Re: [openssl-users] help on des_cblock
Thanks, Jason On Fri, Mar 18, 2016 at 4:23 PM, Scott Neugroschl <scot...@xypro.com> wrote: > I suspect the use of std::string and c_str(). Use a std::vector > instead. > > > > *From:* openssl-users [mailto:openssl-users-boun...@openssl.org] *On > Behalf Of *Jason Qian > *Sent:* Friday, March 18, 2016 1:19 PM > *To:* openssl-users@openssl.org > *Subject:* [openssl-users] help on des_cblock > > > > I am new on openSSl and run into a issue need some help. > > > In our application, the client and server perform a Diffie Hellman Key > exchange and then encrypt the data The client is written in C++(using > openSSL), and server is in java. > > Most of time, it is running correctly, but occasionally the server(java) > throw a "Given final block not properly padded" exception. > > I added more log on the both side. When the exception happen, the keys > are offset by one(for the working case, they are the same) > > > Server -- java get from getEncoded() > > DES Key size (8)(1,-83,-113,-74,-77,109,84,88) > > Client -- openSSL get from des_cblock struct > > DES Key size (8) (-83,-113,-74,-77,109,84,88,8) > > Thanks > > Jason > > > Here is the C++ code > > void DiffieHellmanCipher::init(const std::string ){ > if (Y.length() == 0) { > return; > } > if (m_DH == NULL) { > return; > } > > // convert the Y to BIGNUM > BIGNUM *bnY = NULL; > // Memory for bnY is allocated in BN_dec2bn call. > if (!BN_dec2bn(, Y.c_str())) { > if (bnY) > BN_free(bnY); > printf("Could not convert Diffie-Hellman Y value to BIGNUM"); > } > > // compute the secret key > int dhSize = DH_size(m_DH); > unsigned char *secretKey = (unsigned char*) new char[dhSize + 1]; > int secretKeyLen = DH_compute_key(secretKey, bnY, m_DH); > BN_free(bnY); > > if (secretKeyLen < 8) { > delete [] secretKey; > printf("Error computing secret key: key length is too short"); > } > > // convert from raw form to odd parity DES key > des_cblock desKey; > memcpy(desKey, secretKey, 8); > delete [] secretKey; > DES_set_odd_parity(); > > //just print out des_cblock > secretKeyString="("; > char ch[10]="\0"; > for(int i=0;i<8;i++){ > sprintf(ch,"%d",(char)desKey[i]); > secretKeyString+=ch; > if(i != 7){ > secretKeyString+=","; > } > } > secretKeyString+=")"; > > > int skRet; > if ((skRet = DES_set_key(, _DESKey)) != 0) { > delete [] secretKey; > printf("Error computing secret key: generated key is weak"); > } > > m_bInited = true; > } > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] help on des_cblock
I suspect the use of std::string and c_str(). Use a std::vector instead. From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Jason Qian Sent: Friday, March 18, 2016 1:19 PM To: openssl-users@openssl.org Subject: [openssl-users] help on des_cblock I am new on openSSl and run into a issue need some help. In our application, the client and server perform a Diffie Hellman Key exchange and then encrypt the data The client is written in C++(using openSSL), and server is in java. Most of time, it is running correctly, but occasionally the server(java) throw a "Given final block not properly padded" exception. I added more log on the both side. When the exception happen, the keys are offset by one(for the working case, they are the same) Server -- java get from getEncoded() DES Key size (8)(1,-83,-113,-74,-77,109,84,88) Client -- openSSL get from des_cblock struct DES Key size (8) (-83,-113,-74,-77,109,84,88,8) Thanks Jason Here is the C++ code void DiffieHellmanCipher::init(const std::string ){ if (Y.length() == 0) { return; } if (m_DH == NULL) { return; } // convert the Y to BIGNUM BIGNUM *bnY = NULL; // Memory for bnY is allocated in BN_dec2bn call. if (!BN_dec2bn(, Y.c_str())) { if (bnY) BN_free(bnY); printf("Could not convert Diffie-Hellman Y value to BIGNUM"); } // compute the secret key int dhSize = DH_size(m_DH); unsigned char *secretKey = (unsigned char*) new char[dhSize + 1]; int secretKeyLen = DH_compute_key(secretKey, bnY, m_DH); BN_free(bnY); if (secretKeyLen < 8) { delete [] secretKey; printf("Error computing secret key: key length is too short"); } // convert from raw form to odd parity DES key des_cblock desKey; memcpy(desKey, secretKey, 8); delete [] secretKey; DES_set_odd_parity(); //just print out des_cblock secretKeyString="("; char ch[10]="\0"; for(int i=0;i<8;i++){ sprintf(ch,"%d",(char)desKey[i]); secretKeyString+=ch; if(i != 7){ secretKeyString+=","; } } secretKeyString+=")"; int skRet; if ((skRet = DES_set_key(, _DESKey)) != 0) { delete [] secretKey; printf("Error computing secret key: generated key is weak"); } m_bInited = true; } -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] help on des_cblock
I am new on openSSl and run into a issue need some help. In our application, the client and server perform a Diffie Hellman Key exchange and then encrypt the data The client is written in C++(using openSSL), and server is in java. Most of time, it is running correctly, but occasionally the server(java) throw a "Given final block not properly padded" exception. I added more log on the both side. When the exception happen, the keys are offset by one(for the working case, they are the same) Server -- java get from getEncoded() DES Key size (8)(1,-83,-113,-74,-77,109,84,88) Client -- openSSL get from des_cblock struct DES Key size (8) (-83,-113,-74,-77,109,84,88,8) Thanks Jason Here is the C++ code void DiffieHellmanCipher::init(const std::string ){ if (Y.length() == 0) { return; } if (m_DH == NULL) { return; } // convert the Y to BIGNUM BIGNUM *bnY = NULL; // Memory for bnY is allocated in BN_dec2bn call. if (!BN_dec2bn(, Y.c_str())) { if (bnY) BN_free(bnY); printf("Could not convert Diffie-Hellman Y value to BIGNUM"); } // compute the secret key int dhSize = DH_size(m_DH); unsigned char *secretKey = (unsigned char*) new char[dhSize + 1]; int secretKeyLen = DH_compute_key(secretKey, bnY, m_DH); BN_free(bnY); if (secretKeyLen < 8) { delete [] secretKey; printf("Error computing secret key: key length is too short"); } // convert from raw form to odd parity DES key des_cblock desKey; memcpy(desKey, secretKey, 8); delete [] secretKey; DES_set_odd_parity(); //just print out des_cblock secretKeyString="("; char ch[10]="\0"; for(int i=0;i<8;i++){ sprintf(ch,"%d",(char)desKey[i]); secretKeyString+=ch; if(i != 7){ secretKeyString+=","; } } secretKeyString+=")"; int skRet; if ((skRet = DES_set_key(, _DESKey)) != 0) { delete [] secretKey; printf("Error computing secret key: generated key is weak"); } m_bInited = true; } -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] help on des_cblock
My mistake. I was reading the calls backwards. The use of c_str() there is fine. Ignore my previous comment. From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of Jason Qian Sent: Friday, March 18, 2016 2:34 PM To: openssl-users@openssl.org Subject: Re: [openssl-users] help on des_cblock Thanks, Jason On Fri, Mar 18, 2016 at 4:23 PM, Scott Neugroschl <scot...@xypro.com<mailto:scot...@xypro.com>> wrote: I suspect the use of std::string and c_str(). Use a std::vector instead. From: openssl-users [mailto:openssl-users-boun...@openssl.org<mailto:openssl-users-boun...@openssl.org>] On Behalf Of Jason Qian Sent: Friday, March 18, 2016 1:19 PM To: openssl-users@openssl.org<mailto:openssl-users@openssl.org> Subject: [openssl-users] help on des_cblock I am new on openSSl and run into a issue need some help. In our application, the client and server perform a Diffie Hellman Key exchange and then encrypt the data The client is written in C++(using openSSL), and server is in java. Most of time, it is running correctly, but occasionally the server(java) throw a "Given final block not properly padded" exception. I added more log on the both side. When the exception happen, the keys are offset by one(for the working case, they are the same) Server -- java get from getEncoded() DES Key size (8)(1,-83,-113,-74,-77,109,84,88) Client -- openSSL get from des_cblock struct DES Key size (8) (-83,-113,-74,-77,109,84,88,8) Thanks Jason Here is the C++ code void DiffieHellmanCipher::init(const std::string ){ if (Y.length() == 0) { return; } if (m_DH == NULL) { return; } // convert the Y to BIGNUM BIGNUM *bnY = NULL; // Memory for bnY is allocated in BN_dec2bn call. if (!BN_dec2bn(, Y.c_str())) { if (bnY) BN_free(bnY); printf("Could not convert Diffie-Hellman Y value to BIGNUM"); } // compute the secret key int dhSize = DH_size(m_DH); unsigned char *secretKey = (unsigned char*) new char[dhSize + 1]; int secretKeyLen = DH_compute_key(secretKey, bnY, m_DH); BN_free(bnY); if (secretKeyLen < 8) { delete [] secretKey; printf("Error computing secret key: key length is too short"); } // convert from raw form to odd parity DES key des_cblock desKey; memcpy(desKey, secretKey, 8); delete [] secretKey; DES_set_odd_parity(); //just print out des_cblock secretKeyString="("; char ch[10]="\0"; for(int i=0;i<8;i++){ sprintf(ch,"%d",(char)desKey[i]); secretKeyString+=ch; if(i != 7){ secretKeyString+=","; } } secretKeyString+=")"; int skRet; if ((skRet = DES_set_key(, _DESKey)) != 0) { delete [] secretKey; printf("Error computing secret key: generated key is weak"); } m_bInited = true; } -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users