Re: [openssl-dev] Linker error when adding new cipher in crypto folder

2017-01-10 Thread Schmicker, Robert
rschm2> Hello, rschm2> rschm2> I am attempting to add a new cipher into the crypto library. I have rschm2> done the following so far? rschm2> rschm2> 1. Added my code to the openssl/crypto folder rschm2> 2. Created a build.info for make to compile my code (created this rschm2>

[openssl-dev] build.info documentation

2017-01-10 Thread Schmicker, Robert
Hello, Can anyone here point me in the direction to some documentation on build.info files? For the most part I’m creating mine using examples from other crypto ciphers but could use some more in depth explanation of what is going on when it is being parsed. More

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Blumenthal, Uri - 0553 - MITLL
We don’t need the full output width of a good hash function, but for _this_ purpose (as far as I understand) we don’t need the strength of a good hash function either – and we surely don’t need the unnecessary performance hit of a good hash where we don’t need a good hash. Or am I missing

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Short, Todd
I think I might have an init/update/final version of siphash24 lying around somewhere that would be compatible with OpenSSL’s EVP_PKEY mechanism (similar to Poly1305, in that it needs a key). -- -Todd Short // tsh...@akamai.com // "One if by land, two if by sea, three

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Richard Levitte
Benjamin Kaduk skrev: (10 januari 2017 20:19:21 CET) >On 01/10/2017 12:31 PM, Richard Levitte wrote: >> >> Benjamin Kaduk skrev: (10 januari 2017 18:48:32 >CET) >>> On 01/09/2017 10:05 PM, Salz, Rich wrote: Should we move to using SIPHash for the

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Peter Waltenberg
Reality check Others have pointed this out but I don't think it's making it through. LHash doesn't need a cryptographic hash and it doesn't have security implications. It certainly doesn't need a keyed hash. LHash does need to be something that's good at distinguishing short text strings,

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Salz, Rich
The needs for OpenSSL's LHASH are exactly what SipHash was designed for: fast on short strings. OpenSSL's hash currently *does not* call MD5 or SHA1; the MD5 code is commented out. Yes, performance tests would greatly inform the decision. -- openssl-dev mailing list To unsubscribe:

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Benjamin Kaduk
On 01/09/2017 10:05 PM, Salz, Rich wrote: > > Should we move to using SIPHash for the default string hashing > function in OpenSSL? It’s now in the kernel > https://lkml.org/lkml/2017/1/9/619 >

[openssl-dev] x509 extension support

2017-01-10 Thread Freemon Johnson
Hello, Can anyone help me in discerning which version of openssl supports sbgp-autonomousSysNum and sbgp-ipAddrBlock? If it has been deprecated then providing the alternative would be greatly appreciated. A sample openssl.cnf is provided below. When I perform a request for req it fails because

Re: [openssl-dev] x509 extension support

2017-01-10 Thread Rob Austein
At Tue, 10 Jan 2017 09:42:02 -0500, Freemon Johnson wrote: > > Can anyone help me in discerning which version of openssl supports > sbgp-autonomousSysNum and sbgp-ipAddrBlock? If it has been > deprecated then providing the alternative would be greatly > appreciated. RFC 3779 support has been in

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Richard Levitte
Benjamin Kaduk skrev: (10 januari 2017 18:48:32 CET) >On 01/09/2017 10:05 PM, Salz, Rich wrote: >> >> Should we move to using SIPHash for the default string hashing >> function in OpenSSL? It’s now in the kernel >> https://lkml.org/lkml/2017/1/9/619 >>

Re: [openssl-dev] use SIPhash for OPENSSL_LH_strhash?

2017-01-10 Thread Benjamin Kaduk
On 01/10/2017 12:31 PM, Richard Levitte wrote: > > Benjamin Kaduk skrev: (10 januari 2017 18:48:32 CET) >> On 01/09/2017 10:05 PM, Salz, Rich wrote: >>> Should we move to using SIPHash for the default string hashing >>> function in OpenSSL? It’s now in the kernel >>>

Re: [openssl-dev] [TrouSerS-tech] [PATCH 1/1] add TPM2 version of create_tpm2_key and libtpm2.so engine

2017-01-10 Thread Ken Goldman
On 1/3/2017 6:22 PM, James Bottomley wrote: Note that google took an alternative approach and modified their TSS to work with a MD5-SHA1 signature: https://chromium-review.googlesource.com/#/c/420811/ But this requires a modification to the TPM as well, which we can't do. Right. It's not a