Re: [openssl-users] BN_MUL_MONT for ARM64 v8

sing > applications. > > On 08/02/2017 00:31, Mike Mohr wrote: > >> Have you considered using GMP as a big integer backed for openssl? It >> has support for several arm variants using handwritten assembly code >> and the developers go to great lengths to find optimize r

Re: [openssl-users] BN_MUL_MONT for ARM64 v8

P in OpenSSL would cause problems for many OpenSSL using > applications. > > On 08/02/2017 00:31, Mike Mohr wrote: > >> Have you considered using GMP as a big integer backed for openssl? It >> has support for several arm variants using handwritten assembly code >&g

Re: [openssl-users] BN_MUL_MONT for ARM64 v8

Have you considered using GMP as a big integer backed for openssl? It has support for several arm variants using handwritten assembly code and the developers go to great lengths to find optimize runtime on all supported platforms. On Feb 7, 2017 2:26 PM, "Vijay Chander"

Re: [openssl-users] Verifying the sha1 of fipscanister.o with what is embedded in libcrypto.so

During the linking process, parts of fipscanister.o are removed (discarded) by the linker. Also, jumps and call instructions have their operands changed (addresses are filled in or relocation information is added) and the machine code is fundamentally altered. Imagine the linking process as

Re: [openssl-users] Verifying the sha1 of fipscanister.o with what is embedded in libcrypto.so

During the final linking stage, when the shared object is built, the compiler is free to insert functions from compiled object files anywhere it sees fit in the final shared object's code segment. The object file is fundamentally transformed by this process; information which was present in the

Re: [openssl-users] glibc detected *** xxx: double free or corruption (!prev): 0x097b8750

You'll need to rebuild your application and openssl with debugging symbols and no optimization, then run it inside gdb to produce a more useful stack trace. Since you don't include any context or source code snippets it isn't really possible to help. Can you produce a reduced test case with source

Re: [openssl-users] using a random number file for generation of keys/certificates

Once you've written the random data to secondary storage you've permanently compromised the integrity of any cryptographic secrets generated from it. Depending on your threat model, underlying storage media, filesystem, and other factors the data files may be recoverable indefinitely (especially

Re: [openssl-users] Regarding the security of the keys

On Tue, Jul 21, 2015 at 9:46 PM, Salz, Rich rs...@akamai.com wrote: Actually that isn't quite right. A properly configured and tuned RBAC policy, when combined with PaX, can very effectively limit all userspace activity (including root access!). How do you know that the module is

Re: [openssl-users] Regarding the security of the keys

Actually that isn't quite right. A properly configured and tuned RBAC https://en.wikipedia.org/wiki/Grsecurity#Role-based_access_control policy, when combined with PaX https://en.wikipedia.org/wiki/Grsecurity#PaX, can very effectively limit all userspace activity (including root access!). It

Re: [openssl-users] Regarding the security of the keys

Securing a system against this kind of attack can be done in several ways, depending on the level of assurance you desire. You might start out with Tripwire: https://en.wikipedia.org/wiki/Open_Source_Tripwire http://www.tripwire.org/ You could also implement mandatory access control and ACLs

Re: [openssl-users] Stand alone AES-CTR module

, Mike Mohr akih...@gmail.com wrote: The task of implementing AES should not be undertaken by a novice programmer. Please save the world another heartbleed and pick something more in line with your skill level. On May 10, 2015 11:48 AM, konstantinos Alexiou konstantinako...@gmail.com wrote

Re: [openssl-users] Stand alone AES-CTR module

The task of implementing AES should not be undertaken by a novice programmer. Please save the world another heartbleed and pick something more in line with your skill level. On May 10, 2015 11:48 AM, konstantinos Alexiou konstantinako...@gmail.com wrote: Dear Sirs, I am new to C programming

Re: OpenSSL 1.0.1h for android ?? Please help.

Openssl does not directly support Android AFAIR. You can try some manual changes to e.g. CC or write your own make file. On Jun 23, 2014 11:18 AM, Abhishek Gupta abhis...@meddiff.com wrote: Hello Users, I am at task to compile OpenSSL 1.0.1h for android platform and link it with an

Re: Recommended/allowed private key lengths Reg.

Perhaps some on this list are better qualified than me to answer this question, but this is my $0.02. Generally speaking, higher-bit key lengths (than 2048) become much slower when used on embedded hardware (even high-end smartphones). In some cases it may be impossible to support keys longer

Re: cross compiling for ARM running Android

Please have a look at the NDK documentation. You need to extract the toolchain using a provided script which targets the appropriate API level. The codesourcery toolchain does not target the correct libc. On Jun 16, 2011 9:43 AM, Nahid Alam sha...@gmail.com wrote: Hi, I am using OpenSSL 0.9.8k

Re: DH session Key length

, 2011 at 7:25 PM, Mike Mohr akih...@gmail.com wrote: You might take a look at RFC 3526: http://tools.ietf.org/html/rfc3526 It is my understanding that the DH exponent can be significantly shorter than the modulus without compromising security.  RFC 3526 is from 2003, but I haven't found

Re: some questions about openssl

IMHO openssl is unsuitable for this purpose. Openssl is really good at what it does, don't get me wrong, but using it in a boot loader probably isn't the easiest/smartest idea. What you really want is a subset of PKCS#1 - that is, EMSA-PSS encoding and verification plus RSASP1/RSAVP1. I'm

Re: DH session Key length

Ikuzar, I'm not sure what software you're writing. Please understand that I'm not trying to be mean spirited when I say this, but if you don't already know the difference between symmetric vs public-key crypto then you should not be writing this type of code. Stop doing it until you have a firm

Re: DH session Key length

You might take a look at RFC 3526: http://tools.ietf.org/html/rfc3526 It is my understanding that the DH exponent can be significantly shorter than the modulus without compromising security. RFC 3526 is from 2003, but I haven't found anything published since then that would make me think its

Re: (DH) how to send dh-pub_key to peer

ikuzar, You cannot send the public key to a peer as-is. The DH structure contains bignums which must be serialized prior to transmission. Do you understand that DH is subject to a MITM attack unless the messages are signed or encrypted somehow? If you insist on using the low-level objects, I'd

Re: How to verify that DH private and public key have been generated ?

Try checking the bit count of the structure members. The private and public keys should be similar in size to p. On Mar 23, 2011 10:27 AM, ikuzar razuk...@gmail.com wrote: Hello, I 'd like to know how to verify that DH private and public key have been generated ? In my DH struct, p and g had

Re: How to verify that DH private and public key have been generated ?

is not NULL I 'm wondering what happens... could you tell me more about bit counting ? I do not understand The private and public keys should be similar in size to p. Thanks for your help. 2011/3/23 Mike Mohr akih...@gmail.com Try checking the bit count of the structure members. The private

Re: must 'x' in g^x be a prime number

Although the generator g can be any number, it is typically 2 or 5. In fact, this is all that OpenSSL supports (values 2 or 5 for g). The typical situation is this: (1) Alice and Bob generate random secret values a and b. If a or b happen to be prime, that is fine - but they need not be. (2)

components of RSA keys?

Good afternoon, When generating an RSA key, several components are described in the output file. Per the RSA specification on wikipedia, I can identify the following values: prime1: p prime2: q modulus: N = p * q publicExponent: e privateExponent: d What I'm not clear about is what function

Re: components of RSA keys?

, Mounir IDRASSI mounir.idra...@idrix.net wrote: Take a look at : http://en.wikipedia.org/wiki/RSA#Using_the_Chinese_remainder_algorithm exponent1 = dp exponent2 = dq coefficient = qInv -- Mounir IDRASSI IDRIX http://www.idrix.fr On 12/23/2010 9:48 PM, Mike Mohr wrote: Good afternoon

Re: do i need a dedicated ip address for https?

I believe you can sort of get around that requirement using a wildcard SSL certificate (e.g. for *.domain.tld). But that only helps you if you're running multiple subdomains for the same TLD. I think I heard something about a change to the SSL protocol which would allow sending of the hostname

Using DH parameters from OpenSSL

Good afternoon, I'm trying to understand the data format that OpenSSL writes out its DH parameters in. I am aware that the actual data is encoded using ASN.1 DER and have a way to parse the container. My question really amounts to byte ordering when DH parameters are generated like this:

Re: Using DH parameters from OpenSSL

- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Mike Mohr Sent: Tuesday, December 14, 2010 3:42 PM To: openssl-users@openssl.org Subject: Using DH parameters from OpenSSL Good afternoon, I'm trying to understand the data format that OpenSSL writes