[openssl.org #2117] Bug submission: ECDSA with Curves Below 128-Level

Sun, 29 Nov 2009 06:00:40 -0800 

Operating System: Ubuntu 9.10
OpenSSL is openssl-1.0.0-stable-SNAP-20091122


A blank result is returned for ECDSA signatures using SHA-256 and
112-level and below curves.  128-level and above curves work.  SHA-1
with these curves works.  I'm guessing that this is this part isn't yet
built into OpenSSL.  I'm submitting a bug report to get this into the
roadmap and in case I'm wrong and did find a hard-limit on something.
=)

These curves and SHA-256 are specified in NIST 186-3 as part of the
ECDSA standard and as part of RFC 5480.

>From RFC 5480:
To promote interoperability, the following choices are RECOMMENDED:

   Minimum  | ECDSA    | Message    | Curves
   Bits of  | Key Size | Digest     |
   Security |          | Algorithms |
   ---------+----------+------------+-----------
   80       | 192      | SHA-256    | secp192r1
   ---------+----------+------------+-----------
   112      | 224      | SHA-256    | secp224r1
   ---------+----------+------------+-----------
   128      | 256      | SHA-256    | secp256r1
   ---------+----------+------------+-----------
   192      | 384      | SHA-384    | secp384r1
   ---------+----------+------------+-----------
   256      | 512      | SHA-512    | secp521r1
   ---------+----------+------------+-----------




The process to recreate:
Create P-192 private key
Create P-224 private key
Create P-256 private key
Create P-384 private key
Validate all keys
Create digital signature in hex output using each key

The private keys are attached.
The output from each process is attached.
A strace from each signature creation is attached.


I've repeated this process with the following curves and results:
B-233/sect223r1  No output with SHA-256
K-233/sect223k1  No output with SHA-256
B-283/sect283r1  Works
K-283/sect283k1  Works


I've also used the -sign without -hex with the same result.



Thanks Much, you guys are great!

Cheers
--Mike




-- 
><))))*> Michael J. Smith, CISSP-ISSEP
[email protected] [email protected]
Blog: http://www.guerilla-ciso.com/

Unable to handle kernel NULL pointer dereference at virtual address 00000000
              \|/ ____ \|/
              "@'/ .. \`@"
              /_| \__/ |_\
                 \__U_/
Oops, going down hard!

Attachment: bug.report.tar.gz
Description: application/compressed-tar

Reply via email to