[openssl-users] updating openssl on MacOS
Viktor Dukhovni
openssl-users at dukhovni.org
Thu Sep 20 20:38:44 UTC 2018
> On Sep 20, 2018, at 3:43 PM, Michael Richardson <mcr at sandelman.ca> wrote:
>
> Sitting with a colleague, he's trying to get some code working that requires
> ECDSA support,
ECDSA support is also present in OpenSSL 1.0.2. With recent versions of
MacOS you actually get LibreSSL with the base system:
$ /usr/bin/openssl version
LibreSSL 2.2.7
Despite (IMHO) its increasing obsolescence and irrelevance, the LibreSSL
fork of OpenSSL 1.0.2 also supports ECDSA.
$ /usr/bin/openssl ciphers -v aECDSA
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA Enc=ChaCha20-Poly1305 Mac=AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(256) Mac=AEAD
ECDHE-ECDSA-AES256-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA384
ECDHE-ECDSA-AES256-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(256) Mac=SHA1
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AESGCM(128) Mac=AEAD
ECDHE-ECDSA-AES128-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA256
ECDHE-ECDSA-AES128-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=AES(128) Mac=SHA1
ECDHE-ECDSA-RC4-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=RC4(128) Mac=SHA1
ECDHE-ECDSA-DES-CBC3-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=3DES(168) Mac=SHA1
ECDHE-ECDSA-NULL-SHA SSLv3 Kx=ECDH Au=ECDSA Enc=None Mac=SHA1
> so openssl 1.1.0 or newer, and his Mac is infested with
> 0.98letter.
That sounds like a Mac that's running a dated copy of the OS.
--
Viktor.
More information about the openssl-users
mailing list