openssl-users at dukhovni.org
Thu Apr 4 15:16:23 UTC 2019
On Wed, Apr 03, 2019 at 06:09:59PM -0400, Viktor Dukhovni wrote:
> > Ah, right. Unlike GnuTLS, the STEK is tied to the SSL_CTX and,
> > as you say, Exim initialises that fresh per connection.
> > Rearchitecting that is more effort than it's worth spending
> > on TLS 1.2, I think.
> Well, the *default* STEK is in the SSL_CTX, but that is not a
> requirement, and you should use the default STEK, since it is
> not automatically rolled over.
[ Correction: ... should *not* use the default STEK, ... ]
For an example ticket callback implementation, see:
On line 315:
either the matching keyset (current active for creating a new ticket,
either active or previous when decrypting an existing ticket) is
selected, and the requested HMAC_CTX and EVP_CIPHER_CTX structures
are initialized appropriately. Keyset, because the HMAC and AES
keys are separate. The ticket encryption algorithm chosen by Postfix
defaults to aes-256-cbc. OpenSSL does not support AEAD for ticket
More information about the openssl-users