[openssl-dev] [openssl.org #2464] [PATCH] Experimental TLS-RSA-PSK support for OpenSSL
Giuseppe D'Angelo via RT
rt at openssl.org
Tue Jun 23 20:09:36 UTC 2015
Il 22/06/2015 23:14, Stephen Henson via RT ha scritto:
> On Sun Jun 21 19:00:55 2015, giuseppe.dangelo at kdab.com wrote:
>> Yet another version after some refactorings that landed in master.
>>
>> Please, pretty please, with sugar on top, could anyone review this code
>> so that it can get merged?
>>
>> It's becoming a difficult exercise to keep track of upstream changes and
>> adapt the patch every single time...
>>
>
> I'm currently looking at the OpenSSL PSK code. I'll look into incopoorating
> your changes (in a modified form) as part of that so there is no need to keep
> it up to date with the changing master branch.
Great, thank you! If you have questions on the implementation just ask.
It should me mostly straightforward with the RFC at hand, with a small
section copied as-is from the plain RSA code.
> I hope to revise the PSK code and make it more flexible so it can support
> {RSA,DH,ECDH}+PSK more cleanly.
>
> FYI, I can tell you the cause of the GCM crash: the cipher structure isn't set
> up correctly in your patch, it needs to use SSL_AEAD not SSL_SHA256 (compare it
> with other GCM entries).
A-ha! That explains the silly mistake, thank you.
Cheers,
--
Giuseppe D'Angelo | giuseppe.dangelo at kdab.com | Software Engineer
KDAB (UK) Ltd., a KDAB Group company | Tel: UK +44-1625-809908
KDAB - The Qt Experts
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4048 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150623/bb85b561/attachment.bin>
More information about the openssl-dev
mailing list