Re: [openssl-users] Unclear docs -- request clarification on X509_STORE_add_cert

[Karl Denninger]

On 1/2/2018 19:36, Dave Coombs wrote:
>> The observation is correct, but the conclusion is wrong.
>> The object is reference counted, and X509_free() is needed
>> to avoid a leak (when the store is freed along with the
>> context).
> My apologies -- I assumed based on its name that X509_OBJECT_up_ref_count was 
> upping the refcount on the internal X509_OBJECT, which had taken over the 
> X509*, which led to my conclusion that freeing the X509_STORE frees the X509 
> too.  However, you're right, it ups the refcount on the underlying X509, and 
> so the caller *should* free the underlying object when finished with it.
>
> I've now confirmed with a quick test program and valgrind.
>
> Oops,
>   -Dave
Thanks.

-- 
Karl Denninger
k...@denninger.net 
/The Market Ticker/
/[S/MIME encrypted email preferred]/


smime.p7s
Description: S/MIME Cryptographic Signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Unclear docs -- request clarification on X509_STORE_add_cert

[Dave Coombs]

> The observation is correct, but the conclusion is wrong.
> The object is reference counted, and X509_free() is needed
> to avoid a leak (when the store is freed along with the
> context).

My apologies -- I assumed based on its name that X509_OBJECT_up_ref_count was 
upping the refcount on the internal X509_OBJECT, which had taken over the 
X509*, which led to my conclusion that freeing the X509_STORE frees the X509 
too.  However, you're right, it ups the refcount on the underlying X509, and so 
the caller *should* free the underlying object when finished with it.

I've now confirmed with a quick test program and valgrind.

Oops,
  -Dave

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Unclear docs -- request clarification on X509_STORE_add_cert

[Viktor Dukhovni]

> On Jan 2, 2018, at 8:10 PM, Dave Coombs  wrote:
> 
> Looking at the code in x509_lu.c, X509_STORE_add_cert() takes ownership of 
> your X509 *cc_cert -- you don't need to (and probably shouldn't) free it.

The observation is correct, but the conclusion is wrong.
The object is reference counted, and X509_free() is needed
to avoid a leak (when the store is freed along with the
context).

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Unclear docs -- request clarification on X509_STORE_add_cert

[Viktor Dukhovni]

> On Jan 2, 2018, at 7:38 PM, Karl Denninger  wrote:
> 
> The question is the last line and whether it should be there (uncommented) -- 
> does the X509_STORE_add_cert call load the *reference* or does it load the 
> *data* (allocating whatever it needs internally to do so)?  In other words do 
> I need to keep that X509 structure around that got allocated by the d2i_X509 
> call or do I free it after I've pushed it into the store?
> 
> The docs are silent on this as far as I can tell but some example code I've 
> seen floating around doesn't free it.

The store takes ownership of the object (bumps its reference count
when it is added to the store) and so the caller should free it if
no longer needed outside the store.

At first glance I thought that commit:

  c0452248ea1a59a41023a4765ef7d9825e80a62b 

changed this in master, but a more careful reading of the
code reveals that the behaviour remains the same (corect).
The behaviour should of course be documented.  Feel free
to open an issue on github.

I should note that taking ownership of the object when added
to the store is the "natural" or "expected" behaviour, and
while this does not "excuse" not documenting it, that should
be the best guess of how the function behaves.

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Unclear docs -- request clarification on X509_STORE_add_cert

[Dave Coombs]

Hello,

Looking at the code in x509_lu.c, X509_STORE_add_cert() takes ownership of your 
X509 *cc_cert -- you don't need to (and probably shouldn't) free it.

Cheers,
  -Dave


> On Jan 2, 2018, at 19:38, Karl Denninger  wrote:
> 
> Assume the following code snippet:
> 
> const unsigned char a_cert = {... }; (A DER certificate we wish to load 
> into the context's chain storage)
> int size_a_cert = sizeof(a_cert);
> 
> const unsigned char *cp;
> 
> X509 *cc_cert;
> X509_STORE *cc = SSL_CTX_get_cert_store(a_context);
> if (cc == NULL) {
> panic ("Cannot get chain; fail");
> }
> cp = a_cert;
> cc_cert = d2i_X509(NULL, , size_a_cert);
> if (cc_cert == NULL) {
>   panic("Cert not valid");
> }
> if (!X509_STORE_add_cert(cc, cc_cert)) {/* Push the cert into the 
> chain store */
>  panic ("Cannot add required chain certificate");
> }
> /*  X509_free(cc_cert); */
> The question is the last line and whether it should be there (uncommented) -- 
> does the X509_STORE_add_cert call load the *reference* or does it load the 
> *data* (allocating whatever it   needs internally to do so)?  In other 
> words do I need to keep that X509 structure around that got allocated by the 
> d2i_X509 call or do I free it after I've pushed it into the store?
> 
> The docs are silent on this as far as I can tell but some example code I've 
> seen floating around doesn't free it.
> -- 
> Karl Denninger
> k...@denninger.net 
> The Market Ticker
> [S/MIME encrypted email preferred]
> -- 
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Unclear docs -- request clarification on X509_STORE_add_cert

[Karl Denninger]

Assume the following code snippet:

const unsigned char a_cert = {... }; (A DER certificate we wish to
load into the context's chain storage)
int size_a_cert = sizeof(a_cert);

const unsigned char *cp;

X509 *cc_cert;

X509_STORE *cc = SSL_CTX_get_cert_store(a_context);
if (cc == NULL) {
    panic ("Cannot get chain; fail");
}
cp = a_cert;
cc_cert = d2i_X509(NULL, , size_a_cert);
if (cc_cert == NULL) {
  panic("Cert not valid");
}
if (!X509_STORE_add_cert(cc, cc_cert)) {    /* Push the cert into
the chain store */
 panic ("Cannot add required chain certificate");
}

/*  X509_free(cc_cert); */

The question is the last line and whether it should be there
(uncommented) -- does the X509_STORE_add_cert call load the *reference*
or does it load the *data* (allocating whatever it needs internally to
do so)?  In other words do I need to keep that X509 structure around
that got allocated by the d2i_X509 call or do I free it after I've
pushed it into the store?

The docs are silent on this as far as I can tell but some example code
I've seen floating around doesn't free it.

-- 
Karl Denninger
k...@denninger.net 
/The Market Ticker/
/[S/MIME encrypted email preferred]/


smime.p7s
Description: S/MIME Cryptographic Signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] How to form a proper hash after writing somethinginto SSL handshake.(Revised)

[Sai Teja Chowdary]

Hi,

Happy 2018 everyone.

I figured out this issue, I think it would be good to share it here in case if 
anyone is interested in knowing. The right way to make a hash is by calculating 
hash individually for the messages client certificate, client key exchange and 
store the message buffer in an array before calculating the signature in 
certificate verify message. later after forming the certificate verify message 
append this to the previous array and write the whole buffer into the wire with 
ssl3_write_bytes().This way all three message CC, CKE and CV goes in a single 
record as multiple handshake messages.

The function ssl3_finish_mac() is the one that does the hash (Digest) of bytes 
which ever are to be written to or read from wire.

Regards
Saiteja.
From: Viktor Dukhovni
Sent: Saturday, December 30, 2017 10:48 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] How to form a proper hash after writing 
somethinginto SSL handshake.(Revised)



> On Dec 29, 2017, at 10:18 PM, Sai Teja Chowdary 
>  wrote:
> 
> I want to send client certificate, client key exchange and client verify in a 
> single handshake message which appears as multiple handshake messages in a 
> single record. But to sent the client verify I need to first make a hash of 
> previous messages(client certificate and client key exchange) to create the 
> signature. I tried framing the record with above three messages and then 
> directly sending the record in the wire using SSL3_write_machine() which is 
> giving me Bad signature error. So i thought of doing a hash of client 
> certificate and client key exchange messages that go before client verify.
> 
> Can anyone help me to find the function in OpenSSL 1.1.1-dev  xx XXX  (or 
> right procedure that needs to be done before creating a certificate verify 
> message)that can do a proper transcript(digest or hash not clear). I tried 
> using ssl3_finish_mac() on the message containing client certificate and 
> client key exchange and then tried to generate the signature in certificate 
> verify message.

There is no such feature, and none is likely to ever be offered.
The reason is that you're essentially trying to write your own
TLS implementation, and SSL library in OpenSSL is provides public
interfaces for SSL users, not for new SSL implementations.

You can of course build your OpenSSL implementation based on the
OpenSSL source code, but figuring out how the code works is then
up to you. :-(

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users