CPU/Engine: VIA C7 Esther/Padlock
OS: Linux 686 (Debian)
Affected OpenSSL versions: 1.0.0e through 1.0.0g
Last known working version: 1.0.0d
Starting with 1.0.0e the following error occurs when OpenSSL is used
with the padlock engine (client: openssl s_client):
openssl s_server -cert /etc/ssl/private/server.crt -key
/etc/ssl/private/server.key -ssl3 -engine padlock -state -msg -debug
engine "padlock" set.
Using default temp DH parameters
Using default temp ECDH parameters
ACCEPT
SSL_accept:before/accept initialization
read from 0x9646110 [0x964b6cb] (5 bytes => 5 (0x5))
0000 - 16 03 00 00 86 .....
read from 0x9646110 [0x964b6d0] (134 bytes => 134 (0x86))
0000 - 01 00 00 82 03 00 4f 46-8b 24 d5 a4 07 38 23 e0 ......OF.$...8#.
0010 - 69 fa d2 71 06 94 6a 77-71 b8 ac 3f 8b 7a e8 da i..q..jwq..?.z..
0020 - 8e db 5d fc b2 03 00 00-5a c0 14 c0 0a 00 39 00 ..].....Z.....9.
0030 - 38 00 88 00 87 c0 0f c0-05 00 35 00 84 c0 12 c0 8.........5.....
0040 - 08 00 16 00 13 c0 0d c0-03 00 0a c0 13 c0 09 00 ................
0050 - 33 00 32 00 9a 00 99 00-45 00 44 c0 0e c0 04 00 3.2.....E.D.....
0060 - 2f 00 96 00 41 c0 11 c0-07 c0 0c c0 02 00 05 00 /...A...........
0070 - 04 00 15 00 12 00 09 00-14 00 11 00 08 00 06 00 ................
0080 - 03 00 ff 02 01 .....
0086 - <SPACES/NULS>
<<< SSL 3.0 Handshake [length 0086], ClientHello
01 00 00 82 03 00 4f 46 8b 24 d5 a4 07 38 23 e0
69 fa d2 71 06 94 6a 77 71 b8 ac 3f 8b 7a e8 da
8e db 5d fc b2 03 00 00 5a c0 14 c0 0a 00 39 00
38 00 88 00 87 c0 0f c0 05 00 35 00 84 c0 12 c0
08 00 16 00 13 c0 0d c0 03 00 0a c0 13 c0 09 00
33 00 32 00 9a 00 99 00 45 00 44 c0 0e c0 04 00
2f 00 96 00 41 c0 11 c0 07 c0 0c c0 02 00 05 00
04 00 15 00 12 00 09 00 14 00 11 00 08 00 06 00
03 00 ff 02 01 00
SSL_accept:SSLv3 read client hello A
>>> SSL 3.0 Handshake [length 0051], ServerHello
02 00 00 4d 03 00 4f 46 8b 24 66 48 ab 9e 71 52
22 13 d6 cb 40 1d e3 32 04 e0 d3 5e e2 89 fc 77
e7 4c be f6 2a ca 20 2b 1e c1 8b 11 86 72 e5 f0
89 6f ce cf 1e 4c f9 65 97 86 60 fa c5 6c c0 cb
bf 68 9b ec 80 8f 0e c0 14 01 00 05 ff 01 00 01
00
write to 0x9646110 [0x9655148] (86 bytes => 86 (0x56))
0000 - 16 03 00 00 51 02 00 00-4d 03 00 4f 46 8b 24 66 ....Q...M..OF.$f
0010 - 48 ab 9e 71 52 22 13 d6-cb 40 1d e3 32 04 e0 d3 H..qR"...@..2...
0020 - 5e e2 89 fc 77 e7 4c be-f6 2a ca 20 2b 1e c1 8b ^...w.L..*. +...
0030 - 11 86 72 e5 f0 89 6f ce-cf 1e 4c f9 65 97 86 60 ..r...o...L.e..`
0040 - fa c5 6c c0 cb bf 68 9b-ec 80 8f 0e c0 14 01 00 ..l...h.........
0050 - 05 ff 01 00 01 .....
0056 - <SPACES/NULS>
SSL_accept:SSLv3 write server hello A
>>> SSL 3.0 Handshake [length 022c], Certificate
0b 00 02 28 00 02 25 00 02 22 30 82 02 1e 30 82
01 87 a0 03 02 01 02 02 09 00 de a2 86 55 3a 56
c6 e7 30 0d 06 09 2a 86 48 86 f7 0d 01 01 05 05
00 30 28 31 0b 30 09 06 03 55 04 06 13 02 50 4c
31 0a 30 08 06 03 55 04 08 0c 01 20 31 0d 30 0b
06 03 55 04 0a 0c 04 63 61 72 6c 30 1e 17 0d 31
32 30 32 32 32 31 38 33 34 31 34 5a 17 0d 31 35
30 32 32 31 31 38 33 34 31 34 5a 30 28 31 0b 30
09 06 03 55 04 06 13 02 50 4c 31 0a 30 08 06 03
55 04 08 0c 01 20 31 0d 30 0b 06 03 55 04 0a 0c
04 63 61 72 6c 30 81 9f 30 0d 06 09 2a 86 48 86
f7 0d 01 01 01 05 00 03 81 8d 00 30 81 89 02 81
81 00 d8 a0 c1 37 2d ce 8b 6e d5 5f 1d 9d 51 d4
cd 6e f7 f0 af 67 b0 dc c7 e1 36 bb 56 a5 a5 df
df a7 b6 30 22 37 39 7e b3 37 26 64 6c 6c 4d 61
5f 3b 56 bc 17 a2 61 15 71 68 ee 63 ba 8b 7e e5
38 a2 b8 bb c9 bd b5 80 d6 4c 01 bf 5a ed 69 cf
20 9f a4 82 53 70 aa 3c 40 ad 06 ff 35 01 8d b1
1d a5 fc 22 60 6d 5f 73 63 e6 b9 af ca d1 9d 3b
c5 ae 8e 3a 90 0f 0e f3 a6 fc c7 89 86 7c 44 b6
0b 71 02 03 01 00 01 a3 50 30 4e 30 1d 06 03 55
1d 0e 04 16 04 14 b9 6f 26 93 61 c2 b1 d2 de 95
38 e5 13 87 bc 08 64 4a 95 4a 30 1f 06 03 55 1d
23 04 18 30 16 80 14 b9 6f 26 93 61 c2 b1 d2 de
95 38 e5 13 87 bc 08 64 4a 95 4a 30 0c 06 03 55
1d 13 04 05 30 03 01 01 ff 30 0d 06 09 2a 86 48
86 f7 0d 01 01 05 05 00 03 81 81 00 58 32 b9 2d
5d 96 84 03 26 25 6a 54 46 70 5a 2e 3b 5c 8c bb
55 e6 a9 c7 46 59 5c f1 73 f8 45 33 3a b8 40 95
6c 9c d5 5b 1f 10 97 ac cb b8 db 45 3d 07 11 b8
c5 f9 da 1a 18 65 56 39 e7 a7 1a ca a6 28 82 63
24 6a 3b 1c aa 1b a0 9b 45 fd 1d e5 54 7d ed c4
87 89 bd cd 05 6b d0 19 f7 b7 bf 80 db 38 43 26
8a 74 d6 29 bf 9c 55 4c aa 4f 80 96 a2 ce 2e a8
d2 79 6b 7f 7f 59 29 a2 db 5d f9 cb
write to 0x9646110 [0x9655148] (561 bytes => 561 (0x231))
0000 - 16 03 00 02 2c 0b 00 02-28 00 02 25 00 02 22 30 ....,...(..%.."0
0010 - 82 02 1e 30 82 01 87 a0-03 02 01 02 02 09 00 de ...0............
0020 - a2 86 55 3a 56 c6 e7 30-0d 06 09 2a 86 48 86 f7 ..U:V..0...*.H..
0030 - 0d 01 01 05 05 00 30 28-31 0b 30 09 06 03 55 04 ......0(1.0...U.
0040 - 06 13 02 50 4c 31 0a 30-08 06 03 55 04 08 0c 01 ...PL1.0...U....
0050 - 20 31 0d 30 0b 06 03 55-04 0a 0c 04 63 61 72 6c 1.0...U....carl
0060 - 30 1e 17 0d 31 32 30 32-32 32 31 38 33 34 31 34 0...120222183414
0070 - 5a 17 0d 31 35 30 32 32-31 31 38 33 34 31 34 5a Z..150221183414Z
0080 - 30 28 31 0b 30 09 06 03-55 04 06 13 02 50 4c 31 0(1.0...U....PL1
0090 - 0a 30 08 06 03 55 04 08-0c 01 20 31 0d 30 0b 06 .0...U.... 1.0..
00a0 - 03 55 04 0a 0c 04 63 61-72 6c 30 81 9f 30 0d 06 .U....carl0..0..
00b0 - 09 2a 86 48 86 f7 0d 01-01 01 05 00 03 81 8d 00 .*.H............
00c0 - 30 81 89 02 81 81 00 d8-a0 c1 37 2d ce 8b 6e d5 0.........7-..n.
00d0 - 5f 1d 9d 51 d4 cd 6e f7-f0 af 67 b0 dc c7 e1 36 _..Q..n...g....6
00e0 - bb 56 a5 a5 df df a7 b6-30 22 37 39 7e b3 37 26 .V......0"79~.7&
00f0 - 64 6c 6c 4d 61 5f 3b 56-bc 17 a2 61 15 71 68 ee dllMa_;V...a.qh.
0100 - 63 ba 8b 7e e5 38 a2 b8-bb c9 bd b5 80 d6 4c 01 c..~.8........L.
0110 - bf 5a ed 69 cf 20 9f a4-82 53 70 aa 3c 40 ad 06 .Z.i. ...Sp.<@..
0120 - ff 35 01 8d b1 1d a5 fc-22 60 6d 5f 73 63 e6 b9 .5......"`m_sc..
0130 - af ca d1 9d 3b c5 ae 8e-3a 90 0f 0e f3 a6 fc c7 ....;...:.......
0140 - 89 86 7c 44 b6 0b 71 02-03 01 00 01 a3 50 30 4e ..|D..q......P0N
0150 - 30 1d 06 03 55 1d 0e 04-16 04 14 b9 6f 26 93 61 0...U.......o&.a
0160 - c2 b1 d2 de 95 38 e5 13-87 bc 08 64 4a 95 4a 30 .....8.....dJ.J0
0170 - 1f 06 03 55 1d 23 04 18-30 16 80 14 b9 6f 26 93 ...U.#..0....o&.
0180 - 61 c2 b1 d2 de 95 38 e5-13 87 bc 08 64 4a 95 4a a.....8.....dJ.J
0190 - 30 0c 06 03 55 1d 13 04-05 30 03 01 01 ff 30 0d 0...U....0....0.
01a0 - 06 09 2a 86 48 86 f7 0d-01 01 05 05 00 03 81 81 ..*.H...........
01b0 - 00 58 32 b9 2d 5d 96 84-03 26 25 6a 54 46 70 5a .X2.-]...&%jTFpZ
01c0 - 2e 3b 5c 8c bb 55 e6 a9-c7 46 59 5c f1 73 f8 45 .;\..U...FY\.s.E
01d0 - 33 3a b8 40 95 6c 9c d5-5b 1f 10 97 ac cb b8 db 3:.@.l..[.......
01e0 - 45 3d 07 11 b8 c5 f9 da-1a 18 65 56 39 e7 a7 1a E=........eV9...
01f0 - ca a6 28 82 63 24 6a 3b-1c aa 1b a0 9b 45 fd 1d ..(.c$j;.....E..
0200 - e5 54 7d ed c4 87 89 bd-cd 05 6b d0 19 f7 b7 bf .T}.......k.....
0210 - 80 db 38 43 26 8a 74 d6-29 bf 9c 55 4c aa 4f 80 ..8C&.t.)..UL.O.
0220 - 96 a2 ce 2e a8 d2 79 6b-7f 7f 59 29 a2 db 5d f9 ......yk..Y)..].
0230 - cb .
SSL_accept:SSLv3 write certificate A
>>> SSL 3.0 Handshake [length 00cb], ServerKeyExchange
0c 00 00 c7 03 00 17 41 04 ec 2b 3b ea c7 c9 49
98 ee 44 93 ac a7 88 44 3c ce 91 e3 38 5b 74 52
42 8e 1b 5c ed 13 cd 61 ea 4b e1 66 d7 f6 ec f0
7f de 44 2f 45 a5 1d 95 1d 31 24 80 25 11 8a e1
d8 09 cd 17 ff 5c 5a d7 6a 00 80 cb 62 b5 a3 34
55 c4 89 7d b3 1b c5 8e af d7 1a 91 92 b5 3d e8
33 38 61 2e fc 04 62 67 76 a0 1b ba b0 d5 db b5
ef 00 2b e5 e6 19 e9 eb bf a9 c5 d9 3a 2c ff ea
58 1e 4a 41 ea 03 b6 45 0a 16 42 6d f2 c2 71 23
fe fb f4 84 64 1c 40 1f bb a2 15 4e 2f 94 37 4e
e0 82 74 17 9d 1f ee d3 95 c3 ca 69 c6 8c fc 87
31 37 df 46 51 ad f6 7d 8a 0b 53 7b a2 45 f4 fe
90 f3 ab d4 4e 66 71 87 07 a1 c9
write to 0x9646110 [0x9655148] (208 bytes => 208 (0xD0))
0000 - 16 03 00 00 cb 0c 00 00-c7 03 00 17 41 04 ec 2b ............A..+
0010 - 3b ea c7 c9 49 98 ee 44-93 ac a7 88 44 3c ce 91 ;...I..D....D<..
0020 - e3 38 5b 74 52 42 8e 1b-5c ed 13 cd 61 ea 4b e1 .8[tRB..\...a.K.
0030 - 66 d7 f6 ec f0 7f de 44-2f 45 a5 1d 95 1d 31 24 f......D/E....1$
0040 - 80 25 11 8a e1 d8 09 cd-17 ff 5c 5a d7 6a 00 80 .%........\Z.j..
0050 - cb 62 b5 a3 34 55 c4 89-7d b3 1b c5 8e af d7 1a .b..4U..}.......
0060 - 91 92 b5 3d e8 33 38 61-2e fc 04 62 67 76 a0 1b ...=.38a...bgv..
0070 - ba b0 d5 db b5 ef 00 2b-e5 e6 19 e9 eb bf a9 c5 .......+........
0080 - d9 3a 2c ff ea 58 1e 4a-41 ea 03 b6 45 0a 16 42 .:,..X.JA...E..B
0090 - 6d f2 c2 71 23 fe fb f4-84 64 1c 40 1f bb a2 15 m..q#....d.@....
00a0 - 4e 2f 94 37 4e e0 82 74-17 9d 1f ee d3 95 c3 ca N/.7N..t........
00b0 - 69 c6 8c fc 87 31 37 df-46 51 ad f6 7d 8a 0b 53 i....17.FQ..}..S
00c0 - 7b a2 45 f4 fe 90 f3 ab-d4 4e 66 71 87 07 a1 c9 {.E......Nfq....
SSL_accept:SSLv3 write key exchange A
>>> SSL 3.0 Handshake [length 0004], ServerHelloDone
0e 00 00 00
write to 0x9646110 [0x9655148] (9 bytes => 9 (0x9))
0000 - 16 03 00 00 04 0e ......
0009 - <SPACES/NULS>
SSL_accept:SSLv3 write server done A
SSL_accept:SSLv3 flush data
read from 0x9646110 [0x964b6cb] (5 bytes => 5 (0x5))
0000 - 16 03 00 00 46 ....F
read from 0x9646110 [0x964b6d0] (70 bytes => 70 (0x46))
0000 - 10 00 00 42 41 04 c7 b4-dd e0 63 de e6 92 5d a1 ...BA.....c...].
0010 - b7 d1 a5 a2 42 76 97 4f-3f b5 fe 7a 30 c4 b1 1e ....Bv.O?..z0...
0020 - 46 66 df 42 85 0c 81 24-c7 53 19 d8 29 39 1d 91 Ff.B...$.S..)9..
0030 - bb 6f 63 44 9b 69 52 ab-4d 93 b1 96 97 8f ef f1 .ocD.iR.M.......
0040 - ee 11 30 56 e5 45 ..0V.E
<<< SSL 3.0 Handshake [length 0046], ClientKeyExchange
10 00 00 42 41 04 c7 b4 dd e0 63 de e6 92 5d a1
b7 d1 a5 a2 42 76 97 4f 3f b5 fe 7a 30 c4 b1 1e
46 66 df 42 85 0c 81 24 c7 53 19 d8 29 39 1d 91
bb 6f 63 44 9b 69 52 ab 4d 93 b1 96 97 8f ef f1
ee 11 30 56 e5 45
SSL_accept:SSLv3 read client key exchange A
read from 0x9646110 [0x964b6cb] (5 bytes => 5 (0x5))
0000 - 14 03 00 00 01 .....
read from 0x9646110 [0x964b6d0] (1 bytes => 1 (0x1))
0000 - 01 .
<<< SSL 3.0 ChangeCipherSpec [length 0001]
01
read from 0x9646110 [0x964b6cb] (5 bytes => 5 (0x5))
0000 - 16 03 00 00 50 ....P
read from 0x9646110 [0x964b6d0] (80 bytes => 80 (0x50))
0000 - 67 6c db 75 a0 3c 74 f9-49 36 8b ed 14 9c 5a 7a gl.u.<t.I6....Zz
0010 - b0 ef db 62 bb 78 f3 10-81 87 8d d4 35 87 8d e3 ...b.x......5...
0020 - 4c 10 42 3f dc 3c 69 7d-c9 c4 e9 e3 2e 96 73 82 L.B?.<i}......s.
0030 - 69 0c 8a b2 83 ea ea 28-eb 7f 4a 42 19 33 8b fc i......(..JB.3..
0040 - b6 6e 9b 3e ce 40 28 0a-95 21 f1 bf 10 68 df 74 .n.>.@(..!...h.t
write to 0x9646110 [0x9655148] (7 bytes => 7 (0x7))
0000 - 15 03 00 00 02 02 14 .......
>>> SSL 3.0 Alert [length 0002], fatal bad_record_mac
02 14
SSL3 alert write:fatal:bad record mac
SSL_accept:error in SSLv3 read certificate verify A
ERROR
3073919128:error:1408F119:SSL routines:SSL3_GET_RECORD:decryption
failed or bad record mac:s3_pkt.c:479:
shutting down SSL
CONNECTION CLOSED
There is no error in OpenSSL versions prior to 1.0.0e or if the
padlock engine parameter is not given. I will be happy to provide any
required information to help fix this bug. Alternatively, I can
provide SSH access to the affected machine.
Regards,
Jan
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
