Detecting Bad OpenSSL Usage
Salz, Rich
rsalz at akamai.com
Sun May 31 13:50:24 UTC 2020
It would be really interesting to run this over the apps. Maybe reach out to the author for help with that?
From: Dmitry Belyavsky <beldmit at gmail.com>
Date: Sunday, May 31, 2020 at 5:44 AM
To: "openssl-project at openssl.org" <openssl-project at openssl.org>
Subject: Detecting Bad OpenSSL Usage
Hello,
Here is a nice article about a tool desired to catch misuse of the OpenSSL API.
https://blog.trailofbits.com/2020/05/29/detecting-bad-openssl-usage/<https://urldefense.proofpoint.com/v2/url?u=https-3A__blog.trailofbits.com_2020_05_29_detecting-2Dbad-2Dopenssl-2Dusage_&d=DwMFaQ&c=96ZbZZcaMF4w0F4jpN6LZg&r=4LM0GbR0h9Fvx86FtsKI-w&m=umc-9fW6eYwZuJa_RJ7Qh_tR1Zs7MzCSarQ3YgyEe2w&s=284ow8SPuGpA6WJ-uDXnpJnBJEJ0SRXklOQAgRmqMTk&e=>
I'm not sure whether it's worth using by the team but maybe it's worth mentioning in OpenSSL Wiki.
--
SY, Dmitry Belyavsky
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-project/attachments/20200531/068e0588/attachment.html>
More information about the openssl-project
mailing list