Re: Examples of blowfish.h code for C?
On Friday 02 November 2007 12:13, Joel Christner wrote: > > Please pardon the newbie question. I was curious if anyone had any links > > or references that they could point me to for more details on how to use > > blowfish.h with C? I've gone through the man pages but was hoping for > > something more intuitive, step-by-step, or outlining when to use specific > > methods and such. Don't use blowfish.h directly, use the EVP interface instead. Google suggests: http://www.faqs.org/docs/gazette/encryption.html There is some good stuff in the OReilly Openssl book Brad pgpsO3wVLRzjT.pgp Description: PGP signature
Re: Error while encryption or Decrypting
On Saturday 28 July 2007 01:49, Pink Princess wrote: > *** glibc detected *** /home/noura/workspace/256OpenSSL/apps/openssl: > double free or corruption (!prev): 0x0820d170 *** This is the most likely problem - you are free()ing memory that has already been free()d. Maybe you are free()ing memory that openssl is cleaning up later. Try running under valgrind or a debugger. Brad pgpZ5SnA8TwGO.pgp Description: PGP signature
Re: man pages of PKCS12
On Saturday 28 October 2006 01:58, Alexis Lefort wrote: > I can't find much information about parsing a PKSC12 file, or testing > the content of a file to know if it is PEM or PKCS12. Do you want to do this programmatically, or from the command line. > Where could I find that please? man pkcs12 will provide the command line tool options the man pages for * PKCS12_create * PKCS12_parse will provide details on how to do it programmatically. These documents are also available on-line. For example, see: http://www.openssl.org/docs/crypto/PKCS12_parse.html http://www.drh-consultancy.demon.co.uk/pkcs12faq.html may also help. Brad pgpcxDCE7vE8X.pgp Description: PGP signature
Re: api for RSA
On Monday 15 May 2006 17:44 pm, you wrote: > Hi all, > I have a quick question. Suppose i am doing RSA crypto. I cant seem to > figure out how i can choose a particular private key/public key. The > only api that seems to be provided is rsa_generate_key and the man > page says use the given api to modify the key. Unf i cant seem to find > any functions to do that..Any pointers? Your question is a bit vague to me. Have you looked at the code in apps/rsa.c? apps/rsautil.c? man pages for rsa(3), RSA_private_encrypt and RSA_public_decrypt might also help. > I have antoher issue. I used Bind and dnssec-keygen. The key formats > produced by dnssec-keygen seem incompatible with that of Openssls > command line interface(atleast the private key, i tried to add the > --START PUBLIC key--- thingie to the public key file produced by > dnssec-keygen).Failed miserably though.Any suggestions on how i can > convert between the two? No idea. Sorry. Brad pgppPzHioS0ZQ.pgp Description: PGP signature
Re: How to distinguish between RSA and DSA keys in certificates?
On Sunday 14 May 2006 18:54 pm, sefi wrote: > If anyone knows a way how to load a certificate from a file and obtain > it's X509* I would be glad. PEM_read_bio_X509() Brad pgp9HIS1bW880.pgp Description: PGP signature
Re: OCSP
On Thursday 11 May 2006 23:38 pm, John Pattern wrote: > I want to generate a simple OCSP request. What are the steps I must > follow using OpenSSL? Thank you for your help. There is an openssl tool to do so - see: http://www.openssl.org/docs/apps/ocsp.html There is some detail, and a test server at openvalidation.org. In particular, you might want to check: http://www.openvalidation.org/useocspservicenew.htm If you want to do it programmatically, I'd suggest that you look at the source code for the ocsp tool. HTH Brad pgpOCNCkwFMCR.pgp Description: PGP signature
Re: Phantom Domain Name Mismatch?
On Friday 21 April 2006 06:23 am, Fran Fabrizio wrote: > "You have attempted to establish a connection to imap.cis.uab.edu. > However, the security certificate presented belongs to imap.cis.uab.edu." Is that exactly how it is written? If so, you might have signed the certificate with a FQDN (ending with the "."), but you have asked to talk to a relative name (no final dot). That won't match. Brad pgpicqNxxAPIY.pgp Description: PGP signature
Re: Using MD5 in FIPS OpenSSL for RADIUS support
On Sunday 16 April 2006 22:28 pm, Hagai Yaffe wrote: > I am using OpenSSL version 0.9.7d for cryptographic needs of my > application, among other uses I am using MD5 to implement RADIUS client. > I would like to use the FIPS compliant version of OpenSSL but MD5 is not > one of the certified algorithms, this is a problem since MD5 is part of > the RADIUS protocol. MD5 isn't a FIPS algorithm (i.e. it isn't just an openssl problem). You'll need to use SHA1 - no idea if there is any way to do that with RADIUS (I've only ever seen the authenticator use MD5). Brad pgpBfCdf4LE36.pgp Description: PGP signature
Re: PKCS7_verify() with zero length input
On Thursday 13 April 2006 22:26 pm, Dr. Stephen Henson wrote: > On Thu, Apr 13, 2006, Brad Hards wrote: > > I'm trying to do detached CMS signatures and verification using the > > PKCS7_sign() and PKCS7_verify() functions. It appears to work OK, except > > that my test case for a zero length array fails to verify() - looks like > > the signature is OK though. > > > > The documentation suggests that PKCS7_verify() isn't expected to work > > ("indata cannot be NULL"). Are there any alternative functions that I > > should be looking at? Or is there some workaround? > > Have you tried passing it an empty memory BIO? Yes. Roughly what I'm doing is: ... stuff to set up the keystore and PKCS7 structure... bi = BIO_new(BIO_s_mem()); BIO_write(bi, in.data(), in.size()); int ret = PKCS7_verify(p7, xs, store, bi, NULL, 0); It works (ret == 1) for data I've signed using PKCS7_sign, except for the case where in.size() == 0 (i.e. an empty string). Then it returns 0. Brad pgp5BkQaJ7UMJ.pgp Description: PGP signature
PKCS7_verify() with zero length input
I'm trying to do detached CMS signatures and verification using the PKCS7_sign() and PKCS7_verify() functions. It appears to work OK, except that my test case for a zero length array fails to verify() - looks like the signature is OK though. The documentation suggests that PKCS7_verify() isn't expected to work ("indata cannot be NULL"). Are there any alternative functions that I should be looking at? Or is there some workaround? Brad pgpQ0q9bxNz6E.pgp Description: PGP signature
PKITS test?
Has anyone tried the PKITS suite: http://csrc.nist.gov/pki/testing/x509paths.html against OpenSSL? I'm planning to use some of those tests, and it would help if I knew what tests are known to fail. Brad pgpnrbtMc9Fjw.pgp Description: PGP signature
Weird indenting in X509_signature_print()
In openssl-0.9.7g/crypto/asn1/t_509.c, there is this function: int X509_signature_print(BIO *bp, X509_ALGOR *sigalg, ASN1_STRING *sig) { unsigned char *s; int i, n; if (BIO_puts(bp,"Signature Algorithm: ") <= 0) return 0; if (i2a_ASN1_OBJECT(bp, sigalg->algorithm) <= 0) return 0; n=sig->length; s=sig->data; for (i=0; ialgorithm) <= 0) return 0; n=sig->length; s=sig->data; for (i=0; i pgpsKkMAyGbUG.pgp Description: PGP signature
Re: Determining key size for DSA and DH?
On Sun, 5 Jun 2005 22:03 pm, Brad Hards wrote: > On Sun, 5 Jun 2005 21:20 pm, Nils Larsch wrote: > > > Is there a way to determine the keylength for DSA keys and DH keys? > > > > in case of a EVP_PKEY object EVP_PKEY_bits, otherwise > > As it turns out, I do have a EVP_PKEY, so this is just what I needed. Not sure how I managed to miss it, but I missed the "huge thanks for the fast response" part of my message. Thanks Nils - this saved me a lot of work, and is truly appreciated. Brad pgpgiruS9Fh4v.pgp Description: PGP signature
Re: Determining key size for DSA and DH?
On Sun, 5 Jun 2005 21:20 pm, Nils Larsch wrote: > > Is there a way to determine the keylength for DSA keys and DH keys? > > in case of a EVP_PKEY object EVP_PKEY_bits, otherwise As it turns out, I do have a EVP_PKEY, so this is just what I needed. > BN_num_bits(dsa->p). But as the "NOTES" section in the BN_num_bits > manpage already says this isn't really a satisfying solution, it > would be better to have functions like > size_t DSA_signature_size(const DSA *); > size_t DSA_pkey_size(const DSA *); > for this ... just a thought. Yeah, that would make it more obvious. Even without the doco confusion, it is still a bit dangerous to have FOO_size() do completely different things. > You should send a bug report to [EMAIL PROTECTED] I just forwarded the email train to that address, but if there is a better way to do the report, just let me know (pointer to a webpage, whatever). Brad pgpR8HYG2pobM.pgp Description: PGP signature
Re: valgrind errors
On Wed, 1 Jun 2005 23:31 pm, [EMAIL PROTECTED] wrote: > Hello all, > > I develeopped a server which seems to work quite fine. When I use > Valgrind to check for problems, it returns me thousands of problems wich > seems to be caused by the OpenSSL librairie! > follows some of the returns: There is no assurance that all of the problems are of one kind or another, however based on some advice I got on this list, I recompiled openssl with the -DPURIFY option, and most of the errors went away. The reason is that openssl tries to use uninitialised memory to help get randomness. Your results may vary. Brad pgpey75AOLHra.pgp Description: PGP signature
Determining key size for DSA and DH?
I'm trying to determine the length (in bits) for my DSA and DH keys. I'm happily using RSA_size() for RSA keys, and I assumed that DSA_size and DH_size would do equivalent operations (based on the man page for BN_size_bits, which states 'If you want to know the "key size" of such a key, either use functions like RSA_size(), DH_size() and DSA_size()'.. However the man page for DSA_size says that it returns the size of the signature (which for me is always 48 bytes or 384 bits, irrespective of the key parameters) Is there a way to determine the keylength for DSA keys and DH keys? Brad pgpak3U2X8O8k.pgp Description: PGP signature
Re: Valgrind suppressions?
On Mon, 16 May 2005 02:04 am, Nils Larsch wrote: > a lot of these warnings are caused by the fact that openssl uses > uninitialized memory when creating random numbers etc. . They should > be harmless but you may try to build openssl with the "-DPURIFY" to > reduce the number of warnings Thanks Nils - that helped a lot. Brad pgppUWBT33BGZ.pgp Description: PGP signature
Valgrind suppressions?
I'm coming across a lot of valgrind warnings for the BN code. Eg: ==20718== Conditional jump or move depends on uninitialised value(s) ==20718==at 0x4E34666D: bn_mul_recursive (bn_mul.c:111) ==20718==by 0x4E3475D2: BN_mul (bn_mul.c:708) ==20718==by 0x4E34D1CC: BN_mod_mul_montgomery (bn_mont.c:89) ==20718==by 0x4E3448B0: BN_mod_exp_mont (bn_exp.c:411) ==20718==by 0x4E353A04: RSA_eay_public_encrypt (rsa_eay.c:172) ==20718==by 0x4E3557BF: RSA_public_encrypt (rsa_lib.c:280) ==20718==by 0x4E37CD79: EVP_PKEY_encrypt (p_enc.c:82) ==20718==by 0x4E3AE53E: PKCS7_dataInit (pk7_doit.c:234) ==20718==by 0x4E3B0353: PKCS7_encrypt (pk7_smime.c:396) or ==20718== Conditional jump or move depends on uninitialised value(s) ==20718==at 0x4E346115: bn_cmp_words (bn_lib.c:784) ==20718==by 0x4E346639: bn_mul_recursive (bn_mul.c:108) ==20718==by 0x4E3475D2: BN_mul (bn_mul.c:708) ==20718==by 0x4E34D1CC: BN_mod_mul_montgomery (bn_mont.c:89) ==20718==by 0x4E3448B0: BN_mod_exp_mont (bn_exp.c:411) ==20718==by 0x4E353A04: RSA_eay_public_encrypt (rsa_eay.c:172) ==20718==by 0x4E3557BF: RSA_public_encrypt (rsa_lib.c:280) ==20718==by 0x4E37CD79: EVP_PKEY_encrypt (p_enc.c:82) ==20718==by 0x4E3AE53E: PKCS7_dataInit (pk7_doit.c:234) ==20718==by 0x4E3B0353: PKCS7_encrypt (pk7_smime.c:396) (I've got lots! - mainly in BN as shown above, but also "use of uninitialised value of size 4" in DES/PKCS7. especially in dx86-elf.s) I'd rather not just suppress all of these, because they might indicate where I'm doing something wrong, rather than an openssl issue. Does anyone have a set of valgrind suppressions for openssl 0.9.7 (any version, ideally 0.9.7g though)? Would you be willing to make them available? Brad pgpz5qu3xNHTu.pgp Description: PGP signature
Re: Seeking permission to use "openssl" in a product name
On Mon, 14 Mar 2005 07:27 pm, Ted Mittelstaedt wrote: > Hmm - well this doesen't look to me like a request for permission, merely > a request for opinion of whether or not you need to request permission. Sorry, that wasn't the intent. > So, in answer to that, no. You must request permission to do so by > writing [EMAIL PROTECTED] (and only openssl-core) Thanks. Brad pgpHVm5f3ZglA.pgp Description: PGP signature
Seeking permission to use "openssl" in a product name
I am working on an cryptographic abstraction layer for Qt, imaginatively called the Qt Cryptographic Architecture (QCA). One of the back-end plugins that is in development links to OpenSSL. Right now, the directory name is "qca-openssl". When it gets released, each backend will probably be released separately to the rest of QCA. I note the following clause in the OpenSSL Copyright statement: * 5. Products derived from this software may not be called "OpenSSL" *nor may "OpenSSL" appear in their names without prior written *permission of the OpenSSL Project. It is permissable to use "qca-openssl" as a package name for an open-source package that links to OpenSSL. Brad pgpFakVoFqq9g.pgp Description: PGP signature
Re: DH parameters
On Tue, 25 Jan 2005 06:50 am, Michael D'Errico wrote: > Michael D'Errico wrote: > > How often should a server generate new DH parameters? > > Is this a dumb question? Sorry if it is. 1. 36 hours isn't much time to wait for a response. 2. You broke threading, rather than starting a new thread. 3. It depends on a lot of factors, none of which you bothered to tell us. Start by explaining your exact security goals, your acceptable risk profile, your encryption architecture, your integrity architecture, and your budget. Brad pgpHJAxx3MxFj.pgp Description: PGP signature
Re: SSL (or alike) over UDP
On Fri, 14 Jan 2005 21:10 pm, Eduardo Pérez wrote: > Do you know if it's possible to use SSL (or some other protocol) over > UDP running totally in user space. Not possible to use SSL. Some other protocol is potentially possible, but you haven't told us what you are trying to accomplish, so it hard to tell what is appropriate. > I'd also like to use reliable delivery and a stream unreliable delivery > protocol over the same connection-oriented base secure protocol. To do what? > It would be like using IPSEC totally in user space but without anything > to do with IP. I'm still confused. What security problem are you trying to solve. Brad pgpLnmA0Z94YR.pgp Description: PGP signature
Re: OpenSSL Window Platform
On Thu, 23 Dec 2004 04:13 am, Amy Wong wrote: > I really appreciate if you can show me where to get the Open SSL in window > platform (or if there is any documentation out there). I recently bought the OpenSSL book from O'Reilly - http://www.oreilly.com/catalog/openssl/ Not fully up to date with 0.9.7, but a much more readable introduction than the man pages / web site. Brad pgpK9pE40Rad6.pgp Description: PGP signature
Re: HMAC-128
On Wed, 24 Nov 2004 02:34 am, Elie Lalo wrote: > I know that OpenSSL has the following HMAC(EVP_sha1 (), ) which > supports 160 bits. But does OpenSSL support HMAC-128 as well? If yes, could > you please tell me where/how I can get information about it. You should be able to use whatever MAC algorithm is required. I don't know what MAC "HMAC-128" is though, because your question doesn't have enough context. Perhaps MD5, less likely RIPEMD. So you would just use EVP_md5() instead of EVP_sha1() in the init call: MAC_Init_ex( &c, key_data, key_size, EVP_md5(), 0 ); HTH Brad pgp3GGdXWobp5.pgp Description: PGP signature
EVP_DecryptUpdate returns zero length
In a larger application (Qt Cryptographic Architecture), I'm trying to wrap some OpenSSL crypto primitives in C++. However I'm having a problem with EVP_DecryptUpdate(). I've done up a quick'n'dirty test case, see below. Now for EVP_EncryptUpdate, this gives me 16. But for EVP_DecryptUpdate(), it gives back zero. That isn't what I expected from the man page. Now the data is there (ie result points to a filled in char array), I just can't tell how long it is. Can anyone give me a hint? Brad #include #include #include int main() { unsigned char *key; unsigned char *iv; unsigned char *data; unsigned char *result; EVP_CIPHER_CTX context; unsigned int outputSize; key = (unsigned char *)malloc(16); memset( key, 0x0, 16 ); iv = (unsigned char *)malloc(16); memset( iv, 0x0, 16 ); data = (unsigned char *)malloc(16); memset( data, 0x0, 16 ); result = (unsigned char *)malloc(16); EVP_CIPHER_CTX_init( &context ); EVP_DecryptInit_ex( &context, EVP_aes_128_ecb(), 0, key,iv ); if (0 == EVP_DecryptUpdate( &context, result, &(outputSize), data, 16 ) ) abort(); printf( "Output len: %u\n",outputSize ); free(key); free(data); free(iv); free(result); return 0; } pgpVLnQpYbgz0.pgp Description: PGP signature