Re: OpenSSL version 3.0.0-alpha1 published

[Steffen Nurpmeso]

Hello and Good Evening!

Matt Caswell wrote in
<94a03020-9f9e-cf31-c3e7-88fa4579b...@openssl.org>:
 |On 24/04/2020 16:12, Steffen Nurpmeso wrote:
 |make: *** [Makefile:2801: build_sw] Error 2
 |> 
 |> I have to go now, maybe this all goes away if i get myself the
 |> Test::Builder::TodoDiag perl module?
 |
 |I doubt it. This isn't code in the tests.

Ok, i have updated to git master as of ~30 minutes ago and
searched the net for that perl module, it is part of
Test-Simple-1.302175 which i extracted into external/perl, then
i did "echo Test-Simple-1.302175/lib >> MODULES.txt", updated my
openssl-blade: make rule to

  --prefix=$(MYPREFIX) \
zlib-dynamic shared no-deprecated threads no-tests no-async
-Wl,-rpath,'$(LIBRPATH)'

and with this compilation succeeds!
It is _incredibly_ fast!  Wow!

Well, i do not know.  I am on CRUX-Linux version 3.5, which is
less than a year old.  Crucial packages like libc and perl (and
i think these are all) are not updated in between releases, the
kernel is up to you, the rest is rolling.

 |Try adding this line with the other includes at at the top of the
 |providers/implementations/signature/dsa.c file:
 |
 |#include "internal/packet.h"
 |
 |I don't see it listed there already...I wonder why no one has got this
 |compilation error before now?

I tried that first, but it was a dead-end.

Thanks, ciao, and good luck! from Germany,

--steffen
|
|Der Kragenbaer,The moon bear,
|der holt sich munter   he cheerfully and one by one
|einen nach dem anderen runter  wa.ks himself off
|(By Robert Gernhardt)

Re: OpenSSL version 3.0.0-alpha1 published

[Sergio NNX]

  *   Windows 10 x64

  *   GCC 8.3.0 x86_64

$ openssl version -a

OpenSSL 3.0.0-alpha1 "23 Apr 2020" (Library: OpenSSL 3.0.0-alpha1 "23 Apr 2020")
built on: Fri Apr 24 18:14:53 2020 UTC
platform: mingw64
options:  bn(64,64)
compiler: /mingw/bin/gcc.exe -m64 -DWINVER=0x0501 -D_WIN32_WINNT=0x0501 
-D_WIN32_IE=0x0501 -D__PTW32_STATIC_LIB -D__PTW32_CLEANUP_C -m64 -O2 -pipe 
-mms-bitfields -fno-builtin -march=core2 -mtune=core2 -DL_ENDIAN 
-DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC -DUNICODE -D_UNICODE 
-DWIN32_LEAN_AND_MEAN -D_MT -DZLIB -DNDEBUG -I/mingw/x86_64-pc-mingw32/include 
-I/mingw/x86_64-pc-mingw32/include/directx -I/mingw/include
OPENSSLDIR: "C:/OpenSSL"
ENGINESDIR: "C:/MinGW/lib/engines-3"
MODULESDIR: "C:/MinGW/lib/ossl-modules"
Seeding source: os-specific
CPUINFO: OPENSSL_ia32cap=0x7ffaf3bfffeb:0x29c67af


Some issued found:

on.obj crypto/cversion.c
In file included from include/openssl/macros.h:11,
 from include/openssl/opensslconf.h:14,
 from include/openssl/macros.h:10,
 from include/openssl/crypto.h:15,
 from include/internal/cryptlib.h:23,
 from crypto/cversion.c:10:
crypto/cversion.c: In function 'OpenSSL_version':
include/openssl/opensslv.h:91:54: error: expected ';' before numeric constant
 # define OPENSSL_VERSION_TEXT "OpenSSL 3.0.0-alpha1 "23 Apr 2020""
  ^~
crypto/cversion.c:50:16: note: in expansion of macro 'OPENSSL_VERSION_TEXT'
 return OPENSSL_VERSION_TEXT;
^~~~
make[1]: *** [crypto/libcrypto-lib-cversion.obj] Error 1
make[1]: Leaving directory `/src/openssl-3.0.0-alpha1'
make: *** [build_sw] Error 2




From: openssl-users  on behalf of OpenSSL 

Sent: Friday, 24 April 2020 12:29 AM
To: openssl-proj...@openssl.org ; OpenSSL User 
Support ML ; OpenSSL Announce ML 

Subject: OpenSSL version 3.0.0-alpha1 published

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256


   OpenSSL version 3.0 alpha 1 released
   

   OpenSSL - The Open Source toolkit for SSL/TLS
   https://www.openssl.org/

   OpenSSL 3.0 is currently in alpha.

   OpenSSL 3.0 alpha 1 has now been made available.

   Note: This OpenSSL pre-release has been provided for testing ONLY.
   It should NOT be used for security critical purposes.

   Specific notes on upgrading to OpenSSL 3.0 from previous versions, as well
   as known issues are available on the OpenSSL Wiki, here:

https://wiki.openssl.org/index.php/OpenSSL_3.0

   The alpha release is available for download via HTTPS and FTP from the
   following master locations (you can find the various FTP mirrors under
   https://www.openssl.org/source/mirror.html):

 * https://www.openssl.org/source/
 * ftp://ftp.openssl.org/source/

   The distribution file name is:

o openssl-3.0.0-alpha1.tar.gz
  Size: 9530120
  SHA1 checksum:  4db145d3d9c9d7bfaa7b2a1fe1670f7a3781bb06
  SHA256 checksum:  
9d5be9122194ad1d649254de5e72afd329252f134791389d0cef627b18ed9a57

   The checksums were calculated using the following commands:

openssl sha1 openssl-3.0.0-alpha1.tar.gz
openssl sha256 openssl-3.0.0-alpha1.tar.gz

   Please download and check this $LABEL release as soon as possible.
   To report a bug, open an issue on GitHub:

https://github.com/openssl/openssl/issues

   Please check the release notes and mailing lists to avoid duplicate
   reports of known issues. (Of course, the source is also available
   on GitHub.)

   Yours,

   The OpenSSL Project Team.

-BEGIN PGP SIGNATURE-

iQEzBAEBCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAl6hpQcACgkQ2cTSbQ5g
RJHvtggAp7XIxm/00amD4TijQhJqMmGsj0RXqwAeSd0gWDQCf78GX4zMIW/tTgvk
I3Mb67DsOR5gdPZN5TigyqRaXSIAzfb8ZT4Gs9lo/j8RUi5AmzT2RYexbRv6bF6E
cQ0OabM3rk4qi4njTi/YD9YihO6/pv7tWZkkfPsN547bfm7p7fwCrEHw02En5IW8
hyFhkpKfA3c8MEa96yLwjhkYRTAzUmxus/mNID+Ja3/VTCmHjd1c57SHFPq9noll
Wqzhs3jEhluZKHpwmSSA0KQh1ph0kh6fnKLEn3Oge5dYV3P+JrFCRfDEMsI1Nb/F
hIr11rxXNxtBRKUSlOUyJATZn0sV6g==
=uRpM
-END PGP SIGNATURE-

Re: OpenSSL version 3.0.0-alpha1 published

[The Doctor]

On Fri, Apr 24, 2020 at 09:51:48AM -0600, The Doctor wrote:
> All right, I am test 3.0 alpha 2 using sshd and squid n FreeBSD 12.1 
> I will also test on httpd , php 74 et al.
> 
> so far openssh 8.2p1 and openssl 2.0 is working.
>

And squid 5.0.2

> -- 
> Member - Liberal International This is doctor@@nl2k.ab.ca Ici 
> doctor@@nl2k.ab.ca
> Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist 
> rising!
> https://www.empire.kred/ROOTNK?t=94a1f39b  Look at Psalms 14 and 53 on Atheism
> Joy is not in things; it is in us.  -Richard Wagner

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b  Look at Psalms 14 and 53 on Atheism
Joy is not in things; it is in us.  -Richard Wagner

Re: 3.0.0-alpha1 compile error: minor problem

[Matt Caswell]

On 24/04/2020 17:38, Claus Assmann wrote:
> It seems something went wrong when include/openssl/opensslv.h
> was generated?
> 
> cc  -Icrypto -I. -Iinclude -Iproviders/common/include 
> -Iproviders/implementations/include -Icrypto/include  -DAES_ASM -DBSAES_ASM 
> -DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM 
> -DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 
> -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM 
> -DSHA256_ASM -DSHA512_ASM -DSTATIC_LEGACY -DVPAES_ASM -DWHIRLPOOL_ASM 
> -DX25519_ASM -fPIC -pthread -Wa,--noexecstack -Qunused-arguments -Wall -O3 
> -DL_ENDIAN -DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC 
> -DOPENSSLDIR="\"/home/ca/OpenBSD/openssl-3.0.0-alpha1\"" 
> -DENGINESDIR="\"/home/ca/OpenBSD/openssl-3.0.0-alpha1/lib/engines-3\"" 
> -DMODULESDIR="\"/home/ca/OpenBSD/openssl-3.0.0-alpha1/lib/ossl-modules\"" 
> -D_THREAD_SAFE -D_REENTRANT -DNDEBUG  -MMD -MF 
> crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o 
> crypto/libcrypto-lib-cversion.o crypto/cversion.c
> crypto/cversion.c:50:16: error: expected ';' after return statement
> return OPENSSL_VERSION_TEXT;
>^
> include/openssl/opensslv.h:91:54: note: expanded from macro 
> 'OPENSSL_VERSION_TEXT'
> # define OPENSSL_VERSION_TEXT "OpenSSL 3.0.0-alpha1 "23 Apr 2020""
>  ^

Known issue. Please check the release notes on the wiki for the
workaround (section 2).

https://wiki.openssl.org/index.php/OpenSSL_3.0#Installation_and_Compilation_of_OpenSSL_3.0

Matt

Re: OpenSSL version 3.0.0-alpha1 published

[Matt Caswell]

On 24/04/2020 16:12, Steffen Nurpmeso wrote:
make: *** [Makefile:2801: build_sw] Error 2
> 
> I have to go now, maybe this all goes away if i get myself the
> Test::Builder::TodoDiag perl module?

I doubt it. This isn't code in the tests.

Try adding this line with the other includes at at the top of the
providers/implementations/signature/dsa.c file:

#include "internal/packet.h"

I don't see it listed there already...I wonder why no one has got this
compilation error before now?

Matt

3.0.0-alpha1 compile error: minor problem

[Claus Assmann]

It seems something went wrong when include/openssl/opensslv.h
was generated?

cc  -Icrypto -I. -Iinclude -Iproviders/common/include 
-Iproviders/implementations/include -Icrypto/include  -DAES_ASM -DBSAES_ASM 
-DCMLL_ASM -DECP_NISTZ256_ASM -DGHASH_ASM -DKECCAK1600_ASM -DMD5_ASM 
-DOPENSSL_BN_ASM_GF2m -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 
-DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DPOLY1305_ASM -DSHA1_ASM -DSHA256_ASM 
-DSHA512_ASM -DSTATIC_LEGACY -DVPAES_ASM -DWHIRLPOOL_ASM -DX25519_ASM -fPIC 
-pthread -Wa,--noexecstack -Qunused-arguments -Wall -O3 -DL_ENDIAN 
-DOPENSSL_BUILDING_OPENSSL -DOPENSSL_PIC 
-DOPENSSLDIR="\"/home/ca/OpenBSD/openssl-3.0.0-alpha1\"" 
-DENGINESDIR="\"/home/ca/OpenBSD/openssl-3.0.0-alpha1/lib/engines-3\"" 
-DMODULESDIR="\"/home/ca/OpenBSD/openssl-3.0.0-alpha1/lib/ossl-modules\"" 
-D_THREAD_SAFE -D_REENTRANT -DNDEBUG  -MMD -MF 
crypto/libcrypto-lib-cversion.d.tmp -MT crypto/libcrypto-lib-cversion.o -c -o 
crypto/libcrypto-lib-cversion.o crypto/cversion.c
crypto/cversion.c:50:16: error: expected ';' after return statement
return OPENSSL_VERSION_TEXT;
   ^
include/openssl/opensslv.h:91:54: note: expanded from macro 
'OPENSSL_VERSION_TEXT'
# define OPENSSL_VERSION_TEXT "OpenSSL 3.0.0-alpha1 "23 Apr 2020""
 ^

OS: OpenBSD 6.6
Maybe it's specific to my setup?

Re: OpenSSL version 3.0.0-alpha1 published

[Yann Ylavic]

On Fri, Apr 24, 2020 at 5:50 PM The Doctor  wrote:
>
> I will also test on httpd , php 74 et al.

This commit might help if you want to test httpd trunk/master:
https://github.com/apache/httpd/commit/316aea784d9423688ea38943d95d1d2b614fc921

Regards,
Yann.

Re: OpenSSL version 3.0.0-alpha1 published

[Nicola Tuveri]

At https://wiki.openssl.org/index.php/OpenSSL_3.0#Providers there was
already an example of how to do this programmatically, and a link to the
manpage for the config file syntax.

I just added also a minimal config file example to load both the default
and the legacy provider in the default library context.


Cheers,

Nicola

On Fri, 24 Apr 2020 at 17:56, Sam Roberts  wrote:

> On Fri, Apr 24, 2020 at 1:05 AM Matt Caswell  wrote:
> > This one is interesting:
> >
> > ERR_OSSL_EVP_FETCH_FAILED
> >
> >
> > This means that the algorithm you are trying to use isn't available in
> > the loaded providers. Since you should be getting the default provider
> > loaded automatically it could be because some legacy algorithms were
> > moved to the legacy provider (MD2, MD4, MDC2, RMD160, CAST5, BF
> > (Blowfish), IDEA, SEED, RC2, RC4, RC5 and DES (but not 3DES)). If you're
> > using something from that list then that would explain it.
>
> Can we add the legacy provider, via configuration, or via code?
>

Re: OpenSSL version 3.0.0-alpha1 published

[The Doctor]

All right, I am test 3.0 alpha 2 using sshd and squid n FreeBSD 12.1 
I will also test on httpd , php 74 et al.

so far openssh 8.2p1 and openssl 2.0 is working.

-- 
Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca
Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising!
https://www.empire.kred/ROOTNK?t=94a1f39b  Look at Psalms 14 and 53 on Atheism
Joy is not in things; it is in us.  -Richard Wagner

Re: OpenSSL version 3.0.0-alpha1 published

[Sam Roberts]

On Fri, Apr 24, 2020 at 1:05 AM Matt Caswell  wrote:
> This one is interesting:
>
> ERR_OSSL_EVP_FETCH_FAILED
>
>
> This means that the algorithm you are trying to use isn't available in
> the loaded providers. Since you should be getting the default provider
> loaded automatically it could be because some legacy algorithms were
> moved to the legacy provider (MD2, MD4, MDC2, RMD160, CAST5, BF
> (Blowfish), IDEA, SEED, RC2, RC4, RC5 and DES (but not 3DES)). If you're
> using something from that list then that would explain it.

Can we add the legacy provider, via configuration, or via code?

Re: OpenSSL version 3.0.0-alpha1 published

[Steffen Nurpmeso]

Hello!

OpenSSL wrote in
<20200423142936.ga24...@openssl.org>:
 |   OpenSSL version 3.0 alpha 1 released

That surely is "a great step" for you who work with that code!
Congratulations.

I get compile errors, maybe some config flags are not honoured
correctly yet?  So i am using a local git clone checkout at
[852c2ed260], configured via

  #?0|kent:openssl$ ./config \
--prefix=/home/steffen/usr-kent-linux-x86_64/opt/.ossl-3.0 \
zlib-dynamic no-hw shared no-deprecated no-async no-tests \
-Wl,-rpath,'$(LIBRPATH)'
  Operating system: x86_64-whatever-linux2
  * Deprecated options: no-hw
  Configuring OpenSSL version 3.0.0-alpha2-dev for target linux-x86_64
  Using os-specific seed configuration
  Creating configdata.pm
  Running configdata.pm
  Creating Makefile

  **
  ******
  ***   OpenSSL has been successfully configured ***
  ******
  ***   If you encounter a problem while building, please open an***
  ***   issue on GitHub   ***

I cannot open a github issue, i have no github account, and if
i were from Cuba, Iran or several different other states that my
parents had chosen etc etc etc.  Etc.  (I had an account ten years
or so ago, and wanted to pay for the service with cash, with they
did not want.  Only credit cards.  So i left.)

  ***   and include the output from the following command:   ***
  ******
  ***   perl configdata.pm --dump***
  ******
  ***   (If you are new to OpenSSL, you might want to consult the***
  ***   'Troubleshooting' section in the INSTALL file first) ***

This is INSTALL.md now.

  ******
  **

The "first" failure happens here, i wonder whether that shouldn't
be covered by "no-tests"?

  Can't locate Test/Builder/TodoDiag.pm in @INC (you may need to install the 
Test::Builder::TodoDiag module) (@INC contains: /tmp/openssl/util/perl . 
providers/common/der /home/steffen/src/symobj.git/lib /usr/lib/p
  erl5/site_perl/5.28/linux-thread-multi /usr/lib/perl5/site_perl/5.28 
/usr/lib/perl5/5.28/linux-thread-multi /usr/lib/perl5/5.28 
/tmp/openssl/external/perl/Text-Template-1.56/lib) at 
/usr/lib/perl5/5.28/Test/Build
  er.pm line 38.
  BEGIN failed--compilation aborted at /usr/lib/perl5/5.28/Test/Builder.pm line 
38.
  Compilation failed in require at /usr/lib/perl5/5.28/Test/Builder/Module.pm 
line 5.
  BEGIN failed--compilation aborted at 
/usr/lib/perl5/5.28/Test/Builder/Module.pm line 5.
  Compilation failed in require at /usr/lib/perl5/5.28/Test/More.pm line 22.
  BEGIN failed--compilation aborted at /usr/lib/perl5/5.28/Test/More.pm line 22.
  Compilation failed in require at /tmp/openssl/util/perl/OpenSSL/OID.pm line 
309.
  BEGIN failed--compilation aborted at /tmp/openssl/util/perl/OpenSSL/OID.pm 
line 309.
  Compilation failed in require at providers/common/der/oids_to_c.pm line 16.
  BEGIN failed--compilation aborted at providers/common/der/oids_to_c.pm line 
16.
  Compilation failed in require.
  BEGIN failed--compilation aborted.
  Can't locate Test/Builder/TodoDiag.pm in @INC (you may need to install the 
Test::Builder::TodoDiag module) (@INC contains: /tmp/openssl/util/perl . 
providers/common/der /home/steffen/src/symobj.git/lib /usr/lib/p
  erl5/site_perl/5.28/linux-thread-multi /usr/lib/perl5/site_perl/5.28 
/usr/lib/perl5/5.28/linux-thread-multi /usr/lib/perl5/5.28 
/tmp/openssl/external/perl/Text-Template-1.56/lib) at 
/usr/lib/perl5/5.28/Test/Build
  er.pm line 38.
  BEGIN failed--compilation aborted at /usr/lib/perl5/5.28/Test/Builder.pm line 
38.
  Compilation failed in require at /usr/lib/perl5/5.28/Test/Builder/Module.pm 
line 5.
  BEGIN failed--compilation aborted at 
/usr/lib/perl5/5.28/Test/Builder/Module.pm line 5.
  Compilation failed in require at /usr/lib/perl5/5.28/Test/More.pm line 22.
  BEGIN failed--compilation aborted at /usr/lib/perl5/5.28/Test/More.pm line 22.
  Compilation failed in require at /tmp/openssl/util/perl/OpenSSL/OID.pm line 
309.
  BEGIN failed--compilation aborted at /tmp/openssl/util/perl/OpenSSL/OID.pm 
line 309.
  Compilation failed in require at providers/common/der/oids_to_c.pm line 16.
  BEGIN failed--compilation aborted at providers/common/der/oids_to_c.pm line 
16.
  Compilation failed in require.
  BEGIN failed--compilation aborted.
  make[1]: *** [Makefile:20051: providers/common/include/prov/der_ec.h] Error 2
  make[1]: *** Waiting for unfinished jobs
  make[1]: *** [Makefile:20039: providers/common/include/prov/der_dsa.h] Error 2
 

Re: questions on using ed25519

[Nicola Tuveri]

That's right! Thanks Viktor for pointing that out!!

I just opened an issue to track this:
https://github.com/openssl/openssl/issues/11633

We warmly welcome contributions from everyone and this could be a good
first issue to work on: Yang (as the person that started this thread and
noticed the issue first) or anyone else from the community, are you willing
to get your hands dirty and help out the project?


  Nicola


On Thu, 23 Apr 2020 at 19:33, Viktor Dukhovni 
wrote:

> On Thu, Apr 23, 2020 at 11:23:35AM +0200, Nicola Tuveri wrote:
>
> > > On 22/04/2020 18:12, Viktor Dukhovni wrote:
> > > > sadly the
> > > > EVP_PKEY_METHOD for ed25519 has a NULL sign() member, instead,
> somewhat
> > > > ironically, it has a digestsign() method.  This is presumably to
> > > > distinguish between the pure and prehash variants.  Therefore,
> presently
> > > > pkeyutl(1) indeed appears to not implement signing and verifying with
> > > > ed25519, this looks doable with modest effort.
> > >
> > > I'm fairly sure it used to have a "sign" function during the dev phase
> -
> > > but it was taken out. I forget the reasoning.
> >
> > Yes, that change was intentional, the reasoning is detailed in the
> > discussion in: https://github.com/openssl/openssl/pull/6284
>
> This did leave us with a documentation bug, the dgst(1) manpage suggests
> using pkeyutl(1) for ed25519 and ed448, but the latter does not work.
>
> The dgst(1) manpage probably needs a tweak to remove the misleading
> redirect.  Or else backport the pkeyutl(1) support from 3.0, but we're
> not supposed to add features in 1.1.1x patch releases, and there are no
> plans for a 1.1.2.
>
> --
> Viktor.
>

Re: OpenSSL version 3.0.0-alpha1 published

[Matt Caswell]

On 24/04/2020 13:15, Yann Ylavic wrote:
> On Fri, Apr 24, 2020 at 1:26 PM Yann Ylavic  wrote:
>>
>> - Custom input BIO_METHOD (using httpd filters' stack) asserted its
>> _ctrl() was never called, so far..
>> The new BIO_eof() calls in codebase, notably from ssl3_read_n(),
>> breaks this assertion.
>> Handling the case for BIO_CTRL_EOF made it, dunno if others may be
>> bitten by that.
> 
> BTW, what is a BIO supposed to do on BIO_CTRL_EOF request when there
> is no pending data, some kind of speculative read to check whether the
> connection is still up or returning zero lazily is fine?

I'd say returning 0 lazily is fine.

Matt

Re: OpenSSL version 3.0.0-alpha1 published

[Matt Caswell]

On 24/04/2020 12:26, Yann Ylavic wrote:
> Hi team,
> 
> I gave 3.0.0-alpha1 a try with Apache httpd.
> tl;dr it works with minimal changes, congrats!

That's great to hear. Thanks for the feedback Yann!

Matt

Re: OpenSSL version 3.0.0-alpha1 published

[Yann Ylavic]

On Fri, Apr 24, 2020 at 1:26 PM Yann Ylavic  wrote:
>
> - Custom input BIO_METHOD (using httpd filters' stack) asserted its
> _ctrl() was never called, so far..
> The new BIO_eof() calls in codebase, notably from ssl3_read_n(),
> breaks this assertion.
> Handling the case for BIO_CTRL_EOF made it, dunno if others may be
> bitten by that.

BTW, what is a BIO supposed to do on BIO_CTRL_EOF request when there
is no pending data, some kind of speculative read to check whether the
connection is still up or returning zero lazily is fine?

Regards,
Yann.

Re: Generating and checking SM2 signatures

[Jörg Heßdörfer]

Hello Billy,

On 23.04.2020 04:36, Billy Brumley wrote:

I'm tasked to implement certain cryptographic functions (chiefly
signature creation/validation) using the SM2 algorithm for a
communication testing application. My problem is that the standard which
I need to follow (which is, unfortunately, not a public standard) states
that the signature needs to be generated over H(data input) || H(some
ID) , so I cannot use the EVP-Method as I understand it from
https://www.openssl.org/docs/manmaster/man7/SM2.html (here, H is the SM3
hash function). This would be possible to achieve by generating the
digest and then using the (albeit deprecated) function ECDSA_do_sign for
ECDSA but I don't know how to do it for SM2.

It seems like you're trying to roll your own SM2 -- don't do that ;)


No, actually I don't. But tell that the standards groups ;-)


Is there any way to do this with openssl? Any help or pointer is very
much appreciated!

I ... think it is possible directly with EVP and control strings. Step through

openssl pkeyutl -inkey private.key -in /some/file -rawin -sign
-pkeyopt sm2_id:foobar

in a debugger and that should get you on the right path.

BBB
thanks for the pointer! This got me started in the right direction. I 
did not use the debugger, but the source code of pkeyutil instead ;-)


I can now (I hope) generate signatures without using the built-in digest 
hash first, by simply calling


EVP_DigestSignInit(mctx, NULL, NULL, NULL, pkey)

instead of

EVP_DigestSignInit(mctx, NULL, EVP_sm3(), NULL, pkey)

Thank you again and stay well,
    Jörg

--
Jörg Heßdörfer
S.E.A. Datentechnik GmbH
Mülheimer Straße 7
53840 Troisdorf
Tel.: +49 2241 12737-19
Fax.: +49 2241 12737-14
E-Mail: joerg.hessdoer...@sea-gmbh.com
Web : http://www.sea-gmbh.com

Informationen nach 37aHGB, 35a GmbH-Gesetz:
S.E.A.
Science& Engineering Applications
Datentechnik GmbH
Sitz der Gesellschaft Köln
Handelsregister Köln HRB 27016
Geschäftsführer: Dr. Gerd Schmitz, Wolfram Koerver

Re: OpenSSL version 3.0.0-alpha1 published

[Yann Ylavic]

Hi team,

I gave 3.0.0-alpha1 a try with Apache httpd.
tl;dr it works with minimal changes, congrats!

The changes needed on httpd side:

- SSL_CTX_load_verify_locations() and X509_STORE_load_locations()
Replaced by {SSL_CTX,X590_STORE}_load_verify_file() +
{SSL_CTX,X590_STORE}_load_verify_{dir,path}().
I.e. open coding.

- DH_bits(dh) (used for logging only in httpd)
Replaced by BN_num_bits(DH_get0_p(dh)).
Not sure this one should be deprecated, it seems to be used in several
places in openssl codebase still, no replacement?

- SSL_CTX_set_tlsext_ticket_key_cb()
Replaced by SSL_CTX_set_tlsext_ticket_key_evp_cb() because of HMAC_Init_ex().
With a bit of #ifdef-ery (for compatibility), the openssl-3 version
uses EVP_MAC_CTX_set_params() for HMAC, per man page.

- ERR_peek_error_line_data() => ERR_peek_error_data()
Easy one.

- Custom input BIO_METHOD (using httpd filters' stack) asserted its
_ctrl() was never called, so far..
The new BIO_eof() calls in codebase, notably from ssl3_read_n(),
breaks this assertion.
Handling the case for BIO_CTRL_EOF made it, dunno if others may be
bitten by that.

And that's all, no intensive testing done yet, but at least the
(automatic) tests framework passes locally, nice work!

Thanks,
Yann.

Re: OpenSSL version 3.0.0-alpha1 published

[Matt Caswell]

On 24/04/2020 00:05, Sam Roberts wrote:
> Fwiw, took a quick run at building and testing Node.js against the 3.x beta.
> 
> It was API compatible enough to build.

Good to hear!

> The DH_, ECDH_, HMAC_, etc.
> deprecations make sense, will look at those.
> 
> My assumption is that EVP versions of these exist in openssl 1.1.1,
> and that if we switch our openssl 1.1.1 code to using the EVP APIs,
> that that cod will then work unchanged when we update to openssl 3.x?

Yes.

For DH_ and ECDH_ use EVP_PKEY_derive*:

https://www.openssl.org/docs/manmaster/man3/EVP_PKEY_derive.html


HMAC_ is a bit more complicated. The preferred way of doing this is to
use the EVP_MAC_* API.

https://www.openssl.org/docs/manmaster/man3/EVP_MAC.html

However this API is newly added in 3.0. You can calculate an HMAC via
EVP in 1.1.1 (and this way still works in 3.0), but frankly the old way
of doing things is a bit of hack. It does work though. There is an
example on the wiki:

https://wiki.openssl.org/index.php/EVP_Signing_and_Verifying


> 
> ERR_func_error_string, what is its replacement? I didn't see it
> mentioned in the wiki, but its marked deprecated.
> 
> Tests didn't go so well. Minor changes in error strings are to be
> expected, but more than that changed.
> 
> I haven't looked at these yet other than scan the output, we might be
> relying on internals, but just for anyone curious, here's the test
> output:

Relying on internals would explain it. Or its also entirely possible
that we accidentally broke something. I look forward to seeing the
results of your investigations.

> 
> https://gist.github.com/sam-github/5a3b3775029efb3d31109d7e6e390f85
> 

Scanning the output I notice a couple of things.

There's a number of these:

ERR_OSSL_DH_MODULUS_TOO_SMALL

There is this in the CHANGES.md file which might explain it:

 * Enforce a minimum DH modulus size of 512 bits.


This one is interesting:

ERR_OSSL_EVP_FETCH_FAILED


This means that the algorithm you are trying to use isn't available in
the loaded providers. Since you should be getting the default provider
loaded automatically it could be because some legacy algorithms were
moved to the legacy provider (MD2, MD4, MDC2, RMD160, CAST5, BF
(Blowfish), IDEA, SEED, RC2, RC4, RC5 and DES (but not 3DES)). If you're
using something from that list then that would explain it.

Matt

Re: OpenSSL version 3.0.0-alpha1 published

[Tomas Mraz]

On Thu, 2020-04-23 at 16:05 -0700, Sam Roberts wrote:
> Fwiw, took a quick run at building and testing Node.js against the
> 3.x beta.
> 
> It was API compatible enough to build. The DH_, ECDH_, HMAC_, etc.
> deprecations make sense, will look at those.
> 
> My assumption is that EVP versions of these exist in openssl 1.1.1,
> and that if we switch our openssl 1.1.1 code to using the EVP APIs,
> that that cod will then work unchanged when we update to openssl 3.x?
> 
> ERR_func_error_string, what is its replacement? I didn't see it
> mentioned in the wiki, but its marked deprecated.

There is no replacement. The function code part of the error code is
always set to zero. I've now mentioned it in the Wiki page.

https://wiki.openssl.org/index.php/OpenSSL_3.0#Other_notable_deprecations_and_changes

-- 
Tomáš Mráz
No matter how far down the wrong road you've gone, turn back.
  Turkish proverb
[You'll know whether the road is wrong if you carefully listen to your
conscience.]