Re: BIGNUM library
Edward Chan [EMAIL PROTECTED] wrote: But I think this always returned me 128 bytes. So am I supposed to bzero the output buffer first? Here's how I fixed the bug (not very elegant, it was a quick hack) int i, ret = DH_compute_key(secret, pkey, m_dh); if( ret 0 ret 128 ) { for(i = ret; i = 0; i--) secret[i+1] = secret[i]; memset(secret, 0, 128 - ret); } ReverseBytes(secret, size); Christophe __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: BIGNUM library
I thought I tried this, but let me try again. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Christophe Devine Sent: Saturday, April 21, 2007 2:03 AM To: openssl-users@openssl.org Subject: Re: BIGNUM library Edward Chan [EMAIL PROTECTED] wrote: But I think this always returned me 128 bytes. So am I supposed to bzero the output buffer first? Here's how I fixed the bug (not very elegant, it was a quick hack) int i, ret = DH_compute_key(secret, pkey, m_dh); if( ret 0 ret 128 ) { for(i = ret; i = 0; i--) secret[i+1] = secret[i]; memset(secret, 0, 128 - ret); } ReverseBytes(secret, size); Christophe __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: BIGNUM library
Excuse my ignorance, but isn't TLS a protocol, whereas DH an algorithm? Even if TLS is used, if it does a DH key exchange, I think I would still have the same interop problems. I'm basically testing interop of different crypto libs. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Victor Duchovni Sent: Friday, April 20, 2007 9:31 PM To: openssl-users@openssl.org Subject: Re: BIGNUM library On Fri, Apr 20, 2007 at 03:43:41PM -0700, Edward Chan wrote: I apologize for the confusion. I thought I had stated the problem before. I'm basically trying to do a DH key exchange between different crypto libraries. Why an explicit DH key exchange and not TLS, which is interoperable, and authenticates the DH exchange, ... -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: BIGNUM library
On Sat, Apr 21, 2007 at 07:45:24AM -0700, Edward Chan wrote: Excuse my ignorance, but isn't TLS a protocol, whereas DH an algorithm? Exactly, so the protocol has known on-the-wire characteristics, but the algorithm is a building block, and you have to build the protocol yourself, and in some rare cases this is justified, but in most cases one is better off using a fielded protocol. I am curious why you need to build your own protocol... Even if TLS is used, if it does a DH key exchange, I think I would still have the same interop problems. But it does use DH, and does not have the problem you observe. I'm basically testing interop of different crypto libs. You are not testing library inter-operability, you are testing inter-operability of your glue code, which is wrapped in a non interoperable way, around multiple implementations of the same algorithm, that all yield the same logical result, but use different internal result layouts. To test library interoperability, test TLS or S/MIME, which are *protocols* implemented by the libraries. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Question regarding FIPS OpenSSL Rules of Operation
Whoops, I really should have sent this here rather than openssl-dev. According to the Security Policy v1.1.1: Secret or private keys that are input to or output from an application must be input or output in encrypted form using a FIPS Approved algorithm. Note that keys exchanged between the application and the FIPS Object Module may not be encrypted. Is there a FIPS legitimate to set up a web server using OpenSSL that can read the server key at boot? How would one normally go about loading things like server keys if those have to be encrypted as well? TIA __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Question regarding FIPS OpenSSL Rules of Operation
How would one normally go about loading things like server keys if those have to be encrypted as well? Ideally, they would be stored in a FIPS-approved security token. Otherwise, I'm not aware of any FIPS-approved algorithm for encrypting keys other than AES wrap (RFC3394). I'd love to hear if there are other/better solutions. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]