Skip Menu |
 
Ticket metadata
The Basics
Id: 3180
Status: new
Priority: 0/
Queue: OpenSSL-Bugs

Custom Fields
Milestone: (no value)
Subsystem: (no value)
Severity: (no value)
Broken in: (no value)

People
Owner: Nobody in particular
Requestors: David von Oheimb
Cc:
AdminCc:

More about the requestors
New reminder:
Subject:
Owner:
Due:

Dates
Created: Mon Nov 25 17:30:03 2013
Starts: Not set
Started: Not set
Last Contact: Not set
Due: Not set
Closed: Not set
Updated: Mon Nov 25 17:30:04 2013 by David von Oheimb



CC: openssl-bugs@openssl.org, Dominik Oepen <oepen@informatik.hu-berlin.de>, Annie Yousar <A.Yousar@informatik.hu-berlin.de>, "Ingo@Pyrillion" <ingo@pyrillion.org>
Subject: Brainpool Elliptic Curves in OpenSSL version 1.0.2 - Re: #2239: [PATCH] RFC 5639 support
Date: Mon, 25 Nov 2013 17:12:45 +0100
To: rt@openssl.org
From: David von Oheimb <David.von.Oheimb@siemens.com>
Download (untitled) / with headers
text/plain 1.6k
Hello OpenSSL team,

patches extending OpenSSL's built-in set of EC curves by the Brainpool
curves (see RFC 5639) have been around since 2010 - see for instance
http://openssl.6102.n7.nabble.com/openssl-org-2359-PATCH-td41171.html
http://rt.openssl.org/Ticket/Display.html?id=2239&user=guest&pass=guest

Pleased to see that finally, three years later, they have been included
in the upcoming version 1.0.2. - I have been able to verify this from
http://mirrors.ibiblio.org/openssl/snapshot/openssl-1.0.2-stable-SNAP-20131125.tar.gz

In particular since the usual NIST curves got under pressure recently:
http://it.slashdot.org/firehose.pl?op=view&type=story&sid=13/09/11/1224252
it is important to have some less debatable alternatives available for
general use ASAP. When can we expect version 1.0.2 to be released?


BTW, I successfully applied to both openssl-1.0.1c and 1.0.1e the
http://rt.openssl.org/Ticket/Attachment/32178/16797/rfc5639.patch .
When using it to cross-compile for Windows under Linux using the
ms/mingw32-cross.sh script, the dependencies of
crypto/objects/obj_dat.h and crypto/objects/obj_dat.c on
crypto/objects/obj_mac.h are not properly reflected.
As a workaround to this problem, I inserted between the lines

Show quoted text
> echo Building the libraries
> make -f ms/mingw32-cross.mak CROSS=${CROSS}

the extra two lines

Show quoted text
> make crypto/objects/obj_dat.h
> if [ crypto/objects/obj_dat.h -nt crypto/objects/obj_dat.c ]; then touch crypto/objects/obj_dat.c; fi

How does one cross-compile OpenSSL v1.0.2 for 32-bit Windows under
Linux? Both ./Configure Cygwin and ./Configure mingw
lead to various errors with 'make depend'.

Best regards
David von Oheimb