Думаю многие знают такой супер пакет программ для шифрования как OpenSSL.
Но он консольный.
Существует ли для него фронтэнд?
Но он консольный.
Существует ли для него фронтэнд?
» Фронтэнд для OpenSSL.
OpenSSL v1.0.0f
04-01-2012
Цитата:
Windows 32/64bit libraries and tools (standalone):
http://www.mediafire.com/?t58615d4tqvr324
04-01-2012
Цитата:
*) Nadhem Alfardan and Kenny Paterson have discovered an extension
of the Vaudenay padding oracle attack on CBC mode encryption
which enables an efficient plaintext recovery attack against
the OpenSSL implementation of DTLS. Their attack exploits timing
differences arising during decryption processing. A research
paper describing this attack can be found at:
http://www.isg.rhul.ac.uk/~kp/dtls.pdf
Thanks go to Nadhem Alfardan and Kenny Paterson of the Information
Security Group at Royal Holloway, University of London
(www.isg.rhul.ac.uk) for discovering this flaw and to Robin Seggelmann
and Michael Tuexen
for preparing the fix. (CVE-2011-4108)
[Robin Seggelmann, Michael Tuexen]
*) Clear bytes used for block padding of SSL 3.0 records.
(CVE-2011-4576)
[Adam Langley (Google)]
*) Only allow one SGC handshake restart for SSL/TLS. (CVE-2011-4619)
[Adam Langley (Google)]
*) Check parameters are not NULL in GOST ENGINE. (CVE-2012-0027)
[Andrey Kulikov]
*) Prevent malformed RFC3779 data triggering an assertion failure.
Thanks to Andrew Chi, BBN Technologies, for discovering the flaw
and Rob Austein for fixing it. (CVE-2011-4577)
[Rob Austein]
*) Improved PRNG seeding for VOS.
[Paul Green]
*) Fix ssl_ciph.c set-up race.
[Adam Langley (Google)]
*) Fix spurious failures in ecdsatest.c.
[Emilia Käsper (Google)]
*) Fix the BIO_f_buffer() implementation (which was mixing different
interpretations of the '..._len' fields).
[Adam Langley (Google)]
*) Fix handling of BN_BLINDING: now BN_BLINDING_invert_ex (rather than
BN_BLINDING_invert_ex) calls BN_BLINDING_update, ensuring that concurrent
threads won't reuse the same blinding coefficients.
This also avoids the need to obtain the CRYPTO_LOCK_RSA_BLINDING
lock to call BN_BLINDING_invert_ex, and avoids one use of
BN_BLINDING_update for each BN_BLINDING structure (previously,
the last update always remained unused).
[Emilia Käsper (Google)]
*) In ssl3_clear, preserve s3->init_extra along with s3->rbuf.
[Bob Buckholz (Google)]
Windows 32/64bit libraries and tools (standalone):
http://www.mediafire.com/?t58615d4tqvr324
OpenSSL v1.0.1b Light
26-04-2012
Setup:
http://slproweb.com/download/Win32OpenSSL_Light-1_0_1b.exe
Setup-x64:
http://slproweb.com/download/Win64OpenSSL_Light-1_0_1b.exe
26-04-2012
Setup:
http://slproweb.com/download/Win32OpenSSL_Light-1_0_1b.exe
Setup-x64:
http://slproweb.com/download/Win64OpenSSL_Light-1_0_1b.exe
Помогите победить ошибку
PS C:\OpenSSL\bin> ./openssl req -new -nodes -out c:\openssl\certs\vCenterSSO\rui_vpxd.csr -keyout c:\openssl\certs\vCenterSSO\rui_vpxd.key -config c:\openssl\certs\vCenterSSO\openssl_vpxd.cfg
error on line -1 of c:\openssl\certs\vCenterSSO\openssl_vpxd.cfg
9176:error:02001002:system library:fopen:No such file or directory:.\crypto\bio\bss_file.c:126:fopen('c:\openssl\certs\vCenterSSO\openssl_vpxd.cfg','rb')
9176:error:2006D080:BIO routines:BIO_new_file:no such file:.\crypto\bio\bss_file.c:129:
9176:error:0E078072:configuration file routines:DEF_LOAD:no such file:.\crypto\conf\conf_def.c:197:
Почему тема называется "Фронтэнд для OpenSSL", а не Фронтэнд для ОупэнССЛ?
У кого-нибудь сохранились вот эти файлы:
https://slproweb.com/download/Win32OpenSSL_Light-1_0_2f.exe
https://slproweb.com/download/Win64OpenSSL_Light-1_0_2f.exe
? Выложите, плиз
https://slproweb.com/download/Win32OpenSSL_Light-1_0_2f.exe
https://slproweb.com/download/Win64OpenSSL_Light-1_0_2f.exe
? Выложите, плиз
spirit21
32 битную нашёл у себя: скачать.
32 битную нашёл у себя: скачать.
skipik001
Спасибо, еще бы кто 64-битную версию подкинул
Спасибо, еще бы кто 64-битную версию подкинул
OpenSSL v1.1.0
https://slproweb.com/download/Win32OpenSSL_Light-1_1_0.exe
https://slproweb.com/download/Win64OpenSSL_Light-1_1_0.exe
https://slproweb.com/download/Win32OpenSSL-1_1_0.exe
https://slproweb.com/download/Win64OpenSSL-1_1_0.exe
[more=Основные Изменения]Major changes between OpenSSL 1.0.2h and OpenSSL 1.1.0 [25 Aug 2016]
Copyright text was shrunk to a boilerplate that points to the license
"shared" builds are now the default when possible
Added support for "pipelining"
Added the AFALG engine
New threading API implemented
Support for ChaCha20 and Poly1305 added to libcrypto and libssl
Support for extended master secret
CCM ciphersuites
Reworked test suite, now based on perl, Test::Harness and Test::More
*Most* libcrypto and libssl public structures were made opaque,
including:
BIGNUM and associated types, EC_KEY and EC_KEY_METHOD,
DH and DH_METHOD, DSA and DSA_METHOD, RSA and RSA_METHOD,
BIO and BIO_METHOD, EVP_MD_CTX, EVP_MD, EVP_CIPHER_CTX,
EVP_CIPHER, EVP_PKEY and associated types, HMAC_CTX,
X509, X509_CRL, X509_OBJECT, X509_STORE_CTX, X509_STORE,
X509_LOOKUP, X509_LOOKUP_METHOD
libssl internal structures made opaque
SSLv2 support removed
Kerberos ciphersuite support removed
RC4 removed from DEFAULT ciphersuites in libssl
40 and 56 bit cipher support removed from libssl
All public header files moved to include/openssl, no more symlinking
SSL/TLS state machine, version negotiation and record layer rewritten
EC revision: now operations use new EC_KEY_METHOD.
Support for OCB mode added to libcrypto
Support for asynchronous crypto operations added to libcrypto and libssl
Deprecated interfaces can now be disabled at build time either
relative to the latest release via the "no-deprecated" Configure
argument, or via the "--api=1.1.0|1.0.0|0.9.8" option.
Application software can be compiled with -DOPENSSL_API_COMPAT=version
to ensure that features deprecated in that version are not exposed.
Support for RFC6698/RFC7671 DANE TLSA peer authentication
Change of Configure to use --prefix as the main installation
directory location rather than --openssldir. The latter becomes
the directory for certs, private key and openssl.cnf exclusively.
Reworked BIO networking library, with full support for IPv6.
New "unified" build system
New security levels
Support for scrypt algorithm
Support for X25519
Extended SSL_CONF support using configuration files
KDF algorithm support. Implement TLS PRF as a KDF.
Support for Certificate Transparency
HKDF support.[/more]
Changelog.
https://slproweb.com/download/Win32OpenSSL_Light-1_1_0.exe
https://slproweb.com/download/Win64OpenSSL_Light-1_1_0.exe
https://slproweb.com/download/Win32OpenSSL-1_1_0.exe
https://slproweb.com/download/Win64OpenSSL-1_1_0.exe
[more=Основные Изменения]Major changes between OpenSSL 1.0.2h and OpenSSL 1.1.0 [25 Aug 2016]
Copyright text was shrunk to a boilerplate that points to the license
"shared" builds are now the default when possible
Added support for "pipelining"
Added the AFALG engine
New threading API implemented
Support for ChaCha20 and Poly1305 added to libcrypto and libssl
Support for extended master secret
CCM ciphersuites
Reworked test suite, now based on perl, Test::Harness and Test::More
*Most* libcrypto and libssl public structures were made opaque,
including:
BIGNUM and associated types, EC_KEY and EC_KEY_METHOD,
DH and DH_METHOD, DSA and DSA_METHOD, RSA and RSA_METHOD,
BIO and BIO_METHOD, EVP_MD_CTX, EVP_MD, EVP_CIPHER_CTX,
EVP_CIPHER, EVP_PKEY and associated types, HMAC_CTX,
X509, X509_CRL, X509_OBJECT, X509_STORE_CTX, X509_STORE,
X509_LOOKUP, X509_LOOKUP_METHOD
libssl internal structures made opaque
SSLv2 support removed
Kerberos ciphersuite support removed
RC4 removed from DEFAULT ciphersuites in libssl
40 and 56 bit cipher support removed from libssl
All public header files moved to include/openssl, no more symlinking
SSL/TLS state machine, version negotiation and record layer rewritten
EC revision: now operations use new EC_KEY_METHOD.
Support for OCB mode added to libcrypto
Support for asynchronous crypto operations added to libcrypto and libssl
Deprecated interfaces can now be disabled at build time either
relative to the latest release via the "no-deprecated" Configure
argument, or via the "--api=1.1.0|1.0.0|0.9.8" option.
Application software can be compiled with -DOPENSSL_API_COMPAT=version
to ensure that features deprecated in that version are not exposed.
Support for RFC6698/RFC7671 DANE TLSA peer authentication
Change of Configure to use --prefix as the main installation
directory location rather than --openssldir. The latter becomes
the directory for certs, private key and openssl.cnf exclusively.
Reworked BIO networking library, with full support for IPv6.
New "unified" build system
New security levels
Support for scrypt algorithm
Support for X25519
Extended SSL_CONF support using configuration files
KDF algorithm support. Implement TLS PRF as a KDF.
Support for Certificate Transparency
HKDF support.[/more]
Changelog.
skipik001 16:49 28-08-2016
Цитата:
Похоже, для всех программ, что использовали библиотеки OpenSSL, последняя рабочая версия - v1.0.2h. В v1.1.0 чересчур сильно всё поменяли. Возможно, разработчики адаптируют свои программы, но что-то как то сомнительно, из-за смены имен у библиотек - зачем это сделали?
Цитата:
OpenSSL v1.1.0
Похоже, для всех программ, что использовали библиотеки OpenSSL, последняя рабочая версия - v1.0.2h. В v1.1.0 чересчур сильно всё поменяли. Возможно, разработчики адаптируют свои программы, но что-то как то сомнительно, из-за смены имен у библиотек - зачем это сделали?
Цитата:
из-за смены имен у библиотек
там и экспорт переколбасили.
Страницы: 1
Предыдущая тема: Softmccs
Форум Ru-Board.club — поднят 15-09-2016 числа. Цель - сохранить наследие старого Ru-Board, истории становления российского интернета. Сделано для людей.