d a macro:
# ifndef OPENSSL_NO_DEPRECATED_3_0
# define TS_VERIFY_CTS_set_certs(ctx, cert)
TS_VERIFY_CTX_set_certs(ctx,cert)
# endif
In 1.1.1 this was a full C function so the cmake detection would have
worked correctly there.
Matt
dcmpstat:
16:36:48:689
34>C:\repos\mmi-director-dcmt
es it around as a pointer object - which should be fine.
Matt
Is there something I missed in the build of the libraries and the
install package?
Thank.
**
**
*Thom Bentley *| Senior Software Engineer |Medidata, a Dassault Systèmes
company <http://www.mdsol.com/>
This em
Additional
analysis was provided by David Benjamin (Google). The fix was developed by
Matt Caswell.
General Advisory Notes
==
URL for this Security Advisory:
https://www.openssl.org/news/secadv/20240627.txt
Note: the online version of the advisory may be updated with additional de
://www.openssl.org/docs/man3.3/man3/EVP_PKEY_get1_encoded_public_key.html
Matt
Regards
--
Lokesh Chakka.
On Wed, Jun 19, 2024 at 4:21 PM Matt Caswell <mailto:m...@openssl.org>> wrote:
On 19/06/2024 09:15, Lokesh Chakka wrote:
> hello,
>
> I'm trying to gener
32 bytes long (256
bits) - so this gives you 65 bytes in total.
Matt
Can someone help me understand why the difference?
Thanks & Regards
--
Lokesh Chakka.
ient.t
garak$
No obvious output log files there.
Try this to give more verbose output for a specific test failure:
make TESTS=test_bio_dgram V=1 test
Matt
On 24/05/2024 16:57, murugesh pitchaiah wrote:
Thanks Matt for looking into this.
Here is the output:
# openssl list --providers -provider fips -provider base
Providers:
base
name: OpenSSL Base Provider
version: 3.0.9
status: active
c88c3de510 (for 3.2), commit 704f725b96 (for 3.1) and commit b3f0eb0a29
(for 3.0) in the OpenSSL git repository. It is available to premium support
customers in commit f7a045f314 (for 1.1.1).
This issue was reported on 10th April 2024 by William Ahern (Akamai). The fix
was developed by Matt Caswell and
What do you get by loading the provider via the "openssl list" command,
i.e. what is the output from:
$ openssl list --providers -provider fips -provider base
Matt
On 24/05/2024 15:48, murugesh pitchaiah wrote:
Thanks Neil for your response. Please find more details below.
The "retry" here is the normal meaning of the English word, and does not
refer to a "network" retry, i.e. we tried to read application data but
actually got something else, so retry that attempt.
Matt
tried to read
application data but got a non-application data record". They both
result in SSL_read() failing and indicating SSL_ERROR_WANT_READ.
For non-blocking mode it really doesn't make much difference to the
application. Either way it should not cause it to block.
Matt
ren't available on a particular platform.
Some platforms have some atomics support but you have to link in a
separate atomics library to get it to work. You might try adding
"-latomic" to Configure command line and see if that helps at all.
Matt
On Sun, May 12, 2024, 7:26
use it is still in flight over the network.
Matt
Could it be that
the processing of data and its availability in the buffer is causing
delays or something is missing in code? Any insights or assistance on
resolving this matter would be immensely helpful and appreciated.
int isReada
On 02/05/2024 11:52, Rahul Shukla wrote:
Thank you for the quick reply, Matt !!
Is my understanding correct thatif the buffer is empty and SSL_peek() is
invoked while trying to process more records, only application data gets
placed into that buffer?
Technically, the internal buffer is
ords.
If the buffer is empty then it will attempt to process further records
in order to put more data into that buffer. In doing that if it
encounters any non-application data records (such as a session ticket)
then it will process those records in the same way as SSL_read() would
have done.
Matt
dive into it in more
detail.
Matt
Is it like :
the message type warrants one to be exposed (change_cipher_spec) and the
other to be handled internally (new session data) ? Could we please
advise on openssl's standard operating workflow here ? Also, would I
have to add logic to manu
w.
Support for the ECDH version was removed from OpenSSL 1.1.0 and above:
https://github.com/openssl/openssl/commit/ce0c1f2bb2fd296f10a2847844205df0ed95fb8e
Matt
It fails on SSL_set_cipher_list API.
This API, and the cipher you had in mind apply only to TLS 1.2, with TLS
1.3 there is a sepa
o it. See these man
pages:
https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_get_params.html
https://www.openssl.org/docs/man3.0/man7/EVP_PKEY-EC.html
Matt
r this
keytype:crypto/evp/p_lib.c:309:
So, I don't understand how this ever worked for you. There must be
something slightly strange about your key/setup??
Matt
You were reading the P521 public-key previously (with 1.1.1), but in
what format was it sent you? Do you want just the bytes of the public
EC point?
-James M
a
"blob" of data. App data set on the server side is not accessible to the
client.
Matt
unsigned char m_ServerChallenge1[32];
unsigned int sid_ctx_len1 = 0;
SSL_SESSION_get0_ticket_appdata(SSL_get_session(ssl),m_ServerChallenge1,
&sid_ctx_len1);
*// Able to print the
include some other system
include file ("recurse down to the real one") which it is failing to find.
Matt
l it again with 17 bytes of data, then added to the 15
bytes already cached we have a total of 32 bytes. This is a multiple of
16, so 2 blocks (32 bytes) will be output, so:
(inl + cipher_block_size - 1) = (17 + 16 - 1) = 32
Matt
Thank you for your time and help!
Kind regards,
Wiktor
[1]:
https://gitlab.com/sequoia-pgp/sequoia/-/merge_requests/1361#note_1150958453
Please see the new blog post here:
https://www.openssl.org/blog/blog/2022/11/01/email-address-overflows/
OpenPGP_0xD9C4D26D0E604491.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
The client won't see this until it next
calls SSL_read. At this point SSL_read() will return an error and
SSL_get_error() will indicate SSL_ERROR_SSL. You should just close the
connection at this point without calling SSL_shutdown().
Matt
- 3.0.6 only. It does not apply to
any 1.1.1 release.
Matt
-Original Message-
From: openssl-announce On Behalf Of Ing.
Martin Koci, MBA
Sent: Tuesday, October 25, 2022 21:36
To: openssl-annou...@openssl.org; openssl-users@openssl.org;
openssl-proj...@openssl.org; oss-secur
On 24/10/2022 10:17, Matt Caswell wrote:
On 22/10/2022 16:02, David Harris wrote:
On 21 Oct 2022 at 13:50, Michael Wojcik via openssl-users wrote:
That was my initial thought too, except that if it were
firewall-related, the initial port 587 connection would be blocked,
and it isn&#
e
group changed.
On 25/10/2022 00:35, Martin via openssl-users wrote:
> Thanks for your response. I want to preserve the rest of the EC public
> key params. I did this. I haven’t test yet.
Preserving the rest of the EC public key params doesn't make sense. If
the group has changed the key is no longer valid. Just create a new key
instead.
Matt
e.
I'm not high-level enough to be able to make any sense of the negotiation data
though. The wireshark capture is quite short (22 items in the list) and I don't
mind making it available if it would be useful to anyone.
I'm not promising anything. But if you send me the captures I ca
ack(). Would there be a proper usage of
this kind of callback in this scenario ?
Not sure what you're asking here. There is a man page for this function
here:
https://www.openssl.org/docs/manmaster/man3/SSL_CTX_set_info_callback.html
Matt
Any other input, links to any kind of releva
m a third party distributor. See:
https://wiki.openssl.org/index.php/Binaries
Matt
print EVP_PKEY keys because the BIO
functions in our version (3.0) are deprecated.
See the functions here:
https://www.openssl.org/docs/man3.0/man3/EVP_PKEY_print_public.html
Matt
If you know the functions
to make this signature and verification from strings or even another
ECDSA example,
We have received a report of a significant regression in the latest
3.0.6 and 1.1.1r versions. The regression is not thought to have
security consequences. While the regression is further investigated we
have taken the decision to withdraw the 3.0.6 and 1.1.1r versions and
instead recommend that
Supercomputing Center. The fix was developed by Matt Caswell.
References
==
URL for this Security Advisory:
https://www.openssl.org/news/secadv/20221011.txt
Note: the online version of the advisory may be updated with additional details
over time.
For details of OpenSSL severity
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 3.0.6 released
==
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 3.0.6 of our open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 1.1.1r released
===
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.1.1r of our open sour
of the platform names I listed above.
I don't have any access to (and have never used) VxWorks, so I have no
clue as to whether this actually works.
Matt
On 07/10/2022 12:33, רונן לוי wrote:
Hi,
I would like to know what is the procedure to build the openssl to
vxWorks/Intel platfo
Hello,
The OpenSSL project team would like to announce the forthcoming
release of OpenSSL versions 3.0.6 and 1.1.1r.
These releases will be made available on Tuesday 11th October 2022
between 1300-1700 UTC.
OpenSSL 3.0.6 is a security-fix release. The highest severity issue
fixed in OpenSSL 3.
less critical when the actual release date is.
Matt
nd achieve this?
Unfortunately, AFAIK, I don't think there is a way to do this.
Matt
Please read the blog post about this here:
https://www.openssl.org/blog/blog/2022/08/24/FIPS-validation-certificate-issued/
Matt
handling in TLS is a little complicated with the actual
IV that is used for an actual encryption/decryption operation being
composed of different elements. The details of which vary by ciphersuite
and protocol version.
Matt
On 12/08/2022 03:34, Imazu Setsuo wrote:
On 2022/08/10 18:44, Matt Caswell wrote:
On 10/08/2022 00:11, Imazu Setsuo wrote:
Hello, my name is Imazu.
I am using OpenSSL3.0.5 to develop a windows program.
When I call PEM_read_PrivateKey() I get the following error:
OPENSSL_Uplink
FILE * pointers from one dll to another and avoids the problem.
Matt
certs from the store is here
<https://github.com/DragonOsman/currency_converter/blob/master/currency_converter/root_certificate.hpp>.
This isn't possible at the moment, but there is a change in progress to
add this capability. See:
https://github.com/openssl/openssl/pull/18070
Matt
s://github.com/openssl/openssl/blob/72a85c17aae602e881c917c3f6e93bd7f7260093/apps/s_server.c#L643-L680
https://github.com/openssl/openssl/blob/72a85c17aae602e881c917c3f6e93bd7f7260093/apps/s_server.c#L1786-L1791
https://github.com/openssl/openssl/blob/72a85c17aae602e881c917c3f6e93bd7f7260093/apps/s_server.c#L2048-L2049
Matt
ge, no? And if it is, how do I parse the ClientHello message to
extract it and respond?
The unsupported protocol error usually means there is a mismatch between
the supported TLS versions on the client and the server. For example if
the server only supports TLSv1.3 and the client only sup
LIST
Can't open perl script "Configure": No such file or directory
Are you running this from the root of the openssl source tree? There
should be a file called "Configure" there. Is it present?
Matt
-bash-3.2$ perl configure LIST
Can't open perl script "co
list of all the platforms - one of which should be
"linux-x86_64"
Matt
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL Security Advisory [21 June 2022]
The c_rehash script allows command injection (CVE-2022-2068)
Severity: Moderate
In addition to the c_reh
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 3.0.4 released
==
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 3.0.4 of our open source
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 1.1.1p released
===
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.1.1p of our open sour
process exit.
Matt
occurring.
Matt
On 20/06/2022 22:29, Rouzier, James wrote:
Hi Matt,
What would it take to expose this?
At the moment you can serialize an SSL_SESSION object - but this only
helps during session resumption. So, using this capability, you could
perform a resumption handshake on a different server to where
process could hit a different server.
The plan is to save the current state of the TLS handshake so that any
server can pickup where the previous server left off.
Is this possible with the current API of openssl?
No. This currently not possible.
Matt
between 1300-1700 UTC.
These are security-fix releases. The highest severity issue
fixed in these releases is MODERATE:
https://www.openssl.org/policies/secpolicy.html#moderate
I am guessing there is a bunch of new test certs in there?
Yes.
Matt
sible.
Matt
Cheers & thanks for the help
Jochen
#x27;
: return code '0x2'
Stop.
Some test certificates have expired. Fix here:
https://github.com/openssl/openssl/pull/18444/files
https://patch-diff.githubusercontent.com/raw/openssl/openssl/pull/18444.patch
Matt
can get the patch file here:
https://patch-diff.githubusercontent.com/raw/openssl/openssl/pull/18444.patch
Matt
Do you mean this ?
https://raw.githubusercontent.com/t8m/openssl/456de6e73c05fc413aacedcdd551e2a259f93262/test/certs/embeddedSCTs1_issuer.pem
-BEGIN CERTIFICATE
OpenSSL is looking to hire a Platform Engineer (a sysadmin role).
Details of the role are here:
https://www.openssl.org/blog/blog/2022/05/30/hiring-platform-engineer/
Matt
On 07/06/2022 13:46, Michael Richardson wrote:
Matt Caswell wrote:
> On 06/06/2022 18:08, Christian Schmidt wrote:
>> Hi,
>> I am building a server application that allows a user to log in by
>> providing a certificate. In order to do custom c
https://github.com/openssl/openssl/blob/9f3626f2473bdce53e85eba96e502e950e29e16f/ssl/statem/statem_lib.c#L1350-L1394
Unfortunately there are no entries in this table that map to the
access_denied alert.
Matt
iated sigalg (for TLSv1.3).
Matt
Please see the following blog post for details of the role:
https://www.openssl.org/blog/blog/2022/05/18/hiring-business-operations-administrator/
Matt
On 17/05/2022 16:25, Philip Prindeville wrote:
Thanks, and for 1.1.x?
There's nothing equivalent in 1.1.x AFAIK.
Matt
e man page as above). E.g. something like:
OSSL_PARAM params[2], *p = params;
unsigned int pad;
*p++ = OSSL_PARAM_construct_uint(OSSL_CIPHER_PARAM_PADDING,
&pad);
*p = OSSL_PARAM_construct_end();
if (!EVP_CIPHER_CTX_get_params(ctx, params)) {
/* Error */
}
Matt
all subject to the standard PR review process of course.
Matt
On 13/05/2022 17:54, Kevin R. Bulgrien wrote:
It was necessary to apply 5 minor patches to openssl 1.1.1n to build it for
SCO OpenServer 5.0.7. One patch fixing a missing #ifdef AF_INET6 is
already applied to current development for
return res;
}
It's ECB, so there's no IV. Or padding. The block size and key size are both
128 bits.
One thing I noticed right away is that EVP_CipherUpdate() returns 1, and sees
"outlen" to zero.
What value does inlen have? If you're not doing padding then it mus
.
Matt
Best regards;
variable current_cert.
X509_STORE_CTX_get0_cert() does this:
https://www.openssl.org/docs/man3.0/man3/X509_STORE_CTX_get0_cert.html
Matt
thanks,
Saketh.
Notice: This e-mail together with any attachments may contain
information of Ribbon Communications Inc. and its Affiliates that is
/man3/EVP_PKEY_get_bn_param.html
The params you want are called OSSL_PKEY_PARAM_EC_PUB_X and
OSSL_PKEY_PARAM_EC_PUB_Y as documented on this page:
https://www.openssl.org/docs/man3.0/man7/EVP_PKEY-EC.html
Matt
On May 3, 2022, at 1:56 PM, Chris Bare <mailto:chris.b...@gmail.com>&
s issue was reported to OpenSSL on the 6th April 2022 by Raul Metsma. The fix
was developed by Matt Caswell from OpenSSL.
Incorrect MAC key used in the RC4-MD5 ciphersuite (CVE-2022-1434)
=
Severity: Low
The OpenSSL 3.0 implement
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 1.1.1o released
===
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.1.1o of our open sour
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 3.0.3 released
==
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 3.0.3 of our open source
:
https://www.openssl.org/policies/secpolicy.html#moderate
Yours
The OpenSSL Project Team
On 19/04/2022 20:51, Matt Caswell wrote:
The OpenSSL project team would like to announce the forthcoming
release of OpenSSL versions 3.0.3 and 1.1.1o.
These releases will be made available on Tuesday 26th
On 24/04/2022 00:13, The Doctor via openssl-users wrote:
Just wondering if Apple OS is compatible with OPenssl 3 .
MacOS should work just fine with OpenSSL 3.0. At least master is
regularly tested, e.g.
https://github.com/openssl/openssl/runs/6151999376?check_suite_focus=true
Matt
o see if you get any clues from that, e.g. by
adding the following to your code:
ERR_print_errors_fp(stdout);
Matt
Thank you,
Ashish
Notice: This e-mail together with any attachments may contain
information of Ribbon Communications Inc. and its Affiliates that is
confidential and/or prop
The OpenSSL project team would like to announce the forthcoming
release of OpenSSL versions 3.0.3 and 1.1.1o.
These releases will be made available on Tuesday 26th April 2022
between 1300-1700 UTC.
These are security-fix releases. The highest severity issue
fixed in these releases is MODERATE:
h
ce that you assign an object to a different
location. Only when all references are freed (i.e. when the reference
count drops to 0) does the object itself actually get freed.
Matt
Could someone please elaborate a bit ..
Chand..
On 11/04/2022 16:53, Alon Bar-Lev wrote:
On Mon, Apr 11, 2022 at 11:52 AM Matt Caswell wrote:
On 10/04/2022 19:18, Alon Bar-Lev wrote:
Hello,
I am trying to migrate to openssl-3.0 API, it seems to be very
complicated to hook primitive private key usage to a custom function.
This is
functions are hidden
from the user.
As the comment says, RSA low level APIs are deprecated. Deprecated does
*not* mean removed. So you can still use them for now, although expect
them to be removed from some future version of OpenSSL.
Matt
Can anyone help us to create a testcase of opens
vider does not support the "MD5-SHA1" digest. Consequently
you cannot support TLSv1.0 or TLSv1.1 with the FIPS provider. Only TLSv1.2.
Matt
What am I missing?
Here os the code snippet:
label = "master secret";
kdf = EVP_KDF_fetch(NULL, "TLS1
509_pubkey_decode() indicates a fatal error (e.g. a
malloc failure). A 0 error return is considered non-fatal (e.g. an
unrecognised key) and the code is deliberately written to continue in
the case of non-fatal errors.
Matt
Call trace for more information:
#0 x509_pubkey_decode (ppkey=ppke
was a deliberate day 1 design decision.
Matt
-Original Message-
*From*: Matt Caswell <mailto:matt%20caswell%20%3cm...@openssl.org%3e>>
*To*: openssl-users@openssl.org <mailto:openssl-users@openssl.org>
*Subject*: [EXTERNAL] Re: Static OpenSSL 3 library with FIPS
*Date*: F
support this.
Matt
Thanks for this. I have raised this issue to track the problem:
https://github.com/openssl/openssl/issues/17958
Matt
On 23/03/2022 14:00, Helde, Paavo wrote:
- I notice that you are using the latest master version 3.1.0-dev. The master
branch is where all dev work goes on and consequently may be unstable. You
might be better off using the latest 3.0 stable version, i.e. 3.0.2
Thanks Matt, downgrading to
that you are using the latest master version 3.1.0-dev. The
master branch is where all dev work goes on and consequently may be
unstable. You might be better off using the latest 3.0 stable version,
i.e. 3.0.2
Matt
ld be interesting to see what output you get from s_client when
you use the "-trace" argument.
Also, is this TLSv1.3 specific? If you add the argument "-no_tls1_3" to
s_client does it start working?
Matt
I am no expert in SSL, so not sure where the problem might be, mo
OPENSSL_USE_IPV6 0
# endif
# endif
There is already code in bss_dgram.c that is conditionally compiled on
OPENSSL_USE_IPV6. Is it reasonable to assume that if AF_INET6 is defined
then ip6.h exists?
Matt
On 19/03/2022 13:28, Michael Richardson wrote:
I'm working on dealing with Matt's detailed review.
This issue seems bigger than the github issue.
https://github.com/openssl/openssl/pull/5257
about: #include
matt> This remains an issue. It's unclear to me whether al
1.1.1n release.
Neither have the Newslog (news/newslog.html) nor the Vulnerabilities
(news/vulnerabilities) pages.
These pages should be ok now too. Normally these are always updated as
part of the release process, but something went wrong with a script
somewhere. Not sure why...
Matt
Those 2 links should be ok now. A problem with our scripts to flush the
CDN cache.
Matt
On 15/03/2022 20:18, Yann Droneaud wrote:
Hi,
Le 15/03/2022 à 17:34, Matt Caswell a écrit :
OpenSSL version 1.1.1n released
===
OpenSSL - The Open Source toolkit
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL Security Advisory [15 March 2022]
Infinite loop in BN_mod_sqrt() reachable when parsing certificates
(CVE-2022-0778)
==
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 1.1.1n released
===
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 1.1.1n of our open sour
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
OpenSSL version 3.0.2 released
==
OpenSSL - The Open Source toolkit for SSL/TLS
https://www.openssl.org/
The OpenSSL project team is pleased to announce the release of
version 3.0.2 of our open source
null BIO (BIO_s_null). In the tlsext_servername callback,
change the write BIO for the SSL object (SSL_set0_wbio) to the null BIO
causing all subsequent writes to just "disappear".
Matt
-Original Message-
From: Matt Caswell
Sent: Thursday, 10 March 2022 13:25
To: Tal Dery
On 10/03/2022 11:21, Tal Dery wrote:
Hi Matt,
Yes, I want to abort the session without notifying the client.
SSL_TLSEXT_ERR_ALERT_FATAL sent " 15 03 03 00 02 02 00" to client.
What can I do to not send the message?
You want to abort the handshake without sending an alert? That w
NOACK is a non-fatal return code. The SNI
request is not acknowledged by the server (i.e. it acts the same way as
if SNI was not configured on the server at all), but no alerts are sent
so the handshake proceeds as normal.
Matt
For some reason, the server is still sending the message, an
The OpenSSL project team would like to announce the forthcoming
release of OpenSSL versions 3.0.2 and 1.1.1n.
These releases will be made available on Tuesday 15th March 2022
between 1300-1700 UTC.
These are security-fix releases. The highest severity issue
fixed in these releases is HIGH:
https
1 - 100 of 1001 matches
Mail list logo
