https://github.com/openssl/openssl/pull/872 Closing ticket.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4432
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Thank you Jeremy. I have add a commit to handle no-aes as well.
--
Tuyen Tran
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4432
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe:
On 15/03/2016 14:41, Tuyen Tran via RT wrote:
> ../libcrypto.a(cms_kari.o): In function `cms_RecipientInfo_kari_encrypt':
> cms_kari.c:(.text+0x647): undefined reference to `EVP_des_ede3_wrap'
>
> Using:
>
> $ uname -s -r -v -m -p -i -o
> Linux 2.6.32-573.18.1.el6.x86_64 #1 SMP Wed Jan 6
../libcrypto.a(cms_kari.o): In function `cms_RecipientInfo_kari_encrypt':
cms_kari.c:(.text+0x647): undefined reference to `EVP_des_ede3_wrap'
Using:
$ uname -s -r -v -m -p -i -o
Linux 2.6.32-573.18.1.el6.x86_64 #1 SMP Wed Jan 6 11:20:49 EST 2016 x86_64
x86_64 x86_64 GNU/Linux
> OpenSSL 1.1.0 Pre 1
> Platform: Sparc Solaris 10
> Compiler: GCC 4.9.3
>
> Warnings:
>
> e_des.c: In function 'des_init_key':
> e_des.c:239:29: warning: assignment from incompatible pointer type
> dat->stream.cbc = enc ? des_t4_cbc_encrypt :
> des_t4_cbc_decrypt;
>
OpenSSL 1.1.0 Pre 1
Platform: Sparc Solaris 10
Compiler: GCC 4.9.3
Warnings:
e_des.c: In function 'des_init_key':
e_des.c:239:29: warning: assignment from incompatible pointer type
dat->stream.cbc = enc ? des_t4_cbc_encrypt :
des_t4_cbc_decrypt;
^
We do now publish all manpage versions. If there's an error in a specific
manpage, please create a new ticket.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To unsubscribe:
fixed in master and 1.0.2, thanks.
--
Rich Salz, OpenSSL dev team; rs...@openssl.org
___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
See https://github.com/openssl/openssl/pull/348
I was looking for something else but then saw this text about normally
supplied by a function such as EVP_des_cbc(); we should not be misleading
our users in such a fashion.
-Ben
___
openssl-bugs-mod
://www.openssl.org/docs/apps/ciphers.html
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-DES-CBC3-SHA
From ‘openssl ciphers -V | grep 0x16’
0x00,0x16 - EDH-RSA-DES-CBC3-SHASSLv3 Kx=DH Au=RSA
Enc=3DES(168) Mac=SHA1
DHE-RSA-DES-CBC3-SHA (on the website
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-DES-CBC3-SHA
From ‘openssl ciphers -V | grep 0x16’
0x00,0x16 - EDH-RSA-DES-CBC3-SHASSLv3 Kx=DH Au=RSA
Enc=3DES(168) Mac=SHA1
DHE-RSA-DES-CBC3-SHA (on the website) vs
EDH-RSA-DES-CBC3-SHA (actually usuable)
OpenSSL used nonstandard spelling EDH for 6 old
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-DES-CBC3-SHA
From ‘openssl ciphers -V | grep 0x16’
0x00,0x16 - EDH-RSA-DES-CBC3-SHASSLv3 Kx=DH Au=RSA
Enc=3DES(168) Mac=SHA1
DHE-RSA-DES-CBC3-SHA (on the website) vs
EDH-RSA-DES-CBC3-SHA (actually usuable)
OpenSSL used nonstandard spelling EDH for 6 old
From https://www.ietf.org/rfc/rfc4346.txt
CipherSuite TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = { 0x00,0x16 };
From https://www.openssl.org/docs/apps/ciphers.html
TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA DHE-RSA-DES-CBC3-SHA
From ‘openssl ciphers -V | grep 0x16’
0x00,0x16 - EDH
Self-test report generated by 'make report' - testlog attached
Application Details (name, version)
- openssl-1.0.2a
Problem Description
./Configure linux-x86_64 no-des
make depend
make
../libcrypto.a(cms_kari.o): In function `cms_RecipientInfo_kari_encrypt':
cms_kari.c:(.text+0xa21
On Thu, Jul 03, 2014 at 11:35:15PM +0200, Kurt Roeckx wrote:
On Thu, Jul 03, 2014 at 09:28:47PM +0100, Ben Laurie wrote:
On 3 July 2014 20:06, Kurt Roeckx via RT r...@openssl.org wrote:
On Thu, Jul 03, 2014 at 07:51:28PM +0200, Toralf F?rster via RT wrote:
I think cppcheck is right here
On Fri, Jul 04, 2014 at 08:21:15AM +0200, Otto Moerbeek wrote:
On Thu, Jul 03, 2014 at 11:35:15PM +0200, Kurt Roeckx wrote:
On Thu, Jul 03, 2014 at 09:28:47PM +0100, Ben Laurie wrote:
On 3 July 2014 20:06, Kurt Roeckx via RT r...@openssl.org wrote:
On Thu, Jul 03, 2014 at 07:51:28PM
On 3 July 2014 22:35, Kurt Roeckx k...@roeckx.be wrote:
On Thu, Jul 03, 2014 at 09:28:47PM +0100, Ben Laurie wrote:
On 3 July 2014 20:06, Kurt Roeckx via RT r...@openssl.org wrote:
On Thu, Jul 03, 2014 at 07:51:28PM +0200, Toralf Förster via RT wrote:
I think cppcheck is right here in void
It'd be nice, btw, if someone would report the bug to cppcheck.
On 4 July 2014 10:15, Ben Laurie b...@links.org wrote:
On 3 July 2014 22:35, Kurt Roeckx k...@roeckx.be wrote:
On Thu, Jul 03, 2014 at 09:28:47PM +0100, Ben Laurie wrote:
On 3 July 2014 20:06, Kurt Roeckx via RT r...@openssl.org
On Fri, Jul 04, 2014 at 08:38:23AM +0200, Kurt Roeckx wrote:
On Fri, Jul 04, 2014 at 08:21:15AM +0200, Otto Moerbeek wrote:
On Thu, Jul 03, 2014 at 11:35:15PM +0200, Kurt Roeckx wrote:
On Thu, Jul 03, 2014 at 09:28:47PM +0100, Ben Laurie wrote:
On 3 July 2014 20:06, Kurt Roeckx via
On 07/04/2014 11:17 AM, Ben Laurie wrote:
It'd be nice, btw, if someone would report the bug to cppcheck.
http://5.150.254.56:443/trac-cppcheck/ticket/5970#ticket
Thx
On 4 July 2014 10:15, Ben Laurie b...@links.org wrote:
On 3 July 2014 22:35, Kurt Roeckx k...@roeckx.be wrote:
On Thu, Jul
On 4 July 2014 15:20, Toralf Förster toralf.foers...@gmx.de wrote:
On 07/04/2014 11:17 AM, Ben Laurie wrote:
It'd be nice, btw, if someone would report the bug to cppcheck.
http://5.150.254.56:443/trac-cppcheck/ticket/5970#ticket
Thanks.
Thx
On 4 July 2014 10:15, Ben Laurie b...@links.org
On Thu, Jul 03, 2014 at 07:51:28PM +0200, Toralf Förster via RT wrote:
I think cppcheck is right here in void DES_ofb64_encrypt(), line 84, 85
and 96, or ?:
The line before that:
dp=d;
l2c(v0,dp);--- Uninitialized variable: d
l2c(v1,dp);--- Uninitialized variable: d
On 3 July 2014 20:06, Kurt Roeckx via RT r...@openssl.org wrote:
On Thu, Jul 03, 2014 at 07:51:28PM +0200, Toralf Förster via RT wrote:
I think cppcheck is right here in void DES_ofb64_encrypt(), line 84, 85
and 96, or ?:
The line before that:
dp=d;
l2c(v0,dp);---
On Thu, Jul 03, 2014 at 09:28:47PM +0100, Ben Laurie wrote:
On 3 July 2014 20:06, Kurt Roeckx via RT r...@openssl.org wrote:
On Thu, Jul 03, 2014 at 07:51:28PM +0200, Toralf Förster via RT wrote:
I think cppcheck is right here in void DES_ofb64_encrypt(), line 84, 85
and 96, or ?:
The
On Fri Jan 10 09:53:26 2014, stefano.cata...@gmail.com wrote:
Hello, sorry for my poor english, i installed both 1.0.1e and 1.0.1f
version of openssl but in both versions the cipher
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
does not exists.
I found only EDH-DSS-DES-CBC3-SHA so connections
Hi OpenSSL folks--
In the message below, James Cloos points out that the OpenSSL
ciphersuite string labels are not consistent with the grouping shorthand
for DES and 3DES.
This seems similar to the situation for DHE (EDH) and ECDHE (EECDH),
which were known with incompatible/inconsistent terms
in some cases and omits RSA for akRSA, and some
noise words. There has been discussion of some changes to this coming.
I found only EDH-DSS-DES-CBC3-SHA so connections with explorer 8 and
cipher suite
That is indeed the OpenSSL name for the suite above.
-ALL:AESGCM:ECDH:DH:-SSLv3:-AES256-GCM
Hello, sorry for my poor english, i installed both 1.0.1e and 1.0.1f
version of openssl but in both versions the cipher
TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA
does not exists.
I found only EDH-DSS-DES-CBC3-SHA so connections with explorer 8 and
cipher suite
-ALL:AESGCM:ECDH:DH:-SSLv3:-AES256-GCM
,
SSL_aRSA,
diff --git a/ssl/ssl3.h b/ssl/ssl3.h
index 17dd50c..c94b3a4 100644
--- a/ssl/ssl3.h
+++ b/ssl/ssl3.h
@@ -214,6 +214,17 @@ extern C {
#define SSL3_TXT_DH_RSA_DES_64_CBC_SHA DH-RSA-DES-CBC-SHA
#define SSL3_TXT_DH_RSA_DES_192_CBC3_SHA DH-RSA-DES-CBC3-SHA
+#define
8192 bytes
des cbc 39148.28k40071.83k40669.53k40685.80k40864.43k
des ede3 14358.54k14528.02k14611.88k14632.96k14641.83k
and with them:
type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes
des cbc 54334.03k
On a SPARC T4-2, first with crypto opcodes disabled:
type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes
des cbc 54342.76k56258.03k57101.95k57558.36k57636.18k
des ede3 19990.29k20679.25k20837.29k20877.31k20889.60k
From: Andy Polyakov ap...@openssl.org
Date: Sun, 31 Mar 2013 14:42:21 +0200
On a SPARC T4-2, first with crypto opcodes disabled:
type 16 bytes 64 bytes 256 bytes 1024 bytes 8192 bytes
des cbc 54342.76k 56258.03k 57101.95k 57558.36k 57636.18k
des ede3 19990.29k 20679.25k 20837.29k 20877.31k
DES took a little bit more work.
It stems from a common issue in that the DES opcodes expect the
expanded key to be in a different format from the one the generic DES
code puts it in.
Complicating things further, the fcrypt code cannot use the DES
opcodes because it wants the rounds computed
8192 bytes
des cbc 39148.28k40071.83k40669.53k40685.80k40864.43k
des ede3 14358.54k14528.02k14611.88k14632.96k14641.83k
and with them:
type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes
des cbc 54334.03k56280.92k
This will be used when supporting the sparc DES opcodes
as they expect the key to be expanded differently.
Signed-off-by: David S. Miller da...@davemloft.net
---
Configure | 10 +-
crypto/des/Makefile |2 +-
2 files changed, 6 insertions(+), 6 deletions(-)
diff --git
The biggest trick here is providing the mechanism necessary to expand
the key properly.
The DES opcodes expect the expanded key to be in a different format
than the generic openssl DES code does.
So we use some include and CPP define trickey so that we can override
the key expansion
Hello All,
The file \doc\standards.txt states that OpenSSL supports rfc3217 (Triple-DES
and RC2 Key Wrapping), however, I was only able to find AES key wrapping
(rfc3394) in \crypto\aes\aes_wrap.c, not Triple-DES or RC2 Key Wrapping. Could
you please help me locate the functions
] wrote:
Hello,
I am trying to override the DES/3DES in OpenSSL. The API
EVP_EncryptInit_ex() requires the name of the cipher. For DES, the closes I
found (in crypto/objects) is DES-CBC. I didn't find for 3DES – something
like 3DES-CBC. The only match I see is PBE-SHA1-3DES. Can someone
Hello,
I am trying to override the DES/3DES in OpenSSL. The API EVP_EncryptInit_ex()
requires the name of the cipher. For DES, the closes I found (in
crypto/objects) is DES-CBC. I didn't find for 3DES - something like
3DES-CBC. The only match I see is PBE-SHA1-3DES. Can someone please
Hello,
How do I override/support DES(3DES) in a crypto engine? I checked the in-built
engines and none of them support. Also, there is no DES method declaration in
engine.h file. Any help/pointers would be appreciated.
Thanks,
-Sitanshu
hi,all
i meet a problem.when i plant the DES to my voip gateway for the purpose of
snmpv3 support, it shows decryption error.
My gateway is running on vxworks and processor is mips32.
i guess it should be something wrong with architecture concerned choice, such
as big(little)endian
]: Leaving directory `/tmp/build_openssl2425/openssl-0.9.8e'
../util/shlib_wrap.sh ./destest
You blaim des, but can you confirm that other tests pass? test_des is
first in the list... Try test/sha1test...
make[1]: *** [test_des] Segmentation Fault (core dumped)
'cd test', 'gdb destest core
is limited to DES for only with shared flag and Solaris for
64-bit..
Did anyone experienced the same ?
I tried to remove the DES_PTR information since the INSTALL says in the
crypto/des directory:
For 64 bit computers, do not use the DES_PTR option
This did not make a change and the 32 bit
This file lacks a header-guard. It's needed since it is
included multiple times in crypto/des/des_opts.c (via
des_enc.c). Patch:
--- orig/crypto/des/spr.h 2002-03-04 18:01:16 +0100
+++ crypto/des/spr.h2007-03-19 18:32:56 +0100
@@ -56,6 +56,9 @@
* [including the GNU Public Licence
- Block Ciph
regards,
Fred
-Original Message-
From: Frédéric Donnat
Sent: Thu 5/4/2006 5:04 PM
To: openssl-dev@openssl.org; [EMAIL PROTECTED]
Cc: openssl-dev@openssl.org
Subject:RE: [openssl.org #1318] [PATCH] AES-CFB1 and DES-CFB1 mode only
encrypts 1/8th of the source
: Thu 4/20/2006 3:44 PM
To: [EMAIL PROTECTED]
Cc: openssl-dev@openssl.org
Subject:Re: [openssl.org #1318] [PATCH] AES-CFB1 and DES-CFB1 mode only
encrypts 1/8th of the source
Michael McDougall wrote:
diff -ur openssl-SNAP-20060415/crypto/aes/aes_cfb.c
openssl-SNAP-20060415.changed
Michael McDougall wrote:
diff -ur openssl-SNAP-20060415/crypto/aes/aes_cfb.c
openssl-SNAP-20060415.changed/crypto/aes/aes_cfb.c
--- openssl-SNAP-20060415/crypto/aes/aes_cfb.c2004-12-30
06:00:14.0 -0500
+++ openssl-SNAP-20060415.changed/crypto/aes/aes_cfb.c
(re-sending from since the first message seems to be dropped, maybe
because I sent from an email account that wasn't subscribed.)
Kyle Hamilaton wrote:
OpenSSL's site has already been notified to the US authorities as the
repository for the project. This means that US citizens may submit
AES-CFB1 and DES-CFB1 mode only encrypts 1/8th of the source file.
To reproduce, run the following commands:
echo I Love OpenSSL so much. test.txt
openssl enc -in test.txt -out test.encssl -K
0123456789abcdef0123456789abcdef -iv
openssl enc -in test.encssl -K
] wrote:
AES-CFB1 and DES-CFB1 mode only encrypts 1/8th of the source file.
To reproduce, run the following commands:
echo I Love OpenSSL so much. test.txt
openssl enc -in test.txt -out test.encssl -K
0123456789abcdef0123456789abcdef -iv
openssl enc
Hey,
If I don't feed some random bytes (as data to encrypt - not as IV) to
the Triple-DES, is that a weakness? I think I should add at least 1
block size of random bytes (64 bit - 8 bytes), to make sure that
one-repeated character padding will not be added in the first block.
Thanks,
Joe
Hello,
An update of the documentation is fine for me, as this helps.
Thank you very much.
Kind regards,
Manfred Gnirss
TMCC Technical Sales Support,
eMail: [EMAIL PROTECTED]
__
OpenSSL Project
, nor the openssl speed command itself
[EMAIL PROTECTED]:~ time openssl speed xxx
Error: bad option or value
Available values:
md2 mdc2 md4 md5 hmac sha1 rmd160
rc2-cbc bf-cbc
des-cbc des-ede3 aes-128-cbc aes-192-cbc aes-256-cbc rc4
[EMAIL PROTECTED] - Thu Jan 19 14:28:37 2006]:
Therefore I assume, that there is an error. I would appreciate if
a) either, the documentation would reflect the behavior of the code,
b) or, the speed would use the engine if requested. (This would be
solution, which I prefer).
Is there any
.
type 16 bytes 64 bytes256 bytes 1024 bytes 8192
bytes
aes-128-cbc 22281.76k24300.42k25061.63k25213.95k
25266.86k
DES with hardware support:
[EMAIL PROTECTED]:~ time openssl speed -evp des-cbc -engine ibmca
engine ibmca set.
...
The 'numbers' are in 1000s
Hello,
I intend to use
openssl speed des -engine ibmca
and
openssl speed aes -engine ibmca
to show the influence of hardware accelaration on a mainframe, by comparing
the results with
openssl speed des and with openssl speed aes
Unfortunately
openssl speed des -engine ibmca
[EMAIL PROTECTED] - Sat Jan 14 19:07:25 2006]:
Hello,
I intend to use
openssl speed des -engine ibmca
and
openssl speed aes -engine ibmca
to show the influence of hardware accelaration on a mainframe, by
comparing
the results with
openssl speed des and with openssl speed aes
Hi,
The man page for enc has two errors which together give the impression
that OpenSSL does not support Triple DES in ECB mode.
Description of des-ede should be Two key triple DES EDE in ECB mode
rather than Alias for des-ede.
Description of des-ede3 should be Three key triple DES EDE in ECB
2. See ./config script line 663 and below and speculate why do you think
it doesn't recognize your system as ELF? Maybe shared libraries reside
in /shlib?
Hmm, file(1) doesn't follow symlinks by default.
How about to use -L option?
% file /usr/lib/libc.so.12.129
/usr/lib/libc.so.12.129:
cyrpt/des/dx86-out.s makes some errors in build process.
For now, I can only attach a summary of make report.
Please let me know if you need more information.
gcc -I.. -I../.. -I../../include -DOPENSSL_THREADS -pthread
-D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN
Hi,
In message [EMAIL PROTECTED],
`Andy Polyakov [EMAIL PROTECTED]' wrote:
Target: BSD-x86
Configured with: ... --target=i386--netbsdelf
Apparently it fails to recognize your target as ELF.
1. Verify that you can build if you configure with './Configure
BSD-x86-elf ...',
2. See ./config script line 663 and below and speculate why do you think
it doesn't recognize your system as ELF? Maybe shared libraries reside
in /shlib?
Hmm, file(1) doesn't follow symlinks by default.
How about to use -L option?
% file /usr/lib/libc.so.12.129
/usr/lib/libc.so.12.129:
In message [EMAIL PROTECTED],
`Andy Polyakov [EMAIL PROTECTED]' wrote:
2. See ./config script line 663 and below and speculate why do you think
it doesn't recognize your system as ELF? Maybe shared libraries reside
in /shlib?
Hmm, file(1) doesn't follow symlinks by default.
How about
Hi,
cyrpt/des/dx86-out.s makes some errors in build process.
For now, I can only attach a summary of make report.
Please let me know if you need more information.
--
gotoyuzo
% make report
...
making all in crypto/des...
gcc -I.. -I../.. -I../../include -DOPENSSL_THREADS -pthread
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ioannis Liverezas told me that:
I 've studied the engine API and the zencod code and I began coding
using zencod as an example.
I 'm not sure if this is the way that things work, but if I 'm right,
each time the engine needs for example
to
Thanx to all for your help.
I 've studied the engine API and the zencod code and I began coding
using zencod as an example.
I 'm not sure if this is the way that things work, but if I 'm right,
each time the engine needs for example
to encrypt or decrypt a data buffer, it has to open and close
[mailto:[EMAIL PROTECTED]
Envoyé : mardi 29 juin 2004 15:45
À : Frédéric Donnat; [EMAIL PROTECTED]
Objet : RE : using DES hardware with openssl
Thanx to all for your help.
I 've studied the engine API and the zencod code and I began coding
using zencod as an example.
I 'm not sure
Hi everybody.
I want to use a DES ECB/CBC encryption/decryption hardware with openssl.
I 've already built a linux driver that writes to and reads from the device,
and also provides device control, such as setting the keys, ecb or cbc mode,
initialization vector for cbc. The driver is tested
On Fri, Jun 25, 2004, Ioannis Liverezas wrote:
Hi everybody.
I want to use a DES ECB/CBC encryption/decryption hardware with openssl.
I 've already built a linux driver that writes to and reads from the device,
and also provides device control, such as setting the keys, ecb or cbc mode
la part de Ioannis Liverezas
Envoyé : vendredi 25 juin 2004 12:11
À : [EMAIL PROTECTED]
Objet : using DES hardware with openssl
Hi everybody.
I want to use a DES ECB/CBC encryption/decryption hardware with openssl. I 've already
built a linux driver that writes to and reads from the device
I've checked in a fix to OpenSSL 0.9.8-dev let me know of any problems.
Steve.
Thank you very much for the fix. I have tested the fix and the fix corrects
the problem I reported very nicely.
__
OpenSSL Project
[EMAIL PROTECTED] - Sat Sep 27 20:42:33 2003]:
I have an application using the OpenSSL S/MIME interface. When I
generate an encryptred message using DES, the DES key generated
does not have odd parity. The key is generated in
pk7_doit.c:PKCS7_dataInit by calling RAND_bytes
Handle: 2004012721473500
appro
appro Modified files:
appro openssl/crypto/des cfb64ede.c cfb_enc.c
appro openssl/crypto/evp e_des.c e_des3.c
appro
appro Log:
appro CFB DES sync-up with FIPS branch.
-
Please consider sponsoring my work on free software.
See http
Hi,
In stress testing the latest ibmca engine, I've come across errors when
running multiple server applications (each statically linked to openssl) on
the same box. The client machine is running openssl (software only),
connecting to a server running w/ engine patch accelerating DES
openssl 0.9.7c fails to build under SunOS 4.1.4 because memmove is
missing. This is addressed by a define in e_os.h but cfb_enc.c does
not manage to include it.
The appended patch fixes the problem but probably isn't the right way.
Craig
That patch was good enough for me. Applied. Thanks.
Ticket resolved.
[guest - Wed Oct 1 21:20:29 2003]:
openssl 0.9.7c fails to build under SunOS 4.1.4 because memmove is
missing. This is addressed by a define in e_os.h but cfb_enc.c does
not manage to include it.
The appended patch
I have an application using the OpenSSL S/MIME interface. When
I generate an encryptred message using DES, the DES key generated does not have
odd parity. The key is generated in pk7_doit.c:PKCS7_dataInit by
callingRAND_bytes().
In testing interoperability with the NIST S/MIME test center
On Fri, Sep 26, 2003, Robin Ehrlich wrote:
I have an application using the OpenSSL S/MIME interface. When I generate an
encryptred message using DES, the DES key generated does not have odd
parity. The key is generated in pk7_doit.c:PKCS7_dataInit by calling
RAND_bytes().
In testing
/progs.pl
./crypto/evp/e_des.c
./crypto/evp/evp.h
./crypto/objects/obj_mac.num
./crypto/objects/objects.txt
./crypto/evp/evp_enc.c
./crypto/des/Makefile
and added ./crypto/des/ectr_enc.c file (my implementation of counter mode,
modified version)
and it works.
Now I just downloaded openssl-0.9.7b, and I
tried both functions DES_ncbc_encrypt() and DES_cbc_encrypt() in lib
crypto/des for encryption, the result string can't be decrypted by the Java
version cipher tool, it doesn't work the other way around neither. I got around
the padding but the strings just look totally different. Am I using
encrypted string is passed to another system for decryption and vice versa,
in which the cipher encryption tool was developed in Java, cipher algorithm is DES,
mode is CBC, PKCS 5 padding.
I tried both functions DES_ncbc_encrypt() and DES_cbc_encrypt() in lib crypto/des for
encryption, the result
.
The result encrypted string is passed to another system for decryption
and vice versa, in which the cipher encryption tool was developed in
Java, cipher algorithm is DES, mode is CBC, PKCS 5 padding.
I tried both functions DES_ncbc_encrypt() and DES_cbc_encrypt() in lib
crypto/des for encryption
Hi,
I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
text, by using CBC mode with IV preset to 8 bytes of 0x00.
When the encrypted text was decrypted back to plain text, the first 8
bytes are bad text. I believe there are something to do with the IV
parameter, or I call
Hi,
I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
text, by using CBC mode with IV preset to 8 bytes of 0x00.
When the encrypted text was decrypted back to plain text, the first 8
bytes are bad text. I believe there are something to do with the IV
parameter, or I call
Hi,
I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
text, by using CBC mode with IV preset to 8 bytes of 0x00.
When the encrypted text was decrypted back to plain text, the first 8
bytes are bad text. I believe there are something to do with the IV
parameter, or I call
In message [EMAIL PROTECTED] on Fri, 14 Feb 2003 21:18:45
+0100 (MET), via RT [EMAIL PROTECTED] said:
rt
rt Hi,
rt
rt I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
rt text, by using CBC mode with IV preset to 8 bytes of 0x00.
rt When the encrypted text was decrypted
In message [EMAIL PROTECTED] on Fri, 14 Feb 2003 21:18:45
+0100 (MET), via RT [EMAIL PROTECTED] said:
rt
rt Hi,
rt
rt I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
rt text, by using CBC mode with IV preset to 8 bytes of 0x00.
rt When the encrypted text was decrypted
In other words, this is a user error. This ticket is now resolved.
[[EMAIL PROTECTED] - Sat Feb 15 01:53:26 2003]:
In message [EMAIL PROTECTED] on Fri, 14 Feb
2003 21:18:45 +0100 (MET), via RT [EMAIL PROTECTED] said:
rt
rt Hi,
rt
rt I'm using the latest (0.9.7) Crypto lib to encrypt a
PROTECTED]
^^
Is that really a good idea ?
Module: openssl Date: 11-Dec-2002 07:59:18
Branch: HEAD Handle: 2002121106591600
Modified files:
openssl/crypto/des des.h des_old.h
Log:
Since HEADER_DES_H
On Mon, Dec 09, 2002 at 05:45:47PM +0100, Richard Levitte - VMS Whacker wrote:
In message 20021209122438.GB16737@folly on Mon, 9 Dec 2002 13:24:38 +0100, Markus
Friedl [EMAIL PROTECTED] said:
markus On Sun, Dec 08, 2002 at 12:39:04PM +0100, Martin MOKREJ? wrote:
markus cc: Error:
Hi,
I tried to add one more mode (my version of counter mode) to des part,
and I faced compilation problem. I am working on openssl-0.9.6h, RedHat 8
using kernel 2.4.20, gcc 3.2.1 on an Intel Pentium III desktop.
Here are what I have done:
1 added function des_ectr_encrypt() to file crypto
In message 20021210110227.GA10920@folly on Tue, 10 Dec 2002 12:02:27 +0100, Markus
Friedl [EMAIL PROTECTED] said:
markus hm, i think this happens if kerberos is included before evp.h
Interesting. That would mean one of two things:
1. Kerberos (was that with the KTH-KRB and Heimdal
In message 20021210085038.GA166@folly on Tue, 10 Dec 2002 09:50:38 +0100, Markus
Friedl [EMAIL PROTECTED] said:
markus It's including all those headers because it used to, and people will
markus complain if they don't get all those algorithms just by including
markus evp.h.
markus
markus
to get rid of des originating from openssl. ;)
I think that's a bad solution, because then you're explicitely asking
for a mix of the two des.h, with the consequences that has.
mmokrejs If you plan to rename des.h to des_old.h, fine for me, then only one
mmokrejs des.h will be present. As I'm
On Tue, Dec 10, 2002 at 01:58:28PM +0100, Richard Levitte - VMS Whacker wrote:
In message 20021210085038.GA166@folly on Tue, 10 Dec 2002 09:50:38 +0100, Markus
Friedl [EMAIL PROTECTED] said:
markus It's including all those headers because it used to, and people will
markus complain if they
On Tue, Dec 10, 2002 at 01:38:03PM +0100, Richard Levitte - VMS Whacker wrote:
I think the best way to solve this is to change the name of the
protecting macro in OpenSSL 0.9.7's des.h, and give it's des_old.h the
same protecting macro name as older versions use (and presumably
libdes as
In message 20021210133035.GC31780@folly on Tue, 10 Dec 2002 14:30:35 +0100, Markus
Friedl [EMAIL PROTECTED] said:
markus yes, i think that des_old should use the same protecting macros as
markus the old libdes/openssl, and the DES_ file something completely
markus different.
I'll commit that
On Sun, Dec 08, 2002 at 12:39:04PM +0100, Martin MOKREJ? wrote:
cc: Error: /usr/local/openssl/include/openssl/mdc2.h, line 79: Missing type
specifier or type qualifier. (missingtype)
DES_cblock h,hh;
^
i don't think openssl's evp.h should include mdc2.h
In message 20021209122438.GB16737@folly on Mon, 9 Dec 2002 13:24:38 +0100, Markus
Friedl [EMAIL PROTECTED] said:
markus On Sun, Dec 08, 2002 at 12:39:04PM +0100, Martin MOKREJ? wrote:
markus cc: Error: /usr/local/openssl/include/openssl/mdc2.h, line 79: Missing type
specifier or type
Hi,
I've seen that openssh will have different function names for des, I
think thats great. As kerberos4 nor kerbero5 from KTH in Sweden support
those new calls yet, I thought it would be best for me to switch back to
the old behaviour, i.e. have kerberized libkrb and other libs with
disabled
1 - 100 of 179 matches
Mail list logo