On 07/12/15 05:18, Jayalakshmi bhat wrote: > Hi All, > > Is there inputs or suggestions.
Have you run the tests on this platform? i.e. "make test" I'm particular interested to know if the constant_time_test passed. Matt > > Thanks and Regards > Jaya > > On Fri, Dec 4, 2015 at 11:37 AM, Jayalakshmi bhat > <bhat.jayalaks...@gmail.com <mailto:bhat.jayalaks...@gmail.com>> wrote: > > Hi Matt, > > s3_cbc.c uses the function constant_time_eq_8. I pulled only this > function definition from OpenSSL 1.0.1e into OpenSSL 1.0.2d. I > renamed this function as constant_time_eq_8_local and used it in > s3_cbc.c instead of constant_time_eq_8. This renaming was just to > avoid multiple definitions. > > OpenSSL 1.0.1e has the function constant_time_eq_8 defined as below: > * > * > * > #define DUPLICATE_MSB_TO_ALL(x) ( (unsigned)( (int)(x) >> > (sizeof(int)*8-1) ) ) > #define DUPLICATE_MSB_TO_ALL_8(x) ((unsigned > char)(DUPLICATE_MSB_TO_ALL(x))) > * > * > * > *static unsigned char constant_time_eq_8(unsigned a, unsigned b)* > *{* > *unsigned c = a ^ b;* > *c--;* > *return DUPLICATE_MSB_TO_ALL_8(c);* > *}* > > OpenSSL 1.0.2d has the function constant_time_eq_8 defined as below. > > static inline unsigned int constant_time_msb(unsigned int a) > { > return 0 - (a >> (sizeof(a) * 8 - 1)); > } > > static inline unsigned int constant_time_is_zero(unsigned int a) > { > return constant_time_msb(~a & (a - 1)); > } > > static inline unsigned int constant_time_eq(unsigned int a, unsigned > int b) > { > return constant_time_is_zero(a ^ b); > } > > static inline unsigned char constant_time_eq_8(unsigned int a, > unsigned int b) > { > return (unsigned char)(constant_time_eq(a, b)); > } > > > Regards > Jaya > > On Fri, Dec 4, 2015 at 7:04 PM, Matt Caswell <m...@openssl.org > <mailto:m...@openssl.org>> wrote: > > > > On 04/12/15 11:31, Jayalakshmi bhat wrote: > > Hi Matt, > > > > Thanks a lot for the response. > > > > Is your application a client or a server? Are both ends using > > OpenSSL 1.0.2d? If not, what is the other end using? > >>>Our device has both TLS client,server apps. As client, device > communicates with radius server, LDAP server etc.As > > server device is accessed using various web browsers. > > Hence both the end will not be OpenSSL 1.0.2d. > > > > How exactly are you doing that? Which specific cipher are you > seeing fail? > >>> We have provided user option to select TLS protocol versions > similar to the browsers. Depending upon the user configurations we set the > protocol flags (SSL_OP_NO_TLSv1,SSL_OP_NO_TLSv1_1, SSL_OP_NO_TLSv1_2) in the > SSL context using SSL_CTX_clear_options/SSL_CTX_set_options. > >>> We have provided user option to chose ciphers as well. > > All these are in the application space,no changes have been done and > > they have been working good with OpenSSL 1.0.1c. Only the library is > > upgraded to OpenSSL 1.0.2d.I have used AES256-CBC and AES128 CBC > ciphers > > and with both the ciphers issue is seen. > > > > Are you able to provide a packet capture? > >>> Please find the attached traces for server mode. > > What O/S is this on? > >>>This is built for WinCE and Vxworks > > Thanks. Please could you also send the exact patch that you > applied that > resolved the issue? > > Matt > _______________________________________________ > openssl-users mailing list > To unsubscribe: > https://mta.openssl.org/mailman/listinfo/openssl-users > > > > > > _______________________________________________ > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > _______________________________________________ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
