Edward Chan <[EMAIL PROTECTED]> wrote: > Thanks for the reply. So I'm a bit confused as to how different crypto > packages interoperate. I've been having a problem with MS CryptoAPI > doing a DH key exchange with OpenSSL. There are some quirks such as > byte order, and a couple other things. But for the most part, I have it > working. But occasionally, I get failures which I suspect is due to the > BIGNUM format of the pubkey that is exchanged. Has anybody had success > getting these 2 libs working together?
This might be a BN padding problem. In fact, I had the same problem when doing interoperability tests between xyssl and openssl, sometimes after the EDH key exchange I got a bad record mac (this was however quite rare). The reason was that the pre-master key, basically the shared DH secret was incorrectly padded with 0s (like for RSA), whereas openssl doesn't. Christophe > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola > Sent: Tuesday, April 17, 2007 1:55 AM > To: openssl-users@openssl.org > Subject: RE: BIGNUM library > > Hello, > > Is there a specification on the format of a BIGNUM that someone can > > point me to? > Probably headers files. > > > Is there a standard encoding/format that everyone adheres to? > Probably not. > > > Or would different libraries have their own encodings? I hope not. > Most bignum libraries use their own formats, in general they are > very close (structure with words/limbs, some counters, sign > variable ...). Sometimes APIs between libraries are almost the same. > > > How easy or difficult would it be to extract just the BIGNUM library > > from OpenSSL? Are there any documents on how to do this? > Very ease, but if you think about bignum library I think GMP > is better than extract from OpenSSL. > > Best regards, > -- > Marek Marcola <[EMAIL PROTECTED]> > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
