23B0ECFB11E1E7EA228861F4363DBA8D478A7E44F1DEB77A3904FBD90CAA41E291A2E094ABCBD5134146FB1C0F42BC8D7B4829DEFEE7BACDFC024FB8B9FAF16F225EB3C96D866C535B2A06E83DCF007
Thanks,
Thulasi.
On Sat, 20 Feb 2021 at 00:40, Alon Bar-Lev wrote:
> Thanks!
> Was about to write... I tested both 1.1 and master branches and result is
> the same.
>
>
> On Fri, 19 Feb 2021 at 21:04
d=d.signedData, Type=CMS_ContentInfo
4757167552:error:0D0D106E:asn1 encoding routines:b64_read_asn1:decode
error:crypto/asn1/asn_mime.c:143:
4757167552:error:0D0D40CC:asn1 encoding routines:SMIME_read_ASN1:asn1 sig
parse error:crypto/asn1/asn_mime.c:451:
Thanks,
Thulasi.
On Sat, 20 Feb 2021 at 00:09, Vi
CAfile ca.pem
Thanks,
Thulasi.
On Fri, 19 Feb 2021 at 13:16, Alon Bar-Lev wrote:
> Hello OpenSSL masters,
>
> Can someone please try to reproduce the below issue?
>
> Thanks,
> Alon
>
> On Sat, 13 Feb 2021 at 23:23 Alon Bar-Lev wrote:
>
>> Hello,
>>
&
iders supporting ecx keygen
are handling this situation.
Thanks,
Thulasi.
OCSP responder app is trying to read OCSP_RESPONSE instead of OCSP_REQUEST
in do_responder function.
Created https://github.com/openssl/openssl/issues/13904
Thanks,
Thulasi.
NONE padding.
A Private key is not necessary.
Thanks,
Thulasi
On Fri, 29 Jan 2021 at 17:47, Narayana, Sunil Kumar
wrote:
> Yeah, it sounds correct. But since it’s an old application code & we are
> not sure why was it done so, we are little worried to change.
>
> Can you p
Isn't it obvious to use PEM_read_PrivateKey() or variants to load the
private key as EVP_PKEY
and use EVP_PKEY_decrypt* as specified in
https://www.openssl.org/docs/man1.0.2/man3/EVP_PKEY_decrypt.html ?
Thanks,
Thulasi.
On Fri, 29 Jan 2021 at 16:59, Narayana, Sunil Kumar
wrote:
> Hi
Hope, you are referring to
https://www.openssl.org/docs/man1.0.2/man3/EVP_PKEY_encrypt.html
Use PEM_read_bio_PUBKEY to get EVP_PKEY.
eng is for engine reference. If you have no engine, it can be NULL.
Thanks,
Thulasi.
On Fri, 29 Jan 2021 at 10:13, Narayana, Sunil Kumar
wrote:
> Dear Open
280#section-4.1.1.2, It isn't clear if
NULL parameters can be completely omitted or if it should still have NULL
encoding.
Is this a too stringent check in the third-party s/w or a miss in
openss-3.0.0-alpha10?
Thanks,
Thulasi.
ly at time
of offloading crypto operation, using ex_data of key objects. I want to
quickly upgrade this to a provider to convince myself that the basic
upgrade from engine to provider isn't time consuming.
Thanks,
Thulasi.
CMS_Decrypt doesn't need to feed this information explicitly and it will
part of CMS envelope of the encrypted data.
https://tools.ietf.org/html/rfc3560#page-4
Thanks,
Thulasi.
On Tue, 18 Feb 2020 at 17:16, Thulasi Goriparthi <
thulasi.goripar...@gmail.com> wrote:
> Sorry for th
Sorry for this. I see that you already knew about it.
On Tue, 18 Feb, 2020, 17:08 Thulasi Goriparthi, <
thulasi.goripar...@gmail.com> wrote:
> https://www.openssl.org/docs/man1.1.0/man3/EVP_PKEY_CTX_ctrl_str.html
>
> Thanks,
> Thulasi.
>
> On Tue, 18 Feb, 2020, 16:43 Ru
https://www.openssl.org/docs/man1.1.0/man3/EVP_PKEY_CTX_ctrl_str.html
Thanks,
Thulasi.
On Tue, 18 Feb, 2020, 16:43 RudyAC, wrote:
> Hello Thulasi,
>
> thank you for your quick response.
>
> the encryption takes not place in the HSM because we only store the private
> keys i
(hash, mgf, salt length)
used for OAEP are same on both sides. If they match and decryption still
fails, check with your HSM vendor. If they don't, try fixing the parameters
and repeat test 2.
RSA_NO_PADDING always works as all it does is modular exponentiation.
Thanks,
Thulasi.
On Mon, 1
private key can be
decrypted by everyone with the corresponding public key. It is actually a
sign operation, that lets everyone verify the signature.
Thanks,
Thulasi.
On Sat, 8 Feb, 2020, 08:17 Rafael Ferrer, wrote:
> I implemented some custom engines and RSA_meth_set_priv_enc seems to map
&
with
your input x.
EC_POINT_get_affine_coordinates(group, ec_pub_key, bn_x, bn_y, NULL);
Thanks,
Thulasi.
On Sat, 26 Oct 2019 at 13:21, Luca Di Mauro wrote:
> I checked the 'test' folder but I didn't found any tests that help me
> in this case.
>
> However the only
02 indicates y bit is 0
03 indicates y bit is 1
http://citeseerx.ist.psu.edu/viewdoc/download?doi=10.1.1.202.2977&rep=rep1&type=pdf
Thanks,
Thulasi.
On Fri, 25 Oct 2019 at 16:50, Luca Di Mauro wrote:
>
> Mh, maybe I didn't understand.
>
> If I have an x
Agree that XTS specific deviation should have been documented similar to
some of the AEAD ciphers with EVP interface.
Thanks,
Thulasi.
On Tue, 1 Oct 2019 at 08:46, Norm Green
wrote:
> Could be, but that's not how EVP_CipherUpdate is documented to work. If
> this is an XTS mode lim
As 512 byte blocks are independently encrypted, they should be decrypted
similarly. This is how XTS mode is defined.
i.e Try to decrypt 512 byte blocks separately with two CipherUpdates.
Thanks,
Thulasi.
On Tue, 1 Oct 2019 at 06:43, Norm Green
wrote:
> Hi all,
>
> I'm using Ope
to compare both
parameters and key components for DH keys, it wouldn't be of much use
as DH keys are ephemeral and we never need to compare two of them for
their key components.
Thanks,
Thulasi.
On Wed, 7 Aug 2019 at 12:27, wrote:
>
> I have a question to following situation with RSA and DH s
>> For such tests, it's always better safe than sorry.
Not sure, if repeating the same test (or the test of the same value)
would add any safety.
Thanks,
Thulasi.
On Fri, 2 Nov 2018 at 16:53, Jakob Bohm via openssl-users
wrote:
>
> On 02/11/2018 08:50, Thulasi Goripar
, reject.
If priv key is available and we do step 4, isn't step 3 redundant? Can
we change this to something like this?
if (priv key)
step 4
else
step 3
Thanks,
Thulasi.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
, you do not need private exponent(d) for
signing, as you already have CRT components.
What is the function that complained about missing d?
Thanks,
Thulasi.
On 31 July 2018 at 16:19, Jan Bilek wrote:
> Hi all,
>
> I need to reconstruct public and private keys for data signing operation
&g
Hello,
You can register a verify callback function using
X509_STORE_set_verify_cb() and X509_verify_cert() will call this
function, which can be used to by-pass targeted errors like
X509_V_ERR_INVALID_PURPOSE etc.
Check callb function from apps/x509.c
Thanks,
Thulasi.
On 16 July 2018 at 20
On 10 June 2015 at 18:45, Viktor Dukhovni
wrote:
> On Wed, Jun 10, 2015 at 04:11:45PM +0530, Thulasi Goriparthi wrote:
>
> > Jakob is saying that if you want them to stay even after X509_STORE_free,
> > explicitly increment the ref count before calling free using somethin
On 10 June 2015 at 18:05, Thulasi Goriparthi
wrote:
>
>
> On 10 June 2015 at 16:47, Jakob Bohm wrote:
>
>> On 10/06/2015 12:41, Thulasi Goriparthi wrote:
>>
>> X509_STORE_add_cert increments the reference count of the each cert,
>> but only by
On 10 June 2015 at 16:47, Jakob Bohm wrote:
> On 10/06/2015 12:41, Thulasi Goriparthi wrote:
>
> X509_STORE_add_cert increments the reference count of the each cert,
> but only by 1.
>
> Sounds like there should be X509_STORE_add0_cert() and
> X509_STORE_add1_cert() li
X509_STORE_add_cert increments the reference count of the each cert, but
only by 1.
X509_STORE_free decrements the ref count by 1. So after decrementing, if
ref_count is 0, certificate will be freed.
Jakob is saying that if you want them to stay even after X509_STORE_free,
explicitly increment the
ibility of having this with your team.
Thanks,
Thulasi.
On 3 June 2015 at 18:28, Matt Caswell wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
>
>
> On 03/06/15 06:32, Rémy Grünblatt wrote:
> > Hello. I have a custom external hardware encryption chip that can
and r
ecdsa_do_sign:
-- uses k inverse and r (received from ecdsa_sign_setup) to generate the
second part of the signature(s).
Thanks,
Thulasi.
On 7 May 2015 at 13:58, Piotr Łobacz wrote:
> As in the subject is it possible to generate signature with given random
> number? Accor
Hi all,
What is the reason behind keeping ecdh_method and ecdsa_method structure
definitions in local header files ech_locl.h and ecs_locl.h respectively
unlike their peers.. dh_method, dsa_method, rsa_meth_st and rand_meth_st
which are defined in exported header files?
Thanks,
Thulasi
than engine's default RAND method.
So, One need to explicitly call either
RAND_set_rand_method(rand_method_pointer) if one can directly access
engine's rand method or RAND_set_rand_engine(e) where e is preferred
engine's reference.
Thanks,
Thulasi.
On 10 December 2014 at 22:05, Brian
A correction regarding padding.
On 11 December 2014 at 16:53, Thulasi Goriparthi <
thulasi.goripar...@gmail.com> wrote:
> One can't change the encrypted finished size unless one is using variable
> padding. encrypted finished size depends on 3 parameters: protocol version,
&
s.
Thanks,
Thulasi.
On 11 December 2014 at 04:15, Vyas Pentakota wrote:
> Hi
>
> I am working on issue involving openssl TLS 1.2 finish message decryption.
> I was wondering if anyone can tell me how I can generate “encrypted
> handshake message” (client finish message) re
On 27 October 2014 14:03, Gayathri Manoj wrote:
> Hi All,
>
> How can I replace RSA_public_decrypt() with EVP_Verify*().
>
> I wanted to replace the below api with EVP_verify*()
>
> RSA_public_decrypt(Len, SgnData, dBuffer, rsa_pub_key, RSA_PKCS1_PADDING);
>
> I have tried with
>
> EVP_MD_CTX
re is assigned to
EVP_PKEY structure, EVP_PKEY holds both public and private components. So,
naming it m_pukey is not justified.
In Client's SetCert function, where are you writing out the cert? out is
pointing to NULL.
Thanks,
Thulasi.
On 30 September 2014 23:24, Amir Reda wrote:
> dear a
On 19 September 2014 22:34, Stromas, Aaron wrote:
> Greetings,
>
>
>
> I am looking for help with a problem I've ran into a using
> mod_proxy/mod_ssl. The Apache HTTP server on SLES 11 SP3 64 bit, OpenSSL
> 1.0.1.f acts as SSL proxy to the Weblogic 10.3 running on Redhat. The
> mod_ssl is confi
On 16 September 2014 23:01, Viktor Dukhovni
wrote:
> On Mon, Sep 15, 2014 at 11:19:52AM +0530, Thulasi Goriparthi wrote:
>
> > I suggest you try disabling TLS 1.0 along with SSL2 if you want to force
> > your client to use SSL3 without changing the context's method.
>
see if it is really generating rand bytes.
See if you have seeded the rand function or not.
Thanks,
Thulasi.
2014-09-12 12:44 GMT+05:30 yu.wang :
> Dear Sir,
>
> 我应用的openssl版本为:openssl1.0.1i,平台为rtems操作系统,我在使用openssl 给 http
> 网络通信过程中会出现如下错误:
>
>
SSLv23_client_method supports all protocols by default and connects using
the highest protocol that server supports(as received from server hello)
I suggest you try disabling TLS 1.0 along with SSL2 if you want to force
your client to use SSL3 without changing the context's method.
SSL_CTX_set_opt
thread callback funcs are missing.
openssl FAQ says..
Multi-threaded applications must provide two callback functions to OpenSSL
by calling CRYPTO_set_locking_callback() and CRYPTO_set_id_callback(), for
all versions of OpenSSL up to and including 0.9.8[abc...].
As of version 1.0.0, CRYPTO_set_i
Assuming that "finish" you meant is Handshake Finished messages of SSL/TLS
protocol, I assure you, you can see them with openssl too.
Implementations can't (won't deliberately) change the protocol.
Run s_server and s_client of openssl with -msg -debug -state options to see
the handshake messages
$ openssl genrsa 2048 > key.pem
$ openssl req -new -x509 -key key.pem -out cert.pem -sha256
On Tue, Aug 12, 2014 at 11:08 AM, Abdul Anshad wrote:
> Could you please provide me the steps for creating a self signed
> certificate meeting the current FIPS standard ?
>
> Thank you for the response.
On Mon, Aug 4, 2014 at 4:50 AM, David Li wrote:
> Hi Thulasi/Rich,
>
> Thanks! This prompted me to uncover another bug in the code. I did encrypt
> an extra block of zeros! Now everything makes sense.
>
> Can't help to dig a little deeper into this: In AES-CBC mode,
On Sat, Aug 2, 2014 at 12:16 AM, David Li wrote:
> Hi Thulasi,
>
> You are right! It's a bug on my part.
>
> I have a follow-up question regarding what EVP_DecryptFinal is doing.
>
> In my case, the original string is 27 bytes long, the ciphertext length
> is 48 (
On Thu, Jul 31, 2014 at 5:10 PM, Laurent Broussy
wrote:
> Hi,
>
>
>
> Like describe in the FIPS 46-3 a DES key must have it heavy bit as parity
> bit. I try to encipher with a key without no correct parity bits and with
> this key where I put the correct parity bits the same message using
> opens
On Fri, Aug 1, 2014 at 5:46 AM, David Li wrote:
> Hi,
>
> I am using openssl 1.0.1h and AES128 CBC mode to encrypt some arbitrary
> long ASCII string.
> I encountered an issue at decryption. If I use EVP_DecryptFinal_ex then
> the output is unrecognizable. If I remove the following then the outpu
On Fri, Aug 1, 2014 at 3:07 AM, Nayna Jain wrote:
>
> Hi all,
>
> We got one of our openssl version upgraded to openssl 1.0.1e version.
> But after that I am facing this error at client side.
>
> error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number
>
> But I am not sure why is it giv
On Jul 25, 2014 5:15 PM, "Dr. Stephen Henson" wrote:
>
> On Thu, Jul 24, 2014, Denis Berezhnoy wrote:
>
> > Hi guys,
> >
> > I have a question regarding TLS1.0 and TLS1.2 performance.
> >
> > Is it a correct expectation is that TPS (transactions per seconds)
> > performance is worse with TLS1.2 pr
later than 1.0.1g and probably 1.0.1h too.
> OK, thanks. Would that be a 1.0.2 option; or a 1.1.0 option?
>
> On Wed, Jul 23, 2014 at 2:41 AM, Thulasi Goriparthi
> wrote:
> > Seems "-iter" option is added to master only in the below commit. By
> date,
> &
Seems "-iter" option is added to master only in the below commit. By date,
it is later than 1.0.1g and probably 1.0.1h too.
commit 8a6c6bbf21cc11ea0fed69a106250af0d734d786
Author: Naftuli Tzvi Kay
Date: Tue Jun 3 12:48:06 2014 -0700
Added custom PBKDF2 iteration count to PKCS8 tool.
On
In the example, only internal_bio is set using SSL_set_bio as below.
*SSL_set_bio(ssl, internal_bio, internal_bio);*
network_bio is not linked to SSL session. So it has to be freed explicitly.
On Fri, Jul 18, 2014 at 2:01 AM, Iñaki Baz Castillo wrote:
> 2014-07-17 14:29 GMT+02:00 Dr. Stephen
Version that is sent by Client in Client Hello may not necessarily be the
version of communication. It gets adjusted with what Server can support.
In your case, as you force the server to support only TLSv1, communication
protocol gets adjusted to TLSv1(03 01) even though client supports
TLSv1.2(0
*Guessing the context that is sent to EVP_PKEY_derive_set_peer is
initialized/created with a pkey belonging to different group. *
*In other words, EC keys of both parties in DH are not of the same group. *
On Mon, Jun 30, 2014 at 10:13 AM, pratyush parimal <
pratyush.pari...@gmail.com> wrote:
>
One more thing to correct myself.
2 as tag length is not allowed. only 4, 6, 8, 10, 12, 14, 16 are allowed.
On Wed, Jun 18, 2014 at 11:55 PM, Thulasi Goriparthi <
thulasi.goripar...@gmail.com> wrote:
> In the test program, you are feeding a fixed ccm_tag to decryption
> process. T
> Even when tag length of decryption was equal to tag length of encryption.
> :-(
> It just works for : tag length of decryption = tag length of encryption =
> 16.
>
> Thanks again for your help.
>
> Le 18/06/2014 16:14, Thulasi Goriparthi a écrit :
>
> Truncate-ab
6:52 PM, Michel wrote:
> Thank for your answer.
>
> But isn't this strategy very hazardous ?
> And why just for GCM and not CCM ?
>
> Le 18/06/2014 14:37, Thulasi Goriparthi a écrit :
>
> EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag);
&
EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_GCM_SET_TAG, sizeof(gcm_tag), gcm_tag);
When you change tag length with the above statement, you are telling
the decrypt context to consider only those many number of bytes
for tag comparision.
On Wed, Jun 18, 2014 at 4:52 PM, Michel wrote:
> Hi all,
>
> I w
On Wed, Feb 27, 2013 at 1:39 AM, Viktor Dukhovni wrote:
> On Wed, Feb 27, 2013 at 12:49:55AM +0530, Thulasi Goriparthi wrote:
>
> > Or use another hash type for signature which can produce not more than 53
> > bytes of hashed data. (i.e MD5, SHA1, SHA256, SHA384) while usin
max. 64 - 11 byte
padding and SHA512 produces 64 bytes of hashed data.
Thanks,
Thulasi.
On Tue, Feb 26, 2013 at 11:42 PM, Viktor Dukhovni <
openssl-us...@dukhovni.org> wrote:
> On Tue, Feb 26, 2013 at 11:30:18PM +0530, Nayna Jain wrote:
>
> > Both server and client authentica
similar to that
of TLS 1.x records?
Thanks,
Thulasi.
client write MAC key
server write MAC key
client write encryption key
server write encryption key
client write IV(if applicable)
server write IV(if applicable)
Thanks,
Thulasi.
On Thu, Feb 7, 2013 at 3:42 AM, T J wrote:
>
> Sorry to keep hammering away at
client is going to choose the
pre-master-secret. i.e attacker cannot replay any encrypted record as he
will not be able to decrypt the pre-master-secret encrypted by server's
public key and so, cannot generate the session key.
Am I still missing something trivial?
Thanks,
Thulasi.
On 5 Feb
ngine with it's
child?
Thanks,
Thulasi.
e servers but not others.
At
> this point it isn't clear if the problem is with the servers or OpenSSL.
>From ssl/tls1.h of today's snapshot, it looks to me that CipherSuites from
rfc 5288 and 5289(ECC and GCM TLS1.2 CipherSuites) are not added yet.
Thanks,
Thulasi.
On 25 May 2011
As you are planning to use symmetric encryption for payload, encrypted data
length will be same as that of payload assuming your payload is properly
padded.
On 17 May 2011 14:54, G S wrote:
> Re-sending. Forgot to finish the subject...
>
> Hi all.
>
> I have an iPhone app that retrieves databas
66 matches
Mail list logo
