Skip Menu |
 
Ticket metadata
The Basics
Id: 2239
Status: resolved
Priority: 0/
Queue: OpenSSL-Bugs

Custom Fields
Milestone: (no value)
Subsystem: (no value)
Severity: (no value)
Broken in: (no value)

People
Owner: Stephen Henson
Requestors: Ingo@Pyrillion
Dominik Oepen
Cc:
AdminCc:

More about the requestors

Ingo@Pyrillion

Comments about this user: No comment entered about this user
Groups this user belongs to
  • Everyone
  • Unprivileged

Dominik Oepen

Comments about this user: No comment entered about this user
Groups this user belongs to
  • Everyone
  • Unprivileged

New reminder:
Subject:
Owner:
Due:

Dates
Created: Sat Apr 17 13:50:24 2010
Starts: Not set
Started: Not set
Last Contact: Tue Jan 10 09:30:08 2012
Due: Not set
Closed: Sun Apr 22 15:13:51 2012
Updated: Sun Apr 22 15:13:51 2012 by Stephen Henson



Subject: [PATCH] RFC 5639 support
Date: Sat, 17 Apr 2010 12:08:13 +0200
To: openssl-bugs@openssl.org
From: Dominik Oepen <oepen@informatik.hu-berlin.de>
Download (untitled) / with headers
text/plain 400b
This patch adds support for the elliptic curves defined in RFC 5639 to
OpenSSL. It applies cleanly to HEAD an todays snapshot.

The patch was originally written by Annie Yousar
(a.yousar@informatik.hu-berlin.de). With her permission I adopted it for
the latest version of OpenSSL.

Please let me know of any changes required for this patch to be
integrated into OpenSSL.

Best regards,
Dominik Oepen
Download rfc5639.patch
text/x-patch 26.1k

Message body is not shown because it is too large.

Subject: [PATCH]
Date: Sat, 9 Oct 2010 10:02:05 +0200
To: <openssl-bugs@openssl.org>
From: "Ingo@Pyrillion" <ingo@pyrillion.org>
Download (untitled) / with headers
text/plain 499b
Dear OpenSSL developers,

please find attached a patch for the two files objects.txt and ec_curve.c
adding the Brainpool Elliptic Curves according to RFC 5639 dated March 2010.
The patch has been tested on 32bit Windows and 64bit Windows.

---
Why would Brainpool support be nice in OpenSSL?

e.g. the new German identity card, which is also a proximity card according
to ISO 14443/ISO 7816 makes extensive use of Elliptic Curve Cryptography
deploying the Brainpool curves.
---

Thx+Cheers, Ingo.
Download brainpool_ec_curves.diff
application/octet-stream 23.6k

Message body not shown because it is not plain text.

CC: openssl-dev@openssl.org
Subject: Re: [openssl.org #2359] [PATCH]
Date: Wed, 13 Oct 2010 19:58:33 +0200
To: "Ingo@Pyrillion via RT" <rt@openssl.org>
From: Frank Morgner <morgner@informatik.hu-berlin.de>
Download (untitled) / with headers
text/plain 1007b
Ingo, you might be interested in OpenPACE [1] and Virtual Smart Card
Architecture [2]. The first offers crypto algorithms to talk to the new
German identity card the latter has tools (for example pace-tool), which
can talk to the actual card. Both tested with ePA - BDr GmbH - Testkarte
v1.00.

Greets, Frank.

[1] http://sourceforge.net/projects/openpace/
[2] https://sourceforge.net/projects/vsmartcard/

On Sunday, October 10 at 03:03PM, Ingo@Pyrillion via RT wrote:
Show quoted text
> Dear OpenSSL developers,
>
> please find attached a patch for the two files objects.txt and ec_curve.c
> adding the Brainpool Elliptic Curves according to RFC 5639 dated March 2010.
> The patch has been tested on 32bit Windows and 64bit Windows.
>
> ---
> Why would Brainpool support be nice in OpenSSL?
>
> e.g. the new German identity card, which is also a proximity card according
> to ISO 14443/ISO 7816 makes extensive use of Elliptic Curve Cryptography
> deploying the Brainpool curves.
> ---
>
> Thx+Cheers, Ingo.
>
>
>
Subject: AW: [openssl.org #2359] [PATCH]
Date: Thu, 14 Oct 2010 21:20:20 +0200
To: <rt@openssl.org>
From: "Ingo@Pyrillion" <ingo@pyrillion.org>
Download (untitled) / with headers
text/plain 1.6k
Dear Frank,

thank you for the information. I am working for a German IT security
company, which implemented a rich set of tools for the nPA or ePass,
respectively. I am currently writing a set of totally free tools to decode
and display CV certificates (CVCA, DVCA, and Authentication Terminal).

This software is using OpenSSL and thus it would be great to support the
Brainpool curves (my submitted patch is really minimal-invasive!).

Kind regards, Ingo.

Show quoted text
-----Urspr√ľngliche Nachricht-----
Von: Frank Morgner via RT [mailto:rt@openssl.org]
Gesendet: Mittwoch, 13. Oktober 2010 20:19
An: ingo@pyrillion.org
Cc: openssl-dev@openssl.org
Betreff: Re: [openssl.org #2359] [PATCH]

Ingo, you might be interested in OpenPACE [1] and Virtual Smart Card
Architecture [2]. The first offers crypto algorithms to talk to the new
German identity card the latter has tools (for example pace-tool), which can
talk to the actual card. Both tested with ePA - BDr GmbH - Testkarte v1.00.

Greets, Frank.

[1] http://sourceforge.net/projects/openpace/
[2] https://sourceforge.net/projects/vsmartcard/

On Sunday, October 10 at 03:03PM, Ingo@Pyrillion via RT wrote:
> Dear OpenSSL developers,
>
> please find attached a patch for the two files objects.txt and
> ec_curve.c adding the Brainpool Elliptic Curves according to RFC 5639
dated March 2010.
> The patch has been tested on 32bit Windows and 64bit Windows.
>
> ---
> Why would Brainpool support be nice in OpenSSL?
>
> e.g. the new German identity card, which is also a proximity card
> according to ISO 14443/ISO 7816 makes extensive use of Elliptic Curve
> Cryptography deploying the Brainpool curves.
> ---
>
> Thx+Cheers, Ingo.
>
>
>
Subject: Re: [openssl.org #2239] [PATCH] RFC 5639 support
Date: Tue, 10 Jan 2012 09:19:05 +0100
To: rt@openssl.org
From: Dominik Oepen <dominik.oepen@informatik.hu-berlin.de>
Download (untitled) / with headers
text/plain 658b
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here is an updated patch for OpenSSL 1.0.1-beta1. It would be great if
the patch could be included before the release of OpenSSL 1.0.1. An
equivalent patch (for OpenSSL 1.0.0a) has been submitted here:
http://rt.openssl.org/Ticket/Display.html?id=2359&user=guest&pass=guest so
there seems to be some interest in this functionality.

Cheers,
Dominik
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.18 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk8L9HkACgkQ8RP9uQqpDVSHvACdGuf3o4Gay6sCetn3Du1U084L
/r8AnAxXHyphh/o524z+W4u5IsCPJOFr
=tto4
-----END PGP SIGNATURE-----
Download rfc5639.patch
text/x-patch 27.6k

Message body is not shown because sender requested not to inline it.

Download (untitled) / with headers
text/plain 208b
Applied to OpenSSL 1.0.2-stable and HEAD. Many thanks for the contribution.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org