Re: Possibly a bug

2007-03-22 Thread Mounir IDRASSI
, and in openSSL, BN_num_bytes returns 0 in this case (it's deduced from BN_num_bits). Cheers, Mounir IDRASSI IDRIX http://www.idrix.fr Gabriel Maganis wrote: Hello, I am new to openssl and I have tried to use the bignumber library like below, -- unsigned char* hex

Re: Visual Studio 2005 and openssl question

2007-06-01 Thread Mounir IDRASSI
://go.microsoft.com/fwlink/?linkid=65127 . A more complete description on the deployment requirements and methods for application built by VS2005 can be found here: http://msdn2.microsoft.com/en-us/library/ms235291(VS.80).aspx . I hope this helps. Cheers, Mounir IDRASSI IDRIX - Cryptography and IT Security Experts

Re: [openssl.org #1650] signature length in ECDSA

2008-03-07 Thread Mounir IDRASSI
Hi, This is due to the fact that the integers are stored as unsigned. So, when the MSB of a computed value is set, the encoding adds an extra 0x00 to its ASN.1 representation. This is normal and it explains what you are experiencing. Cheers, Mounir IDRASSI IDRIX - Cryptography And IT Security

Re: Private Key Larger then Public Key

2008-03-25 Thread Mounir IDRASSI
is roughly the size of the RSA public key. Mounir IDRASSI IDRIX - Cryptography And IT Security Experts http://www.idrix.fr robert2007 a écrit : Hello, I am working with OpenSSL and am interested in why my private key is three time the size of my public key when using 1024 bit RSA? Thanks

Re: Question about ECDH_compute_key and X9.63 standard

2008-05-28 Thread Mounir IDRASSI
implementation of KDF and still use OpenSSL ECDH functions without any problem. Regards, Mounir IDRASSI IDRIX http://www.idrix.fr Mark Shnaider a écrit : Hello, If I understand correctly, regarding X9.63 standard (5.6.3) derive key (in case KDF_SHA1) must be computed as SHA1

Re: [openssl.org #1681] 0.9.8h bug report

2008-05-29 Thread Mounir IDRASSI
Hi, You should not touch the file sha1-586.pl because the problem is located in the file x86ms.pl that is dedicated to MASM. In this file, the line 273 containing $extra should be removed to be able to compile the generated assembly files. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr

Re: syntax error in generated asm for sha1 (0.9.8h)

2008-06-25 Thread Mounir IDRASSI
Hi, This error has been already reported and I indicated how to solve it : in the file x86ms.pl, the line 273 containing $extra should be removed. Please refer to the following link : http://www.mail-archive.com/openssl-dev@openssl.org/msg24059.html Cheers, -- Mounir IDRASSI IDRIX http

Re: PKCS11 private key

2008-12-04 Thread Mounir IDRASSI
, CKA_NEVER_EXTRACTABLE and CKA_ALWAYS_SENSITIVE. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr venkat naidu wrote: hi all, i have a query related to PKCS11 can we export the private key retrieved from PKCS11 ? ( here we are storing the private key using the PKCS11 functionalities ) if so how can

Re: Can I create cryptoprovider based on openssl ?

2008-12-18 Thread Mounir IDRASSI
and there are implementations of PKCS#11 dlls based on OpenSSL (look at OpenCryptoki). I hope this helps, -- Mounir IDRASSI IDRIX http://www.idrix.fr Rustam Rakhimov wrote: Hi everybody Can I create CryptoProvider based on openssl, if somebody have some Idea about it please let me know ? Rustam

Re: pubkey format

2008-12-20 Thread Mounir IDRASSI
/ty6kQ== sample-openssh-key I hope this will help, -- Mounir IDRASSI IDRIX http://www.idrix.fr Shahin Khorasani wrote: Hi, You can download simple utility to transform PKCS#1 RSA public key to opnessh public key format from here: http://www.parssign.com/openssh_pk_linux.tar.gz It is free

Re: pubkey format

2008-12-21 Thread Mounir IDRASSI
with no problem. Tell me if it's not the case. -- Mounir IDRASSI IDRIX http://www.idrix.fr Shahin Khorasani wrote : Sorry, the source code is not available. but you can write a customized application (Mounir explained the format properly) - Shahin Khorasani Kyle Hamilton wrote: Can the source

Re: pubkey format

2009-01-09 Thread Mounir IDRASSI
Hi, These are link errors. You certainly forgot to add -lcrypto to the gcc link command line (gcc -o pubkey2ssh pubkey2ssh.c -lcrypto) . Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr Dhiva wrote: Thanks for the sample code. I am getting the following errors. _BIO_f_base64

Re: Building OpenSSL 0.9.8k on Win64A

2009-08-19 Thread Mounir IDRASSI
environment: this file resides under VCInstallDir\VC\bin\amd64. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr Bernhard Marschall wrote: Hi, Sorry to ask again, but I only found the question in the mailing list archive but no answer. I tried to build OpenSSL 0.9.8k on 64-bit Windows

Re: Building OpenSSL 0.9.8k on Win64A

2009-08-19 Thread Mounir IDRASSI
environment: this file resides under VCInstallDir\VC\bin\amd64. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr Bernhard Marschall wrote: Hi, Sorry to ask again, but I only found the question in the mailing list archive but no answer. I tried to build OpenSSL 0.9.8k on 64-bit Windows

Re: Bug in ECDSA_do_sign?

2009-10-12 Thread Mounir IDRASSI
with a bigger field (like ||secp256k1 or ||secp384r1) or truncate the digest value to be lesser than or equal to 14 bytes (equivalent to 112 bits) Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr | Kirk81 wrote: Actually I'm looking for the EVP interface and I found out that 'The EVP interface should

Re: ECDSA_do_verify()

2009-10-27 Thread Mounir IDRASSI
RAND_poll. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr Kirk81 wrote: Hello, I'm trying to benchmark the ECDSA with a 160 prime key and the SHA-1 function: I pass a string of characters to the SHA-1 and then I pass the digest to the ECDSA_do_sign and the ECDSA_so_verify function

Re: ECDSA_do_verify()

2009-10-27 Thread Mounir IDRASSI
against OpenSSL 09.8k on the following link : http://www.idrix.fr/test/ecdsatest.zip Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr Kirk81 wrote: Hello, I put the two lines but it doesn't work , at all: in fact, it works worth! :-/ Have u tried to do it before suggest it to me? What result

Re: ECDSA_do_verify()

2009-10-28 Thread Mounir IDRASSI
for an experienced OpenSSL developer to come up with a clean library subset. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr Kirk81 wrote: yep, thanks!! you were right! I had a shock about the performance: I didn't aspect it soo fast!! That was my doubt. Here my MSVC 2008 build binary against 'openssl

Re: [openssl.org #2117] Bug submission: ECDSA with Curves Below 128-Level

2009-11-29 Thread Mounir IDRASSI
: From this point, we have to push for a decision from the OpenSSL team about the digest truncation and its implementation in ecdsa_do_sign which seems necessary to have a fully compliant ECDSA implementation. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr Michael Smith via RT wrote

Re: Sha1 hash differs

2006-08-01 Thread Mounir IDRASSI
Hi, The problem comes certainly from the line calling SHA_Update : you are always hashing DATA_SIZE_IN_BYTES byte of data but the command line tool hashes only the exact length of the file. You should replace DATA_SIZE_IN_BYTES with strlen(data) . Cheers, Mounir IDRASSI IDRIX http

Re: when does RAND_pseudo_bytes() return 0?

2010-02-17 Thread Mounir IDRASSI
Hi, If you are not using an engine, then pseudorand is implemented in md_rand.c : function ssleay_rand_pseudo_bytes (line 524). Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 2/17/2010 8:10 PM, Thomas Anderson wrote: According tohttp://www.openssl.org/docs/crypto/RAND_bytes.html

Re: SSL_ENC_MASK since SEED

2010-02-22 Thread Mounir IDRASSI
27) and for SEED it's 0x1000 (bit number 28). Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 2/22/2010 12:14 PM, Gregory BELLIER wrote: Hello. I'm studying some parts of the OpenSSL code and I now have a question. In ssl/ssl_locl.h, I'm wandering if the #define SSL_ENC_MASK

Re: SSL_ENC_MASK since SEED

2010-02-22 Thread Mounir IDRASSI
The bit flag for a new algorithm would logically be 0x2000 and the next 0x4000. Thus, the value of the mask would be 0x3C3F8000L and 0x7C3F8000L respectively. -- Mounir IDRASSI IDRIX http://www.idrix.fr On 2/22/2010 2:29 PM, Gregory BELLIER wrote: Thanks Mounir but you didn't

Re: [openssl.org #2220] Resolved: BUG REPORT - 1.0.0 won't compile with no-rc4 option

2010-04-06 Thread Mounir IDRASSI
Steve has checked-in today a fix to this issue in CVS : http://cvs.openssl.org/chngview?cn=19520 and http://cvs.openssl.org/chngview?cn=19521 You can grab the source from CVS or wait for tomorrow's snapshot. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 4/6/2010 3:47 PM, Mark Aldred

Re: [openssl.org #2240] Missing Supported Point Formats Extension in ServerHello should be ignored

2010-04-24 Thread Mounir IDRASSI
Hi, I'm attaching a simple patch that should correct this behavior. Can you test it and tell us the results? Thanks, -- Mounir IDRASSI IDRIX http://www.idrix.fr Dear openssl support, I investigated the following web servers. But all of them failed with the same error. 1) apache-tomcat

Re: [openssl.org #2312] Function protos in 1.0.0a: unsigned long changed to size_t not so good for amd/x64, Itanium

2010-07-28 Thread Mounir IDRASSI
the correct prototype. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 7/28/2010 3:02 PM, John Skodon via RT wrote: Hi guys: I'm probably wrong here, but it looks like you've changed some function prototypes, e.g., aes.h, in version 1.0.0a to size_t from unsigned long in 0.9.8o. E.g

Re: [openssl.org #2312] Function protos in 1.0.0a: unsigned long changed to size_t not so good for amd/x64, Itanium

2010-07-28 Thread Mounir IDRASSI
different major versions is recommended. And I will add that in many cases, recompiling is mandatory. I hope this clarifies things. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 7/29/2010 12:19 AM, John Skodon wrote: Hi: Thanks for the quick reply. You mentioned ...not meant

Re: openssl-1.0.0a and glibc detected sthg ;)

2010-08-07 Thread Mounir IDRASSI
Hi, I checked the parameters of your 4008 bits key and it is indeed invalid (q is not prime). How did you generate it? It would be surprising if it was done through OpenSSL. Anyway, you must generate a new RSA key. -- Mounir IDRASSI IDRIX http://www.idrix.fr On 8/7/2010 1:21 PM, Georgi

Re: openssl-1.0.0a and glibc detected sthg ;)

2010-08-08 Thread Mounir IDRASSI
is called a second time on line 1650. I'm attaching a patch against the latest source that corrects this. I'll also send to RT. Thanks for the report. -- Mounir IDRASSI IDRIX http://www.idrix.fr On 8/8/2010 3:04 PM, Georgi Guninski wrote: i was pointing out this: ~/local/bin/openssl s_client

Re: [openssl.org #2315] PSS certificates with keysize n*8+1 don't validate

2010-08-08 Thread Mounir IDRASSI
tests, I use the one installed by the snapshot build. Is anyone else able to reproduce this problem? -- Mounir IDRASSI IDRIX http://www.idrix.fr On 8/8/2010 9:40 PM, Hanno Boeck via RT wrote: It seems that openssl has a problem with pss certificates and uncommon rsa key sizes. For all keysizes

Re: openssl-1.0.0a and glibc detected sthg ;)

2010-08-09 Thread Mounir IDRASSI
key was generated by a python wrapper, certainly a wrapper of OpenSSL, but in a previous message you are saying that you generated the key yourself (pen and paper). Which statement is correct? Maybe your wrapper wraps something else... Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr

Re: openssl-1.0.0a and glibc detected sthg ;)

2010-08-09 Thread Mounir IDRASSI
: for public key algorithms like RSA and DSA, it uses LibTomCrypt internally in order to implement the algorithms by hand. So, there must be a bug in their code. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 8/9/2010 11:26 AM, Georgi Guninski wrote: hi, On Mon, Aug 09, 2010 at 10:36:03AM

Re: Verify X.509 certificate, openssl verify returns bad signature

2010-08-28 Thread Mounir IDRASSI
, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 8/28/2010 10:43 PM, Goran Rakic wrote: Hi all, I have two X.509 certificates MUPCAGradjani.crt and MUPCARoot.crt downloaded from http://ca.mup.gov.rs/sertifikati-lat.html Certificate path is MUPCARoot MUPCAGradjani and I would like to validate

Re: Verify X.509 certificate, openssl verify returns bad signature

2010-08-29 Thread Mounir IDRASSI
. Concerning the specific issue here, it's clear that OpenSSL is too restrictive compared to other major libraries since this is a minor deviation from the BER specs (i.e. minimal bytes representation) and thus hurts deployments of real-world certificates. -- Mounir IDRASSI IDRIX http://www.idrix.fr

Re: inconsistent timings for rsa sign/verify with 100K bit rsa keys

2010-08-29 Thread Mounir IDRASSI
the function RSA_blinding_off. On the other hand, CRT output verification counter-measure can't be deactivated. I hope this clarifies the behavior you have encountered. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 8/29/2010 10:51 AM, Georgi Guninski wrote: inconsistent timings for rsa

Re: inconsistent timings for rsa sign/verify with 100K bit rsa keys

2010-08-30 Thread Mounir IDRASSI
slower that the signing operation of key1 and it should cost 4 x 5 min = 20 min which is very close to the 21 min you actually obtained. Does this answer your question? -- Mounir IDRASSI IDRIX http://www.idrix.fr On 8/30/2010 12:20 PM, Georgi Guninski wrote: On Mon, Aug 30, 2010 at 06:10:23AM

CVE-2010-2939

2010-09-03 Thread Mounir IDRASSI
Hi, The very simple patch I submitted to RT, for the issue CVE-2010-2939, on August 8th under reference #2314 has not been applied yet. Is there any reason for that? I hope it was not lost in translation... Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr

Re: TLS 1.1 / 1.0 Interoperation

2010-10-09 Thread Mounir IDRASSI
of ssl3_send_server_key_exchange in this snapshot. I'll see if it has been already corrected, otherwise I'll send a patch for it. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 08/10/2010 18:55, Paul Suhler wrote: Hi, everyone. [I'm re-sending this to the developers list.] I've found

Re: TLS 1.1 / 1.0 Interoperation

2010-10-10 Thread Mounir IDRASSI
, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 10/10/2010 6:28 AM, Paul Suhler wrote: Hi, Mounir. In the server, I use TLSv1_1_server_method, resulting in s-version == 0x0302 (TLS 1.1). In the client, I use TLSv1_client_method to get TLS 1.0. When the server sees s-client_version == 0x0301

Re: TLS 1.1 / 1.0 Interoperation

2010-10-13 Thread Mounir IDRASSI
Hi Paul, I'm glad to see that my post helped you even if it was not completely correct. I answered too quickly and I wrongly extrapolated the SSLv23_server_method behavior to the others. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 10/13/2010 8:10 PM, Paul Suhler wrote: Hi

Concerning [openssl.org #2240] and kEECDH handshake failures

2010-11-25 Thread Mounir IDRASSI
, -- Mounir IDRASSI IDRIX http://www.idrix.fr __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager

Re: BN_NIST_521 or BN_NIST_512 ?

2011-02-01 Thread Mounir IDRASSI
Hi, NIST's FIPS PUB 186-3 defines curve P-521 (take from NSA Suite B). Take a look at : http://csrc.nist.gov/publications/fips/fips186-3/fips_186-3.pdf . You are certainly confusing it with Brainpool ECC curve P-512. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 2/2/2011 1:40 AM

New Timing Attack on OpenSSL ECDSA

2011-05-25 Thread Mounir IDRASSI
the vulnerability details : http://eprint.iacr.org/2011/232.pdf The patch suggested by the paper seems simple enough. It can be enhanced by adding a random multiple of the order to the scalar k. Is there any objection for getting this merged into OpenSSL source? Cheers, -- Mounir IDRASSI

Re: New Timing Attack on OpenSSL ECDSA

2011-05-25 Thread Mounir IDRASSI
are linked to OpenSSL implementation. As I stated in my first email, the paper comes with a temporary patch that should mitigate this issue. Is there any one working on this? I think it should be taken seriously even if ECDSA based ciphers are not widely used. Cheers, -- Mounir IDRASSI IDRIX http

Re: [CVS] OpenSSL: openssl/ CHANGES openssl/crypto/ecdsa/ ecs_ossl.c

2011-05-27 Thread Mounir IDRASSI
Hi , I agree with Bruce: we should default to a constant time behavior so definitely the code must use #ifndef instead of #ifdef since the patch makes the scalar a fixed bit length value. I think the paper authors got confused when they wrote the code. Cheers, -- Mounir IDRASSI IDRIX http

Re: [openssl-dev] [openssl.org #2782] BUG report: RSA private key serializer

2012-04-02 Thread Mounir IDRASSI
of DER encoding is very clear. Even Microsoft implementation of Crypto API and CNG adheres to this. So, as he pointed it out, there must be another explanation for the .NET error you are encountering. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 4/2/2012 3:28 PM, Tamir Khason via RT

Re: [openssl.org #1681] 0.9.8h bug report

2008-05-29 Thread Mounir IDRASSI via RT
Hi, You should not touch the file sha1-586.pl because the problem is located in the file x86ms.pl that is dedicated to MASM. In this file, the line 273 containing $extra should be removed to be able to compile the generated assembly files. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr

[openssl.org #2118] [PATCH] handle ECDSA_sign error correctly in pkey_ec_sign (the correct one)

2009-11-30 Thread Mounir IDRASSI via RT
Hi, This is a patch against openssl-1.0.0-stable-SNAP-20091129 which corrects the way the error code returned by ECDSA_sign is handled in the function pkey_ec_sign. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr --- H:/Dev/libraries/openssl-1.0.0-stable-SNAP-20091129/crypto/ec

Re: [openssl.org #2240] Missing Supported Point Formats Extension in ServerHello should be ignored

2010-04-24 Thread Mounir IDRASSI via RT
Hi, I'm attaching a simple patch that should correct this behavior. Can you test it and tell us the results? Thanks, -- Mounir IDRASSI IDRIX http://www.idrix.fr Dear openssl support, I investigated the following web servers. But all of them failed with the same error. 1) apache-tomcat

Re: [openssl.org #2245] [PATCH] Add /Zi to VC++ CFLAG in debug configuration (1.0.0 and 0.9.8)

2010-04-27 Thread Mounir IDRASSI via RT
Hi, I have on purpose only added /Zi to the debug build because it is not always desirable to add symboles to release builds whereas it is always needed for debug ones. -- Mounir IDRASSI IDRIX http://www.idrix.fr On 4/26/2010 11:58 PM, William A. Rowe Jr. wrote: On 4/26/2010 1:18 PM, Mounir

Re: [openssl.org #2312] Function protos in 1.0.0a: unsigned long changed to size_t not so good for amd/x64, Itanium

2010-07-28 Thread Mounir IDRASSI via RT
the correct prototype. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 7/28/2010 3:02 PM, John Skodon via RT wrote: Hi guys: I'm probably wrong here, but it looks like you've changed some function prototypes, e.g., aes.h, in version 1.0.0a to size_t from unsigned long in 0.9.8o

[openssl.org #2314] [PATCH] fix double free in ssl3_get_key_exchange in case of error

2010-08-08 Thread Mounir IDRASSI via RT
Hi, This patch corrects a double free bug in ssl3_get_key_exchange (s3_clnt.c) when an error happens during the connection to a server. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr --- E:/dev/libraries/openssl-1.0.latest/ssl/s3_clnt.c.original Sun Feb 28 01:24:24 2010 +++ E:/dev

Re: [openssl.org #2240] Missing Supported Point Formats Extension in ServerHello should be ignored

2010-10-01 Thread Mounir IDRASSI via RT
with ServerHello message whereas it is not sent when SSLv23_server_method is used. -- Mounir IDRASSI IDRIX http://www.idrix.fr On 10/1/2010 12:59 AM, Steven Noonan via RT wrote: Hi Mounir, The patch you attached to PR 2240 works perfectly here. Was having difficulty connecting to an OpenFire Jabber

[openssl.org #2358] [PATCH] Correct a double free bug in ssl3_send_server_key_exchange

2010-10-10 Thread Mounir IDRASSI via RT
Hi, This patch against the latest 1.0.1 stable snapshot corrects a double free bug in function ssl3_send_server_key_exchange (s3_srvr.c) that occurs when an ECDHE cipher is used, leading to a crash. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr --- C:/Dev/libraries/openssl-1.0.1