,0xa1,0x20,0x11,0x2b,0xf0,0x17,0x41,0x83,0x80,0xf6,0x61,0xd4,0x6d,0x53,0x8f,0xf1,0x8c,0x19,0x42,0x93,0x96,0xa9,0xb6,0xf2,0x8f,0x27,0x9c,0x66,0x17,0xc5,0xca,0x3d,0xa9,0x3f,0xc5,0x76,0x5f,0x1b,0x31,0xf2,0xd3,0xe,0x78,0x53,0x97,0xcb,0x9d,0xc4,0xe6,0x41,0x61,0x58,0x44,0x5c,0xf5,0xc4,0x67,0x69,0x8,0xa,0x92,0xd5,0x7e,0x9c,0xb9,0x7e,0x54,0x8b,0x8a,0xb,0xa1,0x9a,0x63,0xbf,0xcc,0xed,0x63,0x2c,0xf8,0x14,0x25,0x6,0xa2,0x2,0x0,0x7,0x2e,0x1c,0xc1,0xeb,0x16,0x89,0xaa,0x69,0xe2,0x75,0x57,0x39,0x71,0x68,0xe,0xf,0xa4,0x7a,0xc5,0x14,0x97,0x88,0x67,0xd1,0x36,0x91,0x3b,0x49,0xe7,0xb4,0xf3,0xcb,0xca,0xf6,0xe9,0xb1,0x22,0xe9,0x85,0x89,0xab,0x2,0x4,0x3c,0x2e,0xbd,0x56,0x3,0x8a,0x8b,0x54,0xc6,0xe6,0xed,0x5b,0x4c,0xa4,0x9e,0x1b,0xaa,0x90,0xc6,0xb,0x27,0x54,0xc0,0x50,0x5f,0x58,0x97,0xc,0x99,0x5c,0x2,0x74,0xfc,0x9f,0x4c,0x78,0x4e,0xc3,0xb4,0x6d,0x14,0xa1,0xdc,0x62,0xc5,0xfe,0x27,0xb8,0x7d,0x98,0x79,0x82,0x50,0x3a,0xbe,0x6f,0x83,0x79,0xd,0x8a,0xb8,0x3e,0xac,0xa,0xeb,0x62,0xd5,0x5e,0x95} PublicKey- In evp_pkey format BEGIN PUBLIC KEY- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMjyWZfVfBpmNKmIm9HH FnrhDLZaCmQvZz57uJHhBLwLk/UAJ+kLKV9Lox8eKfimzisPFBad/TUfwPUaQmji bPKCp+or2EHvPFooOnPWjSd57zPCohDdo0nOLw7iTUOMCvoqvJcdor+t1zBb8MQK yNTycuoGlT19lr8msJFtR+ulfKucj/zk5w/jr0SsxysqFsvtEfa62Wu/wSDYIfsq lKlRGLTlqJNtQybtTVv2Uu2KFrbe0C8+FBkxgtBS+0MkhzpJ37/02J+mHFx1bsgN 09QnQY+T05te+6/mmlsHP3PYRqXqJOLl9AkLd/9kiMhSFshowFehKmls9PYt1xGf 5QIDAQAB -END PUBLIC KEY- > ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */); > if (!ctx) > /* Error occurred */ > > if (EVP_PKEY_verify_init(ctx) <= 0) > /* Error */ > > if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) > /* Error */ > > if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) > /* Error */ Since you're verifying a hash, do not configure a message digest. > /* Perform operation */ > > ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen); This is the right function for verifying public key signatures over some input. For more help, post the *public* key used, the signature and the input digest. Message digest and signature is given in hex format. Msg ={ 0x8f,0x43,0x43,0x46,0x64,0x8f,0x6b,0x96,0xdf,0x89,0xdd,0xa9,0x1c,0x51,0x76,0xb1,0x0a,0x6d,0x83,0x96,0x1d,0xd3,0xc1,0xac,0x88,0xb5,0x9b,0x2d,0xc3,0x27,0xaa,0x4}; Signature={ 0x24,0xb8,0xec,0xb4,0x4f,0x31,0xa6,0x8,0x72,0x61,0xc9,0xd3,0x1c,0xd0,0x9b,0xee,0x26,0x2d,0x3d,0xef,0xff,0x2c,0x5,0x78,0x4,0xd3,0xa3,0xff,0xdc,0x97,0x53,0xe6,0x6e,0x85,0x41,0x1b,0xb2,0x2c,0xed,0xbd,0xa6,0x5d,0x6f,0xac,0xbb,0xd5,0xb8,0xa0,0x9,0x2b,0xf1,0xf5,0xb6,0xce,0xdd,0x70,0x8a,0x1a,0xa1,0x20,0x11,0x2b,0xf0,0x17,0x41,0x83,0x80,0xf6,0x61,0xd4,0x6d,0x53,0x8f,0xf1,0x8c,0x19,0x42,0x93,0x96,0xa9,0xb6,0xf2,0x8f,0x27,0x9c,0x66,0x17,0xc5,0xca,0x3d,0xa9,0x3f,0xc5,0x76,0x5f,0x1b,0x31,0xf2,0xd3,0xe,0x78,0x53,0x97,0xcb,0x9d,0xc4,0xe6,0x41,0x61,0x58,0x44,0x5c,0xf5,0xc4,0x67,0x69,0x8,0xa,0x92,0xd5,0x7e,0x9c,0xb9,0x7e,0x54,0x8b,0x8a,0xb,0xa1,0x9a,0x63,0xbf,0xcc,0xed,0x63,0x2c,0xf8,0x14,0x25,0x6,0xa2,0x2,0x0,0x7,0x2e,0x1c,0xc1,0xeb,0x16,0x89,0xaa,0x69,0xe2,0x75,0x57,0x39,0x71,0x68,0xe,0xf,0xa4,0x7a,0xc5,0x14,0x97,0x88,0x67,0xd1,0x36,0x91,0x3b,0x49,0xe7,0xb4,0xf3,0xcb,0xca,0xf6,0xe9,0xb1,0x22,0xe9,0x85,0x89,0xab,0x2,0x4,0x3c,0x2e,0xbd,0x56,0x3,0x8a,0x8b,0x54,0xc6,0xe6,0xed,0x5b,0x4c,0xa4,0x9e,0x1b,0xaa,0x90,0xc6,0xb,0x27,0x54,0xc0,0x50,0x5f,0x58,0x97,0xc,0x99,0x5c,0x2,0x74,0xfc,0x9f,0x4c,0x78,0x4e,0xc3,0xb4,0x6d,0x14,0xa1,0xdc,0x62,0xc5,0xfe,0x27,0xb8,0x7d,0x98,0x79,0x82,0x50,0x3a,0xbe,0x6f,0x83,0x79,0xd,0x8a,0xb8,0x3e,0xac,0xa,0xeb,0x62,0xd5,0x5e,0x95} PublicKey- In evp_pkey format BEGIN PUBLIC KEY- MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzMjyWZfVfBpmNKmIm9HH FnrhDLZaCmQvZz57uJHhBLwLk/UAJ+kLKV9Lox8eKfimzisPFBad/TUfwPUaQmji bPKCp+or2EHvPFooOnPWjSd57zPCohDdo0nOLw7iTUOMCvoqvJcdor+t1zBb8MQK yNTycuoGlT19lr8msJFtR+ulfKucj/zk5w/jr0SsxysqFsvtEfa62Wu/wSDYIfsq
Re: [openssl-users] Openssl api for signature verification using digest
[ Please post plain text, not HTML ] > On Aug 28, 2018, at 7:08 AM, Linta Maria wrote: > > I have used below code, but it’s not working. Please help me to get the > correct API. > > /* > * NB: assumes verify_key, sig, siglen md and mdlen are already set up > * and that verify_key is an RSA public key > */ In what form is the message digest? Is it the raw digest octets, or some hex or base64 encoding? In what form is the signature? > ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */); > if (!ctx) > /* Error occurred */ > > if (EVP_PKEY_verify_init(ctx) <= 0) > /* Error */ > > if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) > /* Error */ > > if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) > /* Error */ Since you're verifying a hash, do not configure a message digest. > /* Perform operation */ > > ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen); This is the right function for verifying public key signatures over some input. For more help, post the *public* key used, the signature and the input digest. You can find similar code in the source code of the rsautl and pkeyutl commands. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Openssl api for signature verification using digest
Thanks Nicola for the updates. But I need to verify signature with hashed data or digest not with original message. Is there any openssl API to implement that? On Tue 28 Aug, 2018, 5:18 PM Nicola, wrote: > Hi! > > I would suggest using the newer `EVP_DigestSign` interface. > > You could find more documentation about it here: > https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying > > Here is the relevant manpage: > https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestVerifyInit.html > > Best regards, > > Nicola Tuveri > > On Tue, Aug 28, 2018, 14:09 Linta Maria wrote: > >> >> >> Hi All, >> >> >> >> >> >> I have started using open ssl recently for implementing some >> cryptographic operation. >> >> Now I want to implement signature verification by taking Signature and >> hashed data as input, but I am not able to get the proper API. >> >> I have used below code, but it’s not working. Please help me to get the >> correct API. >> >> >> >> >> >> #include >> >> #include >> >> >> >> EVP_PKEY_CTX *ctx; >> >> unsigned char *md, *sig; >> >> size_t mdlen, siglen; >> >> EVP_PKEY *verify_key; >> >> >> >> /* >> >> * NB: assumes verify_key, sig, siglen md and mdlen are already set up >> >> * and that verify_key is an RSA public key >> >> */ >> >> ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */); >> >> if (!ctx) >> >> /* Error occurred */ >> >> if (EVP_PKEY_verify_init(ctx) <= 0) >> >> /* Error */ >> >> if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) >> >> /* Error */ >> >> if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) >> >> /* Error */ >> >> >> >> /* Perform operation */ >> >> ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen); >> >> >> >> /* >> >> * ret == 1 indicates success, 0 verify failure and < 0 for some >> >> * other error. >> >> */ >> >> >> >> >> >> >> >> Best regards, >> >> *George Linta Maria* >> -- >> openssl-users mailing list >> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users >> > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Openssl api for signature verification using digest
Hi! I would suggest using the newer `EVP_DigestSign` interface. You could find more documentation about it here: https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying Here is the relevant manpage: https://www.openssl.org/docs/man1.1.1/man3/EVP_DigestVerifyInit.html Best regards, Nicola Tuveri On Tue, Aug 28, 2018, 14:09 Linta Maria wrote: > > > Hi All, > > > > > > I have started using open ssl recently for implementing some cryptographic > operation. > > Now I want to implement signature verification by taking Signature and > hashed data as input, but I am not able to get the proper API. > > I have used below code, but it’s not working. Please help me to get the > correct API. > > > > > > #include > > #include > > > > EVP_PKEY_CTX *ctx; > > unsigned char *md, *sig; > > size_t mdlen, siglen; > > EVP_PKEY *verify_key; > > > > /* > > * NB: assumes verify_key, sig, siglen md and mdlen are already set up > > * and that verify_key is an RSA public key > > */ > > ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */); > > if (!ctx) > > /* Error occurred */ > > if (EVP_PKEY_verify_init(ctx) <= 0) > > /* Error */ > > if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) > > /* Error */ > > if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) > > /* Error */ > > > > /* Perform operation */ > > ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen); > > > > /* > > * ret == 1 indicates success, 0 verify failure and < 0 for some > > * other error. > > */ > > > > > > > > Best regards, > > *George Linta Maria* > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Openssl api for signature verification using digest
Hi All, I have started using open ssl recently for implementing some cryptographic operation. Now I want to implement signature verification by taking Signature and hashed data as input, but I am not able to get the proper API. I have used below code, but it’s not working. Please help me to get the correct API. #include #include EVP_PKEY_CTX *ctx; unsigned char *md, *sig; size_t mdlen, siglen; EVP_PKEY *verify_key; /* * NB: assumes verify_key, sig, siglen md and mdlen are already set up * and that verify_key is an RSA public key */ ctx = EVP_PKEY_CTX_new(verify_key, NULL /* no engine */); if (!ctx) /* Error occurred */ if (EVP_PKEY_verify_init(ctx) <= 0) /* Error */ if (EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_PADDING) <= 0) /* Error */ if (EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256()) <= 0) /* Error */ /* Perform operation */ ret = EVP_PKEY_verify(ctx, sig, siglen, md, mdlen); /* * ret == 1 indicates success, 0 verify failure and < 0 for some * other error. */ Best regards, *George Linta Maria* -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users