subject:"Re\: \[Openvpn\-devel\] \[PATCH\] Add support for OpenSSL TLS 1.3 when using management\-external\-key"

Re: [Openvpn-devel] [PATCH] Add support for OpenSSL TLS 1.3 when using management-external-key

2018-10-17 Thread Selva Nair

Hi, On Wed, Oct 17, 2018 at 6:00 AM Arne Schwabe wrote: > > Am 17.10.18 um 05:15 schrieb Selva Nair: > > Hi, > > > > Not a review, but some thoughts: > > > > On Sun, Oct 7, 2018 at 5:59 PM Arne Schwabe wrote: > >> > >> For TLS 1.0 to 1.2 OpenSSL calls us and requires a PKCS1 padded > >>

Re: [Openvpn-devel] [PATCH] Add support for OpenSSL TLS 1.3 when using management-external-key

2018-10-17 Thread Arne Schwabe

Am 17.10.18 um 05:15 schrieb Selva Nair: > Hi, > > Not a review, but some thoughts: > > On Sun, Oct 7, 2018 at 5:59 PM Arne Schwabe wrote: >> >> For TLS 1.0 to 1.2 OpenSSL calls us and requires a PKCS1 padded >> response, for TLS 1.3 it requires to an unpadded response. Since we >> can PCKS1

Re: [Openvpn-devel] [PATCH] Add support for OpenSSL TLS 1.3 when using management-external-key

2018-10-16 Thread Selva Nair

Hi, Not a review, but some thoughts: On Sun, Oct 7, 2018 at 5:59 PM Arne Schwabe wrote: > > For TLS 1.0 to 1.2 OpenSSL calls us and requires a PKCS1 padded > response, for TLS 1.3 it requires to an unpadded response. Since we > can PCKS1 pad an unpadded response, we prefer to always query for >