Re: VxWorks and OPEN SSL questions -
On Mon, Apr 08, 2002 at 08:39:11PM -0400, Bill Pringlemeir wrote: Praveen Bill Thanks for the help. I am coming along with my Praveen compilation on VxWorks platform. I am struck when I am tryo Praveen to compile the crypto/bio files. This is some to do with Praveen openssl/e_os.h Praveen When I removed the line sys/params.h from the e-os.h, then Praveen I get error from bss_bio.c. Praveen I am getting lost some where here. [ Hopefully people on openssl-dev don't mind this discussion? It seems slightly relevant. ] At least I don't mind and I am quite convinced that the discussion is relevant, as other readers may work on the same topic or might do so in the future. I have made modification to e_os.h as follows, ... If I am suppose to send this to some American government facility, I will stop posting any more information. I am not a lawyer, but discussions you send should be covered by the right on free speech. If you are going to send patches to be included, it should however be copied through to your government. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
PKI and sockets
I am working on an application that will implement PKI between a server and a client. Can someone tell me where I might get some sample code (C) or a tutorial on how to do it. I have looked at Eric Rescorla's but I am not sure how to create my own certificates to get that tutorial work, I can use the sample certificates he provides, but that would not be good for production. Plus I would rather use PKI than certificates. Any help would be great. Thank you. Mark Webb __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: VxWorks and OPEN SSL questions -
Bill Thanks for the help. I am coming along with my compilation on VxWorks platform. I am struck when I am tryo to compile the crypto/bio files. This is some to do with openssl/e_os.h When I removed the line sys/params.h from the e-os.h, then I get error from bss_bio.c. I am getting lost some where here. Thanks Praveen -Original Message- From: Bill Pringlemeir [mailto:[EMAIL PROTECTED]] Sent: Friday, April 05, 2002 11:59 AM To: Praveen Dulam Cc: '[EMAIL PROTECTED]' Subject: Re: VxWorks and OPEN SSL questions - Praveen Hi I am building an openssl image on to the Vxworks plaform. [snip] Praveen My Priority is reduce the image size , as this is very Praveen crtitical in RTOS. My Questions are : Crypto directory is Bill This is more of an application question than development. The Bill answer is quite simple. Add these compiler flags, for example, Bill -DVXWORKS=1 -DGETPID_IS_MEANINGLESS -DNO_CHMOD -DNO_BF=1 Bill -DNO_MD4=1 \ -DNO_RC2=1 -DNO_RC5=1 -DNO_IDEA=1 -DNO_CAST=1 Bill -DNORIPEMD=1 -DNO_HMAC=1 \ -DNO_MDC2=1 -DNO_ERR=1 -Wall [snip] Praveen Bill I understand this. Praveen The Open SSL Make files are not arranged well for the first Praveen time users. I could compile and run well on Linux platform. Praveen I am doing the same for VxWorks, windows 2000 is my Praveen development environment. I am using this for Arm Praveen processor. I use ccarm. Praveen I am trying to integrate in the make file. I don't to how to Praveen set up the environment. One way I could do is , physicall Praveen create my own make file for each sub directories. Please visit this URL, http://www.xs4all.nl/~borkhuis/vxworks/vxw_pt6.html#6.9; Apparently someone name Bill Pringlemeir has ported OpenSSL to vxWorks [so have people at Nortel and a few other places]. Another method is to take all of the OpenSSL files and add them to a project. This is what I have did, after the Makefile. PID_IS_MEANINGLESS, NO_CHMOD, etc are relevant to vxWorks. As described in the vxWorks FAQ, you can use the Perl script and an NT configuration to produce a version of OpenSSL that works with vxWorks. Choose the option to not include assembler. One part is to take all of the Unix links and make copies of the files (ARGH!). A major part was to get an entropy collection agent. I used WindML (a graphics package) to collect user input from a keyboard and touch screen device. You need some good source of entropy to generate keys well. You can also use a file of random numbers, but I would not recommend that. My target was an ARM processor as well. I have not optimized it for this processor, through configuration, defines, or source code modifications. I didn't see anything specifically related to ARM. I know that the NetWinder has an ARM linux and that Russel King and others are actively developing for ARM Linux. If you find any ARM specific OpenSSL code or configuration files, I would appreciated knowing. I was starting to do this when I got pulled off in another direction... hth, Bill Pringlemeir. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL/Java JSSE Handshake problem...
Hi,
The client and server are hanging at the moment (I have them both set up to
defer the handshake until they actually start doing reads and writes). Here
is the output from the Java (client) side:
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1001529913 bytes = { 73, 47, 149, 28, 97, 17, 208, 173,
40, 253, 177, 188, 173, 223, 166, 36, 123, 114, 130, 35, 168, 26, 51, 5, 70,
108, 161, 1 }
Session ID: {}
Cipher Suites: { 0, 5 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 45
: 01 00 00 29 03 01 3C B2 22 39 49 2F 95 1C 61 11 ...)...9I/..a.
0010: D0 AD 28 FD B1 BC AD DF A6 24 7B 72 82 23 A8 1A ..(..$.r.#..
0020: 33 05 46 6C A1 01 00 00 02 00 05 01 00 3.Fl.
main, WRITE: SSL v3.1 Handshake, length = 45
[write] MD5 and SHA1 hashes: len = 44
: 01 03 01 00 03 00 00 00 20 00 00 05 3C B2 22 39 9
0010: 49 2F 95 1C 61 11 D0 AD 28 FD B1 BC AD DF A6 24 I/..a...(..$
0020: 7B 72 82 23 A8 1A 33 05 46 6C A1 01 .r.#..3.Fl..
main, WRITE: SSL v2, contentType = 22, translated length = 16343
and here is what I get on the server (OpenSSL) when I Ctrl-C the client:
26747:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:290:
This happens when I select TLSv1 on the Java side and
TLSv1_server_method on the OpenSSL side. TLSv1 on the Java side and
SSLv23_server_method (but not SSLv3_server_method) works fine.
Sincerely,
Kevin Regan
p.s. Here are the results if I use SSLv23_server_method on the server
(OpenSSL) side:
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1001530276 bytes = { 172, 253, 8, 146, 32, 73, 123, 236,
6, 158, 8, 44, 163, 203, 46, 192, 149, 74, 76, 95, 83, 45, 238, 252, 101,
90, 56, 164 }
Session ID: {}
Cipher Suites: { 0, 5 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 45
: 01 00 00 29 03 01 3C B2 24 A4 AC FD 08 92 20 49 ...)...$. I
0010: 7B EC 06 9E 08 2C A3 CB 2E C0 95 4A 4C 5F 53 2D .,.JL_S-
0020: EE FC 65 5A 38 A4 00 00 02 00 05 01 00 ..eZ8
main, WRITE: SSL v3.1 Handshake, length = 45
[write] MD5 and SHA1 hashes: len = 44
: 01 03 01 00 03 00 00 00 20 00 00 05 3C B2 24 A4 $.
0010: AC FD 08 92 20 49 7B EC 06 9E 08 2C A3 CB 2E C0 I.,
0020: 95 4A 4C 5F 53 2D EE FC 65 5A 38 A4 .JL_S-..eZ8.
main, WRITE: SSL v2, contentType = 22, translated length = 16343
main, READ: SSL v3.1 Handshake, length = 74
*** ServerHello, v3.1
RandomCookie: GMT: 1001530276 bytes = { 255, 255, 162, 129, 107, 43, 125,
172, 178, 161, 8, 129, 114, 95, 184, 52, 174, 204, 212, 94, 214, 34, 100,
15, 123, 6, 112, 150 }
Session ID: {249, 243, 66, 107, 91, 54, 214, 205, 129, 246, 12, 116, 74,
151, 254, 124, 0, 15, 107, 140, 84, 135, 62, 65, 108, 38, 145, 148, 140,
114, 175, 20}
Cipher Suite: { 0, 5 }
Compression Method: 0
***
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_SHA]
** SSL_RSA_WITH_RC4_128_SHA
[read] MD5 and SHA1 hashes: len = 74
: 02 00 00 46 03 01 3C B2 24 A4 FF FF A2 81 6B 2B ...F...$.k+
0010: 7D AC B2 A1 08 81 72 5F B8 34 AE CC D4 5E D6 22 ..r_.4...^.
0020: 64 0F 7B 06 70 96 20 F9 F3 42 6B 5B 36 D6 CD 81 d...p. ..Bk[6...
0030: F6 0C 74 4A 97 FE 7C 00 0F 6B 8C 54 87 3E 41 6C ..tJ.k.T.Al
0040: 26 91 94 8C 72 AF 14 00 05 00...r.
main, READ: SSL v3.1 Handshake, length = 440
*** Certificate chain
chain [0] = [
[
Version: V4
Subject: CN=NetIQ Corporation
Signature Algorithm: MD5withRSA, OID = 1.2.840.113549.1.1.4
Key: com.sun.net.ssl.internal.ssl.JSA_RSAPublicKey@763f5d
Validity: [From: Tue Apr 02 16:17:03 CST 2002,
To: Sun Apr 01 17:17:03 CDT 2007]
Issuer: CN=NetIQ Corporation
SerialNumber: [ 0 ]
]
Algorithm: [MD5withRSA]
Signature:
: BA 70 EB 71 D1 96 96 44 A8 F7 37 E8 5E 6B 4C B4 .p.q...D..7.^kL.
0010: 19 24 CE 1D DC 1A DD 35 F3 DA F2 E1 AF 0A 06 3B .$.5...;
0020: E4 A3 AA 2E FD 6D 5D E9 60 D0 E7 49 76 E3 71 BE .m].`..Iv.q.
0030: 1C DA D1 08 75 9E 87 C6 05 62 DC 3C 55 F0 5D 31 ub.U.]1
0040: E0 EB 35 0A E6 C6 BF BF 1C EC 09 D3 BC AB 49 5B ..5...I[
0050: A1 82 1D E2 FE ED DE C9 0C AA D2 72 84 1B 7C 4D ...r...M
0060: C7 1B A7 D6 02 C0 97 0C 3D 66 5F D2 A1 29 B8 05 =f_..)..
0070: EA D5 B6 E9 35 DF 42 33 F7 16 B2 7A A2 59 DC F2 5.B3...z.Y..
]
***
Checking server trusted.
Server trusted.
[read] MD5 and SHA1 hashes: len = 440
: 0B 00 01 B4 00 01 B1 00 01 AE 30 82 01 AA 30 82 ..0...0.
0010: 01 13 A0 03 02 01 03 02 01 00 30 0D 06 09 2A 86 ..0...*.
0020: 48 86 F7 0D 01 01 04 05 00 30 1C 31 1A 30 18 06 H0.1.0..
0030: 03 55 04 03 13 11 4E 65 74 49 51 20 43 6F 72 70 .UNetIQ Corp
0040: 6F 72 61 74 69 6F 6E 30 1E 17 0D 30 32 30 34 30 oration0...02040
0050: 32 32 32 31 37 30 33 5A 17 0D 30 37 30 34 30 31 2221703Z..070401
0060: 32
Openssl-09.5
OpenSSl version 0.9.5 Solaris 8 Sparc 20 Gcc compiler Apache 1.3.20 Received this error after trying to generate key pair using openssl syntax : openssl req -new -nodes -keyout private.key -out public.csr. Error: demo1# openssl req -new -nodes -keyout private.key -out public.csr Using configuration from /usr/local/ssl/openssl.cnf unable to load 'random state' This means that the random number generator has not been seeded with much random data. Generating a 1024 bit RSA private key 1465:error:24064064:random number generator:SSLEAY_RAND_BYTES:prng not seeded:md_rand.c:470: 1465:error:04069003:rsa routines:RSA_generate_key:BN lib:rsa_gen.c:182: Please tell me how to proceed. Thanks. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
openssl-0.9.6c through openssl-0.9.5 fail if $PERL is defined notas the binary perl
Title: openssl-0.9.6c through openssl-0.9.5 fail if $PERL is defined n Greetings, First let me thank you for your wonderful product openssl. It works great and I am very thankful it is out there. I have found a small conflict in more recent version of the config or Configure script for version 0.9.c back through 0.9.5 that if $PERL is defined as anything but the binary location for perl the configure script will fail with a message: permission defined to /var/local/bin (or I guess whatever the path that $PERL is defined as). Personally I have $PERL defined as the source of perl and the place where I put new modules. I would think that your script should at least check if $PERL is defined to see if the path it is pointing to is a binary or not it will try to use it as a binary executable even if it points to a directory! Not a good idea. Perhaps if $PERL is defined you could either prompt to see if it is the correct value, test to see if it is the correct value or unset and set it again before your configure scripts exit. It is a very small problem but I expect it could confuse some newer user users. Thanks, john
Re: Openssl-09.5
At 17:54 08.04.2002 -0400, you wrote: Received this error after trying to generate key pair using openssl syntax : openssl req -new -nodes -keyout private.key -out public.csr. Error: demo1# openssl req -new -nodes -keyout private.key -out public.csr Using configuration from /usr/local/ssl/openssl.cnf unable to load 'random state' This means that the random number generator has not been seeded with much random data. Generating a 1024 bit RSA private key 1465:error:24064064:random number generator:SSLEAY_RAND_BYTES:prng not seeded:md_rand.c:470: 1465:error:04069003:rsa routines:RSA_generate_key:BN lib:rsa_gen.c:182: Please tell me how to proceed. Look at http://www.openssl.org/support/faq.html#USER1 Ciao, Richard -- Dr. Richard W. Könning Fujitsu Siemens Computers GmbH __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Openssl-09.5
Richard Koenning wrote: Look at http://www.openssl.org/support/faq.html#USER Pointing $RANDFILE to an Entropy Gathering Daemon socket does not work. ... This is really a bug. It doesn't work *why*? Because the code isn't written to read properly from a FIFO. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PKI and sockets
Mark W. Webb wrote: I am working on an application that will implement PKI between a server and a client. That sentence is somewhat wrong: between clients and servers (i.e. 2 computers) you will need to use a protocol they adhere to when speaking to each other. PKI (Public Key Infrastructure) is not a protocol. I assume you want to secure the communication between the server and the client. SSL is a protocol that can achieve that, and incidentely OpenSSL provides the necessary functionality. Can someone tell me where I might get some sample code (C) or a tutorial on how to do it. If you download and unpack the source code of OpenSSL, there is plenty of sample source. You can find the latest version of the OpenSSL source code at http://www.openssl.org/ . There is however not much documentation for programmers besides the source code itself. I have looked at Eric Rescorla's but I am not sure how to create my own certificates to get that tutorial work, Rescorla's book is excellent, you should read it some more. You can get free trial certificates from verisign, however they are only valid for some days. http://www.verisign.com/freeGuides.html Alternatively, you can generate your own certificates with openssl, if you download the source code and compile it. You can use the openssl program via the commandline to do so, documentation can be found at http://www.openssl.org/docs/apps/openssl.html Look for the subcommands genrsa (to generate a RSA public/private keypair) req (to generate a certificate requet) x509 (to create a certificate) I can use the sample certificates he provides, but that would not be good for production. This is correct - using sample certificates in a production environment would be dangerous if they come with a know private key, and useless if they don't. Plus I would rather use PKI than certificates. As mentioned above, this is nor either/or choice. PKI relies on certificates. Sorry ;-). - David __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL/Java JSSE Handshake problem...
On Mon, Apr 08, 2002 at 06:23:12PM -0500, Kevin Regan wrote:
Hi,
The client and server are hanging at the moment (I have them both set up to
defer the handshake until they actually start doing reads and writes). Here
is the output from the Java (client) side:
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1001529913 bytes = { 73, 47, 149, 28, 97, 17, 208, 173,
40, 253, 177, 188, 173, 223, 166, 36, 123, 114, 130, 35, 168, 26, 51, 5, 70,
108, 161, 1 }
Session ID: {}
Cipher Suites: { 0, 5 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 45
: 01 00 00 29 03 01 3C B2 22 39 49 2F 95 1C 61 11 ...)...9I/..a.
0010: D0 AD 28 FD B1 BC AD DF A6 24 7B 72 82 23 A8 1A ..(..$.r.#..
0020: 33 05 46 6C A1 01 00 00 02 00 05 01 00 3.Fl.
main, WRITE: SSL v3.1 Handshake, length = 45
[write] MD5 and SHA1 hashes: len = 44
: 01 03 01 00 03 00 00 00 20 00 00 05 3C B2 22 39 9
0010: 49 2F 95 1C 61 11 D0 AD 28 FD B1 BC AD DF A6 24 I/..a...(..$
0020: 7B 72 82 23 A8 1A 33 05 46 6C A1 01 .r.#..3.Fl..
Hmm. This is a TLSv1 client hello? Hmm:
lutzpc 27: openssl s_client -debug -tls1 -connect serv01:443
CONNECTED(0003)
write to 08149C18 [081539D0] (88 bytes = 88 (0x58))
- 16 03 01 00 53 01 00 00-4f 03 01 3c b3 33 22 c2 S...O...3.
0010 - 41 74 94 64 c2 a3 54 4c-41 36 d6 38 df 06 3a a0 At.d..TLA6.8..:.
0020 - 7e 2c fd 09 24 86 92 5e-d5 d2 94 00 00 28 00 16 ~,..$..^.(..
0030 - 00 13 00 0a 00 66 00 05-00 04 00 65 00 64 00 63 .f.e.d.c
0040 - 00 62 00 61 00 60 00 15-00 12 00 09 00 14 00 11 .b.a.`..
0050 - 00 08 00 06 00 03 01 ...
Would you consider using ssldump in helping you to analyze the handshake??
main, WRITE: SSL v2, contentType = 22, translated length = 16343
^^^
Hmm. This does not really indicate it is TLSv1, doesn't it???
and here is what I get on the server (OpenSSL) when I Ctrl-C the client:
26747:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:290:
That would fit the underlined statement above.
Best regards,
Lutz
--
Lutz Jaenicke [EMAIL PROTECTED]
http://www.aet.TU-Cottbus.DE/personen/jaenicke/
BTU Cottbus, Allgemeine Elektrotechnik
Universitaetsplatz 3-4, D-03044 Cottbus
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL/Java JSSE Handshake problem...
Kevin Regan wrote:
26747:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:290:
This happens when I select TLSv1 on the Java side and
TLSv1_server_method on the OpenSSL side. TLSv1 on the Java side and
SSLv23_server_method (but not SSLv3_server_method) works fine.
(Before I say anything else, I admit that some of the JSSE APIs and the
debug output are a bit confusing. Mainly lack of time and compatibility
issues to blame).
The confusion seems to stem from the fact that SSLContext.getInstance()
returns a context that supports /at least/ the specified protocol. It
may support others too. In particular, for the Sun JSSE provider you get
always get the same result whether you use TLSv1, SSL, etc. with the
getInstance() call. To select the actual enabled protocols, use the
setEnabledProtocols() method on SSLSocket/ SSLServerSocket.
For the Sun JSSE provider, the default enabled protocols are SSLv3,
TLSv1, and the pseudo protocol SSLv2Hello. The latter means that client
hello messages are sent/ accepted in SSLv2 format. This is for better
error diagnostic when talking to SSLv2 only implementations.
The result is that with the default settings a V2 client hello message
requesting TLS 1.0 is sent. I think what you want to do is something
like socket.setEnabledProtocols(new String[] {TLSv1}).
For this and much more see also
http://java.sun.com/j2se/1.4/docs/guide/security/jsse/JSSERefGuide.html .
BTW, I would not expect the client to hang, however. This should only
happen if the server neither sends an (error) response nor closes the
socket. Don't know if this is the case here.
Andreas.
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Re: VxWorks and OPEN SSL questions -
Praveen == Praveen Dulam [EMAIL PROTECTED] writes: Praveen Bill I am getting this error on bss_log.c file Praveen compilation. This is to do with syslog.h file. Don't compile it! The cagey OpenSSL developers give you this hint, /* Why BIO_s_log? BIO_s_log is useful for system daemons (or services under NT). It is one-way BIO, it sends all stuff to syslogd (on system that commonly use that), or event log (on NT), or OPCOM (on OpenVMS). */ There is no Syslog service on MS-DOS or vxWorks. That is the NT event services or syslogd on *nix [maybe even BSD]. This wasn't that useful for many of the applications that you might use with vxWorks. I defined out the error messages with -DNO_ERR. I don't think this would be very useful at all without the strings. Take a look at the function names and comments in any of the OpenSSL code. You will quickly figure out what a file is for. However, if you do need it, you actually have to do some work ;-) hth, Bill Pringlemeir. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: openssl-0.9.6c through openssl-0.9.5 fail if $PERL is defined not as the binary perl
On Mon, Apr 08, 2002 at 07:13:34PM +, John Salinas wrote: First let me thank you for your wonderful product openssl. It works great and I am very thankful it is out there. I have found a small conflict in more recent version of the config or Configure script for version 0.9.c back through 0.9.5 that if $PERL is defined as anything but the binary location for perl the configure script will fail with a message: permission defined to /var/local/bin (or I guess whatever the path that $PERL is defined as). Personally I have $PERL defined as the source of perl and the place where I put new modules. I would think that your script should at least check if $PERL is defined to see if the path it is pointing to is a binary or not it will try to use it as a binary executable even if it points to a directory! Not a good idea. Perhaps if $PERL is defined you could either prompt to see if it is the correct value, test to see if it is the correct value or unset and set it again before your configure scripts exit. It is a very small problem but I expect it could confuse some newer user users. Even though it might have surprised you, using the PERL environment variable in the way OpenSSL does it is a comletely normal technique. There exist ideas to move to autoconf one fine day and integrating a suitable check for perl might be part of the move, but I think we should leave things as they are right now. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: OpenSSL/Java JSSE Handshake problem...
This might have the same cause as the problem I encountered. Brad Whetmore from
Sun helped me find this.
According to TLS (which can be found e.g. here:
http://www.ietf.org/rfc/rfc2246.txt ), in the final message exchanges from the
TLS handshake, a client key exchange message is sent by the client. The client
key exchange message contains a RSA encrypted premaster secret message, which in
turn contains a field with the The latest (newest) version supported by the
client.. In case of TLS, this would be 3.1.
But due to the fact that some older servers did not behave correctly, some SSL
client libraries send the protocol version number as agreed upon in the
handshake (this is wrong according to TLS spec, but compatible to the old
servers). This means they start with a 3.1 ClientHello, and after agreeing on
protocol version 3.0 (SSLv3) they send a premaster secret with 3.0 as the
version number. A correctly implemented TLS server will expect a 3.1 here. [this
would explain the SSL3_GET_RECORD:wrong version number error you observed]. In
my case, this wrong version number led to a bad_record_mac error as mentioned.
I've encountered this behaviour in JSSE 1.0.2 and iSaSiLk 3.03 from
http://www.iaik.at/ . The workaround I use is to limit the version the client is
supposed to use to 3.0 (SSLv3), since the server was only allowed to speak SSLv3
(by policy). Even broken clients will work then since they do not start with 3.1
in the ClientHello, so the (correctly implemented) server won't expect a 3.1 in
the premaster secret. Unfortunately, JSSE 1.0.2 provides no interface to do this
(iSaSiLk does), but this has been improved in the new JSSE version found in
JDK1.4, from what I saw.
For your problem the best solution might be to find out why the client and the
server do not agree on TLS - according to the protocol you've sent they decide
to use SSLv2. SSLv2 had some security flaws and should not be used when SSLv3 or
even TLS is available, so you should look into this anyway. [for more details on
the security of SSLv2, see Eric Rescorla's SSL and TLS book].
Best Regards,
David
Kevin Regan wrote:
Hi,
The client and server are hanging at the moment (I have them both set up to
defer the handshake until they actually start doing reads and writes). Here
is the output from the Java (client) side:
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1001529913 bytes = { 73, 47, 149, 28, 97, 17, 208, 173,
40, 253, 177, 188, 173, 223, 166, 36, 123, 114, 130, 35, 168, 26, 51, 5, 70,
108, 161, 1 }
Session ID: {}
Cipher Suites: { 0, 5 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 45
: 01 00 00 29 03 01 3C B2 22 39 49 2F 95 1C 61 11 ...)...9I/..a.
0010: D0 AD 28 FD B1 BC AD DF A6 24 7B 72 82 23 A8 1A ..(..$.r.#..
0020: 33 05 46 6C A1 01 00 00 02 00 05 01 00 3.Fl.
main, WRITE: SSL v3.1 Handshake, length = 45
[write] MD5 and SHA1 hashes: len = 44
: 01 03 01 00 03 00 00 00 20 00 00 05 3C B2 22 39 9
0010: 49 2F 95 1C 61 11 D0 AD 28 FD B1 BC AD DF A6 24 I/..a...(..$
0020: 7B 72 82 23 A8 1A 33 05 46 6C A1 01 .r.#..3.Fl..
main, WRITE: SSL v2, contentType = 22, translated length = 16343
and here is what I get on the server (OpenSSL) when I Ctrl-C the client:
26747:error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version
number:s3_pkt.c:290:
This happens when I select TLSv1 on the Java side and
TLSv1_server_method on the OpenSSL side. TLSv1 on the Java side and
SSLv23_server_method (but not SSLv3_server_method) works fine.
Sincerely,
Kevin Regan
p.s. Here are the results if I use SSLv23_server_method on the server
(OpenSSL) side:
%% No cached client session
*** ClientHello, v3.1
RandomCookie: GMT: 1001530276 bytes = { 172, 253, 8, 146, 32, 73, 123, 236,
6, 158, 8, 44, 163, 203, 46, 192, 149, 74, 76, 95, 83, 45, 238, 252, 101,
90, 56, 164 }
Session ID: {}
Cipher Suites: { 0, 5 }
Compression Methods: { 0 }
***
[write] MD5 and SHA1 hashes: len = 45
: 01 00 00 29 03 01 3C B2 24 A4 AC FD 08 92 20 49 ...)...$. I
0010: 7B EC 06 9E 08 2C A3 CB 2E C0 95 4A 4C 5F 53 2D .,.JL_S-
0020: EE FC 65 5A 38 A4 00 00 02 00 05 01 00 ..eZ8
main, WRITE: SSL v3.1 Handshake, length = 45
[write] MD5 and SHA1 hashes: len = 44
: 01 03 01 00 03 00 00 00 20 00 00 05 3C B2 24 A4 $.
0010: AC FD 08 92 20 49 7B EC 06 9E 08 2C A3 CB 2E C0 I.,
0020: 95 4A 4C 5F 53 2D EE FC 65 5A 38 A4 .JL_S-..eZ8.
main, WRITE: SSL v2, contentType = 22, translated length = 16343
main, READ: SSL v3.1 Handshake, length = 74
*** ServerHello, v3.1
RandomCookie: GMT: 1001530276 bytes = { 255, 255, 162, 129, 107, 43, 125,
172, 178, 161, 8, 129, 114, 95, 184, 52, 174, 204, 212, 94, 214, 34, 100,
15, 123, 6, 112, 150 }
Session ID: {249, 243, 66, 107, 91, 54, 214, 205, 129, 246, 12, 116, 74,
151,
Re: OpenSSL/Java JSSE Handshake problem...
On Tue, Apr 09, 2002 at 08:52:29PM +0200, David Maurus wrote: This might have the same cause as the problem I encountered. Brad Whetmore from Sun helped me find this. According to TLS (which can be found e.g. here: http://www.ietf.org/rfc/rfc2246.txt ), in the final message exchanges from the TLS handshake, a client key exchange message is sent by the client. The client key exchange message contains a RSA encrypted premaster secret message, which in turn contains a field with the The latest (newest) version supported by the client.. In case of TLS, this would be 3.1. But due to the fact that some older servers did not behave correctly, some SSL client libraries send the protocol version number as agreed upon in the handshake (this is wrong according to TLS spec, but compatible to the old servers). This means they start with a 3.1 ClientHello, and after agreeing on protocol version 3.0 (SSLv3) they send a premaster secret with 3.0 as the version number. A correctly implemented TLS server will expect a 3.1 here. [this would explain the SSL3_GET_RECORD:wrong version number error you observed]. In my case, this wrong version number led to a bad_record_mac error as mentioned. Late versions of OpenSSL provide the SSL_OP_TLS_ROLLBACK_BUG that allows the server to ignore this protocol violation. It is however not enabled by default. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: VxWorks and OPEN SSL questions -
Bill Thank you. I am sure this will help people on openssl-dev. If I am suppose to send this to some American government facility, I will stop posting any more information. No we are not govt agency nor we have to inform Govt agency. I am working for a wireless startup. This we are doing as a part of our product development to see if we can use openssl. Thanks again, I will try these modifications and see if it works.. -Praveen -Original Message- From: Bill Pringlemeir [mailto:[EMAIL PROTECTED]] Sent: Monday, April 08, 2002 5:39 PM To: Praveen Dulam Cc: '[EMAIL PROTECTED]' Subject: Re: VxWorks and OPEN SSL questions - Praveen Bill Thanks for the help. I am coming along with my Praveen compilation on VxWorks platform. I am struck when I am tryo Praveen to compile the crypto/bio files. This is some to do with Praveen openssl/e_os.h Praveen When I removed the line sys/params.h from the e-os.h, then Praveen I get error from bss_bio.c. Praveen I am getting lost some where here. [ Hopefully people on openssl-dev don't mind this discussion? It seems slightly relevant. ] I have made modification to e_os.h as follows, #if defined(WINDOWS) !defined(__CYGWIN32__) [...] #else #ifdef VXWORKS # include ioLib.h # include sockLib.h # include hostLib.h # include sysLib.h # undef m_len # undef BUFSIZE # undef DEVRANDOM # define gethostbyname gethostname #endif #define get_last_socket_error() errno #define clear_socket_error()errno=0 #define ioctlsocket(a,b,c) ioctl(a,b,c) #define closesocket(s) close(s) #define readsocket(s,b,n) read((s),(b),(n)) #define writesocket(s,b,n) write((s),(b),(n)) #endif I don't know if they are really great or not. All the compiler flag, -DNO_XXX, must be used with your OpenSSL application as well. Ie, whatever it is that is using the OpenSSL library. I had several problems with the BIO portion. I examined peices of it and removed some functions that didn't seem to make sense for my box. For instance, I don't trust DNS, I don't have DNS, and I don't like DNS (well, ok, maybe I do, but it is another port to attack). So all of the gethostbyname() calls were removed and we are using IP numbers for all accesses. My one patch to bss_bio.c is to add `#undef SSIZE_MAX' after the e_os.h include. vxWorks has a habit of polluting the namespace. This define in a vxWorks system header, but it means something completely different. If I am suppose to send this to some American government facility, I will stop posting any more information. hth, Bill Pringlemeir. __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: wrong defines SN_xyz
On Tue, Apr 02, 2002 at 10:07:27PM +0200, Lutz Jaenicke wrote: On Tue, Apr 02, 2002 at 09:25:00AM +0200, Michael Bell wrote: after I found the wrong definitions of SN_surname and SN_serialNumber I looked around and find the next problems in crypto/objects/ : SN_titletitle (now T) SN_description description (now D) SN_givenNamegn(now G) SN_initials initials (now I) LN_uniqueIdentifier x500UniqueIdentifier (now uniqueIdentifier) SN_rfc822Mailboxmail (now rfc822Mailbox) SN_pkcs9_emailAddress emailAddress (now Email) * SN_rfc822Mailbox is not wrong but a short name exists * I don't find a short name for SN_pkcs9_emailAddress. The related RFC only defines a long name Hmm... I have implemented the changes you recommend, but now I get a warning about a shortname mail to be defined twice. Maybe this was the reason why it was left out... I have attached the patch (including the problem). What do you recommend? Only objects.txt contains all necessary information; run the PERL scripts as used in Makefile.ssl to rebuild the other files. Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
someone having problemns with her mta?
Hallo openssl-dev, My mailer reports: [PeekTime] 1017175639 ErrCode = -173 ErrString = Mail loop detected Message P6E6A blocked by mail loop check ! antigone.familiehaase.de P6E6A MAIL FROM: [EMAIL PROTECTED] RCPT TO: [EMAIL PROTECTED] MAIL-DATA Return-Path: [EMAIL PROTECTED] Delivered-To: [EMAIL PROTECTED] Received: (qmail 28748 invoked by uid 101); 26 Mar 2002 16:08:05 - Received: from mmx.engelschall.com (195.27.130.252) by mail3.netbeat.de with SMTP; 26 Mar 2002 16:08:05 - Received: by mmx.engelschall.com (Postfix) id 48AD7194F3; Tue, 26 Mar 2002 17:07:10 +0100 (CET) Received: from opensource.ee.ethz.ch (opensource-01.ee.ethz.ch [129.132.7.153]) by mmx.engelschall.com (Postfix) with ESMTP id 1E1E5194E5 for [EMAIL PROTECTED]; Tue, 26 Mar 2002 17:07:10 +0100 (CET) Received: by en5.engelschall.com (Sendmail 8.9.2) for openssl-dev-L id RAA15056; Tue, 26 Mar 2002 17:06:19 +0100 (MET) Received: by en5.engelschall.com (Sendmail 8.9.2) via ESMTP for [EMAIL PROTECTED] from persephone.cfrq.net id RAA14978; Tue, 26 Mar 2002 17:05:16 +0100 (MET) Received: from elisabeth.cfrq.net (gate.nevex.com [207.245.2.2]) by persephone.cfrq.net (8.11.6/8.11.6) with ESMTP id g2QG58c10806 (using TLSv1/SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168 bits) verified OK) for [EMAIL PROTECTED]; Tue, 26 Mar 2002 11:05:13 -0500 Received: from elisabeth.cfrq.net (chk@localhost) by elisabeth.cfrq.net (8.11.6/8.11.6) with ESMTP id g2QG57g26603 for [EMAIL PROTECTED]; Tue, 26 Mar 2002 11:05:08 -0500 Received: from persephone.cfrq.net by localhost with POP3 (fetchmail-5.9.0) for chk@localhost (single-drop); Thu, 21 Mar 2002 15:50:25 -0500 (EST) Received: from cali-2.pobox.com (cali-2.pobox.com [64.71.166.115]) by persephone.cfrq.net (8.11.6/8.11.6) with ESMTP id g2LKjnB20256 for [EMAIL PROTECTED]; Thu, 21 Mar 2002 15:45:49 -0500 Received: from cali-2.pobox.com (localhost.localdomain [127.0.0.1]) by cali-2.pobox.com (Postfix) with ESMTP id DF9C93E7B7 for [EMAIL PROTECTED]; Thu, 21 Mar 2002 15:45:48 -0500 (EST) Delivered-To: [EMAIL PROTECTED] Received: from mmx.engelschall.com (mmx.engelschall.com [195.27.130.252]) by cali-2.pobox.com (Postfix) with ESMTP id 427BE3E6D6; Thu, 21 Mar 2002 15:45:48 -0500 (EST) Received: by mmx.engelschall.com (Postfix) id 8DD521950B; Thu, 21 Mar 2002 21:44:15 +0100 (CET) Received: from opensource.ee.ethz.ch (opensource-01.ee.ethz.ch [129.132.7.153]) by mmx.engelschall.com (Postfix) with ESMTP id 639581950A for [EMAIL PROTECTED]; Thu, 21 Mar 2002 21:44:15 +0100 (CET) Received: by en5.engelschall.com (Sendmail 8.9.2) for openssl-users-L id VAA26714; Thu, 21 Mar 2002 21:43:20 +0100 (MET) Received: by en5.engelschall.com (Sendmail 8.9.2) via ESMTP for [EMAIL PROTECTED] from persephone.cfrq.net id VAA26708; Thu, 21 Mar 2002 21:43:08 +0100 (MET) Received: from elisabeth.cfrq.net (gate.nevex.com [207.245.2.2]) by persephone.cfrq.net (8.11.6/8.11.6) with ESMTP id g2LKh3B20219 (using TLSv1/SSLv3 with cipher EDH-RSA-DES-CBC3-SHA (168 bits) verified OK) for [EMAIL PROTECTED]; Thu, 21 Mar 2002 15:43:06 -0500 Received: from elisabeth.cfrq.net (chk@localhost) by elisabeth.cfrq.net (8.11.6/8.11.6) with ESMTP id g2LKh1w12763 for [EMAIL PROTECTED]; Thu, 21 Mar 2002 15:43:02 -0500 To: [EMAIL PROTECTED] Subject: certificate verification and Sub CAs From: Harald Koch [EMAIL PROTECTED] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-ID: [EMAIL PROTECTED] Date: Thu, 21 Mar 2002 15:43:00 -0500 Message-ID: [EMAIL PROTECTED] X-Sender: Harald Koch [EMAIL PROTECTED] X-List-Manager: OpenSSL Majordomo [version 1.94.4] X-List-Name: openssl-users Sender: [EMAIL PROTECTED] Precedence: bulk Reply-To: [EMAIL PROTECTED] X-Sender: Harald Koch [EMAIL PROTECTED] X-List-Manager: OpenSSL Majordomo [version 1.94.4] X-List-Name: openssl-dev Gerrit -- =^..^= __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
