SSL_CTX_set1_curves issues when setting a non-TLS named curve
Hi, I'm work on a Qt patch which adds the capability to select which elliptic curves should be used by a client socket when negotiating an EC cipher [1]. When using some TLS named curves [2], everything seems to work just fine. The problem arises when some other curve gets (accidentally?) chosen by the user: as of latest 1.0.2, the connection *hangs* without even a ClientHello sent... Is this a bug -- i.e. should either SSL_CTX_set1_curves or the subsequent SSL_connect immediately return with an error instead of hanging? Or is there some other API I'm supposed to use? [1] https://codereview.qt-project.org/#/c/94022/ [2] https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-8 Thanks, -- Giuseppe D'Angelo | giuseppe.dang...@kdab.com | Software Engineer KDAB (UK) Ltd., a KDAB Group company Tel. UK +44-1738-450410, Sweden (HQ) +46-563-540090 KDAB - Qt Experts - Platform-independent software solutions smime.p7s Description: Firma crittografica S/MIME
Disable client initiated renegotiations
Hello, I am developing a server and I need to disable client initiated renegotiations. I thought that settings the SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION flag into SSL_CTX_set_options was the way to go but apparently I was wrong (as you can see from a simple test): openssl s_client -connect www.myhost.com:443 CONNECTED(0003) … --- $ R RENEGOTIATING 139750207096480:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake failure:s3_pkt.c:596: If I try this with the DB-Server it tries to renegotiate: $ openssl s_client -connect dev.myhost.com:443 CONNECTED(0003) … --- $ R RENEGOTIATING depth=0 C = CH, ST = Italy, O = SQLabs = cubeSQL, CN = dev.myhost.com, emailAddress = host...@myhost.com verify error:num=20:unable to get local issuer certificate verify return:1 depth=0 C = CH, ST = Italy, O = SQLabs = cubeSQL, CN = dev.myhost.com, emailAddress = host...@myhost.com verify error:num=27:certificate not trusted verify return:1 depth=0 C = CH, ST = Italy, O = SQLabs = cubeSQL, CN = dev.myhost.com, emailAddress = host...@myhost.com verify error:num=21:unable to verify the first certificate verify return:1 So, how I can completely disable client renegotiations? Thanks a lot. -- Marco Bambini http://www.sqlabs.com http://twitter.com/sqlabs http://instagram.com/sqlabs __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL_CTX_set1_curves issues when setting a non-TLS named curve
On 26/11/14 09:10, Giuseppe D'Angelo wrote: Hi, I'm work on a Qt patch which adds the capability to select which elliptic curves should be used by a client socket when negotiating an EC cipher [1]. When using some TLS named curves [2], everything seems to work just fine. The problem arises when some other curve gets (accidentally?) chosen by the user: as of latest 1.0.2, the connection *hangs* without even a ClientHello sent... Is this a bug -- i.e. should either SSL_CTX_set1_curves or the subsequent SSL_connect immediately return with an error instead of hanging? Or is there some other API I'm supposed to use? Well it shouldn't hang in any event. But I'm not entirely sure I understand your question. Are you saying that there are some named curves that work, and some named curves that do not work? Which curves work, and which ones do not? Are you using the latest beta 3 1.0.2 version? And what config options are you using? Matt __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL_CTX_set1_curves issues when setting a non-TLS named curve
Il 26/11/2014 10:53, Matt Caswell ha scritto: Well it shouldn't hang in any event. But I'm not entirely sure I understand your question. Are you saying that there are some named curves that work, and some named curves that do not work? Which curves work, and which ones do not? I'm saying that the client hangs when I pass a curve which is not in the IANA list of TLS named curves, for instance wap-wsg-idm-ecid-wtls1, and then try to connect to a server. (When using one of the IANA curves instead, everything works just fine.) Are you using the latest beta 3 1.0.2 version? And what config options are you using? I'm actually using f90fd2b017f0f0bfae72e4f157b7a2f60397858a from the OpenSSL_1_0_2-stable branch, configured with ./config -d threads shared --prefix=/home/peppe/b/openssl/ --openssldir=/home/peppe/b/openssl/openssl Thanks, -- Giuseppe D'Angelo | giuseppe.dang...@kdab.com | Software Engineer KDAB (UK) Ltd., a KDAB Group company Tel. UK +44-1738-450410, Sweden (HQ) +46-563-540090 KDAB - Qt Experts - Platform-independent software solutions smime.p7s Description: Firma crittografica S/MIME
Re: SSL_CTX_set1_curves issues when setting a non-TLS named curve
On 26/11/14 10:14, Giuseppe D'Angelo wrote: Il 26/11/2014 10:53, Matt Caswell ha scritto: Well it shouldn't hang in any event. But I'm not entirely sure I understand your question. Are you saying that there are some named curves that work, and some named curves that do not work? Which curves work, and which ones do not? I'm saying that the client hangs when I pass a curve which is not in the IANA list of TLS named curves, for instance wap-wsg-idm-ecid-wtls1, and then try to connect to a server. (When using one of the IANA curves instead, everything works just fine.) Are you using the latest beta 3 1.0.2 version? And what config options are you using? I'm actually using f90fd2b017f0f0bfae72e4f157b7a2f60397858a from the OpenSSL_1_0_2-stable branch, configured with ./config -d threads shared --prefix=/home/peppe/b/openssl/ --openssldir=/home/peppe/b/openssl/openssl HSS_CTX_set1_curves returns an error for me if I pass it that curve that you mentioned. Can you share any code for exactly how you are calling it? Matt __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL_CTX_set1_curves issues when setting a non-TLS named curve
Il 26/11/2014 12:03, Matt Caswell ha scritto: HSS_CTX_set1_curves returns an error for me if I pass it that curve that you mentioned. Can you share any code for exactly how you are calling it? Heh, it's a bit complex as of now (you can find it in the patch linked to my first email, [1]), I'll try tearing down into a pure C/C++ example (also to exclude a silly mistake on my side)... [1] https://codereview.qt-project.org/#/c/94022/24/src/network/ssl/qsslcontext_openssl.cpp Thank you very much for your support, -- Giuseppe D'Angelo | giuseppe.dang...@kdab.com | Software Engineer KDAB (UK) Ltd., a KDAB Group company Tel. UK +44-1738-450410, Sweden (HQ) +46-563-540090 KDAB - Qt Experts - Platform-independent software solutions smime.p7s Description: Firma crittografica S/MIME
Re: SSL_CTX_set1_curves issues when setting a non-TLS named curve
On Wed, Nov 26, 2014, Giuseppe D'Angelo wrote: Il 26/11/2014 12:03, Matt Caswell ha scritto: HSS_CTX_set1_curves returns an error for me if I pass it that curve that you mentioned. Can you share any code for exactly how you are calling it? Heh, it's a bit complex as of now (you can find it in the patch linked to my first email, [1]), I'll try tearing down into a pure C/C++ example (also to exclude a silly mistake on my side)... [1] https://codereview.qt-project.org/#/c/94022/24/src/network/ssl/qsslcontext_openssl.cpp Note that there is a different potential problem with the code there. You're allowing the setting of a custom set of supported curves but hard coding a single curve for the ECDH temporary key. You could end up with a set of supported curves which doesn't include your temporary key: which will effectively disable any ECDH ciphersuites. I'd suggest you set auto parameters if the version is 1.0.2+ instead with: SSL_CTX_set_ecdh_auto(ctx, 1); Then the highest preference curve will be used for ECDH instead. For 1.0.1 or earlier you'd still have to use the single curve. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Adding new cipher to openssl.
Maybe he thinks that if he asks it often enough, the answer will magically change? -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Salz, Rich Sent: Tuesday, November 25, 2014 10:23 PM To: openssl-users@openssl.org Subject: RE: Adding new cipher to openssl. I was trying to add a new cipher to openssl so as to use it with the digital certificate, is it possible ? You asked this a week ago. You also asked this three weeks ago. The answer is yes it is possible but there is NO TOOL OR DOCUMENTATION. Stephen Henson suggested looking at the gost engine. Please stop.
Re: undefined reference errors, e.g. to `ERR_load_crypto_strings'
Thanks, Scott, your solution works! Cheers Alex 2014-11-25 17:34 GMT+01:00, Alexander Raiola alexander.rai...@gmail.com: Dear Sirs or Madams, I have the problem that I keep getting undefined reference errors whenever I try to access pretty much any OpenSSL-related command. I elaborated on my problem in the following thread: http://stackoverflow.com/questions/27106580/undefined-reference-to-err-load-crypto-strings Can anyone please help me? Cheers Alex __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
SSL_CTX_use_certificate_chain_file() can return zero on success
Hi all, Whilst this is my first post to the mailing list I have been subscribed for a while now, as I've been compiling against OpenSSL both professionally, at work, and with my Open Source development in libcurl for the last 3 and half years now ;-) Our SSL code, at work, is used in our application's embedded webserver whilst curl/libcurl (is as I'm sure lot of people here are aware of) is a client side tool/library for transfering data with URL syntax. Anyway, the nature of my query is server side related as it is in regards to the loading of certificates and the HTTPS layer in our webserver... I am using SSL_CTX_use_certificate_chain_file() to load or a PEM based certificate file that may contain a single self signed server cert (for example) but may instead contain a CA generated cert and the appropriate intermediate certs (depending on the client installation). In this instance I am using OpenSSL v1.0.1j with a single self signed server cert (generated by using the OpenSSL v1.0.1g command line tool) and am finding that the call to SSL_CTX_use_certificate_chain_file() is returning zero, even those the load appears to be successful. In fact if I ignore the return code or check the error stack and continue then our webserver works as it should and the certificate details can be seen in IE and Chrome for example ;-) If I use SSL_CTX_use_certificate_file() instead, all is well as well, as this function returns 1 (as expected) - whilst that works for a single cert it won't work for a chain :( This problem happens under both Windows and RHEL / Centos Linux - so I don't believe this is OS related. I have built a debug version of the OpenSSL DLLs for use with our app and found that the problem lies with the following code from line 770 of ssl_rsa.c: /* When the while loop ends, it's usually just EOF. */ err = ERR_peek_last_error(); if (ERR_GET_LIB(err) == ERR_LIB_PEM ERR_GET_REASON(err) == PEM_R_NO_START_LINE) ERR_clear_error(); else ret = 0; /* some real error */ ERR_peek_last_error() is returning zero which is then causing SSL_CTX_use_certificate_chain_file() to also return zero due to the ret = 0. As the file only contains the server cert the while loop above this section of code has called PEM_read_bio_X509() which itself has returned NULL which then means the call to SSL_CTX_add_extra_chain_cert() isn't executed - all as expected. However, if my understanding of ERR_peek_last_error() is correct there is no error code on the error stack rather than a EOF error being returned as the comments in the code would indicate. As such: * Is there a problem with my certificate - does it need extra blank lines or anything to force the EOF detection to succeed? * Is there a setting I need to make on the CTX that I might of missed? I believe our code used to work when we were running against v0.9.8 and v1.0.0. * Is there a bug in SSL_CTX_use_certificate() - the last call to succeed - or even PEM_read_bio_X509() that should be setting the EOF error code? * Should the code in SSL_CTX_use_certificate_chain_file() be checking for zero return balue from ERR_peek_last_error() - somthing like: /* When the while loop ends, it's usually just EOF. */ err = ERR_peek_last_error(); if(err) { if (ERR_GET_LIB(err) == ERR_LIB_PEM ERR_GET_REASON(err) == PEM_R_NO_START_LINE) ERR_clear_error(); else ret = 0; /* some real error */ } Many thanks in advance. Kind Regards Steve __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: SSL_CTX_use_certificate_chain_file() can return zero on success
From: owner-openssl-us...@openssl.org [mailto:owner-openssl- us...@openssl.org] On Behalf Of Steve Holme Sent: Wednesday, November 26, 2014 13:27 To: openssl-users@openssl.org Subject: SSL_CTX_use_certificate_chain_file() can return zero on success I have built a debug version of the OpenSSL DLLs for use with our app and found that the problem lies with the following code from line 770 of ssl_rsa.c: /* When the while loop ends, it's usually just EOF. */ err = ERR_peek_last_error(); if (ERR_GET_LIB(err) == ERR_LIB_PEM ERR_GET_REASON(err) == PEM_R_NO_START_LINE) ERR_clear_error(); else ret = 0; /* some real error */ ERR_peek_last_error() is returning zero which is then causing SSL_CTX_use_certificate_chain_file() to also return zero due to the ret = 0. I've seen this before when running against an OpenSSL build that was not built correctly for threading. The problem was that ERR_peek_last_error wasn't always actually looking at the correct thread error queue. In particular, take a look at how your thread-ID callback works, if you're using CRYPTO_set_id_callback. If you're not using CRYPTO_set_id_callback, I'm not sure off the top of my head what OpenSSL uses for the thread ID. -- Michael Wojcik Technology Specialist, Micro Focus This message has been scanned for malware by Websense. www.websense.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Adding new cipher to openssl.
On Wed, Nov 26, 2014 at 11:20 AM, Scott Neugroschl scot...@xypro.com wrote: Maybe he thinks that if he asks it often enough, the answer will magically change? It works for lawyers - they keep asking the same questions in slightly different ways until they get the answer they want :) -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] Sent: Tuesday, November 25, 2014 10:23 PM To: openssl-users@openssl.org Subject: RE: Adding new cipher to openssl. I was trying to add a new cipher to openssl so as to use it with the digital certificate, is it possible ? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
[no subject]
Hi All: Now I want to create a certificate chain by myself. It will looks like as below: Server Certificate - Intermediate CA - Root CA. Now I am using openssl command to create these certificate files. # Create CA openssl genrsa -out ca.key 4096 openssl req -new -x509 -nodes -sha1 -days 1825 -key ca.key -out ca.crt # Create Intermediate openssl genrsa -out intermediate.key 4096 openssl req -new -sha1 -key intermediate.key -out intermediate.csr # CA signs Intermediate openssl x509 -req -days 1825 -in intermediate.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out intermediate.crt # Create Server openssl genrsa -out test.example.com.key 4096 openssl req -new -key test.example.com.key -out test.example.com.csr # Intermediate signs Server openssl x509 -req -days 1825 -in test.example.com.csr -CA intermediate.crt -CAkey intermediate.key -set_serial 01 -out test.example.com.crt Now I install ca.crt into WIndows7 local Trust Root Store. when I open test.example.com.crt file, I can see Certificate chain in Certification Path. But I get 1 warning information on intermediate certificate This certification authority is not allowed to issue certificates or cannot be used as an end-entity certificate. From search, I think this is because intermediate certificate/key is not a correct intermediate CA that it can not sign test.example.com.crt. Please kindly give me some suggestion about how to use openssl command to sign test.example.com.crt with intermediate CA. Thanks! -- Rejoice,I Desire! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
How to create intermediate CA certificate with openssl
Hi All: Now I want to create a certificate chain by myself. It will looks like as below: Server Certificate - Intermediate CA - Root CA. Now I am using openssl command to create these certificate files. # Create CA openssl genrsa -out ca.key 4096 openssl req -new -x509 -nodes -sha1 -days 1825 -key ca.key -out ca.crt # Create Intermediate openssl genrsa -out intermediate.key 4096 openssl req -new -sha1 -key intermediate.key -out intermediate.csr # CA signs Intermediate openssl x509 -req -days 1825 -in intermediate.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out intermediate.crt # Create Server openssl genrsa -out test.example.com.key 4096 openssl req -new -key test.example.com.key -out test.example.com.csr # Intermediate signs Server openssl x509 -req -days 1825 -in test.example.com.csr -CA intermediate.crt -CAkey intermediate.key -set_serial 01 -out test.example.com.crt Now I install ca.crt into WIndows7 local Trust Root Store. when I open test.example.com.crt file, I can see Certificate chain in Certification Path. But I get 1 warning information on intermediate certificate This certification authority is not allowed to issue certificates or cannot be used as an end-entity certificate. From search, I think this is because intermediate certificate/key is not a correct intermediate CA that it can not sign test.example.com.crt. Please kindly give me some suggestion about how to use openssl command to sign test.example.com.crt with intermediate CA. Thanks! -- Rejoice,I Desire! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org