subject:"Re\: DH_compute

Re: DH_compute_key query

2014-01-17 Thread sindyak

Thanks Steve. Issue is fixed please ignore my previous email.



--
View this message in context: 
http://openssl.6102.n7.nabble.com/DH-compute-key-query-tp13943p48186.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: DH_compute_key query

2014-01-17 Thread sindyak

it is BIGNUM->d not DH->d



--
View this message in context: 
http://openssl.6102.n7.nabble.com/DH-compute-key-query-tp13943p48184.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: DH_compute_key query

2014-01-17 Thread sindyak

Steve,

It is word aligned. I tried different ways to prepend the value in DH->d but
it is not working. When I dump the memory it shows leading zeros but when I
print the same DH->d using BN_print_fp it does not show zeros which is
expected but leading zeros are not increasing the num_bytes (BN_num_bytes
for computed string is returning lesser value than DH_size) to 160 it is
always returning 159. 

BN_print_fp output:
"9FCB02"80F7125C3C05329F27BD71028F77A9E319CDAAFECFA49042B0254B04C4F4A0C2374BB23573C524FBDCF1F304D7B70C4F5A7F25275A9C4A8035480BBC807D7CE218CDEC34C5A9A1FAC38E96EEF6CEE00D22AB6AFC6FE0574C22466365AA3B32F98267934801CBF35508D0870B1DE33C498F094ABF6037AFB21CDFF661

Memory dump of DH->d
1cdff661 6037afb2 8f094abf 1de33c49 
08d0870b 01cbf355 82679348 aa3b32f9
22466365 6fe0574c 22ab6afc f6cee00d
c38e96ee c5a9a1fa 18cdec34 807d7ce2
35480bbc 5a9c4a80 5a7f2527 d7b70c4f
dcf1f304 73c524fb 374bb235 c4f4a0c2 
b0254b04 cfa49042 19cdaafe 8f77a9e3
27bd7102 3c05329f 80f7125c "009fcb02"

Thanks,
Sindya



--
View this message in context: 
http://openssl.6102.n7.nabble.com/DH-compute-key-query-tp13943p48183.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: DH_compute_key query

2013-11-08 Thread shathawa

Sindya,

Looking at the hexdump issue earlier in the thread, I have a question for
you.  Is your memory buffer block or word aligned?  Some mismatch here may
cause some block computation issues.

- Steve

> Steve,
>
> I am also facing a similar issue. In my case the key generated by
> DH_compute_key need to be used by hash function for authentication
> purpose.
> Even after prepending the key with zeros, hash'd value is not same as the
> other end.
>
> Is there any built-in or openSSL function that will prepend the key with
> zeros. I tried different string functions for this purpose but it is not
> helping me.
>
> Can you please help me with this?
>
> -Sindya.
>
>
>
> --
> View this message in context:
> http://openssl.6102.n7.nabble.com/DH-compute-key-query-tp13943p47257.html
> Sent from the OpenSSL - User mailing list archive at Nabble.com.
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing Listopenssl-users@openssl.org
> Automated List Manager   majord...@openssl.org
>
>


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: DH_compute_key query

2013-11-08 Thread sindyak

Steve,

I am also facing a similar issue. In my case the key generated by
DH_compute_key need to be used by hash function for authentication purpose.
Even after prepending the key with zeros, hash'd value is not same as the
other end. 

Is there any built-in or openSSL function that will prepend the key with
zeros. I tried different string functions for this purpose but it is not
helping me.

Can you please help me with this?

-Sindya.



--
View this message in context: 
http://openssl.6102.n7.nabble.com/DH-compute-key-query-tp13943p47257.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: DH_compute_key query

2011-07-22 Thread Prashant Batra

Thanks Steve a ton. I think I was missing some basic design understanding.

-Prashant

On Fri, Jul 22, 2011 at 5:08 PM, Dr. Stephen Henson wrote:

> On Thu, Jul 21, 2011, Prashant Batra wrote:
>
> > Hello,
> >
> > I am using DH exchange in ikev2 for generating secret key b/w 2 parties.
> > I am observing some awkward thing,
> > in some of the cases, the secret calculated  by both the parties is not
> the
> > same, although the input (public key, private key and peer public key )
>  is
> > same.
> >
> > Hexdump: Length [128]
> > [0] 00 1c ad b2 96 d2 2f b5 25 81 df ac 59 65 2d 01 0a 29 2b 51 27 20 61
> 49
> > 14 f1 80 f7 e3 53 cc 20
> > [32] d4 be f8 b5 44 33 1d 25 d2 d2 b0 be b0 93 93 04 6f ec af c1 09 f3 d3
> 59
> > d4 21 5d 01 a4 70 b6 9e
> > [64] ab 49 6e ff a4 3d 02 1e 51 ec 76 20 e1 c1 12 f4 3f ba ca 70 d1 41 75
> bd
> > de 73 e0 aa 40 32 f4 da
> > [96] 69 d5 a2 b8 01 4f 31 8b 9e a8 40 e9 fe 9c 2f ea 5c 34 fd ed ea b5 63
> 93
> > a3 be 78 61 6f 50 96 b6  }
> >
> > Hexdump: Length [128]
> > [0] 1c ad b2 96 d2 2f b5 25 81 df ac 59 65 2d 01 0a 29 2b 51 27 20 61 49
> 14
> > f1 80 f7 e3 53 cc 20
> > [32] d4 be f8 b5 44 33 1d 25 d2 d2 b0 be [32] b0 93 93 04 6f ec af c1 09
> f3
> > d3 59 d4 21 5d 01 a4 70 b6 9e
> > [64] ab 49 6e ff a4 3d 02 1e 51 ec 76 20 e1 c1 12 f4 3f ba ca 70 d1 41 75
> bd
> > de 73 e0 aa 40 32 f4 da
> > [96] 69 d5 a2 b8 01 4f 31 8b 9e a8 40 e9 fe 9c 2f ea 5c 34 fd ed ea b5 63
> 93
> > a3 be 78 61 6f 50 96 b6 00 }
> >
> > So, there is a problem of 1 byte.
> >
> > The exchange is working properly for other users and the key is also
> > matching.
> >
> > Can someone point out the problem, or any clue, where I may be doing
> wrong,
> > as the same code is getting hit for all the users.
> >
>
> OpenSSLs DH implementation is compliant with the SSL/TLS requirements that
> skips leading zeroes on the output. It looks like the other implementation
> includes leading zeroes. The return value of DH_compute_key is the length
> of
> the returned key, if it is less than DH_size(key) then prepend zeroes.
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing Listopenssl-users@openssl.org
> Automated List Manager   majord...@openssl.org

Re: DH_compute_key query

2011-07-22 Thread Dr. Stephen Henson

On Thu, Jul 21, 2011, Prashant Batra wrote:

> Hello,
> 
> I am using DH exchange in ikev2 for generating secret key b/w 2 parties.
> I am observing some awkward thing,
> in some of the cases, the secret calculated  by both the parties is not the
> same, although the input (public key, private key and peer public key )  is
> same.
> 
> Hexdump: Length [128]
> [0] 00 1c ad b2 96 d2 2f b5 25 81 df ac 59 65 2d 01 0a 29 2b 51 27 20 61 49
> 14 f1 80 f7 e3 53 cc 20
> [32] d4 be f8 b5 44 33 1d 25 d2 d2 b0 be b0 93 93 04 6f ec af c1 09 f3 d3 59
> d4 21 5d 01 a4 70 b6 9e
> [64] ab 49 6e ff a4 3d 02 1e 51 ec 76 20 e1 c1 12 f4 3f ba ca 70 d1 41 75 bd
> de 73 e0 aa 40 32 f4 da
> [96] 69 d5 a2 b8 01 4f 31 8b 9e a8 40 e9 fe 9c 2f ea 5c 34 fd ed ea b5 63 93
> a3 be 78 61 6f 50 96 b6  }
> 
> Hexdump: Length [128]
> [0] 1c ad b2 96 d2 2f b5 25 81 df ac 59 65 2d 01 0a 29 2b 51 27 20 61 49 14
> f1 80 f7 e3 53 cc 20
> [32] d4 be f8 b5 44 33 1d 25 d2 d2 b0 be [32] b0 93 93 04 6f ec af c1 09 f3
> d3 59 d4 21 5d 01 a4 70 b6 9e
> [64] ab 49 6e ff a4 3d 02 1e 51 ec 76 20 e1 c1 12 f4 3f ba ca 70 d1 41 75 bd
> de 73 e0 aa 40 32 f4 da
> [96] 69 d5 a2 b8 01 4f 31 8b 9e a8 40 e9 fe 9c 2f ea 5c 34 fd ed ea b5 63 93
> a3 be 78 61 6f 50 96 b6 00 }
> 
> So, there is a problem of 1 byte.
> 
> The exchange is working properly for other users and the key is also
> matching.
> 
> Can someone point out the problem, or any clue, where I may be doing wrong,
> as the same code is getting hit for all the users.
> 

OpenSSLs DH implementation is compliant with the SSL/TLS requirements that
skips leading zeroes on the output. It looks like the other implementation
includes leading zeroes. The return value of DH_compute_key is the length of
the returned key, if it is less than DH_size(key) then prepend zeroes.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: DH_compute_key query

Re: DH_compute_key query

Re: DH_compute_key query

Re: DH_compute_key query

Re: DH_compute_key query

Re: DH_compute_key query

Re: DH_compute_key query

7 matches

Site Navigation

Mail list logo

Footer information