Re: question about RSA in openSSL
- second, when I use RSA_generate_key() with odd value of e, then it runs ok. But when use with even value of e, it runs very slow and I don't know if can it finish or not ? gcd(e, (p-1)*(q-1) = 2 for all even e, so it cant generate such key for sure
Re: question about RSA in openSSL
Hello, [EMAIL PROTECTED] wrote on 04/28/2008 07:00:09 AM: Hi, I have 2 question about RSA generating in OpenSSL : - First, does p and q statisfy condition : sqrt(N)/2 p q 2sqrt(N) No, because q p in any key generated from openssl (starting from some version). - second, when I use RSA_generate_key() with odd value of e, then it runs ok. But when use with even value of e, it runs very slow and I don't know if can it finish or not ? As you already answered this key can not be generated. In OpenSSL algorithm enters endless loop checking for GCD. Here is OpenSSL code: for (;;) { /* When generating ridiculously small keys, we can get stuck * continually regenerating the same prime values. Check for * this and bail if it happens 3 times. */ unsigned int degenerate = 0; do { if(!BN_generate_prime_ex(rsa-q, bitsq, 0, NULL, NULL, cb)) goto err; } while((BN_cmp(rsa-p, rsa-q) == 0) (++degenerate 3)); if(degenerate == 3) { ok = 0; /* we set our own err */ RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,RSA_R_KEY_SIZE_TOO_SMALL); goto err; } if (!BN_sub(r2,rsa-q,BN_value_one())) goto err; if (!BN_gcd(r1,r2,rsa-e,ctx)) goto err; Here is GCD calculation (which in this case can not be 1) if (BN_is_one(r1)) break; ^^ This can not be satisfied and loop can not end. if(!BN_GENCB_call(cb, 2, n++)) goto err; } Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: question about RSA in openSSL
Hi, Thank you and Tuan Vu for your answers. Yeah, qp, so does p and q satisfy : sqrt(N)/2 p q 2sqrt(N) ? Best regards, [EMAIL PROTECTED] wrote: Hello, [EMAIL PROTECTED] wrote on 04/28/2008 07:00:09 AM: Hi, I have 2 question about RSA generating in OpenSSL : - First, does p and q statisfy condition : sqrt(N)/2 p q 2sqrt(N) No, because q p in any key generated from openssl (starting from some version). - second, when I use RSA_generate_key() with odd value of e, then it runs ok. But when use with even value of e, it runs very slow and I don't know if can it finish or not ? As you already answered this key can not be generated. In OpenSSL algorithm enters endless loop checking for GCD. Here is OpenSSL code: for (;;) { /* When generating ridiculously small keys, we can get stuck * continually regenerating the same prime values. Check for * this and bail if it happens 3 times. */ unsigned int degenerate = 0; do { if(!BN_generate_prime_ex(rsa-q, bitsq, 0, NULL, NULL, cb)) goto err; } while((BN_cmp(rsa-p, rsa-q) == 0) (++degenerate 3)); if(degenerate == 3) { ok = 0; /* we set our own err */ RSAerr(RSA_F_RSA_BUILTIN_KEYGEN,RSA_R_KEY_SIZE_TOO_SMALL); goto err; } if (!BN_sub(r2,rsa-q,BN_value_one())) goto err; if (!BN_gcd(r1,r2,rsa-e,ctx)) goto err; Here is GCD calculation (which in this case can not be 1) if (BN_is_one(r1)) break; ^^ This can not be satisfied and loop can not end. if(!BN_GENCB_call(cb, 2, n++)) goto err; } Best regards, -- Marek Marcola __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] trungnt - Be a better friend, newshound, and know-it-all with Yahoo! Mobile. Try it now.
s_client GET request
Hello, I would like to know how to hold a requisition s_client GET https that the server was connected ?? Ex: GET /Nfe/services/NfeStatusServico?wsdl HTTP/1.1\r\nHost: hnfe.sefaz.es.gov.br\r\nConnection: Keep-Alive\r\nAccept: */*\r\n It would have any other apps I can do this test? Thanks!! Ricardo
Re: s_client GET request
Hello, [EMAIL PROTECTED] wrote on 04/28/2008 04:03:02 PM: Hello, I would like to know how to hold a requisition s_client GET https that the server was connected ?? Ex: GET /Nfe/services/NfeStatusServico?wsdl HTTP/1.1\r\nHost: hnfe.sefaz.es.gov.br\r \nConnection: Keep-Alive\r\nAccept: */*\r\n It would have any other apps I can do this test? You may use wget (with ssl support compiled in) instead. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Blowfish CBC output ciphertext differs in OpenSSL and Java with same key and IV
I have no idea if your C++ code is correct, but I wrote some java code the correctly does that java side. Download not-yet-commons-ssl.jar and try this utility class: org.apache.commons.ssl.OpenSSL Here are the instructions to use it: http://juliusdavies.ca/commons-ssl/pbe.html In your case probably something like this will work: byte[] encrypted = OpenSSL.encrypt(bf-cbc, key, iv, data); yours, Julius On Sun, Apr 27, 2008 at 10:50 PM, Vishal Rao [EMAIL PROTECTED] wrote: Hello, I'm trying to encrypt a few bytes (as a trial run) with the same key and IV with Blowfish in CBC mode and standard PKCS padding using OpenSSL in a C++ app and also using SUN's Java crypto libraries. The output ciphertext is different in both places which means that I cannot get them to interoperate - cannot encrypt in OpenSSL and decrypt in Java due to a BadPaddingException. I'm pasting some code below that I've written (minus error checking etc for brevity) Is there something I can do differently in OpenSSL to get the same output - perhaps setting the key and IV differently so as to generate the same output ciphertext as Java is returning? C++ code using OpenSSL: unsigned char testplaintext[10] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10}; unsigned char ciphertext[100] = {0}; int outlen, tmplen; unsigned char key[56] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56}; unsigned char iv[8] = {1, 2, 3, 4, 5, 6, 7, 8}; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(ctx); EVP_EncryptInit_ex(ctx, EVP_bf_cbc(), NULL, key, iv); EVP_EncryptUpdate(ctx, ciphertext, outlen, testplaintext, 10); EVP_EncryptFinal_ex(ctx, ciphertext + outlen, tmplen); outlen += tmplen; EVP_CIPHER_CTX_cleanup(ctx); // now ciphertext contains the output encrypted bytes. Java code doing the same: byte[] testplaintext = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10}; byte[] testkey = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56}; byte[] testivbytes = {1, 2, 3, 4, 5, 6, 7, 8}; IvParameterSpec testiv = new IvParameterSpec(testivbytes); SecretKeySpec testsks = new SecretKeySpec(testkey, 0, 56, Blowfish); Cipher testcipher = Cipher.getInstance(Blowfish/CBC/PKCS5Padding); testcipher.init(Cipher.ENCRYPT_MODE, testsks, testiv); byte[] testciphertext = testcipher.doFinal(testplaintext); // now testciphertext contains the output encrypted bytes. When I dump the bytes in the C++ ciphertext and Java testciphertext byte arrays they are different. Any suggestions? Looking through the OpenSSL code, it appears that the key bytes we pass in are not used directly, rather some extra operations are done before using it as the key, so maybe that is causing the mismatch in output ciphertext. Is there a way to force OpenSSL to use the key we provide unmodified? Regards, Vishal -- Thou shalt not follow the null pointer for at it's end madness and chaos lie. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- yours, Julius Davies 250-592-2284 (Home) 250-893-4579 (Mobile) http://juliusdavies.ca/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Blowfish CBC output ciphertext differs in OpenSSL and Java with same key and IV
On Mon, Apr 28, 2008, Vishal Rao wrote: C++ code using OpenSSL: unsigned char testplaintext[10] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10}; unsigned char ciphertext[100] = {0}; int outlen, tmplen; unsigned char key[56] = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36, 37, 38, 39, 40, 41, 42, 43, 44, 45, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56}; unsigned char iv[8] = {1, 2, 3, 4, 5, 6, 7, 8}; EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX_init(ctx); EVP_EncryptInit_ex(ctx, EVP_bf_cbc(), NULL, key, iv); EVP_EncryptUpdate(ctx, ciphertext, outlen, testplaintext, 10); EVP_EncryptFinal_ex(ctx, ciphertext + outlen, tmplen); outlen += tmplen; EVP_CIPHER_CTX_cleanup(ctx); The call to EVP_EncryptInit_ex() uses the default key length for the cipher unless told otherwise. For Blowfish this is 128 bits but you have a 56 byte (?) key. You need to set the key length using EVP_CIPHER_CTX_set_key_length(). This involves a double call to EVP_EncryptInit_ex(). See the manual pages for more information. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]