Re: Decrypted buffer padding
Hi again, Hi, ** ** Thanks for your reply. ** ** I am aware of CipherFinal() but I wonder why CipherUpdate() writes anything into the final buffer at all if the buffer size is a multiple of the padding size. It looks a bit strange. The CipherUpdate() should implement a symmetric block cipher. Thus, the CipherUpdate() should write anything into the final buffer if the buffer size is multiple of the block size. If don't, the CipherFinal() will encrypt the exceeding bytes. Additionally CipherFinal() fails if I call it afterwards. Consider that I'm only a beginner OpenSSL user, anyway, I suggest to use the EVP_EncryptUpdate() and the EVP_EncryptFinal_ex(), they worked fine for me. ** ** The documentation says “as a result the amount of data written may be anything from zero bytes to (inl + cipher_block_size - 1)”. From that I take it that usually the final buffer should only contain data of the size “cipher_block_size – 1” which is not the case with the described behaviour. ** ** Cheers Nico ** Cheers Andrea -- *Von:* owner-openssl-us...@openssl.org [mailto: owner-openssl-us...@openssl.org] *Im Auftrag von *Andrea Saracino *Gesendet:* Freitag, 2. Dezember 2011 00:31 *An:* openssl-users@openssl.org *Betreff:* Re: Decrypted buffer padding ** ** Hi, after you use the EVP_CipherUpdate(), you have to call the EVP_CipherFinal() to encrypt the remaining bytes. Refer to the documentation to see how to correctly pass the parameters: http://www.openssl.org/docs/crypto/EVP_EncryptInit.html. The same goes for the decryption. I hope this help. Cheers. Andrea Il giorno 01 dicembre 2011 12:31, Nico Flink fl...@coolux.de ha scritto: Hello, I am trying to decrypt a buffer whose size is a multiple of the padding size (n * 16 bytes). But instead of getting the whole buffer as a result from EVP_CipherUpdate() I only get “InSize – PaddingSize” decrypted bytes. I get this behaviour with padding enabled and disabled. Is this the correct behaviour and is there anything I can do about it? In my application I need the insize to equal the outsize. Thanks a lot for your help. Cheers Nico ** **
Re: Decrypted buffer padding
Hi, after you use the EVP_CipherUpdate(), you have to call the EVP_CipherFinal() to encrypt the remaining bytes. Refer to the documentation to see how to correctly pass the parameters: http://www.openssl.org/docs/crypto/EVP_EncryptInit.html. The same goes for the decryption. I hope this help. Cheers. Andrea Il giorno 01 dicembre 2011 12:31, Nico Flink fl...@coolux.de ha scritto: Hello, ** ** I am trying to decrypt a buffer whose size is a multiple of the padding size (n * 16 bytes). But instead of getting the whole buffer as a result from EVP_CipherUpdate() I only get “InSize – PaddingSize” decrypted bytes. I get this behaviour with padding enabled and disabled. Is this the correct behaviour and is there anything I can do about it? In my application I need the insize to equal the outsize. ** ** Thanks a lot for your help. ** ** Cheers Nico ** **
Issue on EVP_CIPHER_CTX
Hello to everyone, I'm finding some issues using the symmetric encryption and decryption routines EVP_encrypt/decrypt. Here is the code of the function that I'm calling: int cipher :: symm_encrypt(){ EVP_CIPHER_CTX_init(symm_ctx); init_symm_cipher(symm_encryption_alg); int cipher_text_length; int tmp_len; if(!EVP_EncryptUpdate(symm_ctx, buffer, cipher_text_length, (unsigned char*) data.c_str(), MAX_MSG_SIZE)) return 0; if(!EVP_EncryptFinal_ex(symm_ctx, buffer + cipher_text_length, tmp_len)) return 0; EVP_CIPHER_CTX_cleanup(symm_ctx); return 1; } Buffer is an unsigned char * dinamically initialized with: new unsigned char [4096] symm_encryption_alg is EVP_bf_cbc() symm_ctx is EVP_CIPHER_CTX_new(); Well it seems that after the execution of this function something spurious is written in memory, infact if I call the destructor of my class object cipher without calling this function everything works fine, otherwise sometimes I'm obtaining a segmentation fault. Using Valgrind it reports several errors about the function BF_encrypt() about the use of 4 unititialized bytes. Are there known issues about this function that could be related to this problem? Thanks in advance. Best Regards. Andrea Saracino
Re: X509 verify
I'm using the PEM_write_X509(), avoiding the BIO, is there any difference? Anyway, this function does not give errors. Calling the ERR_error_string() on the failed verify, the error returned is: error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP lib Searching on Google for this error it is not so helpful, it says only that something on the certificate or on the public key is wrong. Probably the i2d/d2i functions add something undesired on mine X509 structure. Thanks again for your help. Best Regards Andrea Saracino 2011/7/28 Erwin Himawan ehima...@gmail.com By the way sorry for the font size, it does not mean anything, it just mixed up during cut and paste. The function to dump x509 into a certificate is is PEM_write_bio_X509() and the function to dump a x509 der file is bio_write(). Here is the doc on bio_write http://www.manpagez.com/man/3/BIO_write/osx-10.3.php erwin On Wed, Jul 27, 2011 at 8:20 PM, Erwin Himawan ehima...@gmail.com wrote: ** I would not use the X509_print_fp(), since it does not give you the PEM or DER file. Use intead PEM_write_bio or write_bio() for PEM and DER respectively. Also check for error for the status of these two bio write function. hopefully it helps *From:* Andrea Saracino saracino.and...@gmail.com *Sent:* Wednesday, July 27, 2011 6:05 PM *To:* openssl-users@openssl.org *Subject:* Re: X509 verify Hi Erwin, thanks for your fast answer. I dumped both the certificates in 2 PEM files, then I used the X509_print_fp() to obtain the readable version of both of them. The two resulting files are identical. Perhaps there is something wrong in the invocation of the i2d/d2i functions. I'm posting an extract of the code: // struct T_G_4{ unsigned char nonce[NONCE_SIZE]; int cert_size; unsigned char certificate[MAX_MSG_SIZE-NONCE_SIZE-sizeof(int)]; } /*...*/ T_G_4 * TG4=new T_G_4; /*...*/ peer_certificate=/* initialization function */ //this is a private member of a class and the two functions are members of the same class EVP_PKEY * pubkey=EVP_PKEY_new(); EVP_PKEY_set1_RSA(pubkey, rsa_ca_pub_key); X509_verify(peer_certificate,pubkey); //this verification returns 1 unsigned char * serialized certificate=NULL; //following the example of the openssl d2i_X509 page, NULL pointer avoids the management of the increasing pointer TG4-cert_size=i2d(peer_certificate,serialized_certificate); //serialization memcpy(TG4-certificate,serialized_certificate,TG4-cert_size); //initialize the remaining fields and return TG4 //passing the structure to another function //other function: /*...*/ unsigned char * serialized_certificate=new unsigned char [TG4-cert_size]; memcpy(serialized_certificate,TG4-certificate,TG4-cert_size); peer_certificate = d2i_X509(NULL,(const unsigned char **)serialized_certificate,TG4-cert_size); //deserialization X509_verify(peer_certificate,pubkey); //now it returns 0... :( /*...*/ Is there something wrong in this code? Thanks in advance. Best Regards Andrea Saracino 2011/7/27 Erwin Himawan ehima...@gmail.com The way I would verify this is by writting the original X509 object into PEM file and dumping the X509 object resulted from d2i_x509() into another PEM file and compares both files using the openssl ; either using asnparse or x509 command. On Wed, Jul 27, 2011 at 9:46 AM, Andrea Saracino saracino.and...@gmail.com wrote: Hello everyone, I've found some issues using the function X509_verify() on a simple X509 certificate. After the creation, if I call: X509_verify(certificate,ca_key); the function returns 1, but if I call the i2d_X509() function on the certificate and then the d2i_X509() on the obtained byte string, the X509_verify() on the resultant certificate returns 0. I printed the certificate, in a readable format, before and after the i2d() and d2i() execution and the result is exactly the same. The various fields (issuer, subject...) have the correct values. Any ideas? Best Regards Andrea Saracino
X509 verify
Hello everyone, I've found some issues using the function X509_verify() on a simple X509 certificate. After the creation, if I call: X509_verify(certificate,ca_key); the function returns 1, but if I call the i2d_X509() function on the certificate and then the d2i_X509() on the obtained byte string, the X509_verify() on the resultant certificate returns 0. I printed the certificate, in a readable format, before and after the i2d() and d2i() execution and the result is exactly the same. The various fields (issuer, subject...) have the correct values. Any ideas? Best Regards Andrea Saracino
Re: X509 verify
Hi Erwin, thanks for your fast answer. I dumped both the certificates in 2 PEM files, then I used the X509_print_fp() to obtain the readable version of both of them. The two resulting files are identical. Perhaps there is something wrong in the invocation of the i2d/d2i functions. I'm posting an extract of the code: // struct T_G_4{ unsigned char nonce[NONCE_SIZE]; int cert_size; unsigned char certificate[MAX_MSG_SIZE-NONCE_SIZE-sizeof(int)]; } /*...*/ T_G_4 * TG4=new T_G_4; /*...*/ peer_certificate=/* initialization function */ //this is a private member of a class and the two functions are members of the same class EVP_PKEY * pubkey=EVP_PKEY_new(); EVP_PKEY_set1_RSA(pubkey, rsa_ca_pub_key); X509_verify(peer_certificate,pubkey); //this verification returns 1 unsigned char * serialized certificate=NULL; //following the example of the openssl d2i_X509 page, NULL pointer avoids the management of the increasing pointer TG4-cert_size=i2d(peer_certificate,serialized_certificate); //serialization memcpy(TG4-certificate,serialized_certificate,TG4-cert_size); //initialize the remaining fields and return TG4 //passing the structure to another function //other function: /*...*/ unsigned char * serialized_certificate=new unsigned char [TG4-cert_size]; memcpy(serialized_certificate,TG4-certificate,TG4-cert_size); peer_certificate = d2i_X509(NULL,(const unsigned char **)serialized_certificate,TG4-cert_size); //deserialization X509_verify(peer_certificate,pubkey); //now it returns 0... :( /*...*/ Is there something wrong in this code? Thanks in advance. Best Regards Andrea Saracino 2011/7/27 Erwin Himawan ehima...@gmail.com The way I would verify this is by writting the original X509 object into PEM file and dumping the X509 object resulted from d2i_x509() into another PEM file and compares both files using the openssl ; either using asnparse or x509 command. On Wed, Jul 27, 2011 at 9:46 AM, Andrea Saracino saracino.and...@gmail.com wrote: Hello everyone, I've found some issues using the function X509_verify() on a simple X509 certificate. After the creation, if I call: X509_verify(certificate,ca_key); the function returns 1, but if I call the i2d_X509() function on the certificate and then the d2i_X509() on the obtained byte string, the X509_verify() on the resultant certificate returns 0. I printed the certificate, in a readable format, before and after the i2d() and d2i() execution and the result is exactly the same. The various fields (issuer, subject...) have the correct values. Any ideas? Best Regards Andrea Saracino