Re: [openssl-users] Access to ECC X and Y

[Matt Caswell]

On 31/05/16 20:46, Chris Bare wrote:
> Is there a public interface to access the X and Y elements of an Ecc
> public key?
> I tried:
> 
> EC_KEY *ecc;
> 
> BN_num_bytes (ecc->pub_key->X);
> 
> but get the compiler error:
> 
> error: dereferencing pointer to incomplete type ‘EC_KEY {aka struct
> ec_key_st}’

You can obtain the public key using EC_KEY_get0_public_key() and then
you can access the x and y co-ords using
EC_POINT_get_affine_coordinates_GFp() (or
EC_POINT_get_affine_coordinates_GF2m() if using a binary curve).

Matt
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Access to ECC X and Y

[Chris Bare]

Is there a public interface to access the X and Y elements of an Ecc public
key?
I tried:

EC_KEY *ecc;

BN_num_bytes (ecc->pub_key->X);

but get the compiler error:

error: dereferencing pointer to incomplete type ‘EC_KEY {aka struct
ec_key_st}’

-- 
Chris Bare
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] ERR_error_string_n(unsigned long e, char *buf, size_t len)

[Jakob Bohm]

On 31/05/2016 19:41, Udit Raikwar wrote:

Hello,
I am working on one project and i need to print the error description 
associated with the error number. I am using function

ERR_error_string_n(unsigned long e, char *buf, size_t len);

I know error code(e) is an 8 digit hexadecimal number,
can i get the error description using 'strerror(int errno)' function ?
Thanks

No.

strerror() only knows about the C runtime library errors
that are reported in errno.  It doesn't know the text for
(or other meaning of) errors in other libraries such as
OpenSSL or Zlib.

That is why most such libraries (including OpenSSL) have
their own error string functions that know the library
specific error codes.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] ERR_error_string_n(unsigned long e, char *buf, size_t len)

[Udit Raikwar]

Hello,
I am working on one project and i need to print the error description
associated with the error number. I am using function
ERR_error_string_n(unsigned long e, char *buf, size_t len);

I know error code(e) is an 8 digit hexadecimal number,
can i get the error description using 'strerror(int errno)' function ?
Thanks
-- 
Udit Raikwar,
Jabalpur Engineering College.
+91-9009875316




  
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] OpenSSL non-blocking epoll hanging on data receiving

[counterpoint]

Thanks, Jakob.  I was under the impression that in my environment, Diffie
Hellman key exchange would be in use, and that it would prevent the use of
decryption, even with private key.  Is that wrong?



--
View this message in context: 
http://openssl.6102.n7.nabble.com/OpenSSL-non-blocking-epoll-hanging-on-data-receiving-tp66355p66466.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] OpenSSL non-blocking epoll hanging on data receiving

[Jakob Bohm]

On 27/05/2016 18:29, Matt Caswell wrote:

On 27/05/16 16:20, counterpoint wrote:

Thanks Matt, good points. Not easy to implement though!

In the problem case, my code is the server (it is a proxy), and the standard
MariaDB command line client is the client. Yes, it does look as if
everything is happening as it should, except that the process stops before
all the data has been handled.

The client is sending a large query (about 500 KB, using "load data local
infile '/root/bigdata.txt' into table upload;").

If the client is connected directly to the database, using SSL, the query
runs successfully.

If the client is connected through the proxy without SSL (most of the logic
exactly the same), the query runs successfully.

If a shorter query is chosen, it works with SSL.

Looking at the data flows with Wireshark, it looks about right, but I can't
see the data in detail because of the SSL :)

Perhaps using an eNULL ciphersuite might help?

Matt

For future reference, another way is to load your private
key into WireShark.  This works for all but the EDH/ECDH
suites that provide PFS security against enemies who steal
your private key and then decrypt previously recorded
TLS/SSL sessions.

Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] OpenSSL non-blocking epoll hanging on data receiving

[counterpoint]

Fixed the problem in the end, using eNULL was useful to get the full picture.
The issue my assumption that if there was data available to process (after
read ahead was turned off) then SSL_pending would tell me so. But it seems
that when the data extends beyond a single block (with OpenSSL imposing a
16K block size limit) it is necessary to keep reading after a successful
read, as there may be more data available from the next block. I haven't
seen any more positive way to know if there is data to process than simply
repeatedly reading until no data is received.



--
View this message in context: 
http://openssl.6102.n7.nabble.com/OpenSSL-non-blocking-epoll-hanging-on-data-receiving-tp66355p66452.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users