subject:"\[openssl\-users\] EVP_MD_CTX and EVP_PKEY_CTX\? How to init\? How to free\?"

Re: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How to free?

2017-04-30 Thread Blumenthal, Uri - 0553 - MITLL

Understood. Thanks! 

Yes, it would be nice if 1_0_2-stable and 1_1 branches returned an error on an 
attempt to sign or verify with RSA_NO_PADDING.

Regards,
Uri

Sent from my iPhone

> On Apr 30, 2017, at 15:19, Dr. Stephen Henson  wrote:
> 
>> On Sun, Apr 30, 2017, Blumenthal, Uri - 0553 - MITLL wrote:
>> 
>> 
>> Semi-related question. Is RSA_NO_PADDING allowed for EVP signature? When I 
>> tried that (without using DigestSign of course), signing succeeded but 
>> verification always failed. Was that expected? Are there some special 
>> settings one needs to apply besides just setting the padding type?
>> 
> 
> With RSA_NO_PADDING it isn't possible to determine the length of the decrypted
> data during verify. We should really return an error code if an atttempt is
> made to use it for sign/verify.
> 
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> -- 
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


smime.p7s
Description: S/MIME cryptographic signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How to free?

2017-04-30 Thread Dr. Stephen Henson

On Sun, Apr 30, 2017, Blumenthal, Uri - 0553 - MITLL wrote:

> 
> Semi-related question. Is RSA_NO_PADDING allowed for EVP signature? When I 
> tried that (without using DigestSign of course), signing succeeded but 
> verification always failed. Was that expected? Are there some special 
> settings one needs to apply besides just setting the padding type?
> 

With RSA_NO_PADDING it isn't possible to determine the length of the decrypted
data during verify. We should really return an error code if an atttempt is
made to use it for sign/verify.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How to free?

2017-04-29 Thread Blumenthal, Uri - 0553 - MITLL

Matt, 

*Thank you!* Crystal clear now. 

Semi-related question. Is RSA_NO_PADDING allowed for EVP signature? When I 
tried that (without using DigestSign of course), signing succeeded but 
verification always failed. Was that expected? Are there some special settings 
one needs to apply besides just setting the padding type?

Thanks!

Regards,
Uri

Sent from my iPhone

> On Apr 29, 2017, at 19:34, Matt Caswell  wrote:
> 
> 
> 
>> On 28/04/17 20:29, Blumenthal, Uri - 0553 - MITLL wrote:
>> I’m playing with RSA-PSS signatures, and stumbled upon a few problems. I
>> tried the OpenSSL manual pages, but still coming short of complete
>> understanding. :-)
>> 
>> 
>> 
>> This is how I initialize the contexts (error handlers removed for brevity):
>> 
>> 
>> 
>>  ctx = EVP_PKEY_CTX_new(privkey, NULL);
> 
> Don't do this. Just set ctx to NULL.
> 
>> 
>>  md_ctx = EVP_MD_CTX_create();
>> 
>>  const EVP_MD *md = EVP_sha256();
>> 
>>  rv = EVP_DigestInit_ex(md_ctx, md, NULL);
>> 
>>  rv = EVP_DigestSignInit(md_ctx, , md, NULL, privkey);
> 
> ctx gets "filled in" by the EVP_DigestSignInit call.
> 
>> 
>> 
>> 
>> First question: do I need EVP_DigestInit_ex() there?
> 
> No. It unnecessary.
> 
>> 
>> 
>> 
>> Second question: do I have to specify hash-function (EVP_MD*) twice?
>> First when initializing EVP_MD_CTX, and second for EVP_DigestSignInit()?
>> 
> 
> No...don't call EVP_DigestInit_ex() at all.
> 
>> 
>> 
>> At the end I need to dispose of both ctx and md_ctx.
> 
> "ctx" is "owned" by md_ctx. Just free md_ctx and ctx also gets freed.
> 
> 
> Matt
> -- 
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


smime.p7s
Description: S/MIME cryptographic signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How to free?

2017-04-29 Thread Matt Caswell



On 28/04/17 20:29, Blumenthal, Uri - 0553 - MITLL wrote:
> I’m playing with RSA-PSS signatures, and stumbled upon a few problems. I
> tried the OpenSSL manual pages, but still coming short of complete
> understanding. :-)
> 
>  
> 
> This is how I initialize the contexts (error handlers removed for brevity):
> 
>  
> 
>   ctx = EVP_PKEY_CTX_new(privkey, NULL);

Don't do this. Just set ctx to NULL.

> 
>   md_ctx = EVP_MD_CTX_create();
> 
>   const EVP_MD *md = EVP_sha256();
> 
>   rv = EVP_DigestInit_ex(md_ctx, md, NULL);
>
>   rv = EVP_DigestSignInit(md_ctx, , md, NULL, privkey);

ctx gets "filled in" by the EVP_DigestSignInit call.

> 
>  
> 
> First question: do I need EVP_DigestInit_ex() there?

No. It unnecessary.

> 
>  
> 
> Second question: do I have to specify hash-function (EVP_MD*) twice?
> First when initializing EVP_MD_CTX, and second for EVP_DigestSignInit()?
> 

No...don't call EVP_DigestInit_ex() at all.

>  
> 
> At the end I need to dispose of both ctx and md_ctx.

"ctx" is "owned" by md_ctx. Just free md_ctx and ctx also gets freed.


Matt
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How to free?

2017-04-28 Thread Blumenthal, Uri - 0553 - MITLL

I’m playing with RSA-PSS signatures, and stumbled upon a few problems. I tried 
the OpenSSL manual pages, but still coming short of complete understanding. :-)

 

This is how I initialize the contexts (error handlers removed for brevity):

 

  ctx = EVP_PKEY_CTX_new(privkey, NULL);

  md_ctx = EVP_MD_CTX_create();

  const EVP_MD *md = EVP_sha256();

  rv = EVP_DigestInit_ex(md_ctx, md, NULL);

  rv = EVP_DigestSignInit(md_ctx, , md, NULL, privkey);

 

First question: do I need EVP_DigestInit_ex() there?

 

Second question: do I have to specify hash-function (EVP_MD*) twice? First when 
initializing EVP_MD_CTX, and second for EVP_DigestSignInit()?

 

At the end I need to dispose of both ctx and md_ctx. That leads to my third 
question/problem. The code I tried (based on what the man page says: to avoid 
memory leak, I need to do EVP_MD_CTX_destroy(md_ctx) crashes with SIGV:

 

  EVP_MD_CTX_destroy(md_ctx); // this succeeds

  EVP_PKEY_CTX_free(ctx);  // but here the code crashes

 

Same happens when I reverse the above order:

 

  EVP_PKEY_CTX_free(ctx); // this succeeds

  EVP_MD_CTX_destroy(md_ctx); // but then this one causes crash

 

So what’s the correct way of freeing both of them? Or is it that because 
they’re sort of “bound together” by EVP_DigestSignInit(md_ctx, , md, NULL, 
privkey); freeing one frees the other?

 

Thanks!

— 

Regards,

Uri

 



smime.p7s
Description: S/MIME cryptographic signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How to free?

Re: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How to free?

Re: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How to free?

Re: [openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How to free?

[openssl-users] EVP_MD_CTX and EVP_PKEY_CTX? How to init? How to free?

5 matches

Site Navigation

Mail list logo

Footer information