How to generate bilinear map

2008-07-05 Thread Pietro Albano 
Hi all,
Who can help me to generate bilinear map? 

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

EC-Elgamal not work fine

2008-07-05 Thread Pietro Albano 
Hi all,
I developed EC-Elgamal crypto schema, work fine till I use NIST
Prime-Curve, but when I try to work on NIST Binary-Curve crypted point
is egual to decrypted poit.

This is source code, pls help me :(


#include stdio.h
#include stdlib.h
#include string.h

#include ../e_os.h

#include openssl/opensslconf.h/* for OPENSSL_NO_ECDH */
#include openssl/crypto.h
#include openssl/bio.h
#include openssl/bn.h
#include openssl/objects.h
#include openssl/rand.h
#include openssl/sha.h
#include openssl/err.h

#ifdef OPENSSL_NO_ECDH

int main(int argc, char *argv[]) {
printf(No ECDH support\n);
return(0);
}

#else

#include openssl/ec.h
#include openssl/ecdh.h

static const char rnd_seed[] = 21o4h32rfon4d3ornou53gnwqpegbnng;


static int test_ecdh_curve(int nid, const char *text, BN_CTX *ctx, BIO
*out) {

EC_KEY *a=NULL;
EC_KEY *b=NULL;
BIGNUM *x_a=NULL, *y_a=NULL,
*x_b=NULL, *y_b=NULL;

int ret=0;

const EC_GROUP *group;

EC_POINT *M = NULL, *P = NULL, *R = NULL, *Q = NULL, *A = NULL, *B =
NULL;

a = EC_KEY_new_by_curve_name(nid);
b = EC_KEY_new_by_curve_name(nid);

if (a == NULL || b == NULL)
goto err;

group = EC_KEY_get0_group(a);

if ((x_a=BN_new()) == NULL) goto err;
if ((y_a=BN_new()) == NULL) goto err;
if ((x_b=BN_new()) == NULL) goto err;
if ((y_b=BN_new()) == NULL) goto err;

BIO_puts(out, Testing key generation with );
BIO_puts(out, text);
BIO_puts(out, \n);


if (!EC_KEY_generate_key(a)) goto err;
if (!EC_KEY_generate_key(b)) goto err;

P = EC_POINT_new(group);
Q = EC_POINT_new(group);
R = EC_POINT_new(group);
A = EC_POINT_new(group);
B = EC_POINT_new(group);
M = EC_POINT_new(group);

EC_POINT_copy(P, EC_KEY_get0_public_key(a));
EC_POINT_copy(Q, EC_KEY_get0_public_key(a));
EC_POINT_copy(R, EC_KEY_get0_public_key(a));
EC_POINT_copy(A, EC_KEY_get0_public_key(a));
EC_POINT_copy(B, EC_KEY_get0_public_key(a));
EC_POINT_copy(M, EC_KEY_get0_public_key(a));




/*
 * Q = a * P
 */
EC_POINT_mul(group, Q, NULL, P, EC_KEY_get0_private_key(a), ctx);


if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
NID_X9_62_prime_field) {

if (!EC_POINT_get_affine_coordinates_GFp(group, P, x_a, y_a,
ctx)) goto err;

}else {

if (!EC_POINT_get_affine_coordinates_GF2m(group, P, x_a, y_a,
ctx)) goto err;

}

BIO_printf(out, Point P (x,y): );
BN_print(out, x_a);
BIO_printf(out, ,);
BN_print(out, y_a);


BIO_printf(out, \nkey a:\n);
BIO_printf(out, private key: );

BN_print(out, EC_KEY_get0_private_key(a));
BIO_printf(out, \n);

BIO_printf(out, \nkey b:\n);
BIO_printf(out, private key: );

BN_print(out, EC_KEY_get0_private_key(b));
BIO_printf(out, \n);

/*
 * Encrypting message P because message must be in E
 */

/*
 * R = b * P
 */
EC_POINT_mul(group, R, NULL, P, EC_KEY_get0_private_key(b), ctx);

/*
 * B = [b * a] * P
 */
EC_POINT_mul(group, B, NULL, Q, EC_KEY_get0_private_key(b), ctx);

/*
 * B = P + [b * a] * P
 */

EC_POINT_add(group, B, P, B, ctx);

if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, B, x_a, y_a,
ctx)) goto err;
}else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, B, x_a, y_a,
ctx)) goto err;
}

BIO_printf(out, Encrypted Point P (x,y): );
BN_print(out, x_a);
BIO_printf(out, ,);
BN_print(out, y_a);
BIO_printf(out, \n);



/*
 * Decrypting message B = (bP, P + abP)
 */

EC_POINT_mul(group, R, NULL, R, EC_KEY_get0_private_key(a), ctx);

EC_POINT_invert(group, R, ctx);

EC_POINT_add(group, B, B, R, ctx);

if (EC_METHOD_get_field_type(EC_GROUP_method_of(group)) ==
NID_X9_62_prime_field) {
if (!EC_POINT_get_affine_coordinates_GFp(group, B, x_b, y_b,
ctx)) goto err;
}else {
if (!EC_POINT_get_affine_coordinates_GF2m(group, B, x_b, y_b,
ctx)) goto err;
}

BIO_printf(out, Decrypted point P (x,y): );
BN_print(out, x_b);
BIO_printf(out, ,);
BN_print(out, y_b);

BIO_printf(out, \n);


ret=1;
err:
ERR_print_errors_fp(stderr);

if (y_a) BN_free(y_a);
if (x_b) BN_free(x_b);
if (y_b) BN_free(y_b);
if (b) EC_KEY_free(b);
if (a) EC_KEY_free(a);
return(ret);
}

int main(int argc, char *argv[]) {
BN_CTX *ctx=NULL;
int ret=1;
BIO *out;

RAND_seed(rnd_seed, sizeof rnd_seed);

out=BIO_new(BIO_s_file());
FILE* fp;
if((fp=fopen(keys, w))==NULL) {
printf(Error in fopen!\n);
return 0;
}
if (out == NULL) EXIT(1);

ECDH

2008-07-05 Thread Pietro Albano 
Hi all,
I must develop a simple program to do ECDH. This is an example of what i
think:


EC_POINT_mul(group,Q,NULL,EC_KEY_get0_public_key(a),EC_KEY_get0_private_key(a),ctx);

EC_POINT_mul(group,R,NULL,EC_KEY_get0_public_key(a),EC_KEY_get0_private_key(b),ctx);

EC_POINT_mul(group,A,NULL,Q,EC_KEY_get0_private_key(b),ctx);

EC_POINT_mul(group,B,NULL,R,EC_KEY_get0_private_key(a),ctx);
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Modifying the cipher in OpenSSL for TLS

2008-07-05 Thread Shridhar 

Hi All,

I want to use TLS_RSA_WITH_AES_128_CBC_SHA cipher for encrypting the
application data in TLS.  But, OpenSSL negotiates this encryption algorithm
to be used(selected cipher in ServerHello) based on the first common
algorithm presented by the client in ClientHello message.  Since I want to
test the TLS_RSA_WITH_AES_128_CBC_SHA algorithm, could anyone please let me
know how to make TLS_RSA_WITH_AES_128_CBC_SHA as the default(force to use)?

Thanks a lot in advance,

Shridhar.
-- 
View this message in context: 
http://www.nabble.com/Modifying-the-cipher-in-OpenSSL-for-TLS-tp18276721p18276721.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]

Modifying the cipher in OpenSSL for TLS

2008-07-05 Thread Shridhar KS 
Hi All,

I want to use TLS_RSA_WITH_AES_128_CBC_SHA cipher for encrypting the
application data in TLS.  But, OpenSSL negotiates this encryption algorithm
to be used(selected cipher in ServerHello) based on the first common
algorithm presented by the client in ClientHello message.  Since I want to
test the TLS_RSA_WITH_AES_128_CBC_SHA algorithm, could anyone please let me
know how to make TLS_RSA_WITH_AES_128_CBC_SHA as the default(force to use)?

Thanks a lot in advance,

Shridhar.

OpenSSL FIPS Object Module v1.2 status

2008-07-05 Thread Steve Marquess 
I've received several requests for minor editorial changes to the draft 
security policy for the v1.2 OpenSSL FIPS Object Module validation that 
has been in process for a number of months now.  Based on past 
experience those requests mean that the validation is now undergoing 
active review and that the validation will *probably* be awarded in a 
couple of weeks or so.  Emphasis on the probably -- I have been wrong 
before.


-Steve M.

--
Steve Marquess
Open Source Software institute
[EMAIL PROTECTED]

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   [EMAIL PROTECTED]