TLS 1.3 migration: how to get current SSL session authentication

Hi, By the way : It was possible to get the authentication from a TLS1.2 ciphersuite Using SSL_CIPHER_get_auth_nid(). With a TLS1.3 SSL_CIPHER, the result is logically 'any'. So my question is : Is there any other [new ?] API to get the effective authentication mode from the current SSL ses

how to generate the SHA512.s and SHA256.s on Linux?

I need two fuctions: sha512_block_data_order and sha256_block_data_order. how can I get it. Thank you

RE: Peer certificate verification in verify_callback

Hi Viktor, Could you please elaborate on "...although doing the latter potentially gives you the opportunity to decorate them with auxiliary trust EKUs." Does it mean "EKUs" "out of" the certificate ? Is it just about using X509_STORE_set_trust() and the like as mentioned in X509_STORE_add_cert

Re: Using EVP_PKEY with EVP_EncryptInit_ex

On 01/04/2020 18:01, Andrew Felsher wrote: > I'm aware of the symmetric/asymmetric differences. But the EVP_Enrypt... > API takes the key as a bunch of bytes. It shouldn't care whether it's an > RSA key or not, correct? (Though perhaps it would truncate to, in my > case, the first 128 bits since