Re: [openssl-users] OCB ciphers

2017-01-28 Thread Viktor Dukhovni 
On Sat, Jan 28, 2017 at 10:50:41AM -0800, Norm Green wrote:
> This is with openssl 1.10d.  When I run:
> 
> ./openssl ciphers -v

This command shows TLS ciphersuites.

> The OCB ciphers are not in the list.  Is this an omission or intentional?
> Other AEAD ciphers are there (GCM).

There are no OCB TLS ciphersuites.


https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

-- 
Viktor.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] OCB ciphers

2017-01-28 Thread Norm Green 

This is with openssl 1.10d.  When I run:

./openssl ciphers -v

The OCB ciphers are not in the list.  Is this an omission or 
intentional?  Other AEAD ciphers are there (GCM).


Thanks,

Norm Green


normg@bunk>./openssl ciphers -v |grep AEAD
ECDHE-ECDSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=ECDSA 
Enc=AESGCM(256) Mac=AEAD
ECDHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(256) 
Mac=AEAD
DHE-RSA-AES256-GCM-SHA384 TLSv1.2 Kx=DH   Au=RSA Enc=AESGCM(256) 
Mac=AEAD
ECDHE-ECDSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=ECDSA 
Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=ECDH Au=RSA 
Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-RSA-CHACHA20-POLY1305 TLSv1.2 Kx=DH   Au=RSA 
Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-ECDSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=ECDSA 
Enc=AESGCM(128) Mac=AEAD
ECDHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=ECDH Au=RSA Enc=AESGCM(128) 
Mac=AEAD
DHE-RSA-AES128-GCM-SHA256 TLSv1.2 Kx=DH   Au=RSA Enc=AESGCM(128) 
Mac=AEAD
RSA-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=RSAPSK   Au=RSA Enc=AESGCM(256) 
Mac=AEAD
DHE-PSK-AES256-GCM-SHA384 TLSv1.2 Kx=DHEPSK   Au=PSK Enc=AESGCM(256) 
Mac=AEAD
RSA-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=RSAPSK   Au=RSA 
Enc=CHACHA20/POLY1305(256) Mac=AEAD
DHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=DHEPSK   Au=PSK 
Enc=CHACHA20/POLY1305(256) Mac=AEAD
ECDHE-PSK-CHACHA20-POLY1305 TLSv1.2 Kx=ECDHEPSK Au=PSK 
Enc=CHACHA20/POLY1305(256) Mac=AEAD

AES256-GCM-SHA384   TLSv1.2 Kx=RSA  Au=RSA Enc=AESGCM(256) Mac=AEAD
PSK-AES256-GCM-SHA384   TLSv1.2 Kx=PSK  Au=PSK Enc=AESGCM(256) Mac=AEAD
PSK-CHACHA20-POLY1305   TLSv1.2 Kx=PSK  Au=PSK 
Enc=CHACHA20/POLY1305(256) Mac=AEAD
RSA-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=RSAPSK   Au=RSA Enc=AESGCM(128) 
Mac=AEAD
DHE-PSK-AES128-GCM-SHA256 TLSv1.2 Kx=DHEPSK   Au=PSK Enc=AESGCM(128) 
Mac=AEAD

AES128-GCM-SHA256   TLSv1.2 Kx=RSA  Au=RSA Enc=AESGCM(128) Mac=AEAD
PSK-AES128-GCM-SHA256   TLSv1.2 Kx=PSK  Au=PSK Enc=AESGCM(128) Mac=AEAD

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] RSA Key generation time

2017-01-28 Thread Mithun P 
Hi,

I tried the same key generation on the default linux port from freescale on
the same board and i am getting an average of 20 seconds with the same
board.

Do you think that there is such a huge performance margin with OS.

The only other difference that i can see is that on the VX works port of
openssl, i am using a compiler with is old and optimized for e-500 core
while P1010 uses a e-500V2 core.

Also on the VXworks port of OpenSSL, i have enabled FIPS whereas in the
linux port of openssl FIPS is disabled.

Regards
Mithun

On Sat, Jan 28, 2017 at 4:58 PM, Frank Migge  wrote:

> Hi Mithun,
>
> >> I have a embedded board P1010 RDB  running openssl on VXWORKS 5.4 .
> >> I am generating RSA 2048 and 3072 bit key pairs.
> >> I am providing entropy to openssl by using RAND_seed from a HW RNG.
>
> >> My average generation time for RSA 2048 key pair is 2 Minutes and  3072
> is 8 minutes.
>
> I noticed embedded board key generation times vary by OS and OpenSSL
> version after converting a Altera Atlas FPGA SoC HPS from original 2013
> Yocto Linux to latest Ubuntu. Under the old Yocto, key generation
> occasionally took up to 2 minutes. Same board under Ubuntu 16.04, 2048 RSA
> keys take consistently 2-5 seconds, while 3072 keys need around 8-16
> seconds. Even running the system single core, the numbers don't change (on
> a low utilized system, using OS built-in /dev/urandom).
>
> While I am on a different CPU and OS (32bit ARM v7  900Mhz dual core, 1GB
> 400Mhz RAM), your e500 PowerPC can't be to far behind. Your numbers seem to
> be off by a magnitude. You mentioned using a external HW RNG, could that be
> it?
>
> Cheers,
> Frank
>
> Jakob Bohm 
> Wednesday, January 25, 2017 1:10 AM
> I'm afraid you will have to look at the OpenSSL source code, I haven't
> paid much attention to that CPU recently.
>
>
>
>
> Enjoy
>
> Jakob
> Mithun P 
> Monday, January 23, 2017 4:09 PM
> Hi Jakob,
>
> Can you please give me some reference/example of bignum optimization which
> I can check on powerpc architectures.
> Is this any specific instruction set addition? or something more generic?
>
> Thanks & Regards
> Mithun
>
>
> Jakob Bohm 
> Wednesday, January 18, 2017 1:08 AM
>
> I believe this is a CPU intensive operation (if VxWorks can do
> this, try observing the CPU load during).
>
> Potential improvements:
>
> 1. Check if the CPU specific bignum optimizations for your CPU
>   variant have been enabled via the libcrypto CPU detection code
>   (for example, there are optimizations for different ARM cortex
>   variants).
> 2. Faster CPU (expensive obviously).
> 3. Do the generation in the background before the keypair is
>   needed, at a time when the extra CPU load is less of a problem.
>
>
> Enjoy
>
> Jakob
> Mithun P 
> Tuesday, January 17, 2017 3:44 PM
> Hi
>
> I have a embedded board P1010 RDB  running openssl on VXWORKS 5.4 .
> I am generating RSA 2048 and 3072 bit key pairs.
> I am providing entropy to openssl by using RAND_seed from a HW RNG.
>
> My average generation time for RSA 2048 key pair is 2 Minutes and  3072 is
> 8 minutes.
> Is there a way to reduce the generation time?
>
> Regards
> Mithun
>
> 
>
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Leading Zeros in ASN1_INTEGER?

2017-01-28 Thread Viktor Dukhovni 

> On Jan 28, 2017, at 10:01 AM, Matthias Ballreich 
>  wrote:
> 
> is it normal that OpenSSL removes the leading Zeros in an ASN1_INTEGER?
> I tried to read the Certificate Serial and the Certificate Serial in the
> AuthorityKeyID-Extension with C++, which works very well, but i noticed
> that OpenSSL removes the leading Zeros on it.
> 
> The real ASN1-Value is: 00BEED73EE for example, but i got only BEED73EE.
> If i view the Certificate inside Microsoft Cert Tool (Certmgr.exe) the
> leading Zeros are listed there. Same on Firefox, if i Import and view
> the Certificate there. So is this the correct way of handling inside
> OpenSSL or is it a bug or?

Integers don't have leading zeros.  Octet strings representing integers
(in non-DER form) might have leading zeros, but you should not confuse
the data type with its representation.  OpenSSL outputs the correct DER
form of the serial *number* in certificates.

Leading zeros are needed in the DER representation of positive integers
whose most significant nibble is in the range from 8 to F.  Otherwise
the leading bit would cause the integer to be interpreted as negative.

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Leading Zeros in ASN1_INTEGER?

2017-01-28 Thread Matthias Ballreich 
Hi there,

is it normal that OpenSSL removes the leading Zeros in an ASN1_INTEGER?
I tried to read the Certificate Serial and the Certificate Serial in the 
AuthorityKeyID-Extension with C++, which works very well, but i noticed that 
OpenSSL removes the leading Zeros on it.
The real ASN1-Value is: 00BEED73EE for example, but i got only BEED73EE.
If i view the Certificate inside Microsoft Cert Tool (Certmgr.exe) the leading 
Zeros are listed there. Same on Firefox, if i Import and view the Certificate 
there.
So is this the correct way of handling inside OpenSSL or is it a bug or?

Is there a way to prevent that?

I’m using  OpenSSL 1.0.2j.

Hope someone could explain it a little bit.
Thanks!
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] RSA Key generation time

2017-01-28 Thread Frank Migge 

Hi Mithun,

>> I have a embedded board P1010 RDB  running openssl on VXWORKS 5.4 .
>> I am generating RSA 2048 and 3072 bit key pairs.
>> I am providing entropy to openssl by using RAND_seed from a HW RNG.

>> My average generation time for RSA 2048 key pair is 2 Minutes and 
 3072 is 8 minutes.


I noticed embedded board key generation times vary by OS and OpenSSL 
version after converting a Altera Atlas FPGA SoC HPS from original 2013 
Yocto Linux to latest Ubuntu. Under the old Yocto, key generation 
occasionally took up to 2 minutes. Same board under Ubuntu 16.04, 2048 
RSA keys take consistently 2-5 seconds, while 3072 keys need around 8-16 
seconds. Even running the system single core, the numbers don't change 
(on a low utilized system, using OS built-in /dev/urandom).


While I am on a different CPU and OS (32bit ARM v7  900Mhz dual core, 
1GB 400Mhz RAM), your e500 PowerPC can't be to far behind. Your numbers 
seem to be off by a magnitude. You mentioned using a external HW RNG, 
could that be it?


Cheers,
Frank

Jakob Bohm 
Wednesday, January 25, 2017 1:10 AM
I'm afraid you will have to look at the OpenSSL source code, I haven't
paid much attention to that CPU recently.




Enjoy

Jakob
Mithun P 
Monday, January 23, 2017 4:09 PM
Hi Jakob,

Can you please give me some reference/example of bignum optimization 
which I can check on powerpc architectures.

Is this any specific instruction set addition? or something more generic?

Thanks & Regards
Mithun


Jakob Bohm 
Wednesday, January 18, 2017 1:08 AM

I believe this is a CPU intensive operation (if VxWorks can do
this, try observing the CPU load during).

Potential improvements:

1. Check if the CPU specific bignum optimizations for your CPU
  variant have been enabled via the libcrypto CPU detection code
  (for example, there are optimizations for different ARM cortex
  variants).
2. Faster CPU (expensive obviously).
3. Do the generation in the background before the keypair is
  needed, at a time when the extra CPU load is less of a problem.


Enjoy

Jakob
Mithun P 
Tuesday, January 17, 2017 3:44 PM
Hi

I have a embedded board P1010 RDB  running openssl on VXWORKS 5.4 .
I am generating RSA 2048 and 3072 bit key pairs.
I am providing entropy to openssl by using RAND_seed from a HW RNG.

My average generation time for RSA 2048 key pair is 2 Minutes and 
 3072 is 8 minutes.

Is there a way to reduce the generation time?

Regards
Mithun

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] stunnel 5.40 released

2017-01-28 Thread Michał Trojnara 
Dear Users,

I have released version 5.40 of stunnel.

Version 5.40, 2017.01.28, urgency: HIGH
* Security bugfixes
  - OpenSSL DLLs updated to version 1.0.2k.
https://www.openssl.org/news/secadv/20170126.txt
* New features
  - DH ciphersuites are now disabled by default.
  - The daily server DH parameter regeneration is only performed if
DH ciphersuites are enabled in the configuration file.
  - "checkHost" and "checkEmail" were modified to require either
"verifyChain" or "verifyPeer" (thx to Małorzata Olszówka).
* Bugfixes
  - Fixed setting default ciphers.

Home page: https://www.stunnel.org/
Download:  https://www.stunnel.org/downloads.html

SHA-256 hashes:
23acdb390326ffd507d90f8984ecc90e0d9993f6bd6eac1d0a642456565c45ff
stunnel-5.40.tar.gz
c55548ffe073ddcea61ff938dbbbc66a7dce3be6f70c10ba578b33d18aa1f234
stunnel-5.40-win32-installer.exe
c7c4bb78689d3111e362e3b1e859aa9293809b4720b814810b8cdd6963fc17b1
stunnel-5.40-android.zip

Best regards,
Mike



signature.asc
Description: OpenPGP digital signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users