Re: [cryptopp-users] Re: SonarLint complaining about "Use a stronger padding scheme"

On Tue, Apr 16, 2024 at 1:44 PM One Sini wrote: > I wasn't entirely satisfied with the security, so I've adjusted the code. > I'm not sure if that helps you, depending on what you're doing with it. > > This code uses RSA with OAEP (Optimal Asymmetric Encryption Padding) to > avoid security

Re: [cryptopp-users] Re: SonarLint complaining about "Use a stronger padding scheme"

On Tue, Apr 16, 2024 at 1:44 PM One Sini wrote: > I wasn't entirely satisfied with the security, so I've adjusted the code. > I'm not sure if that helps you, depending on what you're doing with it. > > This code uses RSA with OAEP (Optimal Asymmetric Encryption Padding) to > avoid security

Re: [cryptopp-users] Re: SonarLint complaining about "Use a stronger padding scheme"

On Mon, Apr 15, 2024 at 9:18 AM Frank Sapone wrote: > NVM, it appears PSSR is considered more secure and this should work with > the verifier My bad, you should visit < https://www.cryptopp.com/wiki/RSA_Signature_Schemes>. Jeff On Friday, April 12, 2024 at 12:20:56 PM UTC-4 Je

[cryptopp-users] Re: SonarLint complaining about "Use a stronger padding scheme"

On Friday, April 12, 2024 at 12:19:32 PM UTC-4 franksa...@gmail.com wrote: Hello, I am using Windows 10 Professional x64 with CryptoPP 8.9.0. It is built with Visual Studio. We started using SonarQube/SonarLint for SCA during compile and it's been complaining "Use a stronger padding

[cryptopp-users] Re: 7.0.0 update to 8.9.0 PIC register clobbered

On Tuesday, January 16, 2024 at 8:10:30 AM UTC-5 cinq...@gmail.com wrote: CentOS 7..2009 gcc 4.8.5-44 I am updating from cryptopp 7.0.0 to 8..0 and receive the following error gcm.cpp: In member function 'virtual size_t CryptoPP::GCM_Base::AuthenticateBlocks(const byte*, size_t)':

Re: [cryptopp-users] selecting blockcipher+mode in an easier way.

On Thu, Jan 4, 2024 at 11:19 AM Johannes Winkler wrote: > > I am working on a GUI programme for crypto++. When selecting block ciphers > dynamically (from GUI), there is a problem to choose the cipher dynamically > in code. > > Here is an example: > let's do AES-CFB-Encryption >

[cryptopp-users] Re: Encrypting RSA private key with passphrase

On Thursday, November 16, 2023 at 10:46:17 AM UTC-5 cl.rob...@gmail.com wrote: Humm almost 20 years later and I have the same question. And the FAQ does not have the answer. Yeah, the FAQ is kind of old. Use the wiki now: . Actually, my case is a

Re: [cryptopp-users] ECDSA Signature

On Wed, Nov 8, 2023 at 10:33 AM Ricardo Alex wrote: > > This code gives me a signature r,s > > std::string signaturehex; > StringSource ss2(message, true, > new CryptoPP::SignerFilter(prng, signer, > new CryptoPP::HexEncoder( > new CryptoPP::StringSink(signaturehex; > > I understand that r

Re: [cryptopp-users] Re: XChaCha20 decryption issue.

On Sun, Nov 5, 2023 at 4:38 AM Lucas Marchetti wrote: > Sorry, seeing now that I've linked the wrong Golang library, here it is: > https://pkg.go.dev/golang.org/x/crypto/chacha20poly1305 > > On Sunday, November 5, 2023 at 10:10:44 AM UTC+1 Lucas Marchetti wrote: > >> I've just made a test

[cryptopp-users] New Member Posting Moderation

Hi Everyone, We turned on New Member Posting Moderation. Hopefully it will stop the spam we have been seeing. Non-new members will not be moderated. Jeff -- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and

Re: [cryptopp-users] AES, ECB mode decrypt error

On Thu, Oct 12, 2023 at 5:55 PM Dwight Kulkarni wrote: > > Hello, > > I had Crypto PP code that was previously working and recently stopped > working. We moved to a new version of our BSP. > > Error is: > terminate called after throwing an instance of >

[cryptopp-users] Crypto++ 8.9 released

Hi Everyone, Crypto++ 8.9 was released on October 1, 2023. The 8.9 release was a minor, planned release. There were no CVEs and one memory error. The release notes and list of issues fixed can be found at http://www.cryptopp.com/release890.html. The 8.9.0 ZIP archive can be downloaded from

[cryptopp-users] CRYPTOPP_VERSION has reached its limits

Hi Everyone, It appears CRYPTOPP_VERSION has reached its limits. We cannot express Crypto++ 8.10 in the existing CRYPTOPP_VERSION format. I think we may need to make each part 2 digits. I.e., 081000. Please comment at https://github.com/weidai11/cryptopp/issues/1239. Jeff -- You received

[cryptopp-users] Crypto++ 9.9 released

Hi Everyone, Crypto++ 8.9 was released on October 1, 2023. The 8.9 release was a minor, planned release. There were no CVEs and one memory error. The release notes and list of issues fixed can be found at http://www.cryptopp.com/release890.html. The 8.9.0 ZIP archive can be downloaded from

[cryptopp-users] Re: Liking error with NDK 26

Jeff On Thursday, September 28, 2023 at 7:41:46 PM UTC+2 Jeffrey Walton wrote: On Thursday, September 28, 2023 at 10:53:14 AM UTC-4 AndroidGuy wrote: I'm encounting linking error if I use NDK 26.0.10792818 using LLVM 17 to compile my project with Crypto 8.8, but it works fine with NDK 25.2.9

[cryptopp-users] Re: HIGHT/CTR mode selft tests are failing

On Thursday, September 28, 2023 at 1:10:03 PM UTC-4 Jeffrey Walton wrote: Hi Everyone, HIGHT/CTR mode self tests are failing. The failures began when we added more self tests due to GH #1231, < https://github.com/weidai11/cryptopp/issues/1231>. We are tracking the issue at &

Re: [cryptopp-users] HIGHT/CTR mode selft tests are failing

On Thu, Sep 28, 2023 at 1:42 PM One Sini wrote: > > The issue you're encountering with Crypto++ 8.8.0, where the > CryptoPP::RabbitWithIV algorithm behaves unexpectedly when inString is equal > to outString, appears to be a potential problem in the library. This behavior > should not occur, as

[cryptopp-users] Re: Liking error with NDK 26

On Thursday, September 28, 2023 at 10:53:14 AM UTC-4 AndroidGuy wrote: I'm encounting linking error if I use NDK 26.0.10792818 using LLVM 17 to compile my project with Crypto 8.8, but it works fine with NDK 25.2.9519653 using LLVM 14. That's kind of interesting in a morbid sort of way.

[cryptopp-users] HIGHT/CTR mode selft tests are failing

Hi Everyone, HIGHT/CTR mode self tests are failing. The failures began when we added more self tests due to GH #1231, . We are tracking the issue at . Jeff -- You received this message

[cryptopp-users] Re: Build on Ubuntu 22.04

On Monday, September 25, 2023 at 10:13:03 AM UTC-4 Krissscool72 wrote: until now I was using cryptopp 8.2.0 on Ubuntu 18.04 and builting it with CXXFLAGS="-DNDEBUG -O3 -mfunction-return=thunk -mindirect-branch=thunk" make static I tried to build it on Ubuntu 22.04: - Linux version

[cryptopp-users] Re: Build on Ubuntu 22.04

On Monday, September 25, 2023 at 10:13:03 AM UTC-4 Krissscool72 wrote: until now I was using cryptopp 8.2.0 on Ubuntu 18.04 and builting it with CXXFLAGS="-DNDEBUG -O3 -mfunction-return=thunk -mindirect-branch=thunk" make static I tried to build it on Ubuntu 22.04: - Linux version

[cryptopp-users] Re: HChaCha_OperateKeystream

On Tuesday, July 25, 2023 at 9:20:27 AM UTC-4 6a7...@gmail.com wrote: Could someone please clarify if the XChaCha key derivation function in Crypto++ is consistent with the functionality outlined in “XChaCha: eXtended-nonce ChaCha and AEAD_XChaCha20_Poly1305 draft-irtf-cfrg-xchacha-03”?

Re: [cryptopp-users] unicode file name

On Friday, June 16, 2023 at 1:08:56 AM UTC-4 fa wrote: Thanks to Jeffrey Walton and coshvji cujmlqef I tried both of your methods but they both print the following errors: terminate called after throwing an instance of 'CryptoPP::FileStore::ReadErr' what(): FileStore: error reading file

[cryptopp-users] Crypto++ 8.8 released

Hi Everyone, Crypto++ 8.8 was released on June 25, 2023. The 8.8 release was a minor, planned release. There were no CVEs and no memory errors. The release notes and list of issues fixed can be found at http://www.cryptopp.com/release880.html. The 8.8.0 ZIP archive can be downloaded from

Re: [cryptopp-users] msvc crashing with block .. was not allocated by _aligned routines, use free()

On Wed, Jun 21, 2023 at 1:11 PM Miro Karpis wrote: > > Hi, I mentioned above that I'm building with msvc not clang. On Windows you should be in the CRYPTOPP_MM_MALLOC_AVAILABLE path. See https://github.com/weidai11/cryptopp/blob/master/config_align.h#L44 . Please provide a minimum reproducer

Re: [cryptopp-users] msvc crashing with block .. was not allocated by _aligned routines, use free()

On Tue, Jun 20, 2023 at 4:21 PM Miro Karpis wrote: > > Hi, > This one is giving me really hard time. I'm trying to build crypto++ with > msvc / windows - compilation works fine, but always when I want to use the > lib I keep getting > > block at 0x01362708B180 was not allocated by _aligned

Re: [cryptopp-users] unicode file name

On Thu, Jun 15, 2023 at 12:16 AM fa wrote: > > I tried two methods: > > > 1. > > > void CryptoHashes::makeFileHash(const QString ) > > { > > FileSource f(filePath.toStdString().c_str(), true, new HashFilter(hash, new > HexEncoder(new StringSink(digest; > > } > > > > 2. > > > void

Re: [cryptopp-users] unicode file name

On Fri, Jun 9, 2023 at 11:21 AM fa wrote: > > Hello > > When I try to calculate the Hash of the file with Unicode characters, it > shows the following errors: > > terminate called after throwing an instance of 'CryptoPP::FileStore::OpenErr' > what(): FileStore: error opening file for reading:

Re: [cryptopp-users] HMACs of files

On Sat, May 20, 2023 at 4:45 PM Jeffrey Walton wrote: > > On Sat, May 20, 2023 at 3:00 PM Tom wrote: > > > > calling `FileSource fs("zero.dat", true);` seems to allocate the memory. > > Try the overload which takes a std::istream reference: > https://www

Re: [cryptopp-users] HMACs of files

On Sat, May 20, 2023 at 3:00 PM Tom wrote: > > calling `FileSource fs("zero.dat", true);` seems to allocate the memory. Try the overload which takes a std::istream reference: https://www.cryptopp.com/wiki/FileSource Jeff > On Wednesday, September 8, 2021 at 7:24:28 PM U

Re: [cryptopp-users] AES Encryption Took Too Long on Arm64 Embedded Machine

On Fri, May 12, 2023 at 1:09 PM Dwight Kulkarni wrote: > > Update: It seems to be an issue with CFB mode. If I switch to ECB: 12 ms to > process the workload. > > in encrypt aes > Encrypted 1at: 05/12/2023 17:06:54.838 > Encrypted 2at: 05/12/2023 17:06:54.838 > Encrypted 3at: 05/12/2023

Re: [cryptopp-users] AES Encryption Took Too Long on Arm64 Embedded Machine

On Fri, May 12, 2023 at 10:48 AM Dwight Kulkarni wrote: > > The new library is much faster, but I am still not getting that speed in the > code. 1 second to encrypt 5 mb versus 3 seconds before. > > I added the .reserve(...) code also. Well, you should profile your code to find the bottlenecks.

Re: [cryptopp-users] AES Encryption Took Too Long on Arm64 Embedded Machine

On Fri, May 12, 2023 at 10:27 AM Dwight Kulkarni wrote: > > These are the results from CryptoPP 8.7 vs 8.1 earlier: > [...] > AES/CFB (128-bit key)ARMv83444.991.1352044 > [...] 5 MB / 344 MB/s = 0.01453 s = 14/53 ms. That is below 200 ms. Jeff -- You received this message because you are

Re: [cryptopp-users] AES Encryption Took Too Long on Arm64 Embedded Machine

is not picking it up. Since your benchmarks are missing AES/XTR results, I know you are using an old version of the library. Maybe you should update to Crypto++ 8.7 for starters. Jeff > On Thursday, May 11, 2023 at 5:30:26 PM UTC-4 Jeffrey Walton wrote: >> >> On Thu, May 11

Re: [cryptopp-users] AES Encryption Took Too Long on Arm64 Embedded Machine

On Thu, May 11, 2023 at 4:24 PM Dwight Kulkarni wrote: > > I created a 5 MB message and encrypted it. The message takes 3 seconds to > encrypt. I needed something around 200 ms, even if the encryption is weaker. > > My code is below, should I be setting any flags when compiling the library to >

Re: [cryptopp-users] StringSource is using "new" operator. Should be deleting the memory or is it auto destroyed?

On Thu, Apr 27, 2023 at 1:57 PM Dwight Kulkarni wrote: > > Ok I think those RSA errors with memory are due to this pipelining, because > the b64decode(..) b64encode(..) is called every where, and if I understand > correctly, the string inside will be destroyed and I have to use the >

Re: [cryptopp-users] StringSource is using "new" operator. Should be deleting the memory or is it auto destroyed?

On Thu, Apr 27, 2023 at 1:31 PM Dwight Kulkarni wrote: > > I note an example code sample for b64encode(..). I note that there are > "new" calls inside the constructor(..). > > The result is returned in the encoded string. > > Do I need to do anything to delete the memory from the new calls ? >

Re: [cryptopp-users] AES Compatibility with Python

On Thu, Apr 27, 2023 at 11:43 AM Dwight Kulkarni wrote: > > Today I am trying to resolve an AES incompatibility with Python. I am using > CFB Mode. I use the same base64 key and iv on both and I printed out the > bytes and they are the same. > > I load in the same key/iv into both of them.

Re: [cryptopp-users] Re: Strange behavior with -static compilation flag

On Thu, Apr 27, 2023 at 12:19 AM Dwight Kulkarni wrote: > > Your code is exactly what I had before. But I was getting that heap error. It > only went away when I used NEW. I have never seen that before. I also don't > like using NEW at all but it wasn't working. convert_cryptopp_intege and

Re: [cryptopp-users] Re: Strange behavior with -static compilation flag

On Thu, Apr 27, 2023 at 12:19 AM Dwight Kulkarni wrote: > > Your code is exactly what I had before. But I was getting that heap error. It > only went away when I used NEW. I have never seen that before. I also don't > like using NEW at all but it wasn't working. > When moving an allocation

Re: [cryptopp-users] Re: Strange behavior with -static compilation flag

On Wed, Apr 26, 2023 at 11:16 PM Jeffrey Walton wrote: > > On Wed, Apr 26, 2023 at 6:13 PM Dwight Kulkarni wrote: > > > > I ran address sanitizer: Heap use after free is the problem. I had to use > > the NEW operator to allocate the ram. What is weird is that usuall

Re: [cryptopp-users] Re: Strange behavior with -static compilation flag

On Wed, Apr 26, 2023 at 6:13 PM Dwight Kulkarni wrote: > > I ran address sanitizer: Heap use after free is the problem. I had to use > the NEW operator to allocate the ram. What is weird is that usually it will > error out right away after it goes out of scope, but this was delayed in >

[cryptopp-users] Re: AES ARM slow on M1

On Friday, March 31, 2023 at 1:44:41 AM UTC-4 Sam Van Gucht wrote: Hi everyone, We noticed AES GCM in significant slower on M1 compare to an Intel Mac. Encrypting a 100mb files takes ~130ms on Intel Mac & while on M1 it takes ~510ms. Are the ARMv8 Cryptographic instructions not supported

[cryptopp-users] Re: crypto++ library error

On Monday, April 10, 2023 at 10:26:42 PM UTC-4 bv...@ganpatuniversity.ac.in wrote: Hi everyone, I had included crypto library function in my file. When I run the file it shows some error as following: Integer’ was not declared in this scope; did you mean ‘CryptoPP::Integer’? Can anyone please

Re: [cryptopp-users] Re: Strange behavior with -static compilation flag

On Tue, Apr 25, 2023 at 7:12 PM Dwight Kulkarni wrote: > > I got it working by implementing the raw Integer method. See my code below, > previous encryption is commented out. I don't know why but it wasn't working > otherwise and I think it has something to do with memory allocation maybe it >

Re: [cryptopp-users] Crypto++ Convert Integer to Unsigned Char

On Mon, Apr 24, 2023 at 11:55 AM Dwight Kulkarni wrote: > > Thank you for this, I just figured it out also with slightly different code. > > Here is my version. The issue was that I was converting it to vector char> and there was a bug in the conversion which was hard to debug because > every

Re: [cryptopp-users] Crypto++ Convert Integer to Unsigned Char

On Fri, Apr 21, 2023 at 7:39 PM Dwight Kulkarni wrote: > > I need to convert Integer to unsigned char array or to vector > > If I do this: > for(int i=0; i cout << int(c.GetByte(i)) << " "; > } > > The values are not what I expect. Also, is there anything faster than a for > loop to get the

Re: [cryptopp-users] Crypto++ encryption between C++ and Python

On Thu, Apr 20, 2023 at 4:11 PM Dwight Kulkarni wrote: > > I have two systems, one is running Python and one is running CryptoPP C++. > > I create a common certificate that is .DER encoded. I am able to import the > certificate into both systems. I use the certificate to encrypt and decrypt >

[cryptopp-users] Re: No-throw api for AES128?

On Monday, January 9, 2023 at 5:53:38 AM UTC-5 Daniel Fricot wrote: Is there a no-throw api for AES128? Currently, I am using CryptoPP::StreamTransformationFilter for AES128 which may throw CryptoPP::InvalidCiphertext. This is not an error of course, it is expected behavior but our coding

Re: [cryptopp-users] SHA-3 Keccak implementation

On Thu, Mar 9, 2023 at 2:05 PM pankul garg wrote: > > New subscriber and reaching out to ask about a paper about vulnerable > implementation of SHA-3, https://ia.cr/2023/331. > > Is crypto++'s implementation vulnerable to this? Probably not. Crypto++ uses C++, not C. It is a little easier to

Re: [cryptopp-users] ASN.1 PKCS7 certificate decoding help

On Sat, Jan 21, 2023 at 5:47 AM James Chapman wrote: > > New subscriber and CryptoPP user list here. I'm hoping you can assist me and > point me in the right direction. I'm trying to read information from PE file > signing certificates which are typically in PKCS#7 format. I've extracted the >

Re: [cryptopp-users] StringSource destructor

On Tue, Sep 27, 2022 at 2:04 AM Farida Kroush wrote: > > Hello, the AES provided sample code on crypto++ website gives me Unhandled > exception at 0x7FF9DCF1AC87 (ucrtbased.dll) in sadnibbahours.exe: > 0xC005: Access violation reading location 0x012D0001 in the >

[cryptopp-users] Re: How to decrypt a file in memory?

On Wednesday, September 21, 2022 at 1:59:54 PM UTC-4 kakaa...@gmail.com wrote: > I'm encrypting a file this way: > > #include > #include > #include > #include > #include > #include > #include > #include > > > void FileEncrypt(byte key[],

Re: [cryptopp-users] Cannot install the library

is to > run 'GNUmakefile-cross' without sudo. You should use `sudo -E` if you need the sudo user's environment. Jeff > On Wed, Sep 7, 2022 at 7:09 AM Jeffrey Walton wrote: >> >> On Tue, Sep 6, 2022 at 2:08 PM The Vinh Luong >> wrote: >> > >> > Hi, I

Re: [cryptopp-users] Undefined symbols for architecture arm64 for CryptoPP in Macbook Air with M1 chip

On Thu, Sep 8, 2022 at 11:58 PM Arivarasan K wrote: > > Hello people, > > I am trying to install and use CryptoPP library in my Macbook Air M1. I did > all the make, install step. When I tried to execute a sample program, I get > an error as Undefined symbols for architecture arm64: I give the

Re: [cryptopp-users] Cannot install the library

On Tue, Sep 6, 2022 at 2:08 PM The Vinh Luong wrote: > > Hi, I tried to install the library with `make -f GNUmakefile-cross install > PREFIX=/Users/luongvinh/cryptopp/ios-i386` on macOS Monterey 12.5.1 after > succeeded in building the library for ios-i386 but ends up with the following >

[cryptopp-users] Change of CMake maintaners

Hi Everyone, The is a changing of the guard for the cryptopp-cmake project. CMake sources for the library is now being maintained by Abdessattar Sassi. He will be assembling a team to move the CMake project forward. Sassi's GitHub for the sources is located at

Re: [cryptopp-users] Failed to compile shared with error: undefined symbol: _ZTIN8CryptoPP21SimpleKeyingInterfaceE

On Tue, Aug 16, 2022 at 1:54 PM Cristian Rolando Reyes Chapoñan wrote: > > Hello everyone, a question when I try to use the package and compile it in > shared form (.so) > and I want to read it I get this: > undefined symbol: >

[cryptopp-users] Crypto++ 8.7 released

Hi Everyone, Crypto++ 8.7 was released on August 7, 2022. The 8.7 release was a minor, planned release. There were no CVEs and one memory error fixed. The release notes and list of issues fixed can be found at http://www.cryptopp.com/release870.html. The 8.7.0 ZIP archive can be downloaded

[cryptopp-users] Wiki upgrade

Hi Everyone, We are going to perform a wiki upgrade shortly. The web server will be down for a couple of hours. Jeff -- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an

Re: [cryptopp-users] Confusing Crypto++ errors with which I can make no progress.

On Fri, Jun 24, 2022 at 9:18 PM Bill Ford wrote: > > I am developing a Linux, MacOS, and Windows application that involves AES > encryption > using cryptopp and have been stuck on a statement that generates confusing > errors I do > not understand: > > byte key[AES::DEFAULT_KEYLENGTH]; > byte

Re: [cryptopp-users] Website SSL cert seems to have expired.

On Tue, Jun 14, 2022 at 7:53 PM Tom wrote: > > It seems the website has had its SSL cert expire. Thanks Tom. It should be fixed now. Jeff -- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving

Re: [cryptopp-users] Unresolved external symbol when using Crypto++ 8.6 as dll

On Wed, Jun 8, 2022 at 3:12 AM Benjamin Mahr wrote: > > I have to add crypto++ as dll into our project. The project is using several > functions of crypto++ but a few used give an "unresolved extern symbol" > linking error: > CryptoPP::DSAConvertSignatureFormat >

[cryptopp-users] Re: Undefined symbols for architecture arm64: "CryptoPP:

On Tuesday, May 3, 2022 at 11:03:26 AM UTC-4 wimvand...@gmail.com wrote: > When compiling I get a bunch of Undefined symbols for architecture arm64: > "CryptoPP: errors. > > I'm using xcode 13.3.1 on mac 12.3.1, using the latest 8.6 lib. > > Can someone help me out? > How did you build the

[cryptopp-users] Website down for maintenance

Hi Everyone, The website is going down for maintenance. We need to perform a Mediawiki upgrade. We tried the upgrade on Firday but something was broke in Composer. See https://lists.wikimedia.org/hyperkitty/list/mediawik...@lists.wikimedia.org/thread/3UF4UVAGRZZRCTMYUQ7J5EVZSXPP4WZB/. On

[cryptopp-users] Re: strciphr.cpp updates

On Tuesday, February 8, 2022 at 2:16:31 PM UTC-5 Jeffrey Walton wrote: > Hi Everyone, > > strciphr.cpp has a couple of classes that gave us trouble in the past. The > class functions were CFB_CipherTemplate::ProcessData and > AdditiveCipherTemplate::ProcessData. The classes enc

[cryptopp-users] Need some help with CMake

Hi Everyone, Cmake is failing to build on armel. We tracked the problem down to Cmake not using ${CRYPTOPP_COMPILE_OPTIONS} during the build. The problem and analysis is located at https://github.com/cryfs/cryfs/issues/408#issuecomment-1036574328 . Can someone with Cmake experience look at it

[cryptopp-users] strciphr.cpp updates

Hi Everyone, strciphr.cpp has a couple of classes that gave us trouble in the past. The class functions were CFB_CipherTemplate::ProcessData and AdditiveCipherTemplate::ProcessData. The classes encrypt or decrypt a byte string: ProcessData(byte* outString, const byte* inString, size_t

[cryptopp-users] Commit signing may be missing for a while

Hi Everyone, I refreshed a workstation I use for commit signing. GnuPG stopped working. It was the last machine I had that commit signing worked on. I've never been able to fix GnuPG on any of my machines. I now have about 6 of them where commit signing does not work and they resist

Re: [cryptopp-users] How to calculate hash of a string vector?

On Wed, Feb 2, 2022 at 12:19 PM Devharsh Trivedi wrote: > > I am trying to calculate SHA256 digest for entire string vector like this: > > byte digest[SHA256::DIGESTSIZE]; > SHA256().CalculateDigest(digest, (const byte*)stringVector.data(), > stringVector.size()); > > What is the correct way to

[cryptopp-users] Re: log4j 0-day

On Friday, December 10, 2021 at 4:15:01 PM UTC-5 Jeffrey Walton wrote: > > I'm shutting down the web server until I get a grasp on the log4j 0-day > that is in the wild. At work we are seeing suspicious activity, like > servers scanning the network. We are not sure if it is rela

[cryptopp-users] log4j 0-day

Hi Everyone, I'm shutting down the web server until I get a grasp on the log4j 0-day that is in the wild. At work we are seeing suspicious activity, like servers scanning the network. We are not sure if it is related to the 0-day. Hopefully the shutdown will avoid an incident on our server and

Re: [cryptopp-users] Buffer Overflow in Integer.cpp

On Fri, Oct 8, 2021 at 1:41 PM Jeffrey Walton wrote: > ... > > Shall I email you it? Is just the cpp OK or do you want a makefile etc.? > > Makefile will take a little longer as I will need to set that up And > > my wife is demanding attention so may not be able

Re: [cryptopp-users] Buffer Overflow in Integer.cpp

On Fri, Oct 8, 2021 at 1:23 PM Tony Stead wrote: > > I may not be using my eyes properly, but I cannot see how to attach files to > this... Yeah, you have to click the paperclip in Gmail. > Shall I email you it? Is just the cpp OK or do you want a makefile etc.? > Makefile will take a

Re: [cryptopp-users] Buffer Overflow in Integer.cpp

On Fri, Oct 8, 2021 at 12:40 PM Tony Stead wrote: > > Hi, > > Sorry I hadn't noticed your response. > > I have created a fairly simple demonstration. In doing so I realise you may > need to manipulate two integers to create the problem.. But this triggers > the issue. > > // To cause the

Re: [cryptopp-users] Buffer Overflow in Integer.cpp

On Fri, Oct 8, 2021 at 12:02 AM Jeffrey Walton wrote: > > On Thu, Oct 7, 2021 at 5:11 AM Tony Stead wrote: > > > > I have been using the Integer class for some big number operations and seem > > to have found a buffer overflow in at least the Integer::And routine, I &g

Re: [cryptopp-users] Buffer Overflow in Integer.cpp

On Fri, Oct 8, 2021 at 12:02 AM Jeffrey Walton wrote: > > On Thu, Oct 7, 2021 at 5:11 AM Tony Stead wrote: > > > > I have been using the Integer class for some big number operations and seem > > to have found a buffer overflow in at least the Integer::And routine, I &g

Re: [cryptopp-users] Buffer Overflow in Integer.cpp

On Thu, Oct 7, 2021 at 5:11 AM Tony Stead wrote: > > I have been using the Integer class for some big number operations and seem > to have found a buffer overflow in at least the Integer::And routine, I have > not yet inspected any more.. > > Extract from integer.cpp > > // This is a bit

Re: [cryptopp-users] Issues facing compiling crypto++ source code in Embarcadero 10.2.3

On Wed, Sep 29, 2021 at 3:40 AM velrajan m wrote: > > I am facing a challenge while compiling the crypto++ (cryptopp860) library > source code in Embarcadero 10.2.3 . > While compiling the code, I am getting below issue from "misc.cpp". > > [image: Untitled.png] > > Could you help me to resolve

Re: [cryptopp-users] Issue facing || iOS Platform

On Mon, Sep 27, 2021 at 11:08 PM 'Atul Gawali' via Crypto++ Users wrote: > > Hi Team, > I have gone through the djinni flow. I am training to create > generic SDKs for iOS and android platforms. > > The approach I am trying. In CPP I have a service which interacts with Crypto >

[cryptopp-users] Re: Fixing confirmed memory leaks in CryptoPP?

On Friday, September 24, 2021 at 12:16:22 PM UTC-4 activis...@gmail.com wrote: > I have already foregone the use of dynamic thread creation for similar > reasons. That is, after program initialization no new threads are ever > created. All I need now are the bare bones functions standing

[cryptopp-users] Crypto++ 8.6 released

Hi Everyone, Crypto++ 8.6 was released on September 24, 2021. The 8.6 release was a minor, unplanned release. There was one CVE and no memory errors. This release clears CVE-2021-40530 and fixes a problem with ChaCha20 AVX2 implementation. The CVE was due to ElGamal encryption using a work

[cryptopp-users] Re: Fixing confirmed memory leaks in CryptoPP?

On Thursday, September 23, 2021 at 4:01:30 PM UTC-4 activis...@gmail.com wrote: > Hello fellow coders, > > I am working on what is intended as a long running crypto comm application > written in c++. As a consequence there can be NO memory leaks. > > I've got the CryptoPP library working

Re: [cryptopp-users] Re: Retrieving public key from x and y

On Tue, Sep 21, 2021 at 10:40 AM Jeffrey Walton wrote: > ... > Typically you don't simply encrypt with an elliptic curve. Typically > encryption using elliptic curves is a hybrid public key encryption > scheme, like ECIES. In ECIES, you encrypt a bulk encryption key for a > block

Re: [cryptopp-users] Re: Retrieving public key from x and y

On Tue, Sep 21, 2021 at 9:54 AM Benjamin Schäfer wrote: > > In the end it could be broke down to: I want to encrypt a std::string (the > JSON Web Token) with the public key I created out of x and y with crypto++. I > will take a look into OpenSSL and what I could do with that, but this project

Re: [cryptopp-users] Re: Retrieving public key from x and y

> How can I "convert" the public key I got from > > CryptoPP::ECDSA::PublicKey publicKey; > publicKey.Initialize(CryptoPP::ASN1::brainpoolP256r1(), q); > > to the needed byte array. What do I have to use as initialisation vector? I'm > no pro in crypto-algorithms but I have to use them for a

[cryptopp-users] ChaCha AVX implementation bug

Hi Everyone, Austin Clifton found a bug in our ChaCha AVX implementation. C++, SSE2, NEON, ASIMD, and PowerPC are OK. The bug was due to mishandling a carry. Master is now fixed. It was tracked at https://github.com/weidai11/cryptopp/issues/1069. We need to know the impact on folks to

Re: [cryptopp-users] Flipped bit in chacha encrypted file, avx vs sse

On Friday, September 17, 2021 at 9:19:33 PM UTC-4 austin@otoy.com wrote: > Great, thanks for the update. I'll follow the conversation over there. > ... > >> We're tracking this issue at >>> https://github.com/weidai11/cryptopp/issues/1069. >>> >> >> We disabled the AVX2 implementation at

Re: [cryptopp-users] Recovering public key from hash and signature

On Sun, Sep 19, 2021 at 5:09 AM Luca Bonaldo wrote: > > Hi, I was writing a library to generate a pair of keys, use the private key > to sign a hash and finally verify the signature only knowing the hash and the > signature. > > I'm having quite a hard time doing that, in fact I searched so

Re: [cryptopp-users] Re: Retrieving public key from x and y

On Fri, Sep 17, 2021 at 11:59 PM Benjamin Schäfer wrote: > > Correction: I have to encrypt the JWT, not sign it. Signing is with the > private key - which I don't have. I will take a look at the article and the > linking. Maybe that will bring some hints for me. Thanks again :) This may help

Re: [cryptopp-users] Re: Retrieving public key from x and y

On Friday, September 17, 2021 at 11:26:25 AM UTC-4 skullm...@gmail.com wrote: > ... The final goal is to build a JWT and sign it with the public key, > constructed out of x and y. If I can find a way to use the public key > directly, that may be a workaround of that problem - in the end I

Re: [cryptopp-users] Flipped bit in chacha encrypted file, avx vs sse

On Friday, September 17, 2021 at 8:25:00 PM UTC-4 Jeffrey Walton wrote: > On Thu, Sep 16, 2021 at 8:42 PM austin clifton > wrote: > > > > I have an issue which I believe may be a bug. I followed the > instructions from the "Bug Report" page on

Re: [cryptopp-users] Flipped bit in chacha encrypted file, avx vs sse

On Thu, Sep 16, 2021 at 8:42 PM austin clifton wrote: > > I have an issue which I believe may be a bug. I followed the instructions > from the "Bug Report" page on the cryptopp wiki and all tests in cryptest.exe > are passing, so figured I should post here first and make sure it isn't a >

Re: [cryptopp-users] Flipped bit in chacha encrypted file, avx vs sse

On Fri, Sep 17, 2021 at 2:31 PM austin clifton wrote: > > Hey Jeff, thanks for the fast response! > > Yes, the encrypted sha from your AMD CPUs matches what I get on my Ryzen 7 > 3700X. > > The encrypted sha from the i7 is > 8F16077454F8477594CAD4304126B0A6F30C8C4D2536E2441FFFD320656E1DF1.

Re: [cryptopp-users] Re: Retrieving public key from x and y

On Fri, Sep 17, 2021 at 6:06 AM Jeffrey Walton wrote: > > ... > I've got a Windows 10 VM somewhere. Let me see if I can get closer to > v16.10.1. I just tried with my Windows 10 VM. It was OK there, too. Do you know how to do something like SSH access on Windows? I'll give you an a

Re: [cryptopp-users] Re: Retrieving public key from x and y

On Fri, Sep 17, 2021 at 5:11 AM Benjamin Schäfer wrote: > > Your exe works perfectly on my machine. I don't know if that's good or bad... > I only have VS2019 on my machine here, it says: > > ** > ** Visual Studio 2019

Re: [cryptopp-users] Re: Retrieving public key from x and y

On Fri, Sep 17, 2021 at 4:32 AM Benjamin Schäfer wrote: > > Could you provide me your .exe to test it on my machine? I still don't get it > and will try it on a fresh and clean machine also. Sure. https://www.cryptopp.com/test_pem.exe.zip I don't recall if that was built with VS2017 or VS2019.

Re: [cryptopp-users] Flipped bit in chacha encrypted file, avx vs sse

On Thu, Sep 16, 2021 at 8:42 PM austin clifton wrote: > > I have an issue which I believe may be a bug. I followed the instructions > from the "Bug Report" page on the cryptopp wiki and all tests in cryptest.exe > are passing, so figured I should post here first and make sure it isn't a >

Re: [cryptopp-users] Flipped bit in chacha encrypted file, avx vs sse

On Thu, Sep 16, 2021 at 8:42 PM austin clifton wrote: > > Hi all, > > I have an issue which I believe may be a bug. I followed the instructions > from the "Bug Report" page on the cryptopp wiki and all tests in cryptest.exe > are passing, so figured I should post here first and make sure it

Re: [cryptopp-users] Linking issue on MacOS Catalina (using XCode)

On Thu, Sep 16, 2021 at 6:22 PM Samyukta Yagati wrote: > > As a follow up: I tried running > > >> clang++ -g2 -O3 -l /usr/local/include /usr/local/lib/libcryptopp.a -WI,-L > > And got the error: > ld: library not found for -l/usr/local/include > clang: error: linker command failed with exit code

  1   2   3   4   5   6   7   8   9   10   >