Re: [openssl-users] ECC patent status questions

[Jakob Bohm]

On 02/09/2016 03:27, Kyle Hamilton wrote:


On Thu, Sep 1, 2016 at 3:43 PM, Salz, Rich >wrote:


> The existence of the NSA agreement is a partial answer to the first
question,
> though it seems unclear if this license is recursively
sublicensed through 3rd
> parties or not.

They knew they were licensing an open source toolkit.


So, it looks as though the only way for any one of us to be able to 
have a patent license under the NSA's license to OpenSSL Software 
Foundation is to get a separate license from you that doesn't allow us 
to redistribute or resell it.  (I'm not a lawyer, but it appears to be 
the only way that we would be able to qualify under the "End User" 
definition 1A, as referenced in the grant under section 2.)

Or maybe there is some quirk of US copyright law which causes the
"have made" clause to formally include all copying of OpenSSL done
under license from the Foundation, as those are done under the
Foundation's exclusive right (as copyright holder) to "have copies
made".  I honestly don't know.


Is such a license available?  Could such a license be granted 
severally to the same people who also receive the standard BSD 
license, such that each individual actually receives two separate 
licenses for the same code (i.e., one granted with extremely limited 
rights solely for the purpose of qualifying to receive the NSA ECC 
patent license, the other being separately granted to permit 
redistribution and resale of integrated components but not granting 
any ECC license transitively)?


If such a severed license were possible, I would think that such would 
require that the recipient of the first (limited) license obtain the 
code directly from openssl.org .



Kind of why I asked.  And that would be impractical where OpenSSL
is already linked into something (such as the firmware of a
Telephone).

Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] ECC patent status questions

[Kyle Hamilton]

On Thu, Sep 1, 2016 at 3:43 PM, Salz, Rich  wrote:

> > The existence of the NSA agreement is a partial answer to the first
> question,
> > though it seems unclear if this license is recursively sublicensed
> through 3rd
> > parties or not.
>
> They knew they were licensing an open source toolkit.
>

So, it looks as though the only way for any one of us to be able to have a
patent license under the NSA's license to OpenSSL Software Foundation is to
get a separate license from you that doesn't allow us to redistribute or
resell it.  (I'm not a lawyer, but it appears to be the only way that we
would be able to qualify under the "End User" definition 1A, as referenced
in the grant under section 2.)

Is such a license available?  Could such a license be granted severally to
the same people who also receive the standard BSD license, such that each
individual actually receives two separate licenses for the same code (i.e.,
one granted with extremely limited rights solely for the purpose of
qualifying to receive the NSA ECC patent license, the other being
separately granted to permit redistribution and resale of integrated
components but not granting any ECC license transitively)?

If such a severed license were possible, I would think that such would
require that the recipient of the first (limited) license obtain the code
directly from openssl.org.

-Kyle H
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] ECC patent status questions

[Salz, Rich]

It's hard to answer these questions without wandering down the "legal advice" 
alleyway.

I think Steve's post answered your questions.


> >> - Was the OpenSSL ECC code provided under a still-valid patent
> >>   license from someone in the power to grant it, perhaps Sun
> >>   (now Oracle America)?

This is our belief.

> >> - Is the FIPS mode ECC covered through some US Government or
> >>   sponsor license?,  And if so, does this license extend to
> >>   some non-FIPS scenarios, such as invoking the FIPS blob ECC
> >>   code from a non-FIPS application (perhaps by modifying a
> >>   FIPS-capable OpenSSL library to do so even in non-FIPS
> >>   mode)?

The license is for the OpenSSL toolkit, and you can now read it easily online.

> >> - Are there portions of the ECC code in OpenSSL which one
> >>   should disable at configure time, similar to how RSA and
> >>   IDEA were often disabled in the past?

No idea.

> >> - Is this situation different depending on the OpenSSL
> >>   library version?

Not that we know.

> My questions were being very specific precisely to avoid that, and to be of
> general interest rather than anything specific to what I do myself.

I know you were asking on behalf of the community.  Thanks.
 
> The existence of the NSA agreement is a partial answer to the first question,
> though it seems unclear if this license is recursively sublicensed through 3rd
> parties or not.

They knew they were licensing an open source toolkit.

Hope this helps.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] ECC patent status questions

[Jakob Bohm]

On 01/09/2016 20:11, Steve Marquess wrote:

On 09/01/2016 08:22 AM, Jakob Bohm wrote:

Dear OpenSSL team,

Given the recent patent lawsuit between RIM/CertiCom and Avaya
mentioning the ECC code in OpenSSL, what is (according to the
OpenSSL team) the patent status of the ECC code in OpenSSL?

Specifically:

- Was the OpenSSL ECC code provided under a still-valid patent
  license from someone in the power to grant it, perhaps Sun
  (now Oracle America)?

- Is the FIPS mode ECC covered through some US Government or
  sponsor license?,  And if so, does this license extend to
  some non-FIPS scenarios, such as invoking the FIPS blob ECC
  code from a non-FIPS application (perhaps by modifying a
  FIPS-capable OpenSSL library to do so even in non-FIPS
  mode)?

- Are there portions of the ECC code in OpenSSL which one
  should disable at configure time, similar to how RSA and
  IDEA were often disabled in the past?

- Is this situation different depending on the OpenSSL
  library version?

Jacob, for any patent or licensing issues you really need to consult
competent legal counsel. Under the U.S. legal system anyone with deep
pockets can bring suit against anyone for frivolous reasons.  You'll
want to consult with your counsel to determine the level of risk for
your particular circumstances. If a patent troll targets you for a
shakedown the legal virtues of your defense are far less relevant than
the size of your pocketbook.

What on earth made you think I was asking about "legal advice"?

My questions were being very specific precisely to avoid that,
and to be of general interest rather than anything specific
to what I do myself.


I do know that some OpenSSL end users have chosen to omit certain
algorithm implementations for perceived legal reasons.  The OpenSSL FIPS
Object Module is provided in both full and ECC-free versions; the latter
at the request of a validation sponsor. As far as I know that ECC-free
version (openssl-fips-ecp-2.0.N.tar.gz) has seen very little use though,
even by that original sponsor.

Indeed, my main point is that there seem to have been a somewhat
sudden shift in policy from the company (Certicom/RIM) that
generally holds most ECC patents, and that this shift in policy
might change the /practical/ advice as to which portions of OpenSSL
should be used in typical deployments.


All that said, we believe all code in OpenSSL to be properly licensed
under the legal systems of most countries. We are also members of the
Open Invention Network. We have a NSA ECC sublicense
(https://www.openssl.org/source/NSA-PLA.pdf). I'm not going to try and
offer any legal advice, though; for that you'll need to check with your
own legal counsel.

As far as I understand, the OIN helps only if the OpenSSL Foundation
itself became a defendant needing to counter sue etc. (I presume
the OIN is one of those nice patent pools that generally promise
not to sue non-aggressors, making their patents a non-issue for
non-member non-aggressors).

The existence of the NSA agreement is a partial answer to the first
question, though it seems unclear if this license is recursively
sublicensed through 3rd parties or not.

Again not asking for legal advice, merely the general extent of the
(sub-)license provided by the OpenSSL Foundation to the rest of the
community (not just me, but almost everyone).

Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] ECC patent status questions

[Steve Marquess]

On 09/01/2016 08:22 AM, Jakob Bohm wrote:
> Dear OpenSSL team,
> 
> Given the recent patent lawsuit between RIM/CertiCom and Avaya
> mentioning the ECC code in OpenSSL, what is (according to the
> OpenSSL team) the patent status of the ECC code in OpenSSL?
> 
> Specifically:
> 
> - Was the OpenSSL ECC code provided under a still-valid patent
>  license from someone in the power to grant it, perhaps Sun
>  (now Oracle America)?
> 
> - Is the FIPS mode ECC covered through some US Government or
>  sponsor license?,  And if so, does this license extend to
>  some non-FIPS scenarios, such as invoking the FIPS blob ECC
>  code from a non-FIPS application (perhaps by modifying a
>  FIPS-capable OpenSSL library to do so even in non-FIPS
>  mode)?
> 
> - Are there portions of the ECC code in OpenSSL which one
>  should disable at configure time, similar to how RSA and
>  IDEA were often disabled in the past?
> 
> - Is this situation different depending on the OpenSSL
>  library version?


Jacob, for any patent or licensing issues you really need to consult
competent legal counsel. Under the U.S. legal system anyone with deep
pockets can bring suit against anyone for frivolous reasons.  You'll
want to consult with your counsel to determine the level of risk for
your particular circumstances. If a patent troll targets you for a
shakedown the legal virtues of your defense are far less relevant than
the size of your pocketbook.

I do know that some OpenSSL end users have chosen to omit certain
algorithm implementations for perceived legal reasons.  The OpenSSL FIPS
Object Module is provided in both full and ECC-free versions; the latter
at the request of a validation sponsor. As far as I know that ECC-free
version (openssl-fips-ecp-2.0.N.tar.gz) has seen very little use though,
even by that original sponsor.

All that said, we believe all code in OpenSSL to be properly licensed
under the legal systems of most countries. We are also members of the
Open Invention Network. We have a NSA ECC sublicense
(https://www.openssl.org/source/NSA-PLA.pdf). I'm not going to try and
offer any legal advice, though; for that you'll need to check with your
own legal counsel.

-Steve M.

-- 
Steve Marquess
OpenSSL Software Foundation
20-22 Wenlock Road
London N1 7GU
United Kingdom
+44 1785508015
+1 301 874 2571 direct
marqu...@opensslfoundation.org
ste...@openssl.org
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Compiling Openssl 1.1.0 on AIX using gcc

[Salz, Rich]

> Am I missing something here?

OpenSSL 1.1.0 does not support FIPS.  It's in the README.FIPS file :)
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Compiling Openssl 1.1.0 on AIX using gcc

[Art Lemuel]

When compiling with FIPS, the compile terminated with a fatal error looking
for #include  in the crypto/err/err_all.c code.  The fips.h
header file lives in ../ssl/fips-2.0/include.openssl/fips.h.

Am I missing something here?
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] RSA sign using SHA256 with mgf1 padding

[Blumenthal, Uri - 0553 - MITLL]

And if you want to run it on OpenSSL-1.1, see the attached. ☺

-- 
Regards,
Uri Blumenthal

On 9/1/16, 6:18 , "openssl-users on behalf of mowiener" 
 wrote:

Many thanks Mounir, this is what I was looking for.
\




openssl_pss_signature.c
Description: Binary data


smime.p7s
Description: S/MIME cryptographic signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] ECC patent status questions

[Jakob Bohm]

Dear OpenSSL team,

Given the recent patent lawsuit between RIM/CertiCom and Avaya
mentioning the ECC code in OpenSSL, what is (according to the
OpenSSL team) the patent status of the ECC code in OpenSSL?

Specifically:

- Was the OpenSSL ECC code provided under a still-valid patent
 license from someone in the power to grant it, perhaps Sun
 (now Oracle America)?

- Is the FIPS mode ECC covered through some US Government or
 sponsor license?,  And if so, does this license extend to
 some non-FIPS scenarios, such as invoking the FIPS blob ECC
 code from a non-FIPS application (perhaps by modifying a
 FIPS-capable OpenSSL library to do so even in non-FIPS
 mode)?

- Are there portions of the ECC code in OpenSSL which one
 should disable at configure time, similar to how RSA and
 IDEA were often disabled in the past?

- Is this situation different depending on the OpenSSL
 library version?


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded 

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] RSA sign using SHA256 with mgf1 padding

[mowiener]

Many thanks Mounir, this is what I swa looking for.




--
View this message in context: 
http://openssl.6102.n7.nabble.com/RSA-sign-using-SHA256-with-mgf1-padding-tp68101p68152.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] OpenSSL Dragino Yun Issues

[Nikola Milev]

Dear OpenSSL community,

I have, because of Matt's suggestion of the origin of error, written a
small C server that uses the same configuration and it works. Can someone
tell me what's going on?
The code is next (fully copied from my editor):

"#include
#include 
#include 
#include 
#include 
#include 
#include 

#define PROTOCOL IPPROTO_TCP
#define SERV_PORT 8080
#define LISTENQ 1
#define MAXLINE 100

void exit_msg(const char* msg) ;
void str_echo(int sockfd) ;
ssize_t writen(int fd, const void *vptr, size_t n) ;


int main(int argc, char **argv)
{
int listenfd, connfd;
pid_t   childpid;
socklen_t clilen;
struct sockaddr_in cliaddr, servaddr;
listenfd = socket (AF_INET, SOCK_STREAM, PROTOCOL);
if(listenfd < 0)
{
exit_msg("socket() error");
}
printf("Created socket!\n");
memset(, 0, sizeof(servaddr));
servaddr.sin_family = AF_INET;
servaddr.sin_addr.s_addr = htonl (INADDR_ANY);
servaddr.sin_port = htons (SERV_PORT);

if(bind(listenfd, (const struct sockaddr *) ,
sizeof(servaddr)) < 0)
{
exit_msg("bind() error");
}
printf("Binded port/socket!\n");

if(listen(listenfd, LISTENQ) < 0)
{
exit_msg("listen() error");
}
printf("Listening!\n");

while(1)
{
clilen = sizeof(cliaddr);
connfd = accept(listenfd, (struct sockaddr *) , );
if(connfd < 0)
{
exit_msg("accept() error");
}
printf("Accepted!\n");
str_echo(connfd);

close(connfd);
}
}

void str_echo(int sockfd)
{
ssize_t n;
char buf[MAXLINE];

while(1)
{
while ( (n = read(sockfd, buf, MAXLINE)) > 0)
{
writen(sockfd, buf, n);
buf[n]=0;
printf("Echoing %lu bytes: %s\n", n, buf);
}
if (n < 0 && errno == EINTR)
{
continue;
}
else if (n < 0)
{
exit_msg("read() failure");
}
else if(n==0)
{
printf("Client ended!\nListening!\n");
break;
}
}
}

ssize_t writen(int fd, const void *vptr, size_t n)
{
size_t nleft;
ssize_t nwritten;
const char *ptr;
ptr = vptr;
nleft = n;
while (nleft > 0)
{
if ( (nwritten = write(fd, ptr, nleft)) <= 0)
{
if (nwritten < 0 && errno == EINTR)
{
nwritten = 0;
}
else
{
return -1;
}
}
nleft -= nwritten;
ptr += nwritten;
}
return n;
}

void exit_msg(const char* msg)
{
perror(msg);
exit(EXIT_FAILURE);
}"

Best regards,
Nikola Milev

On 1 September 2016 at 00:16, Nikola Milev  wrote:

> To whom it may concern,
>
> I have been experiencing issues with OpenSSL and DraginoYun. If you are
> not the person I should have contacted, please redirect me. Thank you!
>
> Recently, I have tried using OpenSSL to establish a simple server
> application on Dragino Yun version 2.4. First, I tested the code on my Acer
> Aspire 5750ZG running Ubuntu 14.04 and it worked fine. Afterwards, I used
> OpenWrt SDK to cross-compile the application. However, the application is
> unable to bind the socket; the BIO_do_accept function fails. Here is the
> error stack the code provided:
> "2006783048:error:0200407C:lib(2):func(4):reason(124):NA:0:port='5354'
> 2006783048:error:20069076:lib(32):func(105):reason(118):NA:0:"
>
> errstr returned these as answers:
> "$ openssl errstr 0200407C
> error:0200407C:system library:socket:Wrong medium type
> $ openssl errstr 20069076
> error:20069076:BIO routines:BIO_get_accept_socket:unable to create socket
> "
> I suppose that the second one is a product of the first one.
>
> I have checked iptables and I have checked ports that are currently in
> use, all seems to be in order.
>
> However, the OpenSSL s_server (in combination with s_client on the other
> side) works fine.
> May this be an OpenSSL bug? If not, do you have any suggestions?
>
> OpenSSL version on Acer is 1.0.1f 6 Jan 2014 and on Dragino 1.0.1h 5 Jun
> 2014.
>
> In the attachment, I am providing the code(though I am not sure if it is
> available on the list), mostly taken from O'Reilly "Network Security with
> OpenSSL".
>
> All the passkeys are "raspberry". (these certificates and keys were
> generated for testing purposes)
>
> Of course, should you need any additional information, I'd be happy to
> provide it.
>
> I originally addressed Matt Caswell regarding the issue and I am pasting
> his response to my question and my response to that.
>
> His response:
> "Hello,
>
> I'm not really the best person to ask about such low level stuff. The
> best place to raise these questions is on the openssl-users email list.
> It also means any questions/answers are publicly archived and available
> for other users. Details are here:
>
> https://mta.openssl.org
>
> However, I did have a 

Re: [openssl-users] Working with s_time and nginx

[Matt Caswell]

On 31/08/16 17:42, Kjetil Birkeland Moe wrote:
> Dear all,
> I have turned to /s_time/ to evaluate the performance of a local Nginx
> server setup, but seems to immediately run into problems that do not
> appear when using /s_client/.
> 
> Server setup is largely based on recommendations from bettercrypto.org,
> which also demonstrate the same problems with their setup as I currently
> do: "openssl s_time -connect bettercrypto.org:443 -cipher
> AES128-GCM-SHA256 -time 2" returns
> 
>   * "140373676381952:error:14094410:SSL routines:ssl3_read_bytes:sslv3
> alert handshake failure:ssl/record/rec_layer_s3.c:1362:SSL alert
> number 40" in OpenSSL 1.1.0
>   * "140416684930936:error:14077410:SSL
> routines:SSL23_GET_SERVER_HELLO:sslv3 alert handshake
> failure:s23_clnt.c:769:" in version 1.0.2h.

You say you don't get this problem with s_client. I just tried:

openssl s_client -connect bettercrypto.org:443 -cipher AES128-GCM-SHA256

And got exactly the same error message as above. I also tried all the
ciphersuites below that you list as problematic, and got the same error
with s_client.

So, what exactly is your command line that works with s_client?

Matt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users