Re: Possible bug in GCM/GMAC with (just) AAD of size unequal to block size

> On Nov 19, 2014, at 6:26 PM, William McGovern wrote: > > >> On Nov 19, 2014, at 6:09 PM, William McGovern > > wrote: >> >> >>> On Nov 19, 2014, at 5:03 PM, Maarten Bodewes >> > wrote: >>> >>> Hi all, >>> >>> I would be very grat

Re: Possible bug in GCM/GMAC with (just) AAD of size unequal to block size

> On Nov 19, 2014, at 6:26 PM, William McGovern wrote: > > >> On Nov 19, 2014, at 6:09 PM, William McGovern > > wrote: >> >> >>> On Nov 19, 2014, at 5:03 PM, Maarten Bodewes >> > wrote: >>> >>> Hi all, >>> >>> I would be very grat

RE: SSL alert number 51

To be perfectly clear, the server is not OpenSSL itself but application code that calls OpenSSL. The code is stable and in production and, as I said, works if I do *not* turn on FIPS on the client. I could trace through the calls if necessary. Also, I will be out of the office all day Thursday so

Re: Possible bug in GCM/GMAC with (just) AAD of size unequal to block size

> On Nov 19, 2014, at 6:09 PM, William McGovern wrote: > > >> On Nov 19, 2014, at 5:03 PM, Maarten Bodewes > > wrote: >> >> Hi all, >> >> I would be very grateful if somebody could explain why the following problem >> occurs: >> >> a test vector with an AAD

Re: Possible bug in GCM/GMAC with (just) AAD of size unequal to block size

> On Nov 19, 2014, at 5:03 PM, Maarten Bodewes > wrote: > > Hi all, > > I would be very grateful if somebody could explain why the following problem > occurs: > > a test vector with an AAD of 20 bytes created an authentication tag that is > not correct, > this could for instance be a paddin

Possible bug in GCM/GMAC with (just) AAD of size unequal to block size

Hi all, I would be very grateful if somebody could explain why the following problem occurs: a test vector with an AAD of 20 bytes created an authentication tag that is not correct, this could for instance be a padding bug in OpenSSL's GCM implementation. Ref: http://stackoverflow.com/q/27023287

RE: SSL alert number 51

- DHE is 1024 - RSA is 2048 Server certificate: Certificate: Data: Version: 3 (0x2) Serial Number: 13 (0xd) Signature Algorithm: sha1WithRSAEncryption Issuer: CN=Charles Mills Consulting, LLC, ST=California, C=US/emailAddress=charles m...@mcn.org, O=Charles Mills C

Re: SSL alert number 51

On Wed, Nov 19, 2014, Matt Caswell wrote: > > > On 19/11/14 22:57, Charles Mills wrote: > > > User response: If the error occurred while executing > > in FIPS mode, check that only FIPS key sizes are used. > > Collect a System SSL trace containing the error and > > then contact your service repr

Re: SSL alert number 51

On 19/11/14 22:57, Charles Mills wrote: > Dave - > > Thanks much. > >> Either there's a bug somewhere or you are being attacked (MitM'ed). > > Unlikely I am being MitM'ed -- the connection is over a VPN. (Why TLS when > there is already a VPN in place? I am testing TLS software and the VPN is

RE: SSL alert number 51

Dave - Thanks much. > Either there's a bug somewhere or you are being attacked (MitM'ed). Unlikely I am being MitM'ed -- the connection is over a VPN. (Why TLS when there is already a VPN in place? I am testing TLS software and the VPN is a fact of life and my only client to server link. > Do y

RE: openSSL equivalent of RSA/ECB/PKCS1Padding

> From: owner-openssl-us...@openssl.org On Behalf Of Dan Si Atat > Sent: Wednesday, November 19, 2014 14:32 > I am trying to emulate in OpenSSL java encryption algorithm.   > When using "RSA_public_encrypt" are there parameters to emulate any of these > combinations of parameters in Java? > "RSA/

RE: SSL alert number 51

> From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills > Sent: Wednesday, November 19, 2014 14:08 > 10280:error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error:.\ssl\s3_pkt.c:1275:SSL alert number 51 http://tools.ietf.org/html/rfc5246.html#section-7.2 decrypt_error

Re: Schanner secu

On https://support.microsoft.com/kb/2992611 we can read Some customers have reported an issue that is related to the changes in this release. These changes added the following new cipher suites to Windows Server 2008 R2 and Windows Server 2012. In order to give customers more control over whether t

Re: Schanner secu

Microsoft published today a new version of the KB 2992611 on the first patch, they modified the registry entry key HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\CryptographyBeforce\Configuration\Local\SSL\00010002 , entry Functions original list, before 11 november, and after 19 november

SSL alert number 51

Good day - Can anyone offer some clues on 10280:error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt error:.\ssl\s3_pkt.c:1275:SSL alert number 51 OpenSSL 1.01h is the server, running on Windows 7 Pro 64 bit. Thanks, Charles

openSSL equivalent of RSA/ECB/PKCS1Padding

I am trying to emulate in OpenSSL java encryption algorithm. When using "RSA_public_encrypt" are there parameters to emulate any of these combinations of parameters in Java? "RSA/ECB/OAEPWITHMD5ANDMGF1PADDING" or "RSA/ECB/PKCS1Padding"? I tried using "RSA_PKCS1_PADDING" as a padding parameter

X509_verify_cert: How to retrieve the actual CRLs used to verifiy a certificate?

Hi, via X509_LOOKUP_load_file() resp. X509_LOOKUP_add_dir() I'm adding a PEM file containing multiple CRLs and/or a directory containing hashed CRL files to a X509_STORE. Then I'm using the X509_verify_cert() function to verify a certificate. After verification is successful, I would like to

RE: Digital Certificates

> I have developed one algorithm like RSA so how can I use my algorithm with > OPENSSL to secure Tcp/ip connections. Adding new algorithms to openssl is not trivial. It's also not really documented. Good luck! For what it's worth, developing your own crypto algorithms is generally a bad idea

Digital Certificates

Hello, Actually I have developed one algorithm like RSA so how can I use my algorithm with OPENSSL to secure Tcp/ip connections. Sorry if you don't understand my questions, I am totally new to the these topics. -Niraj On 19-Nov-2014 1:08 PM, "Amir Reda" wrote: > sorry sir what do you mean by

Differences between openssl-fips-2.0.7 and 2.0.8

Hello, I am currently using openssl-fips-2.0.7 and I noticed that 2.0.8 is available on the website. Neither distribution contain a changelog, so I was wondering what changes were made to 2.0.8. Thanks, Phil Phil Bellino Principal Software Engineer | MRV Communications Inc. 300 Apollo Drive | C

Re: Schanner secu

Hi, The latest Windows update that corrected the "WinShock" SChannel vulnerability brought many changes to the way TLS is performed and among the changes is the fact that the Supported Point Formats Extension is not sent anymore in the ServerHello during the TLS handshake. In version of Open