,
and in openSSL, BN_num_bytes returns 0 in this case (it's deduced from
BN_num_bits).
Cheers,
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Gabriel Maganis wrote:
Hello,
I am new to openssl and I have tried to use the bignumber library
like below,
--
unsigned char* hex
://go.microsoft.com/fwlink/?linkid=65127 .
A more complete description on the deployment requirements and methods
for application built by VS2005 can be found here:
http://msdn2.microsoft.com/en-us/library/ms235291(VS.80).aspx .
I hope this helps.
Cheers,
Mounir IDRASSI
IDRIX - Cryptography and IT Security Experts
Hi,
This is due to the fact that the integers are stored as unsigned. So,
when the MSB of a computed value is set, the encoding adds an extra
0x00 to its ASN.1 representation.
This is normal and it explains what you are experiencing.
Cheers,
Mounir IDRASSI
IDRIX - Cryptography And IT Security
is roughly the size of the RSA public key.
Mounir IDRASSI
IDRIX - Cryptography And IT Security Experts
http://www.idrix.fr
robert2007 a écrit :
Hello,
I am working with OpenSSL and am interested in why my private key is three
time the size of my public key when using 1024 bit RSA?
Thanks
implementation of KDF and still use OpenSSL ECDH functions without any
problem.
Regards,
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Mark Shnaider a écrit :
Hello,
If I understand correctly, regarding X9.63 standard (5.6.3) derive
key (in case KDF_SHA1) must be computed as
SHA1
Hi,
You should not touch the file sha1-586.pl because the problem is located
in the file x86ms.pl that is dedicated to MASM. In this file, the line 273
containing $extra should be removed to be able to compile the generated
assembly files.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Hi,
This error has been already reported and I indicated how to solve it : in
the file x86ms.pl, the line 273 containing $extra should be removed.
Please refer to the following link :
http://www.mail-archive.com/openssl-dev@openssl.org/msg24059.html
Cheers,
--
Mounir IDRASSI
IDRIX
http
, CKA_NEVER_EXTRACTABLE and
CKA_ALWAYS_SENSITIVE.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
venkat naidu wrote:
hi
all,
i have a query related to PKCS11
can we export the private key retrieved from PKCS11 ? ( here we are
storing the private key using the PKCS11 functionalities )
if so how can
and there are
implementations of PKCS#11 dlls based on OpenSSL (look at OpenCryptoki).
I hope this helps,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Rustam Rakhimov wrote:
Hi everybody
Can I create CryptoProvider based on openssl, if somebody have some Idea
about it please let me know ?
Rustam
/ty6kQ== sample-openssh-key
I hope this will help,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Shahin Khorasani wrote:
Hi,
You can download simple utility to transform PKCS#1 RSA public key to
opnessh public key format from here:
http://www.parssign.com/openssh_pk_linux.tar.gz
It is free
with no problem. Tell me if it's not the
case.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Shahin Khorasani wrote :
Sorry, the source code is not available. but you can write a customized
application (Mounir explained the format properly)
- Shahin Khorasani
Kyle Hamilton wrote:
Can the source
Hi,
These are link errors. You certainly forgot to add -lcrypto to the gcc
link command line (gcc -o pubkey2ssh pubkey2ssh.c -lcrypto) .
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Dhiva wrote:
Thanks for the sample code.
I am getting the following errors.
_BIO_f_base64
environment: this file resides under VCInstallDir\VC\bin\amd64.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Bernhard Marschall wrote:
Hi,
Sorry to ask again, but I only found the question in the mailing list
archive but no answer.
I tried to build OpenSSL 0.9.8k on 64-bit Windows
environment: this file resides under
VCInstallDir\VC\bin\amd64.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Bernhard Marschall wrote:
Hi,
Sorry to ask again, but I only found the question in the mailing list
archive but no answer.
I tried to build OpenSSL 0.9.8k on 64-bit Windows
with a
bigger field (like ||secp256k1 or ||secp384r1) or truncate the digest
value to be lesser than or equal to 14 bytes (equivalent to 112 bits)
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
|
Kirk81 wrote:
Actually I'm looking for the EVP interface and I found out that 'The EVP
interface should
RAND_poll.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Kirk81 wrote:
Hello,
I'm trying to benchmark the ECDSA with a 160 prime key and the SHA-1
function: I pass a string of characters to the SHA-1 and then I pass the
digest to the ECDSA_do_sign and the ECDSA_so_verify function
against OpenSSL
09.8k on the following link : http://www.idrix.fr/test/ecdsatest.zip
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Kirk81 wrote:
Hello,
I put the two lines but it doesn't work , at all: in fact, it works worth!
:-/
Have u tried to do it before suggest it to me? What result
for an experienced OpenSSL developer to come up with a
clean library subset.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Kirk81 wrote:
yep, thanks!!
you were right! I had a shock about the performance: I didn't aspect it soo
fast!! That was my doubt.
Here my MSVC 2008 build binary against 'openssl
:
From this point, we have to push for a decision from the OpenSSL team
about the digest truncation and its implementation in ecdsa_do_sign
which seems necessary to have a fully compliant ECDSA implementation.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Michael Smith via RT wrote
Hi,
The problem comes certainly from the line calling SHA_Update : you are
always hashing DATA_SIZE_IN_BYTES byte of data but the command line
tool hashes only the exact length of the file. You should replace
DATA_SIZE_IN_BYTES with strlen(data) .
Cheers,
Mounir IDRASSI
IDRIX
http
Hi,
If you are not using an engine, then pseudorand is implemented in
md_rand.c : function ssleay_rand_pseudo_bytes (line 524).
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 2/17/2010 8:10 PM, Thomas Anderson wrote:
According tohttp://www.openssl.org/docs/crypto/RAND_bytes.html
27) and for SEED
it's 0x1000 (bit number 28).
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 2/22/2010 12:14 PM, Gregory BELLIER wrote:
Hello.
I'm studying some parts of the OpenSSL code and I now have a question.
In ssl/ssl_locl.h, I'm wandering if the #define SSL_ENC_MASK
The bit flag for a new algorithm would logically be 0x2000 and the
next 0x4000. Thus, the value of the mask would be 0x3C3F8000L and
0x7C3F8000L respectively.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 2/22/2010 2:29 PM, Gregory BELLIER wrote:
Thanks Mounir but you didn't
Steve has checked-in today a fix to this issue in CVS :
http://cvs.openssl.org/chngview?cn=19520 and
http://cvs.openssl.org/chngview?cn=19521
You can grab the source from CVS or wait for tomorrow's snapshot.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 4/6/2010 3:47 PM, Mark Aldred
Hi,
I'm attaching a simple patch that should correct this behavior.
Can you test it and tell us the results?
Thanks,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Dear openssl support,
I investigated the following web servers.
But all of them failed with the same error.
1) apache-tomcat
the correct
prototype.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 7/28/2010 3:02 PM, John Skodon via RT wrote:
Hi guys:
I'm probably wrong here, but it looks like you've changed some function prototypes, e.g., aes.h, in
version 1.0.0a to size_t from unsigned long in 0.9.8o.
E.g
different major versions is recommended. And I will add
that in many cases, recompiling is mandatory.
I hope this clarifies things.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 7/29/2010 12:19 AM, John Skodon wrote:
Hi:
Thanks for the quick reply.
You mentioned ...not meant
Hi,
I checked the parameters of your 4008 bits key and it is indeed invalid
(q is not prime).
How did you generate it? It would be surprising if it was done through
OpenSSL.
Anyway, you must generate a new RSA key.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 8/7/2010 1:21 PM, Georgi
is called a second time on line 1650.
I'm attaching a patch against the latest source that corrects this. I'll
also send to RT.
Thanks for the report.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 8/8/2010 3:04 PM, Georgi Guninski wrote:
i was pointing out this:
~/local/bin/openssl s_client
tests, I use the one
installed by the snapshot build.
Is anyone else able to reproduce this problem?
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 8/8/2010 9:40 PM, Hanno Boeck via RT wrote:
It seems that openssl has a problem with pss certificates and uncommon rsa key
sizes. For all keysizes
key was generated by
a python wrapper, certainly a wrapper of OpenSSL, but in a previous
message you are saying that you generated the key yourself (pen and
paper). Which statement is correct? Maybe your wrapper wraps something
else...
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 8/28/2010 10:43 PM, Goran Rakic wrote:
Hi all,
I have two X.509 certificates MUPCAGradjani.crt and MUPCARoot.crt
downloaded from http://ca.mup.gov.rs/sertifikati-lat.html
Certificate path is MUPCARoot MUPCAGradjani and I would like to
validate
. Concerning the specific issue here, it's clear
that OpenSSL is too restrictive compared to other major libraries since
this is a minor deviation from the BER specs (i.e. minimal bytes
representation) and thus hurts deployments of real-world certificates.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
the function
RSA_blinding_off. On the other hand, CRT output verification
counter-measure can't be deactivated.
I hope this clarifies the behavior you have encountered.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 8/29/2010 10:51 AM, Georgi Guninski wrote:
inconsistent timings for rsa
slower that the signing operation of key1 and it should cost 4 x 5
min = 20 min which is very close to the 21 min you actually obtained.
Does this answer your question?
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 8/30/2010 12:20 PM, Georgi Guninski wrote:
On Mon, Aug 30, 2010 at 06:10:23AM
Hi,
The very simple patch I submitted to RT, for the issue CVE-2010-2939, on
August 8th under reference #2314 has not been applied yet.
Is there any reason for that? I hope it was not lost in translation...
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
of
ssl3_send_server_key_exchange in this snapshot. I'll see if it has been
already corrected, otherwise I'll send a patch for it.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 08/10/2010 18:55, Paul Suhler wrote:
Hi, everyone.
[I'm re-sending this to the developers list.]
I've found
,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 10/10/2010 6:28 AM, Paul Suhler wrote:
Hi, Mounir.
In the server, I use TLSv1_1_server_method, resulting in s-version ==
0x0302 (TLS 1.1). In the client, I use TLSv1_client_method to get TLS
1.0. When the server sees s-client_version == 0x0301
Hi Paul,
I'm glad to see that my post helped you even if it was not completely
correct.
I answered too quickly and I wrongly extrapolated the
SSLv23_server_method behavior to the others.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 10/13/2010 8:10 PM, Paul Suhler wrote:
Hi
,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager
Hi,
NIST's FIPS PUB 186-3 defines curve P-521 (take from NSA Suite B). Take
a look at :
http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf .
You are certainly confusing it with Brainpool ECC curve P-512.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 2/2/2011 1:40 AM
the vulnerability details
: http://eprint.iacr.org/2011/232.pdf
The patch suggested by the paper seems simple enough. It can be enhanced
by adding a random multiple of the order to the scalar k. Is there any
objection for getting this merged into OpenSSL source?
Cheers,
--
Mounir IDRASSI
are linked to OpenSSL implementation.
As I stated in my first email, the paper comes with a temporary patch
that should mitigate this issue. Is there any one working on this? I
think it should be taken seriously even if ECDSA based ciphers are not
widely used.
Cheers,
--
Mounir IDRASSI
IDRIX
http
Hi ,
I agree with Bruce: we should default to a constant time behavior so
definitely the code must use #ifndef instead of #ifdef since the patch
makes the scalar a fixed bit length value.
I think the paper authors got confused when they wrote the code.
Cheers,
--
Mounir IDRASSI
IDRIX
http
of DER encoding is very clear. Even Microsoft
implementation of Crypto API and CNG adheres to this. So, as he pointed
it out, there must be another explanation for the .NET error you are
encountering.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 4/2/2012 3:28 PM, Tamir Khason via RT
Hi,
You should not touch the file sha1-586.pl because the problem is located
in the file x86ms.pl that is dedicated to MASM. In this file, the line 273
containing $extra should be removed to be able to compile the generated
assembly files.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Hi,
This is a patch against openssl-1.0.0-stable-SNAP-20091129 which
corrects the way the error code returned by ECDSA_sign is handled in the
function pkey_ec_sign.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
--- H:/Dev/libraries/openssl-1.0.0-stable-SNAP-20091129/crypto/ec
Hi,
I'm attaching a simple patch that should correct this behavior.
Can you test it and tell us the results?
Thanks,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
Dear openssl support,
I investigated the following web servers.
But all of them failed with the same error.
1) apache-tomcat
Hi,
I have on purpose only added /Zi to the debug build because it is not
always desirable to add symboles to release builds whereas it is always
needed for debug ones.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 4/26/2010 11:58 PM, William A. Rowe Jr. wrote:
On 4/26/2010 1:18 PM, Mounir
the correct
prototype.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 7/28/2010 3:02 PM, John Skodon via RT wrote:
Hi guys:
I'm probably wrong here, but it looks like you've changed some function
prototypes, e.g., aes.h, in version 1.0.0a to size_t from unsigned long
in 0.9.8o
Hi,
This patch corrects a double free bug in ssl3_get_key_exchange
(s3_clnt.c) when an error happens during the connection to a server.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
--- E:/dev/libraries/openssl-1.0.latest/ssl/s3_clnt.c.original Sun Feb 28
01:24:24 2010
+++ E:/dev
with
ServerHello message whereas it is not sent when SSLv23_server_method is
used.
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 10/1/2010 12:59 AM, Steven Noonan via RT wrote:
Hi Mounir,
The patch you attached to PR 2240 works perfectly here. Was having
difficulty connecting to an OpenFire Jabber
Hi,
This patch against the latest 1.0.1 stable snapshot corrects a double
free bug in function ssl3_send_server_key_exchange (s3_srvr.c) that
occurs when an ECDHE cipher is used, leading to a crash.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
--- C:/Dev/libraries/openssl-1.0.1
53 matches
Mail list logo