corrupted if
sizeof(long)sizeof(int), which is common on many 64-bit machines.
S
Stephen Sprunk God does not play dice. --Albert Einstein
CCIE #3723 God is an inveterate gambler, and He throws the
K5SSSdice at every possible opportunity. --Stephen Hawking
? IDEA? I forget) with only
slight changes; I didn't grok enough of it at the time to worry about
performance, just maintaining correctness.
S
Stephen SprunkStupid people surround themselves with smart
CCIE #3723 people. Smart people surround themselves with
K5SSS
function. Unfortunately, that approach probably
won't work on all of the platforms OpenSSL supports due to all the ancient
compilers floating around.
S
Stephen SprunkStupid people surround themselves with smart
CCIE #3723 people. Smart people surround themselves with
K5SSS
this...
That article is about OpenVPN, not OpenSSL, which is only mentioned twice in
passing. And, for that matter, one of those mentions does show that OpenSSL
has AES implemented already.
S
Stephen SprunkStupid people surround themselves with smart
CCIE #3723 people. Smart people
the EVP interface like you would with any other cipher.
S
Stephen SprunkStupid people surround themselves with smart
CCIE #3723 people. Smart people surround themselves with
K5SSS smart people who disagree with them. --Aaron Sorkin
parameters. I'm finding that I
have
to modify the source a lot in order to get it to compile.
Pointers to functions that take arguments are allowed by C89/C90; perhaps
your compiler isn't as compliant as the authors think?
S
Stephen Sprunk Those people who think they know everything
CCIE
. Could you please look into
the
code and give me some hints about decryption.
Minor bug: the AES CBC function doesn't correctly handle in==out.
Please retry with in!=out.
S
Stephen Sprunk God does not play dice. --Albert Einstein
CCIE #3723 God is an inveterate gambler, and He
for overflow
iff the counter is 64 bits.
Richard, do you want me to write up the code change, or do you want to do
it?
S
Stephen Sprunk God does not play dice. --Albert Einstein
CCIE #3723 God is an inveterate gambler, and He throws the
K5SSSdice at every possible opportunity
and SSE extensions, hand-tuned ASM, etc. When I saw that, I
gave up on any further algorithm improvements, though I'm sure there's still
small improvements to be made here and there.
S
Stephen Sprunk God does not play dice. --Albert Einstein
CCIE #3723 God is an inveterate gambler
Thus spake David Maurus [EMAIL PROTECTED]
Stephen Sprunk wrote:
In the specification of CTR mode, as proposed for AES, you will find the
statement The number /nonce/ is incremented following each encryption.
I interpreted this to mean that the top 2^64 bits are to be incremented
for
each
to reimplement CTR
mode, especially in a way which appears to create more problems?
S
Stephen Sprunk God does not play dice. --Albert Einstein
CCIE #3723 God is an inveterate gambler, and He throws the
K5SSSdice at every possible opportunity. --Stephen Hawking
significant changes to the API than I
know how to make,as passing parameters to a mode doesn't appear to be
supported today.
S
Stephen Sprunk God does not play dice. --Albert Einstein
CCIE #3723 God is an inveterate gambler, and He throws the
K5SSSdice at every possible opportunity
://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
--
Stephen Sprunk God does not play dice. --Albert Einstein
CCIE #3723 God is an inveterate gambler, and He throws the
K5SSSdice
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
--
Stephen Sprunk God does not play dice. --Albert Einstein
CCIE #3723 God
Thus spake Richard Levitte - VMS Whacker:
In message [EMAIL PROTECTED] on Wed, 17 Jul 2002
13:33:09 -0500, Stephen Sprunk [EMAIL PROTECTED] said:
stephen I'd like to take on moving OpenSSL towards an autoconf
stephen system. First of all, if anyone else is working on this,
stephen please
implementation (I'd been planning to
look at this at some point myself).
I'd have done it myself if I'd known Gladman's implementation was
*that* much faster. I've been spending my cycles trying to make the
various modes go faster, which should help most/all of the ciphers.
S
--
Stephen Sprunk
openvpn is crashing instead of
trying to re-do work which has already been done. AES is already
integrated, so if there's a bug, let us know and we'll fix it.
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
locale?
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said exactly what pleased me. --Albert Einstein
__
OpenSSL
marketing material.
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said exactly what pleased me. --Albert Einstein
Thus spake jeff roberts:
Is anyone working on a .NET version of OpenSSL ?
For those of us that live in non-Microsoft worlds, can you explain
what this means/entails?
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish
can achieve, and you're going
to have a tough time convincing us to rewrite tens of thousands of
lines of code just to make Bill Gates happy. There MUST be some
way to link .NET code to non-.NET DLL's, so creating a C# wrapper
around OpenSSL may be a worthwhile exercise.
S
--
Stephen Sprunk
you looking for a more elegant
way of doing this, or is my API broken?
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said exactly what pleased me. --Albert Einstein
be.
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said exactly what pleased me. --Albert Einstein
__
OpenSSL
that make counter mode a bit different from
other modes:
Already under discussion, though in reference to ALL modes :)
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said
Thus spake Richard Levitte - VMS Whacker:
From: Stephen Sprunk [EMAIL PROTECTED]
stephen After implementing CBC, CFB, OFB, and CTR for AES (mostly plagiarized
stephen from IDEA), I'm beginning to wonder why we have 40 different
stephen implementations of the exact same algorithms
-fschedule-insns (not 2) with -O2 or
above. This is at least 10% faster than the default -mcpu=pentium that
OpenSSL uses on my box.
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways
the
change.
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said exactly what pleased me. --Albert Einstein
SSE/MMX registers to pass
around keys and blocks, since doing so would grossly violate the
current API. This would provide serious performance gains, however.
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I
to be in
the NIST FIPS for AES modes, so it'd be nice to get it into EVP someday.
In any case, I can most certainly help you out, as I've already
fiddled with the first patches you sent.
I was figuring you would :)
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723
Thus spake Subramanian Ramamoorthy:
It appears that openssl-0.9.6c does not support AES. Will 0.9.6c at anytime
include support for AES at a later time. If so, can anyone give an idea when
this support will be included in 0.9.6c.
AES will be supported in 0.9.7.
S
--
Stephen Sprunk
implementation of CTR mode, but I don't see
where that would fit into EVP or the ASN.1 stuff.
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said exactly what pleased me. --Albert
will have much more robust support.
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said exactly what pleased me. --Albert Einstein
Thus spake Maya:
I want to use req with UTF8?
From the dociment it's seems that UTF8 can be used only with 0.9.7 version.
So I wonder where I can get it?
0.9.7 hasn't been released yet. In the meantime, you can experiment
with the snapshots or CVS tree.
S
--
Stephen Sprunk So
Thus spake Richard Levitte - VMS Whacker:
From: Stephen Sprunk [EMAIL PROTECTED]
stephen 0.9.6c (the latest public release) has primitive support for
stephen AES (Rijndael).
Really? Really really? Have you looked?
I've got *way* too many different copies of openssl on my machine.
I
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said exactly what pleased me. --Albert Einstein
__
OpenSSL Project
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said exactly what pleased me. --Albert Einstein
__
OpenSSL Project
.
While it's not openly stated, anything after the first 8 characters
will be ignored, as are the highest bits of those characters.
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
K5SSSalways said
not sure if you don't know..
IIRC, only freely distributed source code is currently granted a
blanket license for export from the US. Object code still requires a
license.
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish
. MMX ASM code
I'll leave renaming rijndael.h and crypto/rijndael/ to someone with
more CVS skill :)
cvs diff -Nu is at:
http://defiant.dfw.nostrum.com/~sprunk/aes.diff.bz2
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what
Thus spake Ken Murchison:
Are there any plans to add OFB mode support to AES? Most, if not all of
the other ciphers have support for OFB, but AES does not.
I'll add CFB and OFB as soon as my other patches make it into the
snapshots. Do you need 64-bit, or will 128-bit work?
S
--
Stephen
I'd like to offer some work on integrating AES (Rijndael), based on
the inital work I see in the snapshots. However, I'm in the US. How
can I help?
S
--
Stephen Sprunk So long as they don't get violent, I want to
CCIE #3723 let everyone say what they wish, for I myself have
41 matches
Mail list logo