t -connect localhost:18010 -cert clnt.crt \
-key test.key -CAfile testca.crt -debug \
-cipher 'COMPLEMENTOFALL:eNULL' -dtls1_2
NULL ciphers work fine with OpenSSL 1.0.2g.
With OpenSSL 1.1.1g the handshake fails on the server side with
140295725053248:error:14102438:SSL routines:dtls1_read
ect localhost:18010 -cert clnt.crt \
> -key test.key -CAfile testca.crt -debug \
> -cipher 'COMPLEMENTOFALL:eNULL' -dtls1_2
>
> NULL ciphers work fine with OpenSSL 1.0.2g.
>
> With OpenSSL 1.1.1g the handshake fails on the server side with
> 140295725053248:error:1410
MENTOFALL:eNULL' -dtls1_2
NULL ciphers work fine with OpenSSL 1.0.2g.
With OpenSSL 1.1.1g the handshake fails on the server side with
140295725053248:error:14102438:SSL routines:dtls1_read_bytes:tlsv1 \
alert internal error:../ssl/record/rec_layer_d1.c:611:SSL alert number \
80
Even on OpenSSL 1.1
*Requirement : * The cipher suites(PSK-AES128-GCM-SHA256 and PSK-NULL-SHA256)
are needed to be set during the handshake process between client and server
in python(3.7) testframe using standard library ssl module(wrapper for
openssl). My understanding is that PSK and weak ciphers are not enabled b
Viktor and Kurt,
Thanks for the help! Now it's working.
Qi
-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Kurt Roeckx
Sent: Wednesday, August 22, 2018 2:12 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] using NULL ci
ke it work. However
> > with version 1.1.0i or 1.1.1 prev 9, SSL_CTX_set_cipher_list(ctx,
> > "ECDHE-ECDSA-NULL-SHA") succeeded but SSL_Connect () failed. Is there any
> > way to enable NULL ciphers with version 1.1.0i or later?
>
> Yes, you need to use:
>
&
ot;ECDHE-ECDSA-NULL-SHA") succeeded but SSL_Connect () failed. Is there any way
> to enable NULL ciphers with version 1.1.0i or later?
Yes, you need to use:
"ECDHE-ECDSA-NULL-SHA:@SECLEVEL=0"
at present there are no separate controls to distinguish between the
authent
d. Is there any
way to enable NULL ciphers with version 1.1.0i or later?
Thanks,
Qi
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> I realise that the eNULL/NULL ciphers add no encryption, but do they just
> transmit the data as is, or is there some steganography used?
If you truly realized they add no encryption, you'd realize the answer to your
question. :)
/r$
--
Principal Security Engi
I realise that the eNULL/NULL ciphers add no encryption, but do they just
transmit the data as is, or is there some steganography used?
Thanks
__
OpenSSL Project http://www.openssl.org
User
On Thu, Apr 16, 2009 at 02:21:10PM +0300, Ouaknine, Keren wrote:
> Hello,
>
> Mazal-tov for getting Beta out. I am interested in the implementation of the
> null-ciphers (when the encryption is mandatory, and clear-text used). This is
> part of RFC 4785, which I didn't se
Hello,
Mazal-tov for getting Beta out. I am interested in the implementation of the
null-ciphers (when the encryption is mandatory, and clear-text used). This is
part of RFC 4785, which I didn't see in the log changes of openssl 1.0 beta.
Any plans for 1.0? If you have any information on
In article <[EMAIL PROTECTED]> you wrote:
> Here is an RTFM question, most likely, so first of all,
> where is the FM?
>
> I am attempting to use SSL as a basic transport for a variety of
> purposes, some of which is transporting already encrypted data.
> At such times, I want to renegotiate ba
Here is an RTFM question, most likely, so first of all,
where is the FM?
I am attempting to use SSL as a basic transport for a variety of
purposes, some of which is transporting already encrypted data.
At such times, I want to renegotiate back to a NULL cipher.
I know I can just write to the soc
14 matches
Mail list logo
