On Wed, Feb 06, 2013, Brad House wrote: > On 02/06/2013 12:30 PM, Brad House wrote: > ...<snip>... > > I should also note that currently I am using > >OpenSSL 1.0.1d-fips 5 Feb 2013 > >On an Intel(R) Core(TM) i7-3770S CPU @ 3.10GHz running Ubuntu 12.04 64bit > >(so presumably I'm using AES-NI ... noticed changes to that in the > >changelog). > > > >I have not yet tried to compile it in non-FIPS mode to rule > >that out, but I am not running it in an active FIPS mode. I > >have reproduced this issue on Linux x64 and Windows x86 thus far, > >I haven't tested it on any other system. > ...<snip>... > > I have reproduced the issue with a stock build as well following > the procedure below. The stock build does seem to have a couple > of behavioral differences. First, I can reproduce the issue > now on the server side without specifying the cipher as long as > the client side does specify the cipher suite. Next, I can only > get the actual error message to be reported when running under > valgrind... however, the corruption is ALWAYS there when not > running under valgrind. > > I can see it exhibited by a random character before the word > "DONE" on the server side after my "Hello World" is printed out > that was sent from the client side. Using older versions did not > exhibit this behavior. > > Perhaps the issue is in the ECDHE-RSA-AES256-SHA cipher suite > which is being chosen... when it uses ECDHE-RSA-AES256-GCM-SHA384 > when no cipher suite is specified, everything is OK (e.g. no > valgrind errors and no random character). >
A possibility is the AESNI+SHA1 stitched code which is handled as a special case. You'd only see that with AES+SHA1 ciphersuites on AES-NI supporting processors. Try disabling AES-NI with OPENSSL_ia32cap=~0x200000200000000 also try entering FIPS mode for a FIPS build with OPENSSL_FIPS=1. Finally you could try reverting the last changes to e_aes_cbc_hmac_sha1.c for test purposes: note this will also make you vulnerable to CVE-2013-0169 Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org