Re: BIGNUM library

2007-04-21 Thread Christophe Devine 
Edward Chan [EMAIL PROTECTED] wrote:

 But I think this always returned me 128 bytes.  So am I supposed to
 bzero the output buffer first?

Here's how I fixed the bug (not very elegant, it was a quick hack)


int i, ret = DH_compute_key(secret, pkey, m_dh);
if( ret  0  ret  128 )
{
for(i = ret; i = 0; i--)
secret[i+1] = secret[i];

memset(secret, 0, 128 - ret);
}
ReverseBytes(secret, size);


Christophe

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

RE: BIGNUM library

2007-04-21 Thread Edward Chan 
I thought I tried this, but let me try again.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Christophe Devine
Sent: Saturday, April 21, 2007 2:03 AM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library

Edward Chan [EMAIL PROTECTED] wrote:

 But I think this always returned me 128 bytes.  So am I supposed to
 bzero the output buffer first?

Here's how I fixed the bug (not very elegant, it was a quick hack)


int i, ret = DH_compute_key(secret, pkey, m_dh);
if( ret  0  ret  128 )
{
for(i = ret; i = 0; i--)
secret[i+1] = secret[i];

memset(secret, 0, 128 - ret);
}
ReverseBytes(secret, size);


Christophe

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

RE: BIGNUM library

2007-04-21 Thread Edward Chan 
Excuse my ignorance, but isn't TLS a protocol, whereas DH an algorithm?
Even if TLS is used, if it does a DH key exchange, I think I would still
have the same interop problems.  I'm basically testing interop of
different crypto libs.

-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni
Sent: Friday, April 20, 2007 9:31 PM
To: openssl-users@openssl.org
Subject: Re: BIGNUM library

On Fri, Apr 20, 2007 at 03:43:41PM -0700, Edward Chan wrote:

 I apologize for the confusion.  I thought I had stated the problem
 before.  I'm basically trying to do a DH key exchange between
different
 crypto libraries.

Why an explicit DH key exchange and not TLS, which is interoperable, and
authenticates the DH exchange, ...

-- 
Viktor.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: BIGNUM library

2007-04-21 Thread Victor Duchovni 
On Sat, Apr 21, 2007 at 07:45:24AM -0700, Edward Chan wrote:

 Excuse my ignorance, but isn't TLS a protocol, whereas DH an algorithm?

Exactly, so the protocol has known on-the-wire characteristics, but the
algorithm is a building block, and you have to build the protocol yourself,
and in some rare cases this is justified, but in most cases one is better
off using a fielded protocol. I am curious why you need to build your own
protocol...

 Even if TLS is used, if it does a DH key exchange, I think I would still
 have the same interop problems.

But it does use DH, and does not have the problem you observe.

 I'm basically testing interop of different crypto libs.

You are not testing library inter-operability, you are testing
inter-operability of your glue code, which is wrapped in a non
interoperable way, around multiple implementations of the same
algorithm, that all yield the same logical result, but use
different internal result layouts.

To test library interoperability, test TLS or S/MIME, which are
*protocols* implemented by the libraries.

-- 
Viktor.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Re: Question regarding FIPS OpenSSL Rules of Operation

2007-04-21 Thread Jagerkin 

Whoops, I really should have sent this here rather than openssl-dev.


According to the Security Policy v1.1.1: Secret or private keys that
are input to or output from an application must be input or output in
encrypted form using a FIPS Approved algorithm. Note that keys
exchanged between the application and the FIPS Object Module may not
be encrypted.

Is there a FIPS legitimate to set up a web server using OpenSSL that
can read the server key at boot?

How would one normally go about loading things like server keys if
those have to be encrypted as well?

TIA

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

RE: Question regarding FIPS OpenSSL Rules of Operation

2007-04-21 Thread David Schwartz 

  How would one normally go about loading things like server keys if
  those have to be encrypted as well?

Ideally, they would be stored in a FIPS-approved security token. Otherwise,
I'm not aware of any FIPS-approved algorithm for encrypting keys other than
AES wrap (RFC3394). I'd love to hear if there are other/better solutions.

DS


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]