[openssl-users] SSL3_GET_CLIENT_HELLO:required cipher missing
For the past week I've been noticing many entries like this in our nginx error logs: SSL_do_handshake() failed (SSL: error:1408A0D7:SSL routines:SSL3_GET_CLIENT_HELLO:required cipher missing) while SSL handshaking What does the error required cipher missing mean exactly? Some of our users reported that their browser gave them an SSL connection error and then it went away. Others can no longer connect to our site at all. I've had a look at the OpenSSL source code and I think the error is related to checking that the server still supports the last cipher a session used. Is this correct? The only change I can think of that may affect our list of available ciphers was an update to the latest version of OpenSSL that CentOS 5 provided back in November. That was two months ago though, and other than that I can't think of what could be causing this. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generating large DH parameters
Thanks for the explanation. So I guess I just got lucky with the first one. :) Do you have any kind of estimate of how long it will take to generate? Date: Wed, 14 Jan 2015 13:27:55 + From: m...@openssl.org To: openssl-users@openssl.org Subject: Re: [openssl-users] Generating large DH parameters On 14/01/15 12:35, jack seth wrote: I am trying to generate a 16384 bit DH file for testing purposes. Is it necessary to have a '.rnd' in existence before trying to generate this file? I generated one which took 4 days to do but the computer had a .rnd file. I am currently trying to generate another on a system WITHOUT the .rnd file and it has been going 3 WEEKS so far. Did I just get lucky with the first DH file and it really can take this long (or longer) to make this file or does openssl really need the .rnd file to do this? The purpose of the .rnd file is to seed the random number generator with entropy before you start. The built-in OpenSSL PRNG will attempt to seed itself from various different sources dependent on the platform that you are on, e.g. if you have a /dev/urandom then it will try to use it. Some platforms may have very restricted access to entropy sources, and on those platforms a .rnd file might be particularly useful. Assuming you are using a relatively modern desktop machine this is unlikely to be a problem for you. If the PRNG has not been seeded with sufficient entropy then it will fail with the PRNG not seeded error: https://www.openssl.org/support/faq.html#USER1 The fact that you have not seen that error means that the PRNG believes it has been sufficiently seeded. The method that was used to seed the PRNG will not have a subsequent impact on its performance. In other words, the presence or otherwise of the .rnd file will not impact the performance once seeding is complete. The reason it is taking so long is that 16384 bits is GIGANTIC! Matt ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL coding style published
There's a typo Somtimes in chapter 16. Thanks. Will push a fix sometime soon ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Forthcoming OpenSSL releases and reformat
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The OpenSSL Project are pleased to make the following announcements: - - There will be new releases made available on Thursday 15th January for versions 1.0.1, 1.0.0 and 0.9.8. These will be bug fix only releases to address build problems with the current releases on the Windows and OpenVMS platforms. No new security issues will be included in these releases. - - The whole OpenSSL codebase will be reformatted according to the newly published OpenSSL coding style (https://www.openssl.org/about/codingstyle.txt) on Wednesday 21st January. This will include the master, 1.0.2, 1.0.1, 1.0.0 and 0.9.8 branches. See [1] for further background information. - - Between the releases being made available on 15th January and the code reformat on 21st January the 1.0.1, 1.0.0 and 0.9.8 branches in the public repository will be frozen and no changes will be made (except in the case of very high priority fixes). - - OpenSSL 1.0.2 will be released on Thursday 22nd January. Yours The OpenSSL Project Team [1] https://mta.openssl.org/pipermail/openssl-dev/2015-January/000299.html -BEGIN PGP SIGNATURE- Version: GnuPG v1 iQEcBAEBAgAGBQJUtowSAAoJENnE0m0OYESRjr0H/3ui088oz8ZDcHEkhXoF1Pd/ bJStjZPtWUq4BJTTKq/GTTK7TGsjW+z+OwXFuLOX6ZfvVTG0aMpCGEU4OT7PO2zt NC76X56bTA+sFrJt65Ks3xMZ4pppBRq6irSJsvihEb1rWiAGDlTTjJJLKfgP76Xc ZxHnQ4LKmWcqqZmuK+XFqkitf6DuVMNlPa6yJ9jjbq6gSibxSNvhbu+qTfH2M30g 9X854pWKj5j76RLmDvFBPqP+sGHNBhs45THZO7BuGPQV5lJzRvnJxQKreAcHAyhq BihHEdsk9wKMKJNjrcVgfKSulx3PLvAIn8mZW9CIuxmEfn9LKsGyrJvwJLBk5DY= =d482 -END PGP SIGNATURE- ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] EVP_DigestSignInit failed, error 0x0000000d?
What does it mean when EVP_DigestSignInit fails with an error code of 0x000d? On failure, the code is being fetched with ERR_get_error(). -- $ /usr/local/ssl/bin/openssl errstr 0x0d error:000D:lib(0):func(0):ASN1 lib -- I see its declared in evp.h, but I don't see a body anywhere. $ grep -R EVP_DigestSignInit * apps/dgst.c:r = EVP_DigestSignInit(mctx, pctx, md, NULL, sigkey); apps/req.c:if (!EVP_DigestSignInit(ctx, pkctx, md, NULL, pkey)) ... crypto/evp/evp.h:intEVP_DigestSignInit(EVP_MD_CTX *ctx, EVP_PKEY_CTX **pctx, ... ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Platinum Sponsorship by Oracle
I am pleased to announce Oracle Corporation (http://www.oracle.com) as the third Platinum Sponsor of the OpenSSL project, and the first such sponsor from the United States. For several years, Oracle has provided financial support in the form of commercial funding of platform validations for the OpenSSL FIPS Object Module v2.0 (certificate #1747), the most widely used FIPS 140-2 validated cryptographic module and the only one freely available under an open source license. Without financial support from Oracle and other FIPS module users, the successful completion and continued maintenance of that module would not have been possible. Thank you Oracle! -Steve M. -- Steve Marquess OpenSSL Software Foundation Inc. 20-22 Wenlock Road London N1 7GU United Kingdom +44 1785508015 +1 301 874 2571 direct marqu...@opensslfoundation.org ste...@openssl.org ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Assembler Optimizations in 'crypto' on Windows
Just my opinion ... but ... While nasm is the only supported assembler, I have been able to get masm to work but I often have to tweak the perl code a bit. Every few months I have been testing and reporting my findings to the openssl-dev group about my results. When possible folks seem to be able to incorporate changes that help make things better on a variety of isssues folks submit patches for. And, one recent 64 bit build required no tweaks using ml64.exe so it is possible to use it sometimes. However, there are some other really high priorities with getting the openssl product as safe and reliable as possible. The support cannot be for all available tools and nasm is the best choice. Nasm allows a number of platforms that masm does not, it is open source so any issues can be addressed quickly. For just windows I would like masm to work, but I have used both and haven't been disappointed. The main problem I have is with auditors, sometimes they ask about where an executable like openssl comes from, was it obtained from the web as a binary or built, and if built was it built via tools downloaded (and possibly binary) or from the vendor (such as HP, IBM, MS, etc.) The only reason I can see at this point to try use masm is if you have a mandate to use it and don't mind some possible hours of frustration as you work through any issues, but my advice is to download nasm and give it a try. It is free and for me quite reliable. -- Steve Kneizys Senior Business Process Engineer @ Ferrilli web: http://www.ferrilli.com/ http://www.figsolutions.com/ On Wed, Jan 14, 2015 at 8:29 AM, Deepak dpb795...@gmail.com wrote: Dear OpenSSL User, I am working on porting 0.9.8h based 'OpenSSL customization' to 1.0.1. Earlier this code was using 'cpp' as input parameter to the Perl scripts. 1. What option shall I use now for Windows? As per documentation, nasm will be the only supported assembler. But currently both masm (option win32) and nasm (option win32n) work. 2. Why nasm is prefered over masm? Maybe ml.exe is better since it comes from ms. Thank you. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generating large DH parameters
On Wed, Jan 14, 2015 at 08:23:13AM -0600, jack seth wrote: Thanks for the explanation. So I guess I just got lucky with the first one. :) Do you have any kind of estimate of how long it will take to generate? The density of strong primes is conjectured to be ~1.3*n/(ln(n))^2. For 16k bit primes you're looking at one number out of 100 million. For 2k bit primes the density is 64 times larger. In addition to density-related factor of 64, one needs to take into account the increased cost of testing the primality of each candidate. I don't know how that scales with log n in OpenSSL, but it is surely at least linear. So this gives you a factor of at least 512 for the run-time of generating DH 2k vs DH 16k. DO NOT USE 16k bit prime DH groups. Even 4k bit and definitely anything larger is essentially impractical. -- Viktor. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL coding style published
+1 There's a typo Somtimes in chapter 16. Eng. Gabriele Pongelli AVVERTENZE AI SENSI DEL D.LGS. 196/2003 Le informazioni contenute in questo messaggio di posta elettronica e negli eventuali files allegati, sono da considerarsi strettamente riservati. Il loro utilizzo è consentito esclusivamente al destinatario del messaggio, per le finalità indicate nel messaggio stesso. Qualora riceveste per errore questo messaggio, Vi preghiamo cortesemente di darcene notizia all'indirizzo e-mail di cui sopra e di procedere alla distruzione del messaggio stesso, cancellandolo dal Vostro sistema; costituisce comportamento contrario ai principi dettati dal D.lgs. 196/2003 il trattenere il messaggio stesso, divulgarlo anche in parte, distribuirlo ad altri soggetti, copiarlo, od utilizzarlo per finalità diverse. This electronic transmission is strictly confidential and intended solely for the addresses. It may contain information which is covered by legal, professional or other privilege. If you are not the intended addressee, you must not disclose, copy or take any action in reliance of this transmission. If you have received this transmission in error, please notify us and delete the received data as soon as possible. Il giorno 13/gen/2015, alle ore 20:50, Salz, Rich rs...@akamai.com ha scritto: The OpenSSL coding style document is now available on our web site: https://www.openssl.org/about/codingstyle.txt It is derived from the Linux Kernel coding style, and we are grateful to them for providing such an excellent document that we could use as our base. Because it is derived from the GPL’d kernel style, the OpenSSL coding style will not be part of the distribution. As Matt mentioned in earlier mail, we will be reformatting all release branches. See his message[1] for sample output and pointers to the script. The target date for doing this is “very soon.” J /r$ [1] https://mta.openssl.org/pipermail/openssl-dev/2015-January/000299.html -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generating large DH parameters
On 14/01/15 12:35, jack seth wrote: I am trying to generate a 16384 bit DH file for testing purposes. Is it necessary to have a '.rnd' in existence before trying to generate this file? I generated one which took 4 days to do but the computer had a .rnd file. I am currently trying to generate another on a system WITHOUT the .rnd file and it has been going 3 WEEKS so far. Did I just get lucky with the first DH file and it really can take this long (or longer) to make this file or does openssl really need the .rnd file to do this? The purpose of the .rnd file is to seed the random number generator with entropy before you start. The built-in OpenSSL PRNG will attempt to seed itself from various different sources dependent on the platform that you are on, e.g. if you have a /dev/urandom then it will try to use it. Some platforms may have very restricted access to entropy sources, and on those platforms a .rnd file might be particularly useful. Assuming you are using a relatively modern desktop machine this is unlikely to be a problem for you. If the PRNG has not been seeded with sufficient entropy then it will fail with the PRNG not seeded error: https://www.openssl.org/support/faq.html#USER1 The fact that you have not seen that error means that the PRNG believes it has been sufficiently seeded. The method that was used to seed the PRNG will not have a subsequent impact on its performance. In other words, the presence or otherwise of the .rnd file will not impact the performance once seeding is complete. The reason it is taking so long is that 16384 bits is GIGANTIC! Matt ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Assembler Optimizations in 'crypto' on Windows
Dear OpenSSL User, I am working on porting 0.9.8h based 'OpenSSL customization' to 1.0.1. Earlier this code was using 'cpp' as input parameter to the Perl scripts. 1. What option shall I use now for Windows? As per documentation, nasm will be the only supported assembler. But currently both masm (option win32) and nasm (option win32n) work. 2. Why nasm is prefered over masm? Maybe ml.exe is better since it comes from ms. Thank you. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] Generating large DH parameters
I am trying to generate a 16384 bit DH file for testing purposes. Is it necessary to have a '.rnd' in existence before trying to generate this file? I generated one which took 4 days to do but the computer had a .rnd file. I am currently trying to generate another on a system WITHOUT the .rnd file and it has been going 3 WEEKS so far. Did I just get lucky with the first DH file and it really can take this long (or longer) to make this file or does openssl really need the .rnd file to do this? ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users