Re: 64 bits computer always returns the same salt
David Erosa García wrote: Hello all. I tried the openssl-users list but I think this may be a question for the devel list: I'm doing my homework about openssl, but *this question has nothing to do with it*. It's just a doubt that arised while doing it. There is one exercise with the following text: Con el comando “openssl enc” y la siguiente clave AES: 188458A6D15034DFE386F23B61D43774 se puede descifrar cierta información. Podrías decir cual? Using the command openssl enc and the following AES key: 188458A6D15034DFE386F23B61D43774 you can decode some information, could you say what? I started playing with openssl enc and I thought the only thing I could guess was the salt (Surely I'm wrong). So I ran the command with a random IV: openssl enc -aes128 -K 188458A6D15034DFE386F23B61D43774 -iv 1 -P I found that the salt varies as it should on two machines with 32 bit CPU (not my main one): Office's computer (openssl 0.9.8g-4ubuntu2): salt=4075DFB76496F2B7 salt=4045D8B76466EBB7 salt=40C5DAB764E6EDB7 salt=4015DEB76436F1B7 salt=4025DFB76446F2B7 A server I have somewhere else (openssl 0.9.8c-4etch1): salt=50D882BF0C00 salt=B05DD9BF0C00 salt=A0CCC7BF0C00 salt=E0C88BBF0C00 salt=204190BF0C00 But when I run it on my main computer, it always outputs the same salt! This machine is a 64bit CPU, running a 64bits linux distribution (openssl 0.9.8g-4ubuntu2): salt=0004 salt=0004 salt=0004 salt=0004 I've been searching through the openssl lists and found nothing about this behavior. What can be happening? Is it about the 64 bit version of openssl? No, the actual output may depend on the system but the reason behind it is found in apps/enc.c: ... if (cipher != NULL) { /* Note that str is NULL if a key was passed on the command * line, so we get no salt in that case. Is this a bug? */ if (str != NULL) ... In the case the str == NULL the memory containing the salt is an uninitialized part of the stack so its content is undefined and the behavior will depend on system and compiler (options) used. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: 64 bits computer always returns the same salt
On Wed, Apr 16, 2008, Lutz Jaenicke wrote: David Erosa García wrote: He???llo all. I tried the openssl-users list but I think this may be a question for the devel list: I'm doing my homework about openssl, but *this question has nothing to do with it*. It's just a doubt that arised while doing it. There is one exercise with the following text: Con el comando ???openssl enc??? y la siguiente clave AES: 188458A6D15034DFE386F23B61D43774 se puede descifrar cierta información. Podrías decir cual? Using the command openssl enc and the following AES key: 188458A6D15034DFE386F23B61D43774 you can decode some information, could you say what? I started playing with openssl enc and I thought the only thing I could guess was the salt (Surely I'm wrong). So I ran the command with a random IV: openssl enc -aes128 -K 188458A6D15034DFE386F23B61D43774 -iv 1 -P I found that the salt varies as it should on two machines with 32 bit CPU (not my main one): Office's computer (openssl 0.9.8g-4ubuntu2): salt=4075DFB76496F2B7 salt=4045D8B76466EBB7 salt=40C5DAB764E6EDB7 salt=4015DEB76436F1B7 salt=4025DFB76446F2B7 A server I have somewhere else (openssl 0.9.8c-4etch1): salt=50D882BF0C00 salt=B05DD9BF0C00 salt=A0CCC7BF0C00 salt=E0C88BBF0C00 salt=204190BF0C00 But when I run it on my main computer, it always outputs the same salt! This machine is a 64bit CPU, running a 64bits linux distribution (openssl 0.9.8g-4ubuntu2): salt=0004 salt=0004 salt=0004 salt=0004 I've been searching through the openssl lists and found nothing about this behavior. What can be happening? Is it about the 64 bit version of openssl? No, the actual output may depend on the system but the reason behind it is found in apps/enc.c: ... if (cipher != NULL) { /* Note that str is NULL if a key was passed on the command * line, so we get no salt in that case. Is this a bug? */ if (str != NULL) ... In the case the str == NULL the memory containing the salt is an uninitialized part of the stack so its content is undefined and the behavior will depend on system and compiler (options) used. Note that the salt is used to derive the key an IV from a passphrase in the enc utility so if a key and IV are specified on the command line the salt is never used. The bug is that it still prints out the unused salt. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: 64 bits computer always returns the same salt
On Thu, Apr 03, 2008 at 05:25:38PM +0200, David Erosa García wrote: So I ran the command with a random IV: openssl enc -aes128 -K 188458A6D15034DFE386F23B61D43774 -iv 1 -P I've tried this on various (Linux) arches with a 0.9.8 version. On alpha I get: salt= salt= salt= salt= On powerpc: salt=100037C40001 salt=100037C40001 salt=100037C40001 salt=100037C40001 On mips: salt=2AAB079C2ADFD8F0 salt=2AAB079C2ADFD8F0 salt=2AAB079C2ADFD8F0 salt=2AAB079C2ADFD8F0 On ia64: salt=58120420 salt=58120420 salt=58120420 salt=58120420 On s390: salt=F7FF2ECE7FF3F420 salt=F7FF2ECE7FF89420 salt=F7FF2ECE7FCD2420 salt=F7FF2ECE7FC27420 On sparc: salt=FFB5D4C8F7C86AE0 salt=FF97F4C8F7C6EAE0 salt=FFEC54C8F7C16AE0 salt=FFCC94C8F7CAAAE0 On m68k: salt=C01171D280068730 salt=C01171D280068730 salt=C01171D280068730 salt=C01171D280068730 On amd64: salt=0004 salt=0004 salt=0004 salt=0004 On i386: salt=C078D4FF20A5D7F7 salt=C0D085FF2015DAF7 salt=C0C2A6FF2025DEF7 salt=208FECFF2025E1F7 salt=00CFE9FF2035E2F7 So, from those only s390, sparc and i386 seem to be more or less random. I currently don't have access to an arm or hppa machine that has openssl installed. If really needed, I can ask. Kurt __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: 64 bits computer always returns the same salt
El vie, 04-04-2008 a las 08:25 +1000, Peter Waltenberg escribió: It happens here on my 64 bit Linux system as well if I run the openssl that comes with the OS. However, if I run the openssl executable that I build for our own use (which has been modified to use our own RNG code) the salt varies as expected. So, any chance for me to get it working using a vanilla source? :) Peter From: David Erosa García [EMAIL PROTECTED] To: openssl-dev@openssl.org Date: 04/04/2008 01:26 Subject:64 bits computer always returns the same salt Hello all. I tried the openssl-users list but I think this may be a question for the devel list: I'm doing my homework about openssl, but *this question has nothing to do with it*. It's just a doubt that arised while doing it. There is one exercise with the following text: Con el comando “openssl enc” y la siguiente clave AES: 188458A6D15034DFE386F23B61D43774 se puede descifrar cierta información. Podrías decir cual? Using the command openssl enc and the following AES key: 188458A6D15034DFE386F23B61D43774 you can decode some information, could you say what? I started playing with openssl enc and I thought the only thing I could guess was the salt (Surely I'm wrong). So I ran the command with a random IV: openssl enc -aes128 -K 188458A6D15034DFE386F23B61D43774 -iv 1 -P I found that the salt varies as it should on two machines with 32 bit CPU (not my main one): Office's computer (openssl 0.9.8g-4ubuntu2): salt=4075DFB76496F2B7 salt=4045D8B76466EBB7 salt=40C5DAB764E6EDB7 salt=4015DEB76436F1B7 salt=4025DFB76446F2B7 A server I have somewhere else (openssl 0.9.8c-4etch1): salt=50D882BF0C00 salt=B05DD9BF0C00 salt=A0CCC7BF0C00 salt=E0C88BBF0C00 salt=204190BF0C00 But when I run it on my main computer, it always outputs the same salt! This machine is a 64bit CPU, running a 64bits linux distribution (openssl 0.9.8g-4ubuntu2): salt=0004 salt=0004 salt=0004 salt=0004 I've been searching through the openssl lists and found nothing about this behavior. What can be happening? Is it about the 64 bit version of openssl? Thanks a lot for your attention. Regards. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
64 bits computer always returns the same salt
Hello all. I tried the openssl-users list but I think this may be a question for the devel list: I'm doing my homework about openssl, but *this question has nothing to do with it*. It's just a doubt that arised while doing it. There is one exercise with the following text: Con el comando “openssl enc” y la siguiente clave AES: 188458A6D15034DFE386F23B61D43774 se puede descifrar cierta información. Podrías decir cual? Using the command openssl enc and the following AES key: 188458A6D15034DFE386F23B61D43774 you can decode some information, could you say what? I started playing with openssl enc and I thought the only thing I could guess was the salt (Surely I'm wrong). So I ran the command with a random IV: openssl enc -aes128 -K 188458A6D15034DFE386F23B61D43774 -iv 1 -P I found that the salt varies as it should on two machines with 32 bit CPU (not my main one): Office's computer (openssl 0.9.8g-4ubuntu2): salt=4075DFB76496F2B7 salt=4045D8B76466EBB7 salt=40C5DAB764E6EDB7 salt=4015DEB76436F1B7 salt=4025DFB76446F2B7 A server I have somewhere else (openssl 0.9.8c-4etch1): salt=50D882BF0C00 salt=B05DD9BF0C00 salt=A0CCC7BF0C00 salt=E0C88BBF0C00 salt=204190BF0C00 But when I run it on my main computer, it always outputs the same salt! This machine is a 64bit CPU, running a 64bits linux distribution (openssl 0.9.8g-4ubuntu2): salt=0004 salt=0004 salt=0004 salt=0004 I've been searching through the openssl lists and found nothing about this behavior. What can be happening? Is it about the 64 bit version of openssl? Thanks a lot for your attention. Regards. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: 64 bits computer always returns the same salt
It happens here on my 64 bit Linux system as well if I run the openssl that comes with the OS. However, if I run the openssl executable that I build for our own use (which has been modified to use our own RNG code) the salt varies as expected. Peter From: David Erosa García [EMAIL PROTECTED] To: openssl-dev@openssl.org Date: 04/04/2008 01:26 Subject:64 bits computer always returns the same salt Hello all. I tried the openssl-users list but I think this may be a question for the devel list: I'm doing my homework about openssl, but *this question has nothing to do with it*. It's just a doubt that arised while doing it. There is one exercise with the following text: Con el comando “openssl enc” y la siguiente clave AES: 188458A6D15034DFE386F23B61D43774 se puede descifrar cierta información. Podrías decir cual? Using the command openssl enc and the following AES key: 188458A6D15034DFE386F23B61D43774 you can decode some information, could you say what? I started playing with openssl enc and I thought the only thing I could guess was the salt (Surely I'm wrong). So I ran the command with a random IV: openssl enc -aes128 -K 188458A6D15034DFE386F23B61D43774 -iv 1 -P I found that the salt varies as it should on two machines with 32 bit CPU (not my main one): Office's computer (openssl 0.9.8g-4ubuntu2): salt=4075DFB76496F2B7 salt=4045D8B76466EBB7 salt=40C5DAB764E6EDB7 salt=4015DEB76436F1B7 salt=4025DFB76446F2B7 A server I have somewhere else (openssl 0.9.8c-4etch1): salt=50D882BF0C00 salt=B05DD9BF0C00 salt=A0CCC7BF0C00 salt=E0C88BBF0C00 salt=204190BF0C00 But when I run it on my main computer, it always outputs the same salt! This machine is a 64bit CPU, running a 64bits linux distribution (openssl 0.9.8g-4ubuntu2): salt=0004 salt=0004 salt=0004 salt=0004 I've been searching through the openssl lists and found nothing about this behavior. What can be happening? Is it about the 64 bit version of openssl? Thanks a lot for your attention. Regards. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]