Re: [openssl-dev] OpenSSL source reformat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 07/01/15 07:58, Frey (Wei) Fu wrote: Hi Matt, I've checked the util dir in your branch and official branch, but the openssl-format-source script file seems unavailable. Would you please point out the exact location? Did you look in the sample-1.0.2-reformat/sample-master-reformat branches in my repo? The script is here: https://github.com/mattcaswell/openssl/blob/sample-1.0.2-reformat/util/openssl-format-source Matt -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJUrP9+AAoJENnE0m0OYESRs+wH/0G1B2qy7wAQmZjSS409BOOU 5hV8tgQbc+TNuvsrG59VwY3YhJQiEA4WoAimXVeX1iA3lIj9TNniJAqBz4AnTN2d wPKoyjPTOan0gVxu4+YG1+cYwuurNRWxVfIaNvSORmlSNRiCJhw2yqj0fleai/nQ ruCSMKnIbZI5uAmpE9IRuZUWPoJ8L1ah7qA2aTcjYyB1XB1/+SG3tbsgEQv8hZ1e 1InQKwbpvdmeaFjQE6pjfSeARxT/IuQ5snGbl48HuTTj3Bu/uPvXl+AQLZeXu0S/ 9h3AuoFHvq2G4qLes0nOy4dRQFiQ9i6ZPqRi+JE7Z2Gq0hW6wDbYEGl6XypupNw= =tsMt -END PGP SIGNATURE- ___ openssl-dev mailing list openssl-dev@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #3644] Encoding of EC private key is broken in all version
Dear all, all versions of OpenSSL do not encode private EC key correctly. This shows up every time the private key is at least one byte shorter than the order. If the private key has full length then the encoding looks correct. Consider the following three ECPrivateKey encondings: -BEGIN EC PRIVATE KEY- MHcCAQEEIAD/oAoGCCqGSM49 AwEHoUQDQgAE9Es5dZoubbcjpvkCSZct/QjpU4Dx/KRw6s0dA+Xt8hS++vzPIjyg ZfCg207qk/8GohFvyoH3pKlDao2RegLe3g== -END EC PRIVATE KEY- -BEGIN EC PRIVATE KEY- MGYCAQEEDwAA/6AKBggqhkjOPQMBB6FEA0IABPRLOXWaLm23 I6b5AkmXLf0I6VOA8fykcOrNHQPl7fIUvvr8zyI8oGXwoNtO6pP/BqIRb8qB96Sp Q2qNkXoC3t4= -END EC PRIVATE KEY- -BEGIN EC PRIVATE KEY- MFgCAQEEAf+gCgYIKoZIzj0DAQehRANCAAT0Szl1mi5ttyOm+QJJly39COlTgPH8 pHDqzR0D5e3yFL76/M8iPKBl8KDbTuqT/waiEW/KgfekqUNqjZF6At7e -END EC PRIVATE KEY- Despite the different base64 encodings all the corresponding private keys are the same, and therefore any signature made by one can be verified by any other. You may try it out: openssl dgst -sign key1.pem -out ec.sig test.txt openssl dgst prverify key2.pem -signature ec.sig test.txt Try also the OpenSSL ec command with the -text option on these keys. You can see that the private key is always the same (0xFF) and that OpenSSL recodes the keys. The PEM output is always identical to the last of the three. This is not correct. The SEC1 specification OpenSSL is using requires the full encoding in byte length of the order as e.g. given by the first of these three encodings. The patch that works is given as annex. It is applicable to 1.0.1j as well as to 1.0.2-beta3. There is no strong need to change any other things, even the documentation ec.pod is already correct (beside the description of the very strange -modulus option in line 96++. Attached is also a deeper analysis made by an answer to Douglas E Engert, who replies to my e-mail on openssl-dev with a different but non-appropriate subject line (EC key generation is broken in all versions). Sorry for this misleading subject line, not the key generation is broken, but the encoding. Regards, /Ann. 1.0.2-beta3.ec_pk_enc.patch Description: Binary data Hi Douglas, thank you for pointing me to PCKS#15 encoding of PrivateECKeyAttributes and thanks for spending time on this issue. Sorry for the long answer, there were many points to be considered. Keep in mind: The proposed patch does not change any bits on the wire. Kind regards, /Ann. 1. PrivateECKeyAttributes vs. ECPrivateKey OpenSSL generates an EC key with the command openssl ecparam -genkey -noout -name prime256v1 not in the PKCS#15 format but according to a SEC1 structure (cf. crypto/ec/ec_asn1.c line 191), which is defined in http://www.secg.org/sec1-v2.pdf (version 2.0 Annex C.4 p.108): ECPrivateKey ::= SEQUENCE { version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), privateKey OCTET STRING, parameters [0] ECDomainParameters {{ SECGCurveNames }} OPTIONAL, publicKey [1] BIT STRING OPTIONAL } The ASN.1 definition which is used by OpenSSL can be found in ec_asn1.c too (cf. lines 266-271): ASN1_SEQUENCE(EC_PRIVATEKEY) = { ASN1_SIMPLE(EC_PRIVATEKEY, version, LONG), ASN1_SIMPLE(EC_PRIVATEKEY, privateKey, ASN1_OCTET_STRING), ASN1_EXP_OPT(EC_PRIVATEKEY, parameters, ECPKPARAMETERS, 0), ASN1_EXP_OPT(EC_PRIVATEKEY, publicKey, ASN1_BIT_STRING, 1) } ASN1_SEQUENCE_END(EC_PRIVATEKEY) So OpenSSL uses the structure of SEC1 and refers to SEC1 (cf. also doc/apps/ec.pod lines 31++). Why not to follow consequently the requirement of SEC1 (see v2.0 p. 109)? -BEGIN LaTeX- \item The component \texttt{privateKey} is the private key defined to be the octet string of length $\lceil \log_2 n/8\rceil$ (where $n$ is the order of the curve) obtained from the unsigned integer via the encoding of Section 2.3.7. -END LaTeX- This is almost the same text as given in RFC 5915. The encoding to be used is given in the Section 2.3.7 of SEC1. The specifcations in PKCS#15 and RFC 3447 are not applicable here. 2. SEC1 vs. RFC 5480 Note the subtle difference in the definitions of SEC1 and RFC 5915. SEC1 uses ECDomainParameters{{ SECGCurveNames }}, restricted to SECGCurveNames, whereas RFC 5480 and RFC 5915 use (unrestricted) ECParameters, defined in RFC 5480. Note also that the corrected definition of RFC5915 is ECPrivateKey ::= SEQUENCE { versionINTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1), privateKey OCTET STRING, parameters [0] ECParameters OPTIONAL, publicKey [1] BIT STRING OPTIONAL } because the type ECParameters defined in RFC 5480 is not parametrized (see http://www.rfc-editor.org/errata_search.php?rfc=5915). OpenSSL uses the definition of RFC 3279 (ECpkParameters) obsoleted by RFC 5480, which changes only the naming but not the bits on the wire (ECpkParameters of RFC
Re: [openssl-dev] OpenSSL source reformat
Hi Matt, I've checked the util dir in your branch and official branch, but the openssl-format-source script file seems unavailable. Would you please point out the exact location? Thanks, Frey -Original Message- From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Matt Caswell Sent: 2015年1月5日 20:10 To: openssl-dev@openssl.org Subject: [openssl-dev] OpenSSL source reformat -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 We have previously announced our intention to reformat the entire codebase into a more consistent style (see our roadmap document here: https://www.openssl.org/about/roadmap.html) Since then we have been busy working towards doing that. I'd like to make available for comment a sample reformat. So far I've run it for master and 1.0.2, but the current thinking is that this will also be applied to 1.0.1, 1.0.0 and 0.9.8 (this is necessary to significantly ease the maintenance overhead) I've put the results of the reformat up on my github account here: https://github.com/mattcaswell/openssl The reformat of master is on the sample-master-reformat branch, and the 1.0.2 reformat is on sample-1.0.2-reformat. The style itself is heavily influenced by the Linux Kernel Coding style: https://www.kernel.org/doc/Documentation/CodingStyle Although there are some significant differences - most notably that we are using spaces not tabs for indents, and the indent depth is 4 characters not 8. We will be publishing our own style guide in due course. I'm not looking to open any religious wars here - so I'm not looking for comments on the style itself (e.g. debates about whether 2, 4 or 8 character indents are better (we've already had those!)) - but I'm mainly seeking feedback on anywhere where the reformatting has failed. We've already looked of course...but sometimes many sets of eyes are better! I've also made available the script that was used to do the reformatting. The script is called openssl-format-source and is in the util directory of the branches mentioned above. This script depends on GNU indent being available. It should be executed from the root of the source tree as follows: util/openssl-format-source -v -c . There are also some one-off manual tweaks (both before and after running the script) that need to be done which are present in the sample reformat branches. These are related to multi-line comments which have their own internal formatting - these aren't handled too well. The manual steps should be a one-off exercise though. The hope is that we will be able to re-run the script at regular intervals. Thanks Matt -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJUqn77AAoJENnE0m0OYESRlD8H/j8U2mxUhe7yPoJ8gwUZzy3k 4RMelsCzjBMPfiA8VgL8IvtYl7GpBZaG938RXPS9uHLSaUhGJt7vCghKEEO+OQqM qYlNm3BNutRWAJ8S63qHqL6sgN+tUCktnwN9MJUIHLDE9Eh9natRf8sJjanBdmg+ F46RXzaQJSe2BuSvSdzaD0aamjAM3qbhESbz6Que5IlP+gkMyCCf2Ug5wB9XPQF8 VGLE2umGxaGB/qzGim/jwSIJ4q56+f+MWqdh64Sz8IxYNGeYtQ5dIgWyZ7rzb8G4 +jJkRL3WTEsBQYRHTjM4R+OM4ZreMaWqgWkdOIr4AikUgSujFOpeaNQQnOfQfVo= =17Ml -END PGP SIGNATURE- ___ openssl-dev mailing list openssl-dev@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev ___ openssl-dev mailing list openssl-dev@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
[openssl-dev] [openssl.org #3645] openssl-1.0.1h-cmp - Linking issue
Hi I am using Open SSL Code version openssl-1.0.1h-cmp , I am getting some linking problem , all the symbols sk_CMP_XXX is missing . Can you please help me which file contains sk_CMP_XXX functions , do i need to do something at compilation. Below is the compolation logs. cmpforopenssl-code-766/src/openssl-1.0.1h-cmp] ./config cmpforopenssl-code-766/src/openssl-1.0.1h-cmp] make ../libcrypto.a(cmp_ses.o): In function `save_certrep_statusInfo': cmp_ses.c:(.text+0xf1): undefined reference to `sk_CMP_CERTRESPONSE_num' cmp_ses.c:(.text+0x106): undefined reference to `sk_CMP_CERTRESPONSE_value' ../libcrypto.a(cmp_ses.o): In function `pollForResponse': cmp_ses.c:(.text+0xb7b): undefined reference to `sk_CMP_POLLREP_value' ../libcrypto.a(cmp_lib.o): In function `CMP_CERTREPMESSAGE_certResponse_get0': cmp_lib.c:(.text+0x260): undefined reference to `sk_CMP_CERTRESPONSE_num' ../libcrypto.a(cmp_lib.o): In function `CMP_CERTREPMESSAGE_certType_get': cmp_lib.c:(.text+0x280): undefined reference to `sk_CMP_CERTRESPONSE_num' ../libcrypto.a(cmp_lib.o): In function `CMP_CERTREPMESSAGE_PKIStatusString_get0': cmp_lib.c:(.text+0x2a0): undefined reference to `sk_CMP_CERTRESPONSE_num' ../libcrypto.a(cmp_lib.o): In function `CMP_CERTREPMESSAGE_PKIFailureInfoString_get0': cmp_lib.c:(.text+0x2e0): undefined reference to `sk_CMP_CERTRESPONSE_num' ../libcrypto.a(cmp_lib.o): In function `CMP_CERTREPMESSAGE_PKIFailureInfo_get0': cmp_lib.c:(.text+0x320): undefined reference to `sk_CMP_CERTRESPONSE_num' ../libcrypto.a(cmp_lib.o):cmp_lib.c:(.text+0x360): more undefined references to `sk_CMP_CERTRESPONSE_num' follow ../libcrypto.a(cmp_lib.o): In function `CMP_ITAV_stack_item_push0': cmp_lib.c:(.text+0x8f4): undefined reference to `sk_CMP_INFOTYPEANDVALUE_push' cmp_lib.c:(.text+0x90a): undefined reference to `sk_CMP_INFOTYPEANDVALUE_pop_free' cmp_lib.c:(.text+0x94b): undefined reference to `sk_CMP_INFOTYPEANDVALUE_new_null' ../libcrypto.a(cmp_lib.o): In function `CMP_PKIMESSAGE_check_implicitConfirm': cmp_lib.c:(.text+0x986): undefined reference to `sk_CMP_INFOTYPEANDVALUE_num' cmp_lib.c:(.text+0x9ad): undefined reference to `sk_CMP_INFOTYPEANDVALUE_value' ../libcrypto.a(cmp_lib.o): In function `CMP_REVREPCONTENT_PKIStatus_get': cmp_lib.c:(.text+0x142f): undefined reference to `sk_CMP_PKISTATUSINFO_value' ../libcrypto.a(cmp_lib.o): In function `CMP_PKIHEADER_generalInfo_item_push0': cmp_lib.c:(.text+0x14b7): undefined reference to `sk_CMP_INFOTYPEANDVALUE_push' cmp_lib.c:(.text+0x14ce): undefined reference to `sk_CMP_INFOTYPEANDVALUE_pop_free' cmp_lib.c:(.text+0x150b): undefined reference to `sk_CMP_INFOTYPEANDVALUE_new_null' ../libcrypto.a(cmp_lib.o): In function `CMP_CERTREPMESSAGE_get_certificate': cmp_lib.c:(.text+0x154c): undefined reference to `sk_CMP_CERTRESPONSE_num' cmp_lib.c:(.text+0x1580): undefined reference to `sk_CMP_CERTRESPONSE_num' cmp_lib.c:(.text+0x15b4): undefined reference to `sk_CMP_CERTRESPONSE_num' cmp_lib.c:(.text+0x1631): undefined reference to `sk_CMP_CERTRESPONSE_num' ../libcrypto.a(cmp_lib.o): In function `CMP_PKIMESSAGE_set_implicitConfirm': cmp_lib.c:(.text+0x16e9): undefined reference to `sk_CMP_INFOTYPEANDVALUE_push' cmp_lib.c:(.text+0x1705): undefined reference to `sk_CMP_INFOTYPEANDVALUE_pop_free' cmp_lib.c:(.text+0x1743): undefined reference to `sk_CMP_INFOTYPEANDVALUE_new_null' ../libcrypto.a(cmp_lib.o): In function `CMP_PKIMESSAGE_genm_item_push0': cmp_lib.c:(.text+0x1869): undefined reference to `sk_CMP_INFOTYPEANDVALUE_push' cmp_lib.c:(.text+0x1880): undefined reference to `sk_CMP_INFOTYPEANDVALUE_pop_free' cmp_lib.c:(.text+0x18a3): undefined reference to `sk_CMP_INFOTYPEANDVALUE_new_null' ../libcrypto.a(cmp_msg.o): In function `CMP_genm_new': cmp_msg.c:(.text+0x94): undefined reference to `sk_CMP_INFOTYPEANDVALUE_new_null' ../libcrypto.a(cmp_msg.o): In function `CMP_certConf_new': cmp_msg.c:(.text+0x1d5): undefined reference to `sk_CMP_CERTSTATUS_new_null' cmp_msg.c:(.text+0x208): undefined reference to `sk_CMP_CERTSTATUS_push' ../libcrypto.a(cmp_msg.o): In function `CMP_kur_new': cmp_msg.c:(.text+0x698): undefined reference to `sk_CRMF_CERTREQMSG_new_null' cmp_msg.c:(.text+0x6d1): undefined reference to `sk_CRMF_CERTREQMSG_push' ../libcrypto.a(cmp_msg.o): In function `CMP_cr_new': cmp_msg.c:(.text+0x91b): undefined reference to `sk_CRMF_CERTREQMSG_new_null' cmp_msg.c:(.text+0x959): undefined reference to `sk_CRMF_CERTREQMSG_push' ../libcrypto.a(cmp_msg.o): In function `CMP_rr_new': cmp_msg.c:(.text+0xac5): undefined reference to `sk_CMP_REVDETAILS_new_null' cmp_msg.c:(.text+0xaf4): undefined reference to `sk_CMP_REVDETAILS_push' ../libcrypto.a(cmp_msg.o): In function `CMP_ir_new': cmp_msg.c:(.text+0xc95): undefined reference to `sk_CRMF_CERTREQMSG_new_null' cmp_msg.c:(.text+0xcce): undefined reference to `sk_CRMF_CERTREQMSG_push' ../libcrypto.a(cmp_msg.o): In function `CMP_pollReq_new': cmp_msg.c:(.text+0xeec): undefined reference to
[openssl-dev] Make errors broken in s3_clnt.c
It appears there's another error num breakage in ssl/s3_clnt.c at line 1544. Please see the details at the bottom of the following log: http://173.39.238.160:8080/job/1_0_1_make_errors/1/console Please see my comment under commit 37580f43b5a39f5f4e920d17273fab9713d3a744 in github with the suggested resolution. ___ openssl-dev mailing list openssl-dev@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev