[openssl.org #502] TXT_DB error number 2
Hi, I am a newbe to the SSL. I need to use the MySQL server together with the SSL. In the documentation of the mysql v. 4.0.10 there is written a procedure for building up the mysql with the support from openssl and also about setting up SSL certificates for MySQL: DIR=`pwd`/openssl PRIV=$DIR/private mkdir $DIR $PRIV $DIR/newcerts cp /usr/share/ssl/openssl.cnf $DIR replace ./demoCA $DIR -- $DIR/openssl.cnf touch $DIR/index.txt echo 01 $DIR/serial openssl req -new -x509 -keyout $PRIV/cakey.pem -out $DIR/cacert.pem \ -config $DIR/openssl.cnf openssl req -new -keyout $DIR/server-key.pem -out \ $DIR/server-req.pem -days 3600 -config $DIR/openssl.cnf openssl rsa -in $DIR/server-key.pem -out $DIR/server-key.pem openssl ca -policy policy_anything -out $DIR/server-cert.pem \ -config $DIR/openssl.cnf -infiles $DIR/server-req.pem openssl req -new -keyout $DIR/client-key.pem -out \ $DIR/client-req.pem -days 3600 -config $DIR/openssl.cnf openssl rsa -in $DIR/client-key.pem -out $DIR/client-key.pem openssl ca -policy policy_anything -out $DIR/client-cert.pem \ -config $DIR/openssl.cnf -infiles $DIR/client-req.pem and aftre the last command I obtain (actually it was the last command to do): Certificate is to be certified until Feb 14 06:46:00 2004 GMT (365 days) Sign the certificate? [y/n]:y failed to update database TXT_DB error number 2 Can You help me with the problem? How can I manage with it? Best regards, Maciej Bobrowski __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #498] [PATCH] voor linux-mips
Thanks. I made a slightly different change, by taking the bn_ops (BN_LLONG...) from OpenBSD-mips. Also, I only applied this to 0.9.7a-dev and 0.9.8-dev. Please test tomorrows snapshot. This ticket is now resolved. [[EMAIL PROTECTED] - Thu Feb 13 20:32:13 2003]: Hello, I needed shared versions of libssl on a linux-mips (SGI IP22 system). I copied the linux-ppc line for linux-mips. After this I ran make test, which succeded (except voor bc, which I don't have on my system yet). I am from the Netherlands. Thanks, Take -- Richard Levitte __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #454] [PATCH] FreeBSD openssl-0.9.7
I've inserted changes that we didn't already have. Does FreeBSD on ia64 really not
have threading support?
Please test tomorrows snapshot on sparc64 and ia64.
This ticket is now resolved.
[[EMAIL PROTECTED] - Sun Jan 12 23:00:37 2003]:
Hi,
In order to support compilation on FreeBSD I have to suggest some
patches.
Please revise and send me comment.
regesssion test looks fine for:
http://people.freebsd.org/~dinoex/ports/openssl097.i386.stable
http://people.freebsd.org/~dinoex/ports/openssl097.i386.current
http://people.freebsd.org/~dinoex/ports/openssl097.alpha.current
http://people.freebsd.org/~dinoex/ports/openssl097.sparc64.current
http://people.freebsd.org/~dinoex/ports/openssl097.ia64.current
Gruß Dirk
- Dirk Meyer, Im Grund 4, 34317 Habichtswald, Tel 05606/6512 Q (voice)
- Origin: DINOEX Habichtswald -FRG- [[EMAIL PROTECTED]]
-
[[EMAIL PROTECTED]],[[EMAIL PROTECTED]],[[EMAIL PROTECTED]]
--- Makefile.org.orig Thu Apr 5 13:08:02 2001
+++ Makefile.org Sat Oct 12 22:10:18 2002
@@ -250,6 +250,21 @@
done
build-shared: clean-shared do_$(SHLIB_TARGET) link-shared
+
+freebsd-shared:
+ for i in ${SHLIBDIRS}; do \
+ rm -f lib$$i.a lib$$i.so \
+ lib$$i.so.${SHLIBVER}; \
+ ${MAKE} CC='${CC}' PLATFORM='${PLATFORM}' CFLAG='-fPIC ${CFLAG}'
SDIRS='${SDIRS}' INSTALLTOP='${INSTALLTOP}' PEX_LIBS='${PEX_LIBS}'
EX_LIBS='${EX_LIBS}' BN_ASM='${BN_ASM}' DES_ENC='${DES_ENC}'
BF_ENC='${BF_ENC}' CAST_ENC='${CAST_ENC}' RC4_ENC='${RC4_ENC}'
RC5_ENC='${RC5_ENC}' SHA1_ASM_OBJ='${SHA1_ASM_OBJ}'
MD5_ASM_OBJ='${MD5_ASM_OBJ}' RMD160_ASM_OBJ='${RMD160_ASM_OBJ}'
AR='${AR}' DIRS=$$i clean all || exit 1; \
+ ( set -x; ${CC} -nodefaultlibs -shared -o lib$$i.so.${SHLIBVER} \
+ -Wl,-S,-soname=lib$$i.so.${SHLIBVER} \
+ -Wl,${WHOLE_ARCHIVE_FLAG} lib$$i.a ) || exit 1; \
+ rm -f lib$$i.a; (cd $$i ; ${MAKE} clean) || exit 1 ;\
+ done;
+ @set -x; \
+ for i in ${SHLIBDIRS}; do \
+ ln -s lib$$i.so.${SHLIBVER} lib$$i.so; \
+ done;
do_bsd-gcc-shared: do_gnu-shared
do_linux-shared: do_gnu-shared
--- Configure.origFri Dec 27 17:35:11 2002
+++ Configure Sat Jan 11 01:44:38 2003
@@ -350,7 +350,9 @@
#
# This probably belongs in a different section.
#
-FreeBSD-alpha,gcc:-DTERMIOS -O
-fomit-frame-pointer::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK
DES_INT DES_PTR DES_RISC2::dlfcn:bsd-gcc-shared:-
fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR),
+FreeBSD-alpha,$ENV{CC}:-DTERMIOS
$ENV{CFLAGS}::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT
DES_PTR DES_RISC2::dlfcn:bsd-gcc-shared:-
fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR),
+FreeBSD-sparc64,$ENV{CC}:-DTERMIOS -DB_ENDIAN -DULTRASPARC
-DBN_DIV2W $ENV{CFLAGS}::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHAR
RC4_CHUNK DES_INT DES_PTR DES_RISC1 DES_UNROLL
BF_PTR::dlfcn:bsd-gcc-shared:-
fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR),
+FreeBSD-ia64,$ENV{CC}:-DL_ENDIAN -DTERMIOS
$ENV{CFLAGS}::(unknown):::SIXTY_FOUR_BIT_LONG RC4_CHUNK
RC4_CHAR:asm/ia64-cpp.o:dlfcn:bsd-gcc-shared:-
fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR),
Alpha Linux with GNU C and Compaq C setups
# Special notes:
@@ -395,8 +397,8 @@
NetBSD-sparc, gcc:-DTERMIOS -O3 -fomit-frame-pointer -mv8 -Wall
-DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX
DES_UNROLL::dlfcn:bsd-gcc-shared:-
fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR),
NetBSD-m68,gcc:-DTERMIOS -O3 -fomit-frame-pointer -Wall
-DB_ENDIAN::(unknown):::BN_LLONG MD2_CHAR RC4_INDEX
DES_UNROLL::dlfcn:bsd-gcc-shared:-
fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR),
NetBSD-x86,gcc:-DTERMIOS -O3 -fomit-frame-pointer -m486
-Wall::(unknown):::BN_LLONG ${x86_gcc_des}
${x86_gcc_opts}::dlfcn:bsd-gcc-shared:-
fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR),
-FreeBSD-elf, gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3
-m486 -Wall::-pthread -D_REENTRANT -D_THREAD_SAFE
-D_THREADSAFE:::BN_LLONG ${x86_gcc_des}
${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-
fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR),
-FreeBSD, gcc:-DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3
-m486 -Wall::(unknown):::BN_LLONG ${x86_gcc_des}
${x86_gcc_opts}:${x86_out_asm},
+FreeBSD-elf, $ENV{CC}:-DTERMIOS -DL_ENDIAN $ENV{CFLAGS}
-Wall::-pthread -D_REENTRANT -D_THREAD_SAFE
-D_THREADSAFE:::BN_LLONG ${x86_gcc_des}
${x86_gcc_opts}:${x86_elf_asm}:dlfcn:bsd-gcc-shared:-
fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR),
+FreeBSD, $ENV{CC}:-DTERMIOS -DL_ENDIAN $ENV{CFLAGS}
-Wall::(unknown):::BN_LLONG ${x86_gcc_des}
${x86_gcc_opts}:${x86_out_asm},
bsdi-gcc, gcc:-O3 -ffast-math -DL_ENDIAN -DPERL5
-m486::(unknown):::RSA_LLONG ${x86_gcc_des}
${x86_gcc_opts}:${x86_bsdi_asm},
bsdi-elf-gcc, gcc:-DPERL5 -DL_ENDIAN
[openssl.org #378] building without md5
[levitte - Wed Dec 4 21:19:17 2002]: MD5 is one of those algorithms that's used so much it isn't easy to disable. However, you only had problems in two files with it, we're apparently doing fine. I'll investigate and get back to you. Hmm. In ssl/s3_srvr.c it seems, that both digest lengths will be pretty hard to replace... Best regards, __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #162] SSL_shutdown return 0 in case of SSLv3_client_method
Note that SSL_get_error() is not meant to be used on SSL_shutdown() return values (although it would be good to have some API that behaves similarly to SSL_read, SSL_write, SSL_do_handshake etc. in this respect). If SSL_shutdown() always returns 0 when called multiple times, this is probably because the server (which, presumably, is not OpenSSL-based) does not properly close the connection and fails to send a closure alert. This is a protocol violation; however, it should be safe to tolerate it because connection closure will not have to be authenticated for most application protocols. Ticket closed because this looks like a bug in the server software, which appears to be not OpenSSL-based. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #503] -support for new algorithm?
[guest - Fri Feb 14 10:56:47 2003]: need to know how i can include a new encryption algorithm support in openssl? thanks in advance The bug tracker should be used for reporting bugs in OpenSSL. Other queries should be directed to the mailing lists: openssl-users in this case. Steve. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: IMPORTANT: please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz(fwd)
It compiles and all tests passed on SCO Openserver 5.0.6A using gcc-3.2.2 __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #504] DES CBC Initial Vector Parameter Problem
Hi,
I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
text, by using CBC mode with IV preset to 8 bytes of 0x00.
When the encrypted text was decrypted back to plain text, the first 8
bytes are bad text. I believe there are something to do with the IV
parameter, or I call the functions incorrectly. Please help!!
Here are the source code and the output:
=
#include iostream.h
#include stdio.h
#include openssl/des.h
#include HubUtil.h
int main() {
char mKey[8];
mKey[0] = 0xb1;
mKey[1] = 0xa5;
mKey[2] = 0x38;
mKey[3] = 0x58;
mKey[4] = 0xb2;
mKey[5] = 0x60;
mKey[6] = 0xd7;
mKey[7] = 0x38;
char myIV[8];
myIV[0] = 0x00;
myIV[1] = 0x00;
myIV[2] = 0x00;
myIV[3] = 0x00;
myIV[4] = 0x00;
myIV[5] = 0x00;
myIV[6] = 0x00;
myIV[7] = 0x00;
DES_cblock cbKey;
DES_cblock cbIV;
DES_key_schedule kSchedule;
char inS[] = Hello c++ World;
unsigned char input[19];
int i;
for(i=0; istrlen(inS); i++) {
input[i] = (unsigned) inS[i];
}
char inHex[39];
HubUtil::bytesToHex(input, inHex, 19);
cout Input hex: inHex endl;
unsigned char output[24];
DES_string_to_key(mKey, cbKey);
DES_string_to_key(myIV, cbIV);
DES_set_key_unchecked(cbKey, kSchedule);
DES_ncbc_encrypt(input, output, 19, kSchedule, cbIV, 1);
cout In : input endl;
unsigned char output2[19];
DES_ncbc_encrypt(output, output2, 24, kSchedule, cbIV, 0);
char outHex[39];
HubUtil::bytesToHex(output2, outHex, 19);
cout Decrypted hex: outHex endl;
return 0;
}
=
byteToHex - input char in decimal value: H
byteToHex - input char in decimal value: e
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: c
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: W
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value: r
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: d
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
Input hex: 48656C6C6F20632B2B20576F726C6421212121
In : Hello c++ World
byteToHex - input char in decimal value: ¬
byteToHex - input char in decimal value: ¦
byteToHex - input char in decimal value: (
byteToHex - input char in decimal value: e
byteToHex - input char in decimal value: )
byteToHex - input char in decimal value: ^
byteToHex - input char in decimal value: E
byteToHex - input char in decimal value: ó
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: W
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value: r
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: d
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
Decrypted hex: ACA62865295E45F32B20576F726C6421212121
=
Ken Ho
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
[openssl.org #505] DES CBC Initial Vector Parameter Problem
Hi,
I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
text, by using CBC mode with IV preset to 8 bytes of 0x00.
When the encrypted text was decrypted back to plain text, the first 8
bytes are bad text. I believe there are something to do with the IV
parameter, or I call the functions incorrectly. Please help!!
Here are the source code and the output:
=
#include iostream.h
#include stdio.h
#include openssl/des.h
#include HubUtil.h
int main() {
char mKey[8];
mKey[0] = 0xb1;
mKey[1] = 0xa5;
mKey[2] = 0x38;
mKey[3] = 0x58;
mKey[4] = 0xb2;
mKey[5] = 0x60;
mKey[6] = 0xd7;
mKey[7] = 0x38;
char myIV[8];
myIV[0] = 0x00;
myIV[1] = 0x00;
myIV[2] = 0x00;
myIV[3] = 0x00;
myIV[4] = 0x00;
myIV[5] = 0x00;
myIV[6] = 0x00;
myIV[7] = 0x00;
DES_cblock cbKey;
DES_cblock cbIV;
DES_key_schedule kSchedule;
char inS[] = Hello c++ World;
unsigned char input[19];
int i;
for(i=0; istrlen(inS); i++) {
input[i] = (unsigned) inS[i];
}
char inHex[39];
HubUtil::bytesToHex(input, inHex, 19);
cout Input hex: inHex endl;
unsigned char output[24];
DES_string_to_key(mKey, cbKey);
DES_string_to_key(myIV, cbIV);
DES_set_key_unchecked(cbKey, kSchedule);
DES_ncbc_encrypt(input, output, 19, kSchedule, cbIV, 1);
cout In : input endl;
unsigned char output2[19];
DES_ncbc_encrypt(output, output2, 24, kSchedule, cbIV, 0);
char outHex[39];
HubUtil::bytesToHex(output2, outHex, 19);
cout Decrypted hex: outHex endl;
return 0;
}
=
byteToHex - input char in decimal value: H
byteToHex - input char in decimal value: e
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: c
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: W
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value: r
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: d
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
Input hex: 48656C6C6F20632B2B20576F726C6421212121
In : Hello c++ World
byteToHex - input char in decimal value: ¬
byteToHex - input char in decimal value: ¦
byteToHex - input char in decimal value: (
byteToHex - input char in decimal value: e
byteToHex - input char in decimal value: )
byteToHex - input char in decimal value: ^
byteToHex - input char in decimal value: E
byteToHex - input char in decimal value: ó
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: W
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value: r
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: d
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
Decrypted hex: ACA62865295E45F32B20576F726C6421212121
=
Ken Ho
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
[openssl.org #506] DES CBC Initial Vector Parameter Problem
Hi,
I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
text, by using CBC mode with IV preset to 8 bytes of 0x00.
When the encrypted text was decrypted back to plain text, the first 8
bytes are bad text. I believe there are something to do with the IV
parameter, or I call the functions incorrectly. Please help!!
Here are the source code and the output:
=
#include iostream.h
#include stdio.h
#include openssl/des.h
#include HubUtil.h
int main() {
char mKey[8];
mKey[0] = 0xb1;
mKey[1] = 0xa5;
mKey[2] = 0x38;
mKey[3] = 0x58;
mKey[4] = 0xb2;
mKey[5] = 0x60;
mKey[6] = 0xd7;
mKey[7] = 0x38;
char myIV[8];
myIV[0] = 0x00;
myIV[1] = 0x00;
myIV[2] = 0x00;
myIV[3] = 0x00;
myIV[4] = 0x00;
myIV[5] = 0x00;
myIV[6] = 0x00;
myIV[7] = 0x00;
DES_cblock cbKey;
DES_cblock cbIV;
DES_key_schedule kSchedule;
char inS[] = Hello c++ World;
unsigned char input[19];
int i;
for(i=0; istrlen(inS); i++) {
input[i] = (unsigned) inS[i];
}
char inHex[39];
HubUtil::bytesToHex(input, inHex, 19);
cout Input hex: inHex endl;
unsigned char output[24];
DES_string_to_key(mKey, cbKey);
DES_string_to_key(myIV, cbIV);
DES_set_key_unchecked(cbKey, kSchedule);
DES_ncbc_encrypt(input, output, 19, kSchedule, cbIV, 1);
cout In : input endl;
unsigned char output2[19];
DES_ncbc_encrypt(output, output2, 24, kSchedule, cbIV, 0);
char outHex[39];
HubUtil::bytesToHex(output2, outHex, 19);
cout Decrypted hex: outHex endl;
return 0;
}
=
byteToHex - input char in decimal value: H
byteToHex - input char in decimal value: e
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: c
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: W
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value: r
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: d
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
Input hex: 48656C6C6F20632B2B20576F726C6421212121
In : Hello c++ World
byteToHex - input char in decimal value: ¬
byteToHex - input char in decimal value: ¦
byteToHex - input char in decimal value: (
byteToHex - input char in decimal value: e
byteToHex - input char in decimal value: )
byteToHex - input char in decimal value: ^
byteToHex - input char in decimal value: E
byteToHex - input char in decimal value: ó
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: W
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value: r
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: d
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
Decrypted hex: ACA62865295E45F32B20576F726C6421212121
=
Ken Ho
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
BCM5820 driver
Hi,
I am working on BCM5820 driver for vxWorks on ixp1200 platform. Has anyone
developed/ported this driver onto ixp1200? If anyone know how to port it,
please reply.
Thanks in advance,
Bepsy
From: via RT [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
CC: [EMAIL PROTECTED]
Subject: [openssl.org #506] DES CBC Initial Vector Parameter Problem Date:
Fri, 14 Feb 2003 21:22:39 +0100 (MET)
Hi,
I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
text, by using CBC mode with IV preset to 8 bytes of 0x00.
When the encrypted text was decrypted back to plain text, the first 8
bytes are bad text. I believe there are something to do with the IV
parameter, or I call the functions incorrectly. Please help!!
Here are the source code and the output:
=
#include iostream.h
#include stdio.h
#include openssl/des.h
#include HubUtil.h
int main() {
char mKey[8];
mKey[0] = 0xb1;
mKey[1] = 0xa5;
mKey[2] = 0x38;
mKey[3] = 0x58;
mKey[4] = 0xb2;
mKey[5] = 0x60;
mKey[6] = 0xd7;
mKey[7] = 0x38;
char myIV[8];
myIV[0] = 0x00;
myIV[1] = 0x00;
myIV[2] = 0x00;
myIV[3] = 0x00;
myIV[4] = 0x00;
myIV[5] = 0x00;
myIV[6] = 0x00;
myIV[7] = 0x00;
DES_cblock cbKey;
DES_cblock cbIV;
DES_key_schedule kSchedule;
char inS[] = Hello c++ World;
unsigned char input[19];
int i;
for(i=0; istrlen(inS); i++) {
input[i] = (unsigned) inS[i];
}
char inHex[39];
HubUtil::bytesToHex(input, inHex, 19);
cout Input hex: inHex endl;
unsigned char output[24];
DES_string_to_key(mKey, cbKey);
DES_string_to_key(myIV, cbIV);
DES_set_key_unchecked(cbKey, kSchedule);
DES_ncbc_encrypt(input, output, 19, kSchedule, cbIV, 1);
cout In : input endl;
unsigned char output2[19];
DES_ncbc_encrypt(output, output2, 24, kSchedule, cbIV, 0);
char outHex[39];
HubUtil::bytesToHex(output2, outHex, 19);
cout Decrypted hex: outHex endl;
return 0;
}
=
byteToHex - input char in decimal value: H
byteToHex - input char in decimal value: e
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: c
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: W
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value: r
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: d
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
Input hex: 48656C6C6F20632B2B20576F726C6421212121
In : Hello c++ World
byteToHex - input char in decimal value: ¬
byteToHex - input char in decimal value: ¦
byteToHex - input char in decimal value: (
byteToHex - input char in decimal value: e
byteToHex - input char in decimal value: )
byteToHex - input char in decimal value: ^
byteToHex - input char in decimal value: E
byteToHex - input char in decimal value: ó
byteToHex - input char in decimal value: +
byteToHex - input char in decimal value:
byteToHex - input char in decimal value: W
byteToHex - input char in decimal value: o
byteToHex - input char in decimal value: r
byteToHex - input char in decimal value: l
byteToHex - input char in decimal value: d
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
byteToHex - input char in decimal value: !
Decrypted hex: ACA62865295E45F32B20576F726C6421212121
=
Ken Ho
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
_
Add photos to your e-mail with MSN 8. Get 2 months FREE*.
http://join.msn.com/?page=features/featuredemail
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Re: IMPORTANT: please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz
Builds and tests OK on Win32. Source: openssl-0.9.7-stable-SNAP-20030214.tar.gz Platform: Win32 (Win2K) Compiler: VC6 SP5, masm, nasm Configurations: VC-WIN32 VC-WIN32 no-idea no-rc5 Tried do_ms, do_masm and do_nasm for each config. -Nathan Bodo Moeller wrote: Please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz (or later), which will be available today around 8 p.m. GMT at URL: ftp://ftp.openssl.org/snapshot;type=d . We plan to release version 0.9.7a soon (next week if all goes well). OpenSSL 0.9.7a will be a bugfix release based on 0.9.7; thus there will be no beta releases. The snapshot should solve most problems that have been reported to [EMAIL PROTECTED]; please test it to help us avoid unforeseen problems with the new release. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE : IMPORTANT: please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz
Test under Windows XP pro, with VISUAL.NET studio (visual 7 C++), platform SDK (October 2002). # After perl Configure VC-WIN32 the output is as follow: Configuring for VC-WIN32 IsWindows=1 CC=cl CFLAG =-DOPENSSL_SYSNAME_WIN32 -DOPENSSL_THREADS -DDSO_WIN32 -DOPENSSL_NO_KRB5 EX_LIBS = BN_ASM=bn_asm.o DES_ENC =des_enc.o fcrypt_b.o BF_ENC=bf_enc.o CAST_ENC =c_enc.o RC4_ENC =rc4_enc.o RC5_ENC =rc5_enc.o MD5_OBJ_ASM = SHA1_OBJ_ASM = RMD160_OBJ_ASM= PROCESSOR = RANLIB=true ARFLAGS = PERL =perl THIRTY_TWO_BIT mode BN_LLONG mode RC4_INDEX mode RC4_CHUNK is undefined Configured for VC-WIN32. # After ms\do_ms.bat the output is as follow: C:\openssl-0.9.7-stable-SNAP-20030214perl util\mkfiles.pl 1MINFO C:\openssl-0.9.7-stable-SNAP-20030214rem perl util\mk1mf.pl VC-MSDOS no-sock ms\msdos.mak C:\openssl-0.9.7-stable-SNAP-20030214rem perl util\mk1mf.pl VC-W31-32 ms\w31.mak C:\openssl-0.9.7-stable-SNAP-20030214perl util\mk1mf.pl dll VC-W31-32 1ms\w31dll.mak C:\openssl-0.9.7-stable-SNAP-20030214perl util\mk1mf.pl no-asm VC-WIN32 1ms\nt.mak C:\openssl-0.9.7-stable-SNAP-20030214perl util\mk1mf.pl dll no-asm VC-WIN32 1ms\ntdll.mak C:\openssl-0.9.7-stable-SNAP-20030214perl util\mk1mf.pl no-asm VC-CE 1ms\ce.mak C:\openssl-0.9.7-stable-SNAP-20030214perl util\mk1mf.pl dll no-asm VC-CE 1ms\cedll.mak C:\openssl-0.9.7-stable-SNAP-20030214perl util\mkdef.pl 16 libeay 1ms\libeay16.def C:\openssl-0.9.7-stable-SNAP-20030214perl util\mkdef.pl 32 libeay 1ms\libeay32.def C:\openssl-0.9.7-stable-SNAP-20030214perl util\mkdef.pl 16 ssleay 1ms\ssleay16.def C:\openssl-0.9.7-stable-SNAP-20030214perl util\mkdef.pl 32 ssleay 1ms\ssleay32.def # Then compiling for static library nmake -f ms\nt.mak: OpenSSL - 0 erreur(s), 18 avertissement(s) (warning LNK4089: toutes les références à 'GDI32.dll' ignorées par /OPT:REF) -- Terminé -- Génération : 1 a réussi, 0 a échoué, 0 a été ignoré # -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] De la part de Bodo Moeller Envoyé : vendredi 14 février 2003 18:09 À : [EMAIL PROTECTED]; [EMAIL PROTECTED] Objet : IMPORTANT: please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz Please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz (or later), which will be available today around 8 p.m. GMT at URL: ftp://ftp.openssl.org/snapshot;type=d . We plan to release version 0.9.7a soon (next week if all goes well). OpenSSL 0.9.7a will be a bugfix release based on 0.9.7; thus there will be no beta releases. The snapshot should solve most problems that have been reported to [EMAIL PROTECTED]; please test it to help us avoid unforeseen problems with the new release. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #492] SSL: server root certs and client auth.
Hello Steve, Stephen Henson via RT wrote: I've committed a fix to address this issue which will appear in the next dev and stable snapshot (i.e. so it will appear in 0.9.7a). Let me know of any problems ASAP. I finally got around to do some quick tests. Seems to be OK. Could SSL_MODE_NO_AUTO_CHAIN be the default, with an additional flag SSL_MODE_AUTO_CHAIN ? Now I have to ask Ralf Engelschall to set the flag in mod_ssl... Bye Goetz -- Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de Sonninstr. 24-28, 20097 Hamburg, Germany Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126 __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: IMPORTANT: please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz
Hello Bodo, Bodo Moeller wrote: Please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz (or later), which will be available today around 8 p.m. GMT at URL: ftp://ftp.openssl.org/snapshot;type=d . OpenSSL 0.9.7a-dev XX xxx 2003 built on: Fri Feb 14 22:35:41 CET 2003 platform: debug-linux-pentium options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: gcc -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DOPENSSL_NO_KRB5 -DBN_DEBUG -DREF_CHECK -DCONF_DEBUG -DBN_CTX_DEBUG -DCRYPTO_MDEBUG -DL_ENDIAN -DTERMIO -g -mcpu=pentium -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM make test OK. Bye Goetz -- Goetz Babin-Ebell, TC TrustCenter AG, http://www.trustcenter.de Sonninstr. 24-28, 20097 Hamburg, Germany Tel.: +49-(0)40 80 80 26 -0, Fax: +49-(0)40 80 80 26 -126 smime.p7s Description: S/MIME Cryptographic Signature
[openssl.org #507] NULL _mod_exp functions can cause crash when verifying DSA with ubsec
This is from an email sent to openssl-users:
I'm signing and verifying documents using DSA and have run into a couple of
problems.
I'm working with OpenSSL 0.9.7 on Linux with a Broadcom crypto card based on
the 5821 (so OpenSSL engine type is ubsec). I have version 1.81 of the
Broadcom driver.
(1) While testing I found that verification of certain signed documents
crashed
OpenSSL. The problem appears to be that hw_ubsec.c:ubsec_dsa_verify() calls
p_UBSEC_dsa_verify_ioctl() and if this call fails then the code tries using
software crypto, indirectly calling dsa_ossl.c:dsa_do_verify(). However,
dsa_do_verify() tries to do:
if (!ENGINE_get_DSA(dsa-engine)-dsa_mod_exp(dsa, t1,dsa-g,u1,
dsa-pub_key,u2,
dsa-p,ctx,mont))
goto err;
and this dies because dsa_mod_exp is NULL. The current workaround is to
set up
pointers in ubsec_dsa for dsa_mod_exp and dsa_bn_mod_exp (just in case):
#ifndef OPENSSL_NO_DSA
static int dsa_mod_exp(DSA *dsa, BIGNUM *rr, BIGNUM *a1, BIGNUM *p1,
BIGNUM *a2, BIGNUM *p2, BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *in_mont)
{
return BN_mod_exp2_mont(rr, a1, p1, a2, p2, m, ctx, in_mont);
}
static int dsa_bn_mod_exp(DSA *dsa, BIGNUM *r, BIGNUM *a, const BIGNUM *p,
const BIGNUM *m, BN_CTX *ctx,
BN_MONT_CTX *m_ctx)
{
return BN_mod_exp_mont(r, a, p, m, ctx, m_ctx);
}
/* Our internal DSA_METHOD that we provide pointers to */
static DSA_METHOD ubsec_dsa =
{
UBSEC DSA method,
ubsec_dsa_do_sign, /* dsa_do_sign */
NULL, /* dsa_sign_setup */
ubsec_dsa_verify, /* dsa_do_verify */
dsa_mod_exp,/* ubsec_dsa_mod_exp */ /* dsa_mod_exp */
dsa_bn_mod_exp, /* ubsec_mod_exp_dsa */ /* bn_mod_exp */
NULL, /* init */
NULL, /* finish */
0, /* flags */
NULL/* app_data */
};
#endif
Not sure if this is entirely kosher, but I don't know why they were NULL to
begin with?
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
RE : IMPORTANT: please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz
Test under Linux Mandrake 9.0, kernel 2.4.20, pentium 3, GCC : Compile and tests ok ! -Message d'origine- De : [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] De la part de Bodo Moeller Envoyé : vendredi 14 février 2003 18:09 À : [EMAIL PROTECTED]; [EMAIL PROTECTED] Objet : IMPORTANT: please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz Please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz (or later), which will be available today around 8 p.m. GMT at URL: ftp://ftp.openssl.org/snapshot;type=d . We plan to release version 0.9.7a soon (next week if all goes well). OpenSSL 0.9.7a will be a bugfix release based on 0.9.7; thus there will be no beta releases. The snapshot should solve most problems that have been reported to [EMAIL PROTECTED]; please test it to help us avoid unforeseen problems with the new release. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #475] [Fwd: patch to 0.9.7 -performacne]
[geoff - Tue Feb 4 22:57:06 2003]: Thanks again. I'll let this patch linger for a day or two in case anyone wants to sanity-check first. Vini, vidi, VIMi. (I diffed, I lingered, I committed - more or less). 0.9.7 is going to have a patch-level release soon so I've confined this change to the head of CVS only (ie. for 0.9.8). I'll consider putting it the 0.9.7 branch after the release, but it's certainly not urgent. -- Geoff Thorpe, RT/openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #492] SSL: server root certs and client auth.
[[EMAIL PROTECTED] - Fri Feb 14 23:42:02 2003]: Hello Steve, Stephen Henson via RT wrote: I've committed a fix to address this issue which will appear in the next dev and stable snapshot (i.e. so it will appear in 0.9.7a). Let me know of any problems ASAP. I finally got around to do some quick tests. Seems to be OK. Could SSL_MODE_NO_AUTO_CHAIN be the default, with an additional flag SSL_MODE_AUTO_CHAIN ? Now I have to ask Ralf Engelschall to set the flag in mod_ssl... If you don't mind including the root CA or there are more than 2 certs in the chain then SSL_CTX_add_extra_chain_cert() will work because that automatically disables the auto chain now. You only need that new mode flag in the exceptional case where you have a chain consisting of two certificates and you specifically want to omit the root CA. Changing the default behaviour is likely to break existing applications that rely on it so I can't really do that. Steve. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #504] DES CBC Initial Vector Parameter Problem
In message [EMAIL PROTECTED] on Fri, 14 Feb 2003 21:18:45
+0100 (MET), via RT [EMAIL PROTECTED] said:
rt
rt Hi,
rt
rt I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
rt text, by using CBC mode with IV preset to 8 bytes of 0x00.
rt When the encrypted text was decrypted back to plain text, the first 8
rt bytes are bad text. I believe there are something to do with the IV
rt parameter, or I call the functions incorrectly. Please help!!
rt
rt Here are the source code and the output:
rt =
rt
rt #include iostream.h
rt #include stdio.h
rt #include openssl/des.h
rt
rt #include HubUtil.h
rt
rt int main() {
rt
rt char mKey[8];
rt mKey[0] = 0xb1;
rt mKey[1] = 0xa5;
rt mKey[2] = 0x38;
rt mKey[3] = 0x58;
rt mKey[4] = 0xb2;
rt mKey[5] = 0x60;
rt mKey[6] = 0xd7;
rt mKey[7] = 0x38;
rt
rt char myIV[8];
rt myIV[0] = 0x00;
rt myIV[1] = 0x00;
rt myIV[2] = 0x00;
rt myIV[3] = 0x00;
rt myIV[4] = 0x00;
rt myIV[5] = 0x00;
rt myIV[6] = 0x00;
rt myIV[7] = 0x00;
rt
rt DES_cblock cbKey;
rt DES_cblock cbIV;
rt DES_key_schedule kSchedule;
rt
rt char inS[] = Hello c++ World;
rt unsigned char input[19];
rt
rt int i;
rt for(i=0; istrlen(inS); i++) {
rt input[i] = (unsigned) inS[i];
rt }
rt
rt char inHex[39];
rt HubUtil::bytesToHex(input, inHex, 19);
rt
rt cout Input hex: inHex endl;
rt
rt unsigned char output[24];
rt
rt DES_string_to_key(mKey, cbKey);
rt DES_string_to_key(myIV, cbIV);
rt DES_set_key_unchecked(cbKey, kSchedule);
rt DES_ncbc_encrypt(input, output, 19, kSchedule, cbIV, 1);
rt
rt cout In : input endl;
rt
You need to do this here:
DES_string_to_key(myIV, cbIV);
rt unsigned char output2[19];
rt DES_ncbc_encrypt(output, output2, 24, kSchedule, cbIV, 0);
rt
rt char outHex[39];
rt HubUtil::bytesToHex(output2, outHex, 19);
rt
rt cout Decrypted hex: outHex endl;
rt
rt return 0;
You problem was that you didn't reinitialise the IV.
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #504] DES CBC Initial Vector Parameter Problem
In message [EMAIL PROTECTED] on Fri, 14 Feb 2003 21:18:45
+0100 (MET), via RT [EMAIL PROTECTED] said:
rt
rt Hi,
rt
rt I'm using the latest (0.9.7) Crypto lib to encrypt a string of clear
rt text, by using CBC mode with IV preset to 8 bytes of 0x00.
rt When the encrypted text was decrypted back to plain text, the first 8
rt bytes are bad text. I believe there are something to do with the IV
rt parameter, or I call the functions incorrectly. Please help!!
rt
rt Here are the source code and the output:
rt =
rt
rt #include iostream.h
rt #include stdio.h
rt #include openssl/des.h
rt
rt #include HubUtil.h
rt
rt int main() {
rt
rt char mKey[8];
rt mKey[0] = 0xb1;
rt mKey[1] = 0xa5;
rt mKey[2] = 0x38;
rt mKey[3] = 0x58;
rt mKey[4] = 0xb2;
rt mKey[5] = 0x60;
rt mKey[6] = 0xd7;
rt mKey[7] = 0x38;
rt
rt char myIV[8];
rt myIV[0] = 0x00;
rt myIV[1] = 0x00;
rt myIV[2] = 0x00;
rt myIV[3] = 0x00;
rt myIV[4] = 0x00;
rt myIV[5] = 0x00;
rt myIV[6] = 0x00;
rt myIV[7] = 0x00;
rt
rt DES_cblock cbKey;
rt DES_cblock cbIV;
rt DES_key_schedule kSchedule;
rt
rt char inS[] = Hello c++ World;
rt unsigned char input[19];
rt
rt int i;
rt for(i=0; istrlen(inS); i++) {
rt input[i] = (unsigned) inS[i];
rt }
rt
rt char inHex[39];
rt HubUtil::bytesToHex(input, inHex, 19);
rt
rt cout Input hex: inHex endl;
rt
rt unsigned char output[24];
rt
rt DES_string_to_key(mKey, cbKey);
rt DES_string_to_key(myIV, cbIV);
rt DES_set_key_unchecked(cbKey, kSchedule);
rt DES_ncbc_encrypt(input, output, 19, kSchedule, cbIV, 1);
rt
rt cout In : input endl;
rt
You need to do this here:
DES_string_to_key(myIV, cbIV);
rt unsigned char output2[19];
rt DES_ncbc_encrypt(output, output2, 24, kSchedule, cbIV, 0);
rt
rt char outHex[39];
rt HubUtil::bytesToHex(output2, outHex, 19);
rt
rt cout Decrypted hex: outHex endl;
rt
rt return 0;
You problem was that you didn't reinitialise the IV.
--
Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED]
Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
\ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED]
Member of the OpenSSL development team: http://www.openssl.org/
Unsolicited commercial email is subject to an archival fee of $400.
See http://www.stacken.kth.se/~levitte/mail/ for more info.
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
[openssl.org #504] DES CBC Initial Vector Parameter Problem
In other words, this is a user error. This ticket is now resolved.
[[EMAIL PROTECTED] - Sat Feb 15 01:53:26 2003]:
In message [EMAIL PROTECTED] on Fri, 14 Feb
2003 21:18:45 +0100 (MET), via RT [EMAIL PROTECTED] said:
rt
rt Hi,
rt
rt I'm using the latest (0.9.7) Crypto lib to encrypt a string of
clear
rt text, by using CBC mode with IV preset to 8 bytes of 0x00.
rt When the encrypted text was decrypted back to plain text, the
first 8
rt bytes are bad text. I believe there are something to do with the
IV
rt parameter, or I call the functions incorrectly. Please help!!
rt
rt Here are the source code and the output:
rt =
rt
rt #include iostream.h
rt #include stdio.h
rt #include openssl/des.h
rt
rt #include HubUtil.h
rt
rt int main() {
rt
rt char mKey[8];
rt mKey[0] = 0xb1;
rt mKey[1] = 0xa5;
rt mKey[2] = 0x38;
rt mKey[3] = 0x58;
rt mKey[4] = 0xb2;
rt mKey[5] = 0x60;
rt mKey[6] = 0xd7;
rt mKey[7] = 0x38;
rt
rt char myIV[8];
rt myIV[0] = 0x00;
rt myIV[1] = 0x00;
rt myIV[2] = 0x00;
rt myIV[3] = 0x00;
rt myIV[4] = 0x00;
rt myIV[5] = 0x00;
rt myIV[6] = 0x00;
rt myIV[7] = 0x00;
rt
rt DES_cblock cbKey;
rt DES_cblock cbIV;
rt DES_key_schedule kSchedule;
rt
rt char inS[] = Hello c++ World;
rt unsigned char input[19];
rt
rt int i;
rt for(i=0; istrlen(inS); i++) {
rt input[i] = (unsigned) inS[i];
rt }
rt
rt char inHex[39];
rt HubUtil::bytesToHex(input, inHex, 19);
rt
rt cout Input hex: inHex endl;
rt
rt unsigned char output[24];
rt
rt DES_string_to_key(mKey, cbKey);
rt DES_string_to_key(myIV, cbIV);
rt DES_set_key_unchecked(cbKey, kSchedule);
rt DES_ncbc_encrypt(input, output, 19, kSchedule, cbIV, 1);
rt
rt cout In : input endl;
rt
You need to do this here:
DES_string_to_key(myIV, cbIV);
rt unsigned char output2[19];
rt DES_ncbc_encrypt(output, output2, 24, kSchedule, cbIV, 0);
rt
rt char outHex[39];
rt HubUtil::bytesToHex(output2, outHex, 19);
rt
rt cout Decrypted hex: outHex endl;
rt
rt return 0;
You problem was that you didn't reinitialise the IV.
--
Richard Levitte
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
IMPORTANT: please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz
Please test snapshot openssl-0.9.7-stable-SNAP-20030214.tar.gz (or later), which will be available today around 8 p.m. GMT at URL: ftp://ftp.openssl.org/snapshot;type=d . We plan to release version 0.9.7a soon (next week if all goes well). OpenSSL 0.9.7a will be a bugfix release based on 0.9.7; thus there will be no beta releases. The snapshot should solve most problems that have been reported to [EMAIL PROTECTED]; please test it to help us avoid unforeseen problems with the new release. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
