Re: RSA algorithm with big endian environment
On Fri, Oct 16, 2009, Victor B. Wagner wrote: > On 2009.10.15 at 16:37:39 +0200, Alessandro Borga wrote: > > Do you use native build or cross-compiling? > If cross-compiling with GNU toolchain, that you have just to specify > --cross-compile-prefix (or it is just --cross-compile for recent CVS) > to Configure script and specify proper target argument for it. > It is still --cross-compile-prefix on the command line. It is CROSS_COMPILE in the environment because everyone else seems to use that. > something like > > ./Configure linux-arm --cross-compile-prefix=arm-linux-gnu > make > > If you are doing native build, config script should take care of all > this for you. > In CVS you can also dig out the values from uname and place them in the environemt. Then the config script will work out the correct system type. I use OpenSSL on big-endian ARM with no problems specifically an NSLU2 device. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: RSA algorithm with big endian environment
OpenSSL works fine on MIPS. MIPS is a big endian CPU. -Pandit From: Alessandro Borga To: openssl-users@openssl.org Sent: Thu, October 15, 2009 10:37:39 AM Subject: RSA algorithm with big endian environment Well I must use RSA encrypt/decprypt functions in a target using Arm cpu. Other rsa source code doesn’t work right because target environment use big endian memory allocation for int and long Can openSLL crypto lib work with big endian? If response ok can you help me how configure compile and linkimg the source code library? Sorry, my english is low level Thanks in advance Alex
Re: RSA algorithm with big endian environment
On 2009.10.15 at 16:37:39 +0200, Alessandro Borga wrote: >Well > >I must use RSA encrypt/decprypt functions in a target using Arm cpu. > >Other rsa source code doesn*t work right because target environment use >big endian memory allocation for int and long > >Can openSLL crypto lib work with big endian? Definitely. I, myself have tested it on sparc and mips big-endian processors. For ARM I've only tried little endian versions (debian port arm and armel, but not armeb) >If response ok can you help me how configure compile and linkimg the >source code library? Do you use native build or cross-compiling? If cross-compiling with GNU toolchain, that you have just to specify --cross-compile-prefix (or it is just --cross-compile for recent CVS) to Configure script and specify proper target argument for it. something like ./Configure linux-arm --cross-compile-prefix=arm-linux-gnu make If you are doing native build, config script should take care of all this for you. >Sorry, my english is low level > >Thanks in advance > >Alex > > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: RSA algorithm with big endian environment
Alex, We use OpenSSL on Sun Solaris SPARC architecture, which is big endian. Never had a problem. No clue about how to compile/link on your ARM cpu though. Dan Please respond to openssl-users@openssl.org Sent by:owner-openssl-us...@openssl.org To: cc: (bcc: Dan Mitton/YD/RWDOE) Subject:RSA algorithm with big endian environment LSN: Not Relevant - Not Privileged User Filed as: Excl/AdminMgmt-14-4/QA:N/A Well I must use RSA encrypt/decprypt functions in a target using Arm cpu. Other rsa source code doesn?t work right because target environment use big endian memory allocation for int and long Can openSLL crypto lib work with big endian? If response ok can you help me how configure compile and linkimg the source code library? Sorry, my english is low level Thanks in advance Alex
Re: RSA algorithm with big endian environment
Thanks for your replay - Original Message - From: dan_mit...@ymp.gov To: openssl-users@openssl.org Cc: al...@libero.it Sent: Thursday, October 15, 2009 5:07 PM Subject: Re: RSA algorithm with big endian environment Alex, We use OpenSSL on Sun Solaris SPARC architecture, which is big endian. Never had a problem. No clue about how to compile/link on your ARM cpu though. Dan Please respond to openssl-users@openssl.org Sent by:owner-openssl-us...@openssl.org To: cc: (bcc: Dan Mitton/YD/RWDOE) Subject:RSA algorithm with big endian environment LSN: Not Relevant - Not Privileged User Filed as: Excl/AdminMgmt-14-4/QA:N/A Well I must use RSA encrypt/decprypt functions in a target using Arm cpu. Other rsa source code doesn't work right because target environment use big endian memory allocation for int and long Can openSLL crypto lib work with big endian? If response ok can you help me how configure compile and linkimg the source code library? Sorry, my english is low level Thanks in advance Alex
Documentation Suggestion For OpenSSL Homepage
I have seen a fair number of related messages go by this list concerning the release schedule for OpenSSL versions. Would it be helpful to post guidance on www.openssl.org homepage for upcoming versions and anticipated release dates? Something like this perhaps: Q4 2009: OpenSSL 1.0 Q2 2010: OpenSSL 1.x The homepage already has dates and newsflash items for releases, so there's a spot for it. --Will __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Creating Encryption/Decryption Filter C++
Thank you very much for your detailed and very helpful response. I have lot on my plate to work on. I will get back to the list if I have anymore questions. -Anand -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Ger Hobbelt Sent: Wednesday, October 07, 2009 7:20 PM To: openssl-users@openssl.org Subject: Re: Creating Encryption/Decryption Filter C++ On Tue, Oct 6, 2009 at 10:51 PM, Patel, Anand wrote: > I would like to know how can I implement general purpose > encryption/decryption filter that can be used with BIO objects. > > Basically, filter should get the data before it is written out to the > stream/socket/memory. This allows my filter to encrypt/decrypt the data > for any kind of source/sink object. > > Furthermore, is it possible to implement devices also, if so how can I > do that. Before I knew BIO concept I had implemented device and filter > using BOOST::Iostream libraries. > > BIO seems very attractive concept so far, but I don not know how to > attach my version of device and filter to it. > > Thank you, > -Anand Your question is a bit ambiguous to me; the first part seems to request how to use BIOs as general purpose encryption/decryption data filters while the second seems to request how one code BIOs of their own, such as custom filters and devices (source/sinks in OpenSSL BIO parlance). The first is the shortest and easiest answer: use a BIO_f_cipher() BIO and set it up with the cipher you require. BIO_f_cipher wraps the EVP routines so anything that can be done through them can be done through BIO_f_cipher(). There's also a BIO_f_md() filter for generic secure hashing of your data, but you should take care to read it's documentation page before using as you'll need to know how to extract the calculated hash. You can combine such BIO filters in a chain with any BIO source/sink device at the end; often used types are supported in OpenSSL off the shelf, i.e. BIO_s_fd() for 'file handle' based file I/O, BIO_s_socket() for (TCP) socket-based I/O, BIO_s_mem() for special purpose memory-buffered I/O (BIO_s_mem() has a few caveats, see also second part below. In usage, such can be overcome by using a bidirectional buffering device instead, called a 'BIO pair': see BIO_s_bio()) As BIOs are essentially 'C' structures and callbacks invoked through OpenSSL API functions, such can be simply used in C++ classes as well. Use the OpenSSL provided APIs to create them, link them in a chain (BIO_push()), access them (BIO_read(), etc.) and clean them up (BIO_close(), BIO_free()). Then there's the answer to the second part: how to create your own BIOs... very doable, but it requires a bit more studying of existing code and documentation. For generic encrypt/decrypt BIOs see the sources crypto/evp/bio_enc.* and crypto/evp/bio_ok.* we use the BIO_f_cipher() one around here most of the time -- that would be the one in bio_enc.c; we have an edited BIO_f_reliable() over here so can't say anything about that one in the official distro. The BIO system is indeed very attractive indeed, and we use it a /lot/ around here, but a few caveats apply: - the BIO system is a 'C' design. Which means you'll need some extra handywork to have it behave like C++ objects or include C++ objects in a BIO filter chain. - some quirks in very advanced stuff regarding detaching/attaching chains and pushing control messages; I should find/make time to prep and submit to rt@ :-( Don't let that bother you, it won't matter unless you try some quite fancy stuff. As the BIO system is 'C' based, your own, custom BIO filters and/or devices should have a 'C' interface. That is: you /can/ code BIO's in C++, but you'll need to supply an extern 'C' facade with those to make it behave. Your BIO structure (as visible to 'C') should then be made to carry the C++ 'this' pointer around so you can properly invoke your C++ virtual and non-virtual class methods from the 'extern "C"' facade functions and callbacks that should come with your BIO filter / device. On the other hand, you can code them entirely in 'C' (a C++ compiler can generally also compile 'C' code after all); apart from a few quite advanced filters we took that approach over here. I find that reading the crypto/BIO/* source code files is most helpful (but then I don't have a problem grokking code); take heed and note that a few of these are a little light on the error/failure checking and handling part (I'm rather a*** retentive in that regard ;-) ) For a filter example, look how evp/bio_enc.c was done, then compare with a different, slightly more complex filter, such as the BIO_f_buffer() bidirectional buffering filter found in crypto/BIO/bf_buff.c Note that some filters are unidirectional by design/implementation, despite the fact that the basic BIO structure design facilitates bidirectional I/O. For clarity the definition of 'bidirectional I/O capable' as I use it: A filter or devi
Re: RSA algorithm with big endian environment
Bruce Stephens wrote: OpenSSL works fine on 32 bit SPARC. (As far as I'm aware, anyway. I don't recall seeing any problems.) its bundled with Solaris 10 as both 32bit and 64bit sparc binaries Also works on IBM Power architecture with AIX, this is also a 'big endian' 32/64bit architecture. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: RSA algorithm with big endian environment
"Alessandro Borga" writes: > I must use RSA encrypt/decprypt functions in a target using Arm cpu. > > Other rsa source code doesn’t work right because target environment use big > endian memory allocation for int and long Really? SPARC (32bit) is big-endian, and really quite common (less though than it used to be, admittedly). > Can openSLL crypto lib work with big endian? OpenSSL works fine on 32 bit SPARC. (As far as I'm aware, anyway. I don't recall seeing any problems.) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: RSA algorithm with big endian environment
Hi Alessandro, > Other rsa source code doesn’t work right because target environment > use big endian memory allocation for int and long I don't believe this is characteristic of many libraries, such as Peter Guttman's Cryptlib or Wei Dai's Crypto++. Jeff On Thu, Oct 15, 2009 at 10:37 AM, Alessandro Borga wrote: > Well > > I must use RSA encrypt/decprypt functions in a target using Arm cpu. > > Other rsa source code doesn’t work right because target environment use big > endian memory allocation for int and long > > Can openSLL crypto lib work with big endian? > > If response ok can you help me how configure compile and linkimg the source > code library? > > Sorry, my english is low level > > Thanks in advance > > Alex > > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RSA algorithm with big endian environment
Well I must use RSA encrypt/decprypt functions in a target using Arm cpu. Other rsa source code doesn't work right because target environment use big endian memory allocation for int and long Can openSLL crypto lib work with big endian? If response ok can you help me how configure compile and linkimg the source code library? Sorry, my english is low level Thanks in advance Alex
error: sslv3 alert bad certificate
Hi All, i have created 1 client (client1.pem) certificate and 1 server (server1.pem) certificate with 1 CA (trusted.pem) and i have even verified them for consistency. $>openssl verify -CAfile trusted.pem server1.pem client1.pem server1.pem: OK client1.pem: OK while i am using these files in my client and server communication applications am getting following error from server side *code 17426, sslv3 alert bad certificate* i have tried the key size of the algorithm to 2048 (i have set 1024 as default) , even then am facing the following. please help me in fixing this regards, Venkata client1.pem Description: Binary data client_key.pem Description: Binary data server1.pem Description: Binary data server_key.pem Description: Binary data trusted.pem Description: Binary data trusted_key.pem Description: Binary data