Re: question about RSA in openSSL
- second, when I use RSA_generate_key() with odd value of e, then it runs ok. But when use with even value of e, it runs very slow and I don't know if can it finish or not ? gcd(e, (p-1)*(q-1) = 2 for all even e, so it cant generate such key for sure
Re: question about RSA in openSSL
Hello,
[EMAIL PROTECTED] wrote on 04/28/2008 07:00:09 AM:
Hi,
I have 2 question about RSA generating in OpenSSL :
- First, does p and q statisfy condition :
sqrt(N)/2 p q 2sqrt(N)
No, because q p in any key generated from openssl (starting from some
version).
- second, when I use RSA_generate_key() with odd value of e, then it
runs ok. But when
use with even value of e, it runs very slow and I don't know if can it
finish or not ?
As you already answered this key can not be generated.
In OpenSSL algorithm enters endless loop checking for GCD.
Here is OpenSSL code:
for (;;)
{
/* When generating ridiculously small keys, we can get
stuck
* continually regenerating the same prime values. Check
for
* this and bail if it happens 3 times. */
unsigned int degenerate = 0;
do
{
if(!BN_generate_prime_ex(rsa-q, bitsq, 0, NULL,
NULL, cb))
goto err;
} while((BN_cmp(rsa-p, rsa-q) == 0)
(++degenerate 3));
if(degenerate == 3)
{
ok = 0; /* we set our own err */
RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,RSA_R_KEY_SIZE_TOO_SMALL);
goto err;
}
if (!BN_sub(r2,rsa-q,BN_value_one())) goto err;
if (!BN_gcd(r1,r2,rsa-e,ctx)) goto err;
Here is GCD calculation (which in this case can not be 1)
if (BN_is_one(r1))
break;
^^
This can not be satisfied and loop can not end.
if(!BN_GENCB_call(cb, 2, n++))
goto err;
}
Best regards,
--
Marek Marcola [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: question about RSA in openSSL
Hi,
Thank you and Tuan Vu for your answers.
Yeah, qp, so does p and q satisfy :
sqrt(N)/2 p q 2sqrt(N) ?
Best regards,
[EMAIL PROTECTED] wrote: Hello,
[EMAIL PROTECTED] wrote on 04/28/2008 07:00:09 AM:
Hi,
I have 2 question about RSA generating in OpenSSL :
- First, does p and q statisfy condition :
sqrt(N)/2 p q 2sqrt(N)
No, because q p in any key generated from openssl (starting from some
version).
- second, when I use RSA_generate_key() with odd value of e, then it
runs ok. But when
use with even value of e, it runs very slow and I don't know if can it
finish or not ?
As you already answered this key can not be generated.
In OpenSSL algorithm enters endless loop checking for GCD.
Here is OpenSSL code:
for (;;)
{
/* When generating ridiculously small keys, we can get
stuck
* continually regenerating the same prime values. Check
for
* this and bail if it happens 3 times. */
unsigned int degenerate = 0;
do
{
if(!BN_generate_prime_ex(rsa-q, bitsq, 0, NULL,
NULL, cb))
goto err;
} while((BN_cmp(rsa-p, rsa-q) == 0)
(++degenerate 3));
if(degenerate == 3)
{
ok = 0; /* we set our own err */
RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,RSA_R_KEY_SIZE_TOO_SMALL);
goto err;
}
if (!BN_sub(r2,rsa-q,BN_value_one())) goto err;
if (!BN_gcd(r1,r2,rsa-e,ctx)) goto err;
Here is GCD calculation (which in this case can not be 1)
if (BN_is_one(r1))
break;
^^
This can not be satisfied and loop can not end.
if(!BN_GENCB_call(cb, 2, n++))
goto err;
}
Best regards,
--
Marek Marcola
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
trungnt
-
Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
s_client GET request
Hello, I would like to know how to hold a requisition s_client GET https that the server was connected ?? Ex: GET /Nfe/services/NfeStatusServico?wsdl HTTP/1.1\r\nHost: hnfe.sefaz.es.gov.br\r\nConnection: Keep-Alive\r\nAccept: */*\r\n It would have any other apps I can do this test? Thanks!! Ricardo
Re: s_client GET request
Hello, [EMAIL PROTECTED] wrote on 04/28/2008 04:03:02 PM: Hello, I would like to know how to hold a requisition s_client GET https that the server was connected ?? Ex: GET /Nfe/services/NfeStatusServico?wsdl HTTP/1.1\r\nHost: hnfe.sefaz.es.gov.br\r \nConnection: Keep-Alive\r\nAccept: */*\r\n It would have any other apps I can do this test? You may use wget (with ssl support compiled in) instead. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Blowfish CBC output ciphertext differs in OpenSSL and Java with same key and IV
I have no idea if your C++ code is correct, but I wrote some java code
the correctly does that java side. Download not-yet-commons-ssl.jar
and try this utility class: org.apache.commons.ssl.OpenSSL
Here are the instructions to use it:
http://juliusdavies.ca/commons-ssl/pbe.html
In your case probably something like this will work:
byte[] encrypted = OpenSSL.encrypt(bf-cbc, key, iv, data);
yours,
Julius
On Sun, Apr 27, 2008 at 10:50 PM, Vishal Rao [EMAIL PROTECTED] wrote:
Hello,
I'm trying to encrypt a few bytes (as a trial run) with the same key
and IV with Blowfish in CBC mode and standard PKCS padding using
OpenSSL in a C++ app and also using SUN's Java crypto libraries. The
output ciphertext is different in both places which means that I
cannot get them to interoperate - cannot encrypt in OpenSSL and
decrypt in Java due to a BadPaddingException.
I'm pasting some code below that I've written (minus error checking
etc for brevity) Is there something I can do differently in OpenSSL to
get the same output - perhaps setting the key and IV differently so as
to generate the same output ciphertext as Java is returning?
C++ code using OpenSSL:
unsigned char testplaintext[10] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10};
unsigned char ciphertext[100] = {0};
int outlen, tmplen;
unsigned char key[56] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13,
14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30,
31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
48, 49, 50, 51, 52, 53, 54, 55, 56};
unsigned char iv[8] = {1, 2, 3, 4, 5, 6, 7, 8};
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(ctx);
EVP_EncryptInit_ex(ctx, EVP_bf_cbc(), NULL, key, iv);
EVP_EncryptUpdate(ctx, ciphertext, outlen, testplaintext, 10);
EVP_EncryptFinal_ex(ctx, ciphertext + outlen, tmplen);
outlen += tmplen;
EVP_CIPHER_CTX_cleanup(ctx);
// now ciphertext contains the output encrypted bytes.
Java code doing the same:
byte[] testplaintext = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10};
byte[] testkey = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15,
16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32,
33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49,
50, 51, 52, 53, 54, 55, 56};
byte[] testivbytes = {1, 2, 3, 4, 5, 6, 7, 8};
IvParameterSpec testiv = new IvParameterSpec(testivbytes);
SecretKeySpec testsks = new SecretKeySpec(testkey, 0, 56, Blowfish);
Cipher testcipher = Cipher.getInstance(Blowfish/CBC/PKCS5Padding);
testcipher.init(Cipher.ENCRYPT_MODE, testsks, testiv);
byte[] testciphertext = testcipher.doFinal(testplaintext);
// now testciphertext contains the output encrypted bytes.
When I dump the bytes in the C++ ciphertext and Java
testciphertext byte arrays they are different. Any suggestions?
Looking through the OpenSSL code, it appears that the key bytes we
pass in are not used directly, rather some extra operations are done
before using it as the key, so maybe that is causing the mismatch in
output ciphertext. Is there a way to force OpenSSL to use the key we
provide unmodified?
Regards,
Vishal
--
Thou shalt not follow the null pointer for at it's end madness and chaos
lie.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
--
yours,
Julius Davies
250-592-2284 (Home)
250-893-4579 (Mobile)
http://juliusdavies.ca/
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: Blowfish CBC output ciphertext differs in OpenSSL and Java with same key and IV
On Mon, Apr 28, 2008, Vishal Rao wrote:
C++ code using OpenSSL:
unsigned char testplaintext[10] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10};
unsigned char ciphertext[100] = {0};
int outlen, tmplen;
unsigned char key[56] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13,
14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30,
31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47,
48, 49, 50, 51, 52, 53, 54, 55, 56};
unsigned char iv[8] = {1, 2, 3, 4, 5, 6, 7, 8};
EVP_CIPHER_CTX ctx;
EVP_CIPHER_CTX_init(ctx);
EVP_EncryptInit_ex(ctx, EVP_bf_cbc(), NULL, key, iv);
EVP_EncryptUpdate(ctx, ciphertext, outlen, testplaintext, 10);
EVP_EncryptFinal_ex(ctx, ciphertext + outlen, tmplen);
outlen += tmplen;
EVP_CIPHER_CTX_cleanup(ctx);
The call to EVP_EncryptInit_ex() uses the default key length for the cipher
unless told otherwise. For Blowfish this is 128 bits but you have a 56 byte
(?) key. You need to set the key length using EVP_CIPHER_CTX_set_key_length().
This involves a double call to EVP_EncryptInit_ex(). See the manual pages for
more information.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Homepage: http://www.drh-consultancy.demon.co.uk
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
