-
Related to https://github.com/square/okhttp/pull/6554 but not likely the cause, the SNI hostname extension isn't set with socket channels. This was previously assumed to be in place from JDK7+.
``…
-
I am trying openssl+ktls on ubuntu 20.04.
I have tried openssl-3.0.0-alpha8 from https://www.openssl.org/source/openssl-3.0.0-alpha8.tar.gz
and also the current master branch from the github rep…
r2an9 updated
3 years ago
-
Currently only RSA and ECDSA schems are accepted. EDDSA keys such as ED25519 or ED448 shall also be accepted.
RFC 8446, Section 1:
```
- Authentication: The server side of the channel is alwa…
-
Old Android phones (Kit-Kat) have neither non-vulnerable versions of OpenSSL nor the versions supporting TLS 1.2 and 1.3 (though even TLS 1.1 is OK, the protocol is not vulnerable itself, just depreca…
-
之前搞某个网站发现使用不同客户端发起请求会有不同的…
-
```
(venv) C:\Users\lking\Documents\Lou's Software\projects\members\members>pip install -U cryptography
Collecting cryptography
Downloading https://files.pythonhosted.org/packages/27/5a/007acee02…
-
Ursa is the current crypto provider, however it is limited to three key/pk crypto types (x25519, ed25519 and secp256k1). In future, we will need support for additional curves (e.g. P256, ed448, x448 e…
-
When RSA-PSS is used with a 1024-bit RSA key and SHA512, the salt length ends up being 62 bytes.
However, we end up calling `RSA_verify_PKCS1_PSS_mgf1()` with the `sLen` argument set to `-1` which …
dwmw2 updated
2 years ago
-
Using pre9: openssl s_client -connect get.adobe.com:443
Usually results in:
139921395720640:error:1414D172:SSL routines:tls12_check_peer_sigalg:wrong signature type:../ssl/t1_lib.c:1073:
Someti…
-
Running a script over the .a files produced by a build reveals all defined global symbols that aren't in the .num files. This majority of these will be false positives or historical. The script will…