OpenSSL 1.1.1 (full support) expires 2022-09-11, any plans for a full bug fix release?

OpenSSL 1.1.1 full support expires on 2022-09-11; it then enters security-fix-only mode until 2023-09-11. Are there any plans for a final bug-fix release of 1.1.1 in the next couple weeks (and hopefully a 3.0 release as well)? -- -Todd Short // tsh...@akamai.com // "One if by land, two if by se

Re: OpenSSL 3.0 LTS

Apple uses LibreSSL, not OpenSSL, in their recent OSes: ~$ openssl version -a LibreSSL 2.8.3 built on: date not available platform: information not available options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) blowfish(idx) compiler: information not available OPENSSLDIR: "/private/etc/ssl" ~$ un

Time for OpenSSL 1.1.1l?

The cadence of 1.1.1 release is supposed to be quarterly (I seem to recall reading that somewhere, but I can't find it)? It has been almost 4 months since 1.1.1k (25-March-2021) was released. Are there any plans for 1.1.1l (ell)? -- -Todd Short // tsh...@akamai.com // “One if by land, two if by

Re: Serialize/Deserialize SSL state

Not without a lot of work. It’s not part of the current API. We have tried doing an internal implementation; it was over 1K of new code, and it wasn’t complete. -- -Todd Short // tsh...@akamai.com // “One if by land, two if by sea, threeif by the Internet." > On Aug 9, 2019, at 3:42 PM, Osama Ma

SSL_check_chain() broken

Hi, It looks as though SSL_check_chain() use within the cert_cb (as recommended) was broken by PR 7257. PR 7257 moves setting the shared_sigalgs to after the cert_cb takes place, but deep down in the call stack, SSL_check_chain() has a dependency on shared_sigalgs being set. In 1.1.1, the fol

Re: AES-cipher offload to engine in openssl-fips

No. The OpenSSL FIPS Module is not written that way. It should not be permitting any non-FIPS implementations (see Rich's email regarding a bug). You could write your own engine, get that FIPS certified, and run it with plain, vanilla OpenSSL. There's a design spec out for OpenSSL 3.0.0 that

Re: Stitched vs non-Stitched Ciphersuites

quot; On Feb 26, 2019, at 10:40 AM, Matt Caswell mailto:m...@openssl.org>> wrote: On 26/02/2019 15:03, Short, Todd via openssl-users wrote: The latest security advisory: https://www.openssl.org/news/secadv/20190226.txt mentions stitched vs. non-stitched ciphersuites, but doesn’t really

Stitched vs non-Stitched Ciphersuites

The latest security advisory: https://www.openssl.org/news/secadv/20190226.txt mentions stitched vs. non-stitched ciphersuites, but doesn’t really elaborate on which ciphersuites are stitched and non-stitched. "In order for this to be exploitable "non-stitched" ciphersuites must be in use. Sti

Re: [openssl-users] Extracting decrypt key for AES from openssl on client side

I have seen this done for hardware acceleration; where the crypto chip can do everything except the handshake. (In fact, this mechanism protected at least one device that I know of from the Heartbleed debacle, since the hardware crypto did not understand the record type.) Look at how the kernel

Re: [openssl-users] How to build libcrypto64*.lib and libssl64*.lib on Windows 64-bit?

Could that be LibreSSL? (Or some similar wrapper for OpenSSL?) https://github.com/Ruzzz/LibreSSL This above repo creates libraries in the named format below; to match how Microsoft provides multiple versions of libraries. Looks to be debug (d) and multi-thread (MT?) versions of the libraries; n

Re: [openssl-users] Re-enable 3DES on NGINX + OpenSSL 1.1.1

3DES is considered to only be 112 bits in strength. The default security level is 1 (which allows most things), perhaps nginx resets the security level to 3 or greater (which means a minimum of 128-bit ciphers). -- -Todd Short // tsh...@akamai.com // "One if by land, tw

Re: [openssl-users] QNX 6.5 OpenSSL Build

You can add the "no-dso" option to the command line to avoid this feature, but you lose access to loading engines. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Sep 16, 2018, at 1:04 PM, Viktor Dukhovni mailto:opens

Re: [openssl-users] Problems with man page code example at EVP_EncryptInit

PRs on GitHub to fix documentation are always welcome. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Sep 5, 2018, at 10:18 AM, Sam Habiel mailto:sam.hab...@gmail.com>> wrote: I had to double check something--I was w

Re: [openssl-users] Regarding Openssl 1.0.2p bn changes

https://github.com/openssl/openssl/commit/327b2c01 -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Aug 24, 2018, at 12:18 AM, Manish Patidar mailto:mann.pati...@gmail.com>> wrote: Hi, I have doubt regarding the bn ch

Re: [openssl-users] Backup of existing ssl connection

Agreed, Iooked at this when creating a failover service, and trying to replicate all the TCP and TLS data ended up using significant CPU processing and network bandwidth that it wasn’t worth it; in addition to intrusive OpenSSL changes. You should try to have a way to detect and re-establish a

Re: [openssl-users] TLS-Session

TCP Nagle + TCP Delayed ACKs can cause what appears to be the ClientHello being retransmitted. Tweaking these TCP options will give you better initialization performance. TCP_NODELAY TCP_QUICKACK This may not help the "end session" issue. -- -Todd Short // tsh...@akamai.com

Re: [openssl-users] About 1.0.2p version release !!

M To: "openssl-users@openssl.org" Subject: Re: [openssl-users] About 1.0.2p version release !! On 08/10/2018 08:27 PM, Short, Todd via openssl-users wrote: RFC 8446 (TLS 1.3) was just published about ~30 minutes ago. Wonderful ! Todd are you okay[1] with your name being here :

Re: [openssl-users] About 1.0.2p version release !!

RFC 8446 (TLS 1.3) was just published about ~30 minutes ago. -- -Todd Short // Sent from my iPhone // "One if by land, two if by sea, three if by the Internet." > On Aug 8, 2018, at 4:22 PM, Matt Caswell wrote: > > > >> On 08/08/18 21:15, The Doctor wrote: >>> On Wed, Aug 08, 2018 at 01:46:

Re: [openssl-users] Packet capture SSL traffic

wireshark.org; it will decode it for you as well. EKR used to have a utility on this website, but it’s likely out of date. Wireshark has been more frequently updated. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by

Re: [openssl-users] Error compiling openssh with openssl

You will need to patch OpenSSH to not call the SHA256_XXX() APIs directly. To work with FIPS enabled, the EVP API must be used for all crypto operations. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Jun 11, 2018, a

[openssl-users] Fwd: [openssl-dev] QUIC

FYI: Matt Caswell realized how critical TLSv1.3 (and subsequently OpenSSL) is to QUIC. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." Begin forwarded message: From: Benjamin Kaduk via openssl-dev mailto:openssl-...@op

Re: [openssl-users] [openssl-dev] verify depth behavior change from 1.0.2 to 1.1.0?

Ben Kaduk: Do we know the values that are being passed to SSL_CTX_set_Verify_depth() match the -verify_depth argument, or do they differ? If they differ, do identical arguments to the function behave the same in 1.1.0 and 1.0.2? Viktor: What we’re getting at here, is that this appears to be a

Re: [openssl-users] Building OpenSSL 1.0.1t without tls1.1 support?

1.0.1 is old, and not really supported, except some security fixes. 1.0.x does not provide the ability to compile out TLSv1.0 from 1.1 from 1.2. The upcoming 1.1.x does. If you disable tls1, then you’ve also disabled all later versions, so enable tlsv1 at config time and use the SSL options to en

Re: [openssl-users] Openssl and floating point

The -Ddouble=long hack might very well cause problems with standard headers. I’m assuming you are not talking about x86 or any other platform for which there is assembly support. In such a case, I suggest #ifdef’ing out the code that you don’t care about, and making it into a configuration opti

Re: [openssl-users] different encrypted text for the same plain text message

Rich Salz basically told this guy to read Wikipedia about cryptography… :) -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Jul 28, 2016, at 11:15 AM, Benjamin Kaduk mailto:bka...@akamai.com>> wrote: There are several

Re: [openssl-users] ssl connect failed

There are ALPN/NPN callbacks that need to be set. Documentation was added recently to 1.0.2: https://www.openssl.org/docs/man1.0.2/ssl/SSL_CTX_set_alpn_select_cb.html -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On A

Re: [openssl-users] Problems with OpenSSL 1.0.2 h

Have you tried to configure this cipher at the top of your cipher list initially with SSL_OP_SERVER_CIPHER_PREFERENCE? -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On May 4, 2016, at 12:04 PM, Benjamin Kaduk mailto:b

Re: [openssl-users] Decrypt TCP session

Check out ssldump. -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three if by the Internet." On Feb 12, 2016, at 10:05 AM, Lloyd mailto:lloydkl.t...@gmail.com>> wrote: Hi, I have implemented a sample HTTP server/client based on openssl (boost as

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

int several of us have been trying to get through for some time. Peter -"openssl-dev" mailto:openssl-dev-boun...@openssl.org>> wrote: - To: "openssl-...@openssl.org<mailto:openssl-...@openssl.org>" mailto:openssl-...@openssl.org>> From: "Short, To

Re: [openssl-users] [openssl-dev] Removing obsolete crypto from OpenSSL 1.1 - seeking feedback

While I am all for simplicity, I also think that removing functionality is a “bad idea”. To reduce the support burden, deprecate the ciphers: 1. Under support, indicate that these ciphers will no longer receive fixes. 2. Remove any assembly implementations 3. Disable them by default. I suggest f