RE: BIGNUM library
Hello, Is there a specification on the format of a BIGNUM that someone can point me to? Probably headers files. Is there a standard encoding/format that everyone adheres to? Probably not. Or would different libraries have their own encodings? I hope not. Most bignum libraries use their own formats, in general they are very close (structure with words/limbs, some counters, sign variable ...). Sometimes APIs between libraries are almost the same. How easy or difficult would it be to extract just the BIGNUM library from OpenSSL? Are there any documents on how to do this? Very ease, but if you think about bignum library I think GMP is better than extract from OpenSSL. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Convert DER format to PKC#7 format
Hi, I used Entrust/Web Connector to generate client certificate. It generated in raw DER format. Is there anyway to convert to PKC#7 format? Thanks in advance, Mustafa __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Convert DER format to PKC#7 format
I used Entrust/Web Connector to generate client certificate. It generated in raw DER format. Is there anyway to convert to PKC#7 format? | openssl pkcs7 [options] infile outfile | where options are | -inform arg input format - DER or PEM | -outform arg output format - DER or PEM | -in arg input file | -out arg output file | -print_certs print any certs or crl in the input | -text print full details of certificates | -nooutdon't output encoded data | -engine e use engine e, possibly a hardware device. best regards, Lars __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Convert DER format to PKC#7 format
Hello Mustafa, I used Entrust/Web Connector to generate client certificate. It generated in raw DER format. Is there anyway to convert to PKC#7 format? PKCS#7 is a structure which comes in two forms PEM or DER. To convert a PEM format PKCS#7 structure into a DER form issue the below command. # openssl pkcs7 -inform PEM -in p7.pem -out p7.der -outform DER Regards, ViSolve Security Consulting Group. http://www.visolve.com/security/ Affordable Open Source Solutions for your Business. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
dumping SSL certificate of a webpage
Hello I couldn't find out how to get a PEM file if I have a https://url. In Konqueror I am able to export certificates from Peer SSL Certificates tab, but I'd like to be able to get it also with openssl command. Thanks in advance :-) Regards -- Martin Zdila Analyst/Developer EpiSoftware Slovakia Ltd. Letna 27, 043 14 Kosice tel:+421-908-363-848 tel:+421-55-6770-420 mailto:[EMAIL PROTECTED] http://www.episoftware.com xmpp:[EMAIL PROTECTED] callto://m.zdila/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Convert DER format to PKC#7 format
Hello, I am confused. Please take a look at the attached document. It gives me two options to create the certificate and both are in PEM encoded but one is in DER and the other one is in PKCS#7 format. According to your statement, how could this be? Thanks, Mustafa --- ViSolve Security Consulting Group [EMAIL PROTECTED] wrote: Hello Mustafa, I used Entrust/Web Connector to generate client certificate. It generated in raw DER format. Is there anyway to convert to PKC#7 format? PKCS#7 is a structure which comes in two forms PEM or DER. To convert a PEM format PKCS#7 structure into a DER form issue the below command. # openssl pkcs7 -inform PEM -in p7.pem -out p7.der -outform DER Regards, ViSolve Security Consulting Group. http://www.visolve.com/security/ Affordable Open Source Solutions for your Business. __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com Doc1.doc Description: 2878216750-Doc1.doc
Re: Convert DER format to PKC#7 format
Hello Mustafa, I am confused. Please take a look at the attached document. It gives me two options to create the certificate and both are in PEM encoded but one is in DER and the other one is in PKCS#7 format. According to your statement, how could this be? Please make a note that the attached screen shot will help you to submit a request in receiving : (i) A PEM format for *PKCS#10* structure (which was basically encoded in a DER format). (ii) A PEM format for *PKCS#7* structure. Regards, ViSolve Security Consulting Group. http://www.visolve.com/security/ Affordable Open Source Solutions for your Business. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: dumping SSL certificate of a webpage
hi thanks for reply. actually, i know about this method but i don't consider it as very clean. any native method? :-) On Tuesday 17 April 2007 13:32:36 Marek Marcola wrote: Hello, I couldn't find out how to get a PEM file if I have a https://url. In Konqueror I am able to export certificates from Peer SSL Certificates tab, but I'd like to be able to get it also with openssl command. After command: % openssl s_client -connect url:443 -showcerts /dev/null you may simply copy-paste peer certificate. Best regards, -- Martin Zdila Analyst/Developer EpiSoftware Slovakia Ltd. Letna 27, 043 14 Kosice tel:+421-908-363-848 tel:+421-55-6770-420 mailto:[EMAIL PROTECTED] http://www.episoftware.com xmpp:[EMAIL PROTECTED] callto://m.zdila/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: dumping SSL certificate of a webpage
Hello, I couldn't find out how to get a PEM file if I have a https://url. In Konqueror I am able to export certificates from Peer SSL Certificates tab, but I'd like to be able to get it also with openssl command. After command: % openssl s_client -connect url:443 -showcerts /dev/null you may simply copy-paste peer certificate. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: It is Memory leak ??
Hi DS How do we handle closure in openssl??? . I just call: SSL_shutdown(ssl); SSl_free(ssl); close(sock); then get out both in Serevr/Client, without waiting for receiving close_notify from either sides. Could that cause memory leak ?? I have called: SSL_shutdown(ssl); SSL_shutdown(ssl); SSl_free(ssl); close(sock); But sometimes I receive return 0 for both call. I do not know why, so I just call one time SSL_shutdown(ssl); SSl_free(ssl); close(sock); Please help. Thank You TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: Friday, April 13, 2007 16:19 To: openssl-users@openssl.org Subject: RE: It is Memory leak ?? I have Client/Server application using openSSSL. Server spin-off threads to handle each client SSL connection. I get the following memory leak report when I run valgrind. I think I am shutting down/freeing all the memory correctly. [snip] These are empty stacks. It's not a leak because the stacks are in fact empty. Ack, I just noticed we're talking about 4MB in over 100,00 blocks. The error you pasted is for an empty stack, but probably the objects that own these empty stacks were not properly freed. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: dumping SSL certificate of a webpage
On 2007.04.17 at 16:17:03 +0200, M.Zdila/EpiSoftware Ltd. wrote: hi i would like to use it in bash script so the certificate would be saved to a cert.pem and then imported to java keystore using keytool. possible? Use openssl s_client command, and then something like sed or awk to extract certificate from output. If you are not familiar with sed or awk, you can also filter output of s_client via openssl x509 command - it would strip away anything but certificate. Following command line: echo|openssl s_client -connect site.com:443 |openssl x509 -out cert.pem works for me. But why do you want web-site certificat in your keystore? Typically only CA certificates are stored there. Does site in question use __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Convert DER format to PKC#7 format
On 2007.04.17 at 03:27:47 -0700, Mustafa Cayci wrote: Hi, I used Entrust/Web Connector to generate client certificate. It generated in raw DER format. Is there anyway to convert to PKC#7 format? Thanks in advance, PKCS7 format is not a certificate format. It is format of signed/encrypted E-Mail messages, which can incorportate certificates and CRLs of signers. It is often used as container for certificate chains (probably with accompanying CRL). So if you got an X509 certificate in DER format, (if openssl x509 -text -noout -inform DER -in filename.crt displays it properly it is so), you need to create a PKCS7 container which store this (and may be others - typically you want certificate of your CA there too) certificate. This can be accomplished using crl2pkcs7 command of openssl utility. Even if you don't actually have a fresh CRL from your CA. It is conterintuitive, but crl2pkcs7 can create pkcs7 without CRL. Unfortunately, crl2pkcs7 doesn't accept certificates in the DER format (although it can deal with CRL in DER format). So, you have first to convert certificate(s) into PEM using openssl x509 and then use crl2pkcs7 to wrap it into pkcs7 structure. Mustafa __ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: BIGNUM library
Thanks for the reply. So I'm a bit confused as to how different crypto packages interoperate. I've been having a problem with MS CryptoAPI doing a DH key exchange with OpenSSL. There are some quirks such as byte order, and a couple other things. But for the most part, I have it working. But occasionally, I get failures which I suspect is due to the BIGNUM format of the pubkey that is exchanged. Has anybody had success getting these 2 libs working together? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Tuesday, April 17, 2007 1:55 AM To: openssl-users@openssl.org Subject: RE: BIGNUM library Hello, Is there a specification on the format of a BIGNUM that someone can point me to? Probably headers files. Is there a standard encoding/format that everyone adheres to? Probably not. Or would different libraries have their own encodings? I hope not. Most bignum libraries use their own formats, in general they are very close (structure with words/limbs, some counters, sign variable ...). Sometimes APIs between libraries are almost the same. How easy or difficult would it be to extract just the BIGNUM library from OpenSSL? Are there any documents on how to do this? Very ease, but if you think about bignum library I think GMP is better than extract from OpenSSL. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: BIGNUM library
On Tue, Apr 17, 2007 at 08:42:12AM -0700, Edward Chan wrote: Thanks for the reply. So I'm a bit confused as to how different crypto packages interoperate. I've been having a problem with MS CryptoAPI doing a DH key exchange with OpenSSL. There are some quirks such as byte order, and a couple other things. But for the most part, I have it working. But occasionally, I get failures which I suspect is due to the BIGNUM format of the pubkey that is exchanged. Has anybody had success getting these 2 libs working together? You are confusing BIGNUM which is an internal library structure for performing high precision integer arithmetic, with ASN.1 which is an on the wire format for serialized data. The protocols that exchange public keys, ... are not sending BIGNUM structures around, OpenSSL serializes and de-deserializes BIGNUMs to/from appropriate ASN.1 structures. For example X.509v3 is an ASN.1 data structure that contains some large integers, but they are not in any sense BIGNUMs until OpenSSL parses the ASN.1 and constructs its own (X509 *) structure, in which some of the fields ultimately contain BIGNUM references. The serialized ASN.1 is standard, the in-memory (X509 *) is OpenSSL specific. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: dumping SSL certificate of a webpage
great. thanks victor. i need this cert to import to keystore because that https is an webservice with self signed certificate and i need axis to treat it as trusted. On Tuesday 17 April 2007 17:15:04 Victor B. Wagner wrote: On 2007.04.17 at 16:17:03 +0200, M.Zdila/EpiSoftware Ltd. wrote: hi i would like to use it in bash script so the certificate would be saved to a cert.pem and then imported to java keystore using keytool. possible? Use openssl s_client command, and then something like sed or awk to extract certificate from output. If you are not familiar with sed or awk, you can also filter output of s_client via openssl x509 command - it would strip away anything but certificate. Following command line: echo|openssl s_client -connect site.com:443 |openssl x509 -out cert.pem works for me. But why do you want web-site certificat in your keystore? Typically only CA certificates are stored there. Does site in question use __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- Martin Zdila Analyst/Developer EpiSoftware Slovakia Ltd. Letna 27, 043 14 Kosice tel:+421-908-363-848 tel:+421-55-6770-420 mailto:[EMAIL PROTECTED] http://www.episoftware.com xmpp:[EMAIL PROTECTED] callto://m.zdila/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: dumping SSL certificate of a webpage
hi i would like to use it in bash script so the certificate would be saved to a cert.pem and then imported to java keystore using keytool. possible? thanks in advance On Tuesday 17 April 2007 15:08:45 Marek Marcola wrote: Hello, actually, i know about this method but i don't consider it as very clean. any native method? :-) Yes :-) From C you may establish SSL connection and get peer certificate with: X509 *cert = SSL_get_peer_certificate(ssl); Best regards, -- Martin Zdila Analyst/Developer EpiSoftware Slovakia Ltd. Letna 27, 043 14 Kosice tel:+421-908-363-848 tel:+421-55-6770-420 mailto:[EMAIL PROTECTED] http://www.episoftware.com xmpp:[EMAIL PROTECTED] callto://m.zdila/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: dumping SSL certificate of a webpage
Hello, actually, i know about this method but i don't consider it as very clean. any native method? :-) Yes :-) From C you may establish SSL connection and get peer certificate with: X509 *cert = SSL_get_peer_certificate(ssl); Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: renewing certificate
I went to www.microsoft.com and searched for IIS install certificate. The first hit led me to: http://msdn2.microsoft.com/en-us/library/ms751408.aspx with step-by-step instructions. (Ignore the leading part about 'makecert', of course -- you already have a certificate.) -- Mark H. Wood, Lead System Programmer [EMAIL PROTECTED] Typically when a software vendor says that a product is intuitive he means the exact opposite. pgpG5qCJimR4Z.pgp Description: PGP signature
Re: BIGNUM library
Edward Chan [EMAIL PROTECTED] wrote: Thanks for the reply. So I'm a bit confused as to how different crypto packages interoperate. I've been having a problem with MS CryptoAPI doing a DH key exchange with OpenSSL. There are some quirks such as byte order, and a couple other things. But for the most part, I have it working. But occasionally, I get failures which I suspect is due to the BIGNUM format of the pubkey that is exchanged. Has anybody had success getting these 2 libs working together? This might be a BN padding problem. In fact, I had the same problem when doing interoperability tests between xyssl and openssl, sometimes after the EDH key exchange I got a bad record mac (this was however quite rare). The reason was that the pre-master key, basically the shared DH secret was incorrectly padded with 0s (like for RSA), whereas openssl doesn't. Christophe -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Tuesday, April 17, 2007 1:55 AM To: openssl-users@openssl.org Subject: RE: BIGNUM library Hello, Is there a specification on the format of a BIGNUM that someone can point me to? Probably headers files. Is there a standard encoding/format that everyone adheres to? Probably not. Or would different libraries have their own encodings? I hope not. Most bignum libraries use their own formats, in general they are very close (structure with words/limbs, some counters, sign variable ...). Sometimes APIs between libraries are almost the same. How easy or difficult would it be to extract just the BIGNUM library from OpenSSL? Are there any documents on how to do this? Very ease, but if you think about bignum library I think GMP is better than extract from OpenSSL. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: BIGNUM library
Right, I see what you're saying. I realize I'm not actually passing a BIGNUM. Let me clarify, this is what I'm doing. First I call DH_new() to get a new DH object. Then I fill in the p g members of the DH obj with pre-generated prime and generator. Then I call DH_generate_key() which generates the pub_key and priv_key pair. I then do a BN_bn2bin() on the pub_key member to get a byte array representation of the BIGNUM. This is then passed to CryptoAPI. What is the binary format returned by BN_bn2bin()? Is this ASN.1 formatted? It seems to work most of the time. But occasionally fails. Some times OpenSSL returns me an pubkey 128 bytes, whereas CryptoAPI seems to always expect 128 (and similarly, always returns me 128 bytes). So in cases where OpenSSL gives me 128, I front pad with zeros. And this also seems to work most of the time. But very rarely, I'll still get a failure. But even if OpenSSL gives me back 128 bytes, I still sporatically get failures. So I suspect there is some incompatibility with the binary representations of the BIGNUM. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni Sent: Tuesday, April 17, 2007 8:49 AM To: openssl-users@openssl.org Subject: Re: BIGNUM library On Tue, Apr 17, 2007 at 08:42:12AM -0700, Edward Chan wrote: Thanks for the reply. So I'm a bit confused as to how different crypto packages interoperate. I've been having a problem with MS CryptoAPI doing a DH key exchange with OpenSSL. There are some quirks such as byte order, and a couple other things. But for the most part, I have it working. But occasionally, I get failures which I suspect is due to the BIGNUM format of the pubkey that is exchanged. Has anybody had success getting these 2 libs working together? You are confusing BIGNUM which is an internal library structure for performing high precision integer arithmetic, with ASN.1 which is an on the wire format for serialized data. The protocols that exchange public keys, ... are not sending BIGNUM structures around, OpenSSL serializes and de-deserializes BIGNUMs to/from appropriate ASN.1 structures. For example X.509v3 is an ASN.1 data structure that contains some large integers, but they are not in any sense BIGNUMs until OpenSSL parses the ASN.1 and constructs its own (X509 *) structure, in which some of the fields ultimately contain BIGNUM references. The serialized ASN.1 is standard, the in-memory (X509 *) is OpenSSL specific. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Threshold secrect sharing implementation
Hi friends Someone knows where I can find an implementation of a Threshold secrect sharing ? Best regards, Geiza __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: BIGNUM library
On Tue, Apr 17, 2007, Edward Chan wrote: Right, I see what you're saying. I realize I'm not actually passing a BIGNUM. Let me clarify, this is what I'm doing. First I call DH_new() to get a new DH object. Then I fill in the p g members of the DH obj with pre-generated prime and generator. Then I call DH_generate_key() which generates the pub_key and priv_key pair. I then do a BN_bn2bin() on the pub_key member to get a byte array representation of the BIGNUM. This is then passed to CryptoAPI. What is the binary format returned by BN_bn2bin()? Is this ASN.1 formatted? It seems to work most of the time. But occasionally fails. Some times OpenSSL returns me an pubkey 128 bytes, whereas CryptoAPI seems to always expect 128 (and similarly, always returns me 128 bytes). So in cases where OpenSSL gives me 128, I front pad with zeros. And this also seems to work most of the time. But very rarely, I'll still get a failure. But even if OpenSSL gives me back 128 bytes, I still sporatically get failures. So I suspect there is some incompatibility with the binary representations of the BIGNUM. A format difference would be unlikely to cause problems only occasionally. BN_bn2bin() outputs in big endian format with no padding ignoring any sign. I suggest you log the key pairs of both sides in the case where you get a failure and the shared secrets from both implementations. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: BIGNUM library
Hello, First I call DH_new() to get a new DH object. Then I fill in the p g members of the DH obj with pre-generated prime and generator. Then I call DH_generate_key() which generates the pub_key and priv_key pair. I then do a BN_bn2bin() on the pub_key member to get a byte array representation of the BIGNUM. This is then passed to CryptoAPI. What is the binary format returned by BN_bn2bin()? Is this ASN.1 formatted? No. It seems to work most of the time. But occasionally fails. Some times OpenSSL returns me an pubkey 128 bytes, whereas CryptoAPI seems to always expect 128 (and similarly, always returns me 128 bytes). So in cases where OpenSSL gives me 128, I front pad with zeros. And this also seems to work most of the time. But very rarely, I'll still get a failure. But even if OpenSSL gives me back 128 bytes, I still sporatically get failures. So I suspect there is some incompatibility with the binary representations of the BIGNUM. My proposition is to check the sign of generated pub_key (before bn2bin) Sign should be positive, but ... When using BN_bn2bin() sign is ignored (if negative). Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: BIGNUM library
The problem with CryptoAPI is that it doesn't give you direct access to the shared secret. But I suspect it is wrong since the encryption/decryption fails (I encrypt something, and decrypt it, to make sure it is the same as the original). I agree that a format difference is unlikely. That's why I suspect it may be related to padding. I checked the binary output from BN_bn2bin() and it does seem to be ASN.1 formatted. At least it matches the data from a call to BN_to_ASN1_INTEGER(). But like Dr. Steve said, it is not likely a format difference. The endian-ness is a problem. MS likes it in little-endian. That's why I have to reverse the bytes of the pubkey before passing it to CAPI. So what I do is, BN_bn2bin(dh-pub_key, buf); ReverseBytes(buf, size); // MS CAPI requires this in little-endian MS CAPI also seems to require that the pubkey always be 128 bytes. So here, I pad with zeros before reversing the byte order. This works almost all the time this works. But I do still get very infrequent failures. But more often, I get failures even when OpenSSL is giving me exactly 128 bytes. I think the sign seems to be a good place to investigate. I'll let you know what I find. Thanks! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson Sent: Tuesday, April 17, 2007 11:03 AM To: openssl-users@openssl.org Subject: Re: BIGNUM library On Tue, Apr 17, 2007, Edward Chan wrote: Right, I see what you're saying. I realize I'm not actually passing a BIGNUM. Let me clarify, this is what I'm doing. First I call DH_new() to get a new DH object. Then I fill in the p g members of the DH obj with pre-generated prime and generator. Then I call DH_generate_key() which generates the pub_key and priv_key pair. I then do a BN_bn2bin() on the pub_key member to get a byte array representation of the BIGNUM. This is then passed to CryptoAPI. What is the binary format returned by BN_bn2bin()? Is this ASN.1 formatted? It seems to work most of the time. But occasionally fails. Some times OpenSSL returns me an pubkey 128 bytes, whereas CryptoAPI seems to always expect 128 (and similarly, always returns me 128 bytes). So in cases where OpenSSL gives me 128, I front pad with zeros. And this also seems to work most of the time. But very rarely, I'll still get a failure. But even if OpenSSL gives me back 128 bytes, I still sporatically get failures. So I suspect there is some incompatibility with the binary representations of the BIGNUM. A format difference would be unlikely to cause problems only occasionally. BN_bn2bin() outputs in big endian format with no padding ignoring any sign. I suggest you log the key pairs of both sides in the case where you get a failure and the shared secrets from both implementations. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: BIGNUM library
Arg, I'm still getting failures even though the pubkey computed by openssl is not negative and padding is not required. Any other ideas? I'm desperate. A year's supply of Guinness for the person who can help here :) -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Edward Chan Sent: Tuesday, April 17, 2007 11:15 AM To: openssl-users@openssl.org Subject: RE: BIGNUM library The problem with CryptoAPI is that it doesn't give you direct access to the shared secret. But I suspect it is wrong since the encryption/decryption fails (I encrypt something, and decrypt it, to make sure it is the same as the original). I agree that a format difference is unlikely. That's why I suspect it may be related to padding. I checked the binary output from BN_bn2bin() and it does seem to be ASN.1 formatted. At least it matches the data from a call to BN_to_ASN1_INTEGER(). But like Dr. Steve said, it is not likely a format difference. The endian-ness is a problem. MS likes it in little-endian. That's why I have to reverse the bytes of the pubkey before passing it to CAPI. So what I do is, BN_bn2bin(dh-pub_key, buf); ReverseBytes(buf, size); // MS CAPI requires this in little-endian MS CAPI also seems to require that the pubkey always be 128 bytes. So here, I pad with zeros before reversing the byte order. This works almost all the time this works. But I do still get very infrequent failures. But more often, I get failures even when OpenSSL is giving me exactly 128 bytes. I think the sign seems to be a good place to investigate. I'll let you know what I find. Thanks! -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson Sent: Tuesday, April 17, 2007 11:03 AM To: openssl-users@openssl.org Subject: Re: BIGNUM library On Tue, Apr 17, 2007, Edward Chan wrote: Right, I see what you're saying. I realize I'm not actually passing a BIGNUM. Let me clarify, this is what I'm doing. First I call DH_new() to get a new DH object. Then I fill in the p g members of the DH obj with pre-generated prime and generator. Then I call DH_generate_key() which generates the pub_key and priv_key pair. I then do a BN_bn2bin() on the pub_key member to get a byte array representation of the BIGNUM. This is then passed to CryptoAPI. What is the binary format returned by BN_bn2bin()? Is this ASN.1 formatted? It seems to work most of the time. But occasionally fails. Some times OpenSSL returns me an pubkey 128 bytes, whereas CryptoAPI seems to always expect 128 (and similarly, always returns me 128 bytes). So in cases where OpenSSL gives me 128, I front pad with zeros. And this also seems to work most of the time. But very rarely, I'll still get a failure. But even if OpenSSL gives me back 128 bytes, I still sporatically get failures. So I suspect there is some incompatibility with the binary representations of the BIGNUM. A format difference would be unlikely to cause problems only occasionally. BN_bn2bin() outputs in big endian format with no padding ignoring any sign. I suggest you log the key pairs of both sides in the case where you get a failure and the shared secrets from both implementations. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: BIGNUM library
On Tue, Apr 17, 2007 at 11:15:23AM -0700, Edward Chan wrote: BN_bn2bin(dh-pub_key, buf); ReverseBytes(buf, size); // MS CAPI requires this in little-endian Reversing the BER encoded bytes of a big endian integer does not yield the BER encoding of the correspoding little-endian integer. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: SSL error (138): cipher or hash unavailable
2007/4/10, Johans Taboada [EMAIL PROTECTED]: Hi list, I ask for help please. Still waiting... DatabaseError: SSL error: cipher or hash unavailable\n ... OperationalError: SSL error: cipher or hash unavailable\n ... What does it really mean '''cipher or hash unavailable'''? (SSL Error #138, SSL_R_CIPHER_OR_HASH_UNAVAILABLE). ... For a more detailed info, visit: http://groups.google.com/group/trac-users/browse_thread/thread/901ef327b448b496?hl=en Thanks, Am I writing to the wrong mailing list?, if yes please tell me, thanks Johans Marvin Taboada Villca-`^_^´- Adm. Laboratorio de Desarrollo de Software Carreras de Informática y Sistemas UMSS, Cochabamba Bolivia
RE: BIGNUM library
Hmm, that's interesting. Then why does this seem to work most of the time? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni Sent: Tuesday, April 17, 2007 11:32 AM To: openssl-users@openssl.org Subject: Re: BIGNUM library On Tue, Apr 17, 2007 at 11:15:23AM -0700, Edward Chan wrote: BN_bn2bin(dh-pub_key, buf); ReverseBytes(buf, size); // MS CAPI requires this in little-endian Reversing the BER encoded bytes of a big endian integer does not yield the BER encoding of the correspoding little-endian integer. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: BIGNUM library
On Tue, Apr 17, 2007 at 02:31:50PM -0400, Victor Duchovni wrote: On Tue, Apr 17, 2007 at 11:15:23AM -0700, Edward Chan wrote: BN_bn2bin(dh-pub_key, buf); ReverseBytes(buf, size); // MS CAPI requires this in little-endian Reversing the BER encoded bytes of a big endian integer does not yield the BER encoding of the correspoding little-endian integer. But of course BN_bn2bin() does not return BER encoded data (ASN.1), so the issue is elsewhere. How does CryptoAPI handle signs of little-endian numbers? Are they signed or unsigned? -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: BIGNUM library
Honestly, I have no idea how CryptoAPI handles this stuff. And documentation is hard to come by. But I can say that in the failure cases I'm seeing, OpenSSL is indeed giving me back a positive BIGNUM. So at least on our side it doesn't not appear to be a signed/unsigned issue. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni Sent: Tuesday, April 17, 2007 11:38 AM To: openssl-users@openssl.org Subject: Re: BIGNUM library On Tue, Apr 17, 2007 at 02:31:50PM -0400, Victor Duchovni wrote: On Tue, Apr 17, 2007 at 11:15:23AM -0700, Edward Chan wrote: BN_bn2bin(dh-pub_key, buf); ReverseBytes(buf, size); // MS CAPI requires this in little-endian Reversing the BER encoded bytes of a big endian integer does not yield the BER encoding of the correspoding little-endian integer. But of course BN_bn2bin() does not return BER encoded data (ASN.1), so the issue is elsewhere. How does CryptoAPI handle signs of little-endian numbers? Are they signed or unsigned? -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: It is Memory leak ??
Hi DS How do we handle closure in openssl??? . I just call: [snip] But sometimes I receive return 0 for both call. I do not know why, so I just call one time SSL_shutdown(ssl); SSl_free(ssl); close(sock); Please help. It depends on how you created the SSL connection in the first place. You may also need to free one or more BIOs. How did you create/open the SSL connection? DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: BIGNUM library
On Tue, Apr 17, 2007, Edward Chan wrote: The problem with CryptoAPI is that it doesn't give you direct access to the shared secret. But I suspect it is wrong since the encryption/decryption fails (I encrypt something, and decrypt it, to make sure it is the same as the original). It doesn't give you *direct* access to the shared secret or indeed other types of symmetric or asymmetric keys but there are back door ways of getting hold of the key anyway. One way is to encrypt the key using a public key to which you know the corresponsing private key and then obtaining the unencrypted result using OpenSSL. Another trick is in an MS KB article somewhere which relies on using a key with an exponent of 1. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
