23B0ECFB11E1E7EA228861F4363DBA8D478A7E44F1DEB77A3904FBD90CAA41E291A2E094ABCBD5134146FB1C0F42BC8D7B4829DEFEE7BACDFC024FB8B9FAF16F225EB3C96D866C535B2A06E83DCF007
Thanks,
Thulasi.
On Sat, 20 Feb 2021 at 00:40, Alon Bar-Lev wrote:
> Thanks!
> Was about to write... I tested both 1.1 and master branches and result is
> the same.
>
>
> On Fri, 19 Feb 2021 at 21:04
d=d.signedData, Type=CMS_ContentInfo
4757167552:error:0D0D106E:asn1 encoding routines:b64_read_asn1:decode
error:crypto/asn1/asn_mime.c:143:
4757167552:error:0D0D40CC:asn1 encoding routines:SMIME_read_ASN1:asn1 sig
parse error:crypto/asn1/asn_mime.c:451:
Thanks,
Thulasi.
On Sat, 20 Feb 2021 at 00:09, Vi
CAfile ca.pem
Thanks,
Thulasi.
On Fri, 19 Feb 2021 at 13:16, Alon Bar-Lev wrote:
> Hello OpenSSL masters,
>
> Can someone please try to reproduce the below issue?
>
> Thanks,
> Alon
>
> On Sat, 13 Feb 2021 at 23:23 Alon Bar-Lev wrote:
>
>> Hello,
>>
&
orting ecx keygen
are handling this situation.
Thanks,
Thulasi.
OCSP responder app is trying to read OCSP_RESPONSE instead of OCSP_REQUEST
in do_responder function.
Created https://github.com/openssl/openssl/issues/13904
Thanks,
Thulasi.
padding.
A Private key is not necessary.
Thanks,
Thulasi
On Fri, 29 Jan 2021 at 17:47, Narayana, Sunil Kumar
wrote:
> Yeah, it sounds correct. But since it’s an old application code & we are
> not sure why was it done so, we are little worried to change.
>
> Can you pl
Isn't it obvious to use PEM_read_PrivateKey() or variants to load the
private key as EVP_PKEY
and use EVP_PKEY_decrypt* as specified in
https://www.openssl.org/docs/man1.0.2/man3/EVP_PKEY_decrypt.html ?
Thanks,
Thulasi.
On Fri, 29 Jan 2021 at 16:59, Narayana, Sunil Kumar
wrote:
> Hi Thul
Hope, you are referring to
https://www.openssl.org/docs/man1.0.2/man3/EVP_PKEY_encrypt.html
Use PEM_read_bio_PUBKEY to get EVP_PKEY.
eng is for engine reference. If you have no engine, it can be NULL.
Thanks,
Thulasi.
On Fri, 29 Jan 2021 at 10:13, Narayana, Sunil Kumar
wrote:
> Dear Open
280#section-4.1.1.2, It isn't clear if
NULL parameters can be completely omitted or if it should still have NULL
encoding.
Is this a too stringent check in the third-party s/w or a miss in
openss-3.0.0-alpha10?
Thanks,
Thulasi.
of offloading crypto operation, using ex_data of key objects. I want to
quickly upgrade this to a provider to convince myself that the basic
upgrade from engine to provider isn't time consuming.
Thanks,
Thulasi.
CMS_Decrypt doesn't need to feed this information explicitly and it will
part of CMS envelope of the encrypted data.
https://tools.ietf.org/html/rfc3560#page-4
Thanks,
Thulasi.
On Tue, 18 Feb 2020 at 17:16, Thulasi Goriparthi <
thulasi.goripar...@gmail.com> wrote:
> Sorry for th
Sorry for this. I see that you already knew about it.
On Tue, 18 Feb, 2020, 17:08 Thulasi Goriparthi, <
thulasi.goripar...@gmail.com> wrote:
> https://www.openssl.org/docs/man1.1.0/man3/EVP_PKEY_CTX_ctrl_str.html
>
> Thanks,
> Thulasi.
>
> On Tue, 18 Feb, 2020, 16:43 Ru
https://www.openssl.org/docs/man1.1.0/man3/EVP_PKEY_CTX_ctrl_str.html
Thanks,
Thulasi.
On Tue, 18 Feb, 2020, 16:43 RudyAC, wrote:
> Hello Thulasi,
>
> thank you for your quick response.
>
> the encryption takes not place in the HSM because we only store the private
> k
(hash, mgf, salt length)
used for OAEP are same on both sides. If they match and decryption still
fails, check with your HSM vendor. If they don't, try fixing the parameters
and repeat test 2.
RSA_NO_PADDING always works as all it does is modular exponentiation.
Thanks,
Thulasi.
On Mon, 17 Feb
with a private key can be
decrypted by everyone with the corresponding public key. It is actually a
sign operation, that lets everyone verify the signature.
Thanks,
Thulasi.
On Sat, 8 Feb, 2020, 08:17 Rafael Ferrer, wrote:
> I implemented some custom engines and RSA_meth_set_priv_enc seems to
with
your input x.
EC_POINT_get_affine_coordinates(group, ec_pub_key, bn_x, bn_y, NULL);
Thanks,
Thulasi.
On Sat, 26 Oct 2019 at 13:21, Luca Di Mauro wrote:
> I checked the 'test' folder but I didn't found any tests that help me
> in this case.
>
> However the only doubt is h
02 indicates y bit is 0
03 indicates y bit is 1
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.202.2977=rep1=pdf
Thanks,
Thulasi.
On Fri, 25 Oct 2019 at 16:50, Luca Di Mauro wrote:
>
> Mh, maybe I didn't understand.
>
> If I have an x-point which follows this representa
Agree that XTS specific deviation should have been documented similar to
some of the AEAD ciphers with EVP interface.
Thanks,
Thulasi.
On Tue, 1 Oct 2019 at 08:46, Norm Green
wrote:
> Could be, but that's not how EVP_CipherUpdate is documented to work. If
> this is an XTS mode limi
As 512 byte blocks are independently encrypted, they should be decrypted
similarly. This is how XTS mode is defined.
i.e Try to decrypt 512 byte blocks separately with two CipherUpdates.
Thanks,
Thulasi.
On Tue, 1 Oct 2019 at 06:43, Norm Green
wrote:
> Hi all,
>
> I'm using OpenS
parameters and key components for DH keys, it wouldn't be of much use
as DH keys are ephemeral and we never need to compare two of them for
their key components.
Thanks,
Thulasi.
On Wed, 7 Aug 2019 at 12:27, wrote:
>
> I have a question to following situation with RSA and DH structures:
>
>
>> For such tests, it's always better safe than sorry.
Not sure, if repeating the same test (or the test of the same value)
would add any safety.
Thanks,
Thulasi.
On Fri, 2 Nov 2018 at 16:53, Jakob Bohm via openssl-users
wrote:
>
> On 02/11/2018 08:50, Thulasi Goriparthi w
, reject.
If priv key is available and we do step 4, isn't step 3 redundant? Can
we change this to something like this?
if (priv key)
step 4
else
step 3
Thanks,
Thulasi.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
, you do not need private exponent(d) for
signing, as you already have CRT components.
What is the function that complained about missing d?
Thanks,
Thulasi.
On 31 July 2018 at 16:19, Jan Bilek wrote:
> Hi all,
>
> I need to reconstruct public and private keys for data signing operation
&g
Hello,
You can register a verify callback function using
X509_STORE_set_verify_cb() and X509_verify_cert() will call this
function, which can be used to by-pass targeted errors like
X509_V_ERR_INVALID_PURPOSE etc.
Check callb function from apps/x509.c
Thanks,
Thulasi.
On 16 July 2018 at 20
X509_STORE_add_cert increments the reference count of the each cert, but
only by 1.
X509_STORE_free decrements the ref count by 1. So after decrementing, if
ref_count is 0, certificate will be freed.
Jakob is saying that if you want them to stay even after X509_STORE_free,
explicitly increment
On 10 June 2015 at 16:47, Jakob Bohm jb-open...@wisemo.com wrote:
On 10/06/2015 12:41, Thulasi Goriparthi wrote:
X509_STORE_add_cert increments the reference count of the each cert,
but only by 1.
Sounds like there should be X509_STORE_add0_cert() and
X509_STORE_add1_cert() like
On 10 June 2015 at 18:05, Thulasi Goriparthi thulasi.goripar...@gmail.com
wrote:
On 10 June 2015 at 16:47, Jakob Bohm jb-open...@wisemo.com wrote:
On 10/06/2015 12:41, Thulasi Goriparthi wrote:
X509_STORE_add_cert increments the reference count of the each cert,
but only by 1.
Sounds
On 10 June 2015 at 18:45, Viktor Dukhovni openssl-us...@dukhovni.org
wrote:
On Wed, Jun 10, 2015 at 04:11:45PM +0530, Thulasi Goriparthi wrote:
Jakob is saying that if you want them to stay even after X509_STORE_free,
explicitly increment the ref count before calling free using something
of having this with your team.
Thanks,
Thulasi.
On 3 June 2015 at 18:28, Matt Caswell m...@openssl.org wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 03/06/15 06:32, Rémy Grünblatt wrote:
Hello. I have a custom external hardware encryption chip that can
computes some operations
ecdsa_do_sign:
-- uses k inverse and r (received from ecdsa_sign_setup) to generate the
second part of the signature(s).
Thanks,
Thulasi.
On 7 May 2015 at 13:58, Piotr Łobacz piotr.lob...@radmor.com.pl wrote:
As in the subject is it possible to generate signature with given random
number
Hi all,
What is the reason behind keeping ecdh_method and ecdsa_method structure
definitions in local header files ech_locl.h and ecs_locl.h respectively
unlike their peers.. dh_method, dsa_method, rsa_meth_st and rand_meth_st
which are defined in exported header files?
Thanks,
Thulasi
engine's default RAND method.
So, One need to explicitly call either
RAND_set_rand_method(rand_method_pointer) if one can directly access
engine's rand method or RAND_set_rand_engine(e) where e is preferred
engine's reference.
Thanks,
Thulasi.
On 10 December 2014 at 22:05, Brian Watson bwats9
,
Thulasi.
On 11 December 2014 at 04:15, Vyas Pentakota npent...@brocade.com wrote:
Hi
I am working on issue involving openssl TLS 1.2 finish message decryption.
I was wondering if anyone can tell me how I can generate “encrypted
handshake message” (client finish message) record larger than
A correction regarding padding.
On 11 December 2014 at 16:53, Thulasi Goriparthi
thulasi.goripar...@gmail.com wrote:
One can't change the encrypted finished size unless one is using variable
padding. encrypted finished size depends on 3 parameters: protocol version,
cipher type, MAC type
On 27 October 2014 14:03, Gayathri Manoj gayathri.an...@gmail.com wrote:
Hi All,
How can I replace RSA_public_decrypt() with EVP_Verify*().
I wanted to replace the below api with EVP_verify*()
RSA_public_decrypt(Len, SgnData, dBuffer, rsa_pub_key, RSA_PKCS1_PADDING);
I have tried with
On 19 September 2014 22:34, Stromas, Aaron aaron.stro...@rsa.com wrote:
Greetings,
I am looking for help with a problem I've ran into a using
mod_proxy/mod_ssl. The Apache HTTP server on SLES 11 SP3 64 bit, OpenSSL
1.0.1.f acts as SSL proxy to the Weblogic 10.3 running on Redhat. The
SSLv23_client_method supports all protocols by default and connects using
the highest protocol that server supports(as received from server hello)
I suggest you try disabling TLS 1.0 along with SSL2 if you want to force
your client to use SSL3 without changing the context's method.
and see if it is really generating rand bytes.
See if you have seeded the rand function or not.
Thanks,
Thulasi.
2014-09-12 12:44 GMT+05:30 yu.wang alber...@bluectrl.com:
Dear Sir,
我应用的openssl版本为:openssl1.0.1i,平台为rtems操作系统,我在使用openssl 给 http
网络通信过程中会出现如下错误:
error:140B512D:SSL
thread callback funcs are missing.
openssl FAQ says..
Multi-threaded applications must provide two callback functions to OpenSSL
by calling CRYPTO_set_locking_callback() and CRYPTO_set_id_callback(), for
all versions of OpenSSL up to and including 0.9.8[abc...].
As of version 1.0.0,
$ openssl genrsa 2048 key.pem
$ openssl req -new -x509 -key key.pem -out cert.pem -sha256
On Tue, Aug 12, 2014 at 11:08 AM, Abdul Anshad ab...@visolve.com wrote:
Could you please provide me the steps for creating a self signed
certificate meeting the current FIPS standard ?
Thank you for
Assuming that finish you meant is Handshake Finished messages of SSL/TLS
protocol, I assure you, you can see them with openssl too.
Implementations can't (won't deliberately) change the protocol.
Run s_server and s_client of openssl with -msg -debug -state options to see
the handshake messages
On Mon, Aug 4, 2014 at 4:50 AM, David Li dlipub...@gmail.com wrote:
Hi Thulasi/Rich,
Thanks! This prompted me to uncover another bug in the code. I did encrypt
an extra block of zeros! Now everything makes sense.
Can't help to dig a little deeper into this: In AES-CBC mode, the
decryption
On Thu, Jul 31, 2014 at 5:10 PM, Laurent Broussy lbrou...@elbeconseil.com
wrote:
Hi,
Like describe in the FIPS 46-3 a DES key must have it heavy bit as parity
bit. I try to encipher with a key without no correct parity bits and with
this key where I put the correct parity bits the same
On Sat, Aug 2, 2014 at 12:16 AM, David Li dlipub...@gmail.com wrote:
Hi Thulasi,
You are right! It's a bug on my part.
I have a follow-up question regarding what EVP_DecryptFinal is doing.
In my case, the original string is 27 bytes long, the ciphertext length
is 48 ( I am using AES-CBC
On Fri, Aug 1, 2014 at 3:07 AM, Nayna Jain naynj...@in.ibm.com wrote:
Hi all,
We got one of our openssl version upgraded to openssl 1.0.1e version.
But after that I am facing this error at client side.
error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
But I am not sure
On Fri, Aug 1, 2014 at 5:46 AM, David Li dlipub...@gmail.com wrote:
Hi,
I am using openssl 1.0.1h and AES128 CBC mode to encrypt some arbitrary
long ASCII string.
I encountered an issue at decryption. If I use EVP_DecryptFinal_ex then
the output is unrecognizable. If I remove the following
On Jul 25, 2014 5:15 PM, Dr. Stephen Henson st...@openssl.org wrote:
On Thu, Jul 24, 2014, Denis Berezhnoy wrote:
Hi guys,
I have a question regarding TLS1.0 and TLS1.2 performance.
Is it a correct expectation is that TPS (transactions per seconds)
performance is worse with TLS1.2
Seems -iter option is added to master only in the below commit. By date,
it is later than 1.0.1g and probably 1.0.1h too.
commit 8a6c6bbf21cc11ea0fed69a106250af0d734d786
Author: Naftuli Tzvi Kay rfkro...@gmail.com
Date: Tue Jun 3 12:48:06 2014 -0700
Added custom PBKDF2 iteration count to
and probably 1.0.1h too.
OK, thanks. Would that be a 1.0.2 option; or a 1.1.0 option?
On Wed, Jul 23, 2014 at 2:41 AM, Thulasi Goriparthi
thulasi.goripar...@gmail.com wrote:
Seems -iter option is added to master only in the below commit. By
date,
it is later than 1.0.1g and probably 1.0.1h too
Version that is sent by Client in Client Hello may not necessarily be the
version of communication. It gets adjusted with what Server can support.
In your case, as you force the server to support only TLSv1, communication
protocol gets adjusted to TLSv1(03 01) even though client supports
In the example, only internal_bio is set using SSL_set_bio as below.
*SSL_set_bio(ssl, internal_bio, internal_bio);*
network_bio is not linked to SSL session. So it has to be freed explicitly.
On Fri, Jul 18, 2014 at 2:01 AM, Iñaki Baz Castillo i...@aliax.net wrote:
2014-07-17 14:29
*Guessing the context that is sent to EVP_PKEY_derive_set_peer is
initialized/created with a pkey belonging to different group. *
*In other words, EC keys of both parties in DH are not of the same group. *
On Mon, Jun 30, 2014 at 10:13 AM, pratyush parimal
pratyush.pari...@gmail.com wrote:
Hi
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag);
When you change tag length with the above statement, you are telling
the decrypt context to consider only those many number of bytes
for tag comparision.
On Wed, Jun 18, 2014 at 4:52 PM, Michel msa...@paybox.com wrote:
PM, Michel msa...@paybox.com wrote:
Thank for your answer.
But isn't this strategy very hazardous ?
And why just for GCM and not CCM ?
Le 18/06/2014 14:37, Thulasi Goriparthi a écrit :
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag);
When you change tag length
when tag length of decryption was equal to tag length of encryption.
:-(
It just works for : tag length of decryption = tag length of encryption =
16.
Thanks again for your help.
Le 18/06/2014 16:14, Thulasi Goriparthi a écrit :
Truncate-able tags gave a way to truncated hmac extension
One more thing to correct myself.
2 as tag length is not allowed. only 4, 6, 8, 10, 12, 14, 16 are allowed.
On Wed, Jun 18, 2014 at 11:55 PM, Thulasi Goriparthi
thulasi.goripar...@gmail.com wrote:
In the test program, you are feeding a fixed ccm_tag to decryption
process. This will not work
at max. 64 - 11 byte
padding and SHA512 produces 64 bytes of hashed data.
Thanks,
Thulasi.
On Tue, Feb 26, 2013 at 11:42 PM, Viktor Dukhovni
openssl-us...@dukhovni.org wrote:
On Tue, Feb 26, 2013 at 11:30:18PM +0530, Nayna Jain wrote:
Both server and client authenticate each other. And so
On Wed, Feb 27, 2013 at 1:39 AM, Viktor Dukhovni openssl-us...@dukhovni.org
wrote:
On Wed, Feb 27, 2013 at 12:49:55AM +0530, Thulasi Goriparthi wrote:
Or use another hash type for signature which can produce not more than 53
bytes of hashed data. (i.e MD5, SHA1, SHA256, SHA384) while using
similar to that
of TLS 1.x records?
Thanks,
Thulasi.
MAC key
server write MAC key
client write encryption key
server write encryption key
client write IV(if applicable)
server write IV(if applicable)
Thanks,
Thulasi.
On Thu, Feb 7, 2013 at 3:42 AM, T J jordan.tre...@gmail.com wrote:
Sorry to keep hammering away
as client is going to choose the
pre-master-secret. i.e attacker cannot replay any encrypted record as he
will not be able to decrypt the pre-master-secret encrypted by server's
public key and so, cannot generate the session key.
Am I still missing something trivial?
Thanks,
Thulasi.
On 5 February
with it's
child?
Thanks,
Thulasi.
.
At
this point it isn't clear if the problem is with the servers or OpenSSL.
From ssl/tls1.h of today's snapshot, it looks to me that CipherSuites from
rfc 5288 and 5289(ECC and GCM TLS1.2 CipherSuites) are not added yet.
Thanks,
Thulasi.
On 25 May 2011 15:51, Dr. Stephen Henson st
As you are planning to use symmetric encryption for payload, encrypted data
length will be same as that of payload assuming your payload is properly
padded.
On 17 May 2011 14:54, G S stokest...@gmail.com wrote:
Re-sending. Forgot to finish the subject...
Hi all.
I have an iPhone app that
64 matches
Mail list logo
