evp_encrypt_init_ex
Hi, One question regarding EVP_Encrypt APIs. EVP_EncryptInit_ex(ctx, cipher, NULL, (unsigned char *)enc_key, (unsigned char *)iv)) Is there a way to pass the iv as NULL during the call to the above API, and then update this later on. I want to do this because of the following reason, I want to initialize the context to use the same key for all calls to encrypt but want to use a different IV value. If I use this API as it is, then for achieving that, I need to call Init_ex each time. I want something like this- Step-1 EVP_EncryptInit_ex(ctx, cipher, NULL, (unsigned char *)enc_key-v, NULL) Step-2 EncryptData- //Can call this many times Set the IV value EVP_EncryptUpdate(); EVP_EncrpyFinal(); One solution is to use the same IV for all calls to Encrypt, but I guess this defeats the purpose of random IV. Similarly case for for decrypt also. Thanks, Prashant. -- Prashant Batra Follow the dreams!!
Re: Problem with HMAC_Init_ex
Thanks everyone for help, It was a sad issue with my library linking. Resolved the problem. Regards, Prashant On Thu, May 5, 2011 at 9:45 AM, Jeffrey Walton noloa...@gmail.com wrote: 2011/5/4 Prashant Batra prashant0...@gmail.com: http://pastebin.com/0BG97RDH This does not contain complete source code, but will definitely give you the idea about what I am trying to do. After a quick look, it does not appear there is enough code to say what is wrong. For example, you perform: (key-v)[0]=0x20; yet there is no definition for syfer_vchar_t. In HASHAlgSha1::InitializeContext, and presuming hash_key is a good pointer (and hash_key-v and hash_key-l are valid), I believe the code should work as expected. I would guess the problem lies elsewhere in your code. Also, you appear to ignore return values. It would probably be a good idea to verify functions such as HMAC_CTX_init. See http://www.openssl.org/docs/crypto/hmac.html. Jeff On Wed, May 4, 2011 at 4:38 PM, derleader mail derlea...@abv.bg wrote: Hi all, I am finding a strange problem with HMAC_Init_ex. After the call to this function the stack is getting corrupted. The sequence of functions used are- HMAC_CTX ctx ; HMAC_CTX_init(ctx); HMAC_Init_ex(ctx, hash_key-v, hash_key-l, EVP_sha1(), NULL); Key-v points to 20 bytes of memory, while key-l is 20. Are there some necessary pre-requisites to this? Can anyone help? Thanks, Prashant Hi, Let us see the complete source code to see where is the problem. Paste it into http://pastebin.com/ Regards [SNIP] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Prashant Batra Follow the dreams!!
Re: evp_encrypt_init_ex
On Thu, May 05, 2011, Prashant Batra wrote: Hi, One question regarding EVP_Encrypt APIs. EVP_EncryptInit_ex(ctx, cipher, NULL, (unsigned char *)enc_key, (unsigned char *)iv)) Is there a way to pass the iv as NULL during the call to the above API, and then update this later on. Yes. You set the iv parameter to NULL in the initial call and later set all parameters apart from the context and iv to NULL. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
OpenSSL and multithreaded programs
Is the OpenSSL library supposed to be at all reentrant? I've had odd problems (intermittent errors) when trying to use OpenSSL in a multithreaded program (multiple threads each dealing with independent SSL connections), and have apparently solved them by creating a single global mutex and wrapping a mutex acquire around every call into the library. Is this kind of locking expected to be needed? Chris Dodd cd...@csl.sri.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: OpenSSL and multithreaded programs
From: Chris Dodd Is the OpenSSL library supposed to be at all reentrant? I've had odd problems (intermittent errors) when trying to use OpenSSL in a multithreaded program (multiple threads each dealing with independent SSL connections), and have apparently solved them by creating a single global mutex and wrapping a mutex acquire around every call into the library. Is this kind of locking expected to be needed? http://lmgtfy.com/?q=openssl+locking__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
OpenSSL 1.0.0 BIO_new_accept _only_ binds to IPV6 interface?
I have just compiled an application I wrote on an OpenSuse 11.3 box, with OpenSSL 1.0.0 installed. All other installations have been on previous OpenSuse installations, with OpenSSL 0.9.8x, and have worked fine. On the new box, the application call only binds to the IPV6 interface. Under 0.9.8, BIO_new_accept(8080) gives the following in netstat: tcp0 0 0.0.0.0:80800.0.0.0:* LISTEN And with 1.0.0, BIO_new_accept(8008) gives the following: tcp0 0 ::1:8008:::*LISTEN I have tried various combinations of: BIO_new_accept(0.0.0.0:8008) BIO_new_accept(8008) BIO_new_accept(*:8008) BIO_new_accept(127.0.0.1:8008) BIO_new_accept(localhost:8008) But nothing seems to work. Does anybody have an idea how to bet BIO_new_accept to listen on an IPV4 interface? Thanks, Justin __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL and multithreaded programs
On 5/5/2011 10:01 AM, Chris Dodd wrote: Is the OpenSSL library supposed to be at all reentrant? I've had odd problems (intermittent errors) when trying to use OpenSSL in a multithreaded program (multiple threads each dealing with independent SSL connections), and have apparently solved them by creating a single global mutex and wrapping a mutex acquire around every call into the library. Is this kind of locking expected to be needed? This should not be needed so long as you follow two rules: 1) You must properly set the multi-threaded locking callback. 2) You must not attempt to access the same object directly from two threads at the same time. For example, you cannot call SSL_read and SSL_write concurrently on the same SSL object. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
cryptographic algorithms
Hello, Please list all encryption algorithms supported by OpenSSL 0.9.8e, 0.9.8m and 1.0.0d. It looks like that http://www.openssl.org/docs/crypto/crypto.html has not been updated for a while and does not list ECC and possibly some other algorithms. Thank you, Alona
SSL_peek crashing
Hello, The version I'm using is openssl-1.0.0d. I wrote a routing that while there is data into the SSL object, do some actions (SSL_read, etc) But every time, after a few packets goes through the routine, it crash: Program received signal SIGSEGV, Segmentation fault. 0x0036f5a7 in ?? () from /lib/i386-linux-gnu/libc.so.6 (gdb) bt #0 0x0036f5a7 in ?? () from /lib/i386-linux-gnu/libc.so.6 #1 0x080b2970 in bio_read (bio=0x828b300, buf=0x82acb23 \027\003\001\001, size_=5) at bss_bio.c:248 #2 0x080ae623 in BIO_read (b=0x828b300, out=0x82acb23, outl=5) at bio_lib.c:212 #3 0x08097e09 in ssl3_read_n (s=0x828b008, n=5, max=5, extend=0) at s3_pkt.c:238 #4 0x08098020 in ssl3_get_record (s=0x828b008) at s3_pkt.c:317 #5 0x080990f6 in ssl3_read_bytes (s=0x828b008, type=23, buf=0xb53c , len=1, peek=1) at s3_pkt.c:959 #6 0x08095d8b in ssl3_read_internal (s=0x828b008, buf=0xb53c, len=1, peek=1) at s3_lib.c:3265 #7 0x08095e44 in ssl3_peek (s=0x828b008, buf=0xb53c, len=1) at s3_lib.c:3290 #8 0x0807923b in SSL_peek (s=0x828b008, buf=0xb53c, num=1) at ssl_lib.c:969 #9 0x001657b6 in net_on_input (peer=0x82856d0) at net.c:308 [...] (gdb) frame 1 #1 0x080b2970 in bio_read (bio=0x828b300, buf=0x82acb23 \027\003\001\001, size_=5) at bss_bio.c:248 248 memcpy(buf, peer_b-buf + peer_b-offset, chunk); (gdb) print peer_b-buf $1 = 0xc445 Address 0xc445 out of bounds (gdb) print peer_b-offset $2 = 591641582 (gdb) print chunk $3 = 3703873727 (gdb) There is definitively something wrong here. I would need some help to debug it, thank you. - nicboul __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Create cert with SHA1: really MAC error on openldap
Hi, Firstly I apologize for my insistence about this topic but it is very important to me. I cleared my head a little and I'm exposing my issue again: There is a client machine integrated in LDAP server (389 DS). in this client machine I tried to run getent group, sudo -l or id and usually fail. I have tried to run these commands without ssl and everything is ok. The problem appears with ssl enabled. I have captured traffic with wireshark and the file of the relevant packages is attached here (It is a plain txt with 6 packages, sorry but I'm new with wireshark and I don't know a better way to pass the code). Well, wireshark says that the transmission window is full and the client closes the connection. Which could be the problem Regards, Moisés. 2011/5/3 Dave Thompson dthomp...@prinpay.com From: owner-openssl-us...@openssl.org On Behalf Of Moisés Barba Pérez Sent: Monday, 02 May, 2011 06:35 I need to create a cert with SHA1 hash. I have a problem with AES256-SHA because of my versión of openssl related in the bug https://bugzilla.redhat.com/show_bug.cgi?id=676384. Normally the cert is created with TinyCA2, and I thought it was created with SHA1 not sure. When I exec openssl ciphers -v shows 3 ciphers with sha = 256 and I don't know why. This doesn't follow. That bug is described as involving AES256-SHA but apparently is actually only SHA2 (which is a generic name for SHA224, SHA256, SHA384, SHA512, and now some variants). Maybe a server coincidentally used both a new ciphersuite and a new cert(key) (someone upgrading security could well do both). Note the symptom was 0D0C50A1 (ASN1_item_verify unknown digest) and connection i.e. handshake did NOT succeed. *That* error can be caused by a disabled certificate hash. Have you got any suggestion about how to create the cert, or why are listed those 3 Ciphers with sha=256, or how to solve this??? openssl ciphers -v DHE-RSA-AES256-SHA SSLv3 Kx=DH Au=RSA Enc=AES(256) Mac=SHA1 DHE-DSS-AES256-SHA SSLv3 Kx=DH Au=DSS Enc=AES(256) Mac=SHA1 AES256-SHA SSLv3 Kx=RSA Au=RSA Enc=AES(256) Mac=SHA1 (were bold in HTML) These are SHA1 NOT sha=256; read what you posted. There are some new TLS1.2 ciphersuites that do use mac=SHA256, not yet supported by OpenSSL. But the hash used in a ciphersuite for data HMAC has no connection at all with the hash used to sign a cert. OpenSSL can do SHA2 certs (RSA/SHA2 for some time, DSA/SHA224,256 only 1.0 I think, ECDSA I'm not sure). openssl x509 -in certfile [-inform der] -noout -text in Signature Algorithm: indicates the hash for a cert. But the symptom you posted SSL peer reports incorrect Message Authentication Code is almost certainly NOT a problem with ANY certificate -- unless openldap is working very hard to deceive you, and I don't believe that for a moment. It does appear to give you only partial information about the handshake result; it may have been coded back when there were fewer options and this information was sufficient. Does the server log any (better) info at the same time? Are there more tracing/logging options you can enable? I see you tried openssl s_client, but defaulted cipher so it allowed AES256-SHA while you say your client is set to MEDIUM. Try s_client with -cipher MEDIUM to see exactly what is being negotiated by your client(s). (Or get a good network trace e.g. wireshark.) Try your client with specific suites RC4-SHA and RC4-MD5 to see if it makes any difference (though it shouldn't). If the server allows eNULL (OpenSSL doesn't by default) try NULL-SHA and NULL-MD5 to make sure this is really MAC error and not something else reported misleadingly. (Or again get a good network trace.) If both ends of any SSL connection are implemented correctly and handshake succeeds, you should NOT get data MAC errors (or data decrypt), unless something is tampering with the socket data or memory -- hopefully accidentally. Is the client program only an ldap client or does it do other things? Multithread and/or using nonblocking I/O? Ditto the server (I'd guess it is as least one of those, but I'd expect it to be quite well debugged by now)? Do you have other SSL client(s) to the same server? Other SSL server(s) for this client? Are other apps using same OpenSSL on same systems OK? You indicate a centos-patched version of 0.9.8e. Personally I don't know about centos patches, but if that's relevant someone else might. Or you could try with build from vanilla source (and if so you might get more current also). Is there any firewalling or proxying going on that might alter data (though it shouldn't)? Can you get network traces that show the same data arriving at the server as leaving your client? (This will be very tedious unless you have eNULL.)
Re: cryptographic algorithms
On Thu, May 05, 2011 at 02:29:07PM -0400, Alona Rossen wrote: Please list all encryption algorithms supported by OpenSSL 0.9.8e, 0.9.8m and 1.0.0d. To list all ciphers $ openssl ciphers -v ALL:eNULL:@STRENGTH just use the appropriate openssl(1) binary to find which ciphers are supported by which release. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: OpenSSL and multithreaded programs
We use OpenSSL in a highly multi-threaded application and don't have problems. There are some locking callbacks that you should be using. Look up these: CRYPTO_set_id_callback(); CRYPTO_set_locking_callback(); CRYPTO_set_dynlock_create_callback(); CRYPTO_set_dynlock_lock_callback(); CRYPTO_set_dynlock_destroy_callback(); Dave. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Chris Dodd Sent: Thursday, May 05, 2011 1:01 PM To: openssl-users@openssl.org Subject: OpenSSL and multithreaded programs Is the OpenSSL library supposed to be at all reentrant? I've had odd problems (intermittent errors) when trying to use OpenSSL in a multithreaded program (multiple threads each dealing with independent SSL connections), and have apparently solved them by creating a single global mutex and wrapping a mutex acquire around every call into the library. Is this kind of locking expected to be needed? Chris Dodd cd...@csl.sri.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: cryptographic algorithms
On Thu, May 05, 2011, Alona Rossen wrote: Hello, Please list all encryption algorithms supported by OpenSSL 0.9.8e, 0.9.8m and 1.0.0d. It looks like that http://www.openssl.org/docs/crypto/crypto.html has not been updated for a while and does not list ECC and possibly some other algorithms. openssl list-cipher-commands openssl list-message-dogest-algorithms openssl list-public-key-algorithms Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org