Re: DH_generate_key

2020-12-10 Thread Matt Caswell
rs-requ...@openssl.org> > > You can reach the person managing the list at > openssl-users-ow...@openssl.org <mailto:openssl-users-ow...@openssl.org> > > When replying, please edit your Subject line so it is more specific > than "Re: Contents of openssl-users d

Re: DH_generate_key

2020-12-10 Thread Narayana, Sunil Kumar
.org> You can reach the person managing the list at openssl-users-ow...@openssl.org<mailto:openssl-users-ow...@openssl.org> When replying, please edit your Subject line so it is more specific than "Re: Contents of openssl-users digest..." Today's Topics: 1. Re: DH_generate

Re: DH_generate_key

2020-12-10 Thread Matt Caswell
On 09/12/2020 15:31, Matt Caswell wrote: >> our application creates a new DH and using DH_generate_key() > > How do you set up the DH parameters? Do you load them from a file or > generate them in your application? Or some other way? Will it break your > application if you swap to using differe

Re: DH_generate_key

2020-12-09 Thread Matt Caswell
On 08/12/2020 17:43, Narayana, Sunil Kumar wrote: > Dear openssl team, > >   > >     While migrating from 1.0.2 to 3.0,  we found that > DH_generate_key() has be deprecated. And as per the man page, it is > advised to use EVP_PKEY_derive_init >

RE: DH_generate_key (Sands, Daniel)

2020-12-09 Thread Narayana, Sunil Kumar
to decrypt TLS session from PCAP files (Matt Caswell) 2. Re: Use OpenSSL to decrypt TLS session from PCAP files (John Baldwin) 3. DH_generate_key (Narayana, Sunil Kumar) 4. RE: DH_generate_key (Sands, Daniel) -- Message: 1 Date:

RE: DH_generate_key

2020-12-08 Thread Sands, Daniel via openssl-users
Dear openssl team, While migrating from 1.0.2 to 3.0, we found that DH_generate_key() has be deprecated. And as per the man page, it is advised to use EVP_PKEY_derive_init & EVP_PKEY_derive

Re: DH_generate_key() segmentation fault

2014-01-24 Thread khan wahid
Oh! what a miss!! Signs of excessive pressure!!! When I divide the program in multiple files, I create one of the functions like this- char *dh_sender_pub(DH *dhPar) {     char *pubinHex=NULL;     DH_generate_key(dhPar);     pubinHex=BN_bn2hex(dhPar->pub_key);     return pubinHex; }  And I was

RE: DH_generate_key() segmentation fault

2014-01-24 Thread Salz, Rich
Ø These built-in functions do not return the size of the binary data, so how can I get the length of the binary data? BN_num_bytes() which you already used in your initial posting? -- Principal Security Engineer Akamai Technology Cambridge, MA

Re: DH_generate_key() segmentation fault

2014-01-24 Thread khan wahid
These built-in functions do not return the size of the binary data, so how can I get the length of the binary data? I need the length in some other parts of my program. Do I need to convert them to Hex everytime to get the length? Or is there any direct method to get the length? I want to use di

RE: DH_generate_key() segmentation fault

2014-01-21 Thread Salz, Rich
As two other people have already said, you cannot use strlen() on binary data. > >BN_bin2bn(parmp,strlen(parmp), dhPar2->p); > >BN_bin2bn(parmg,strlen(parmg), dhPar2->g); /r$ -- Principal Security Engineer Akamai Technology Cambridge, MA

Re: DH_generate_key() segmentation fault

2014-01-21 Thread khan wahid
Hi, Thank you all for your quick responses. I am using openssl 1.0.1 on a Linux machine. The DH_new() works correctly in my machine. It does not return NULL. Only the problem occurs in these lines- > > > >        BN_bin2bn(parmp,strlen(parmp), dhPar2->p); > >        BN_bin2bn(parmg,strlen(parm

RE: DH_generate_key() segmentation fault

2014-01-20 Thread Dave Thompson
> From: owner-openssl-us...@openssl.org On Behalf Of Matt Caswell > Sent: Monday, January 20, 2014 15:45 > On 20 January 2014 15:34, khan wahid wrote: > > Hi, > > I am trying to implement DH key exchage using openssl in the same program, > > so I generate DH parameters once, and then transfer th

Re: DH_generate_key() segmentation fault

2014-01-20 Thread Matt Caswell
On 20 January 2014 15:34, khan wahid wrote: > Hi, > I am trying to implement DH key exchage using openssl in the same program, > so I generate DH parameters once, and then transfer the p and g to another > DH object, here is my code- > > #include > #include > #include > #include > #includ

RE: DH_generate_key( ) Vs DH_compute_key( )

2011-04-08 Thread Dave Thompson
> From: owner-openssl-us...@openssl.org On Behalf Of ikuzar > Sent: Thursday, 07 April, 2011 08:31 > I'd like to know if DH_compute_key( ) runs faster than > DH_generate_key( ). DH_generate_key generate x and g^x, > in my case ( x was not set when I call this function ). >

RE: DH_generate_key issue

2011-03-02 Thread Erik Tkal
Hi Viktor, If you perform BN_mod_exp you will find that mathematically the public key is correct. I suppose there is a 1 in 256 chance that the high order byte would be 0, so that explains your result of it happening when you do large numbers of such operations. BTW, you can also use BN_rand

Re: DH_generate_key generates wrong public key size?

2005-04-02 Thread Bob Bradley
On 4/2/05 12:51 AM, "Nils Larsch" <[EMAIL PROTECTED]> wrote: > ... BN_bin2bn should correctly handle leading zeros in binary input Okay, great. Thanks for all the help. __ OpenSSL Project http://

Re: DH_generate_key generates wrong public key size?

2005-04-02 Thread Nils Larsch
Bob Bradley wrote: On 4/1/05 8:20 AM, "Nils Larsch" <[EMAIL PROTECTED]> wrote: this of course reduces the key space for the private key, but if you really need a fixed size public key you need to do it. Would it reduce security or be unsafe to simply prepend zero bytes after calling BN_bn2bin to

Re: DH_generate_key generates wrong public key size?

2005-04-01 Thread Bob Bradley
On 4/1/05 8:20 AM, "Nils Larsch" <[EMAIL PROTECTED]> wrote: > this of course reduces the key space for the private key, but if you > really need a fixed size public key you need to do it. Would it reduce security or be unsafe to simply prepend zero bytes after calling BN_bn2bin to make it fill 12

Re: DH_generate_key generates wrong public key size?

2005-04-01 Thread Nils Larsch
Bob Bradley wrote: On 4/1/05 1:57 AM, "Nils Larsch" <[EMAIL PROTECTED]> wrote: the dh public key is the result of g**k mod p (k is the private key) operation and hence may have less than BN_num_bytes(p) bytes (approx. every 256 key should have <= 127 bytes). I didn't realize that. Thanks for the

Re: DH_generate_key generates wrong public key size?

2005-04-01 Thread Bob Bradley
On 4/1/05 1:57 AM, "Nils Larsch" <[EMAIL PROTECTED]> wrote: > the dh public key is the result of g**k mod p (k is the private key) > operation and hence may have less than BN_num_bytes(p) bytes (approx. > every 256 key should have <= 127 bytes). I didn't realize that. Thanks for the explanation.

Re: DH_generate_key generates wrong public key size?

2005-04-01 Thread Nils Larsch
Bob Bradley wrote: I'm seeing DH_generate_key generate a public key that is 1 byte less than expected (127 instead of 128 bytes for a 1024-bit key), but only sporadically (about every 200-300 tries). I've written the following test case that always fails for me in less than 300 iterations. I've onl