RE: authenticate peer
Please help me to understand more about SELF SIGNED CERTIFICATES. Do Self-Signed certificates have to signed at all by its own CA ?? Do we have to generate CSR for each client ?? If they do, What is the best way to create Self-Signed Cert ?? Either 1. Each client is its own CA a. // generate keys and CSR openssl req -newkey rsa:1024 -sha1 -keyout clientkey.pem -out clientreq.pem b. // generate cert signed by its own CA openssl x509 -req -in clientreq.pem -sha1 -signkey clientkey.pem -out clientcert.pem 2. Create one root CA, every client create its own Certificate signed by root CA //create root a. openssl req -newkey rsa:1024 -sha1 -keyout rootkey.pem -out rootreq.pem b. openssl x509 -req -in rootreq.pem -sha1 -signkey rootkey.pem -out rootcert.pem c. cat rootcert.pem rootkey.pem root.pem // create client certificate , signed by common root d. openssl req -newkey rsa:1024 -sha1 -keyout clientkey.pem -out clientreq.pem f. openssl x509 -req -in clientreq.pem -sha1 -CA root.pem -CAkey root.pem -signkey -out client.pem Please help. Thao -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Lloyd Sent: Monday, June 04, 2012 6:24 AM To: openssl-users@openssl.org Subject: Re: authenticate peer Thanks again... In my case I am using SELF SIGNED CERTIFICATES, totally eliminating CA. So, is it possible to check both sides without a CA? Thanks for your help Lloyd On Mon, Jun 4, 2012 at 3:45 PM, Alexander Komyagin komya...@altell.ru wrote: If you need checks on both sides, both client and server shall have loaded their own certificates (private/public keys) and some CA certificate(s) to be verified against. SSL_CTX_load_verify_locations() loads locations where CA certs are stored. Take a look at http://www.openssl.org/docs/ssl/SSL_CTX_load_verify_locations.html On Mon, 2012-06-04 at 15:14 +0530, Lloyd wrote: Thanks Alexander Komyagin, So it means in mutual authentication mode also, each client and server need only to load its only private key and public key. During SSL handshake the SSL protocol will share the public keys of each other? Then whats the use of SSL_CTX_load_verify_locations() API? In my case the client need to authenticate server and also the server need to authenticate client. Thanks again, Lloyd On Mon, Jun 4, 2012 at 2:57 PM, Alexander Komyagin komya...@altell.ru wrote: Hi, Lloyd! If you are establishing SSL connection between client and server, and SSL_VERIFY_PEER flag is set, AFAIK server will ask for client certificate during SSL handshake phase. So why do you need to load clients certs manually? On Mon, 2012-06-04 at 11:06 +0530, Lloyd wrote: Hi, We have a client server application with SSL (open ssl). The server has a public/private key pair and also each client has a public/private key pair. When client and server communicates they need to authenticate each other. So we are using the flags SSL_VERIFY_PEER| SSL_VERIFY_FAIL_IF_NO_PEER_CERT at both the client and server. All the certificates are self signed. Each client is unique, that is each of them has its own private/public key pair. In order to verify each client, the server needs to load all the clients certificates (isn't certificate mean public key in this context?),. Is it possible to load all client certificate? which openSSL api shoud I use ffor this? Thanks a lot, Lloyd -- Best wishes, Alexander Komyagin __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org -- Best wishes, Alexander Komyagin __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org smime.p7s Description: S/MIME cryptographic signature
RE: expired ssl certificate
); } return ok; } The ok parameter tells you whether the certificate passed so that if it's not ok (didn't pass) you can examine the reason/error and the certificate itself to see whether or not you want to over-rule that result. The return value indicates whether you want to accept it or not - the above example only reports the result (without changing it) and (if it fails) the reason for failure without changing anything. If it's not ok and you look at the cert and it's expired but you don't care, return 1 and it will be accepted. Look at the examples in the pdf for some examples. As I said earlier, standard warnings apply - you're overruling standard security mechanisms for your own purposes which can be dangerous if you're not careful. 3. I think I've answered that above N --- Nou Dadoun ndad...@teradici.com 604-628-1215 -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dinh, Thao V CIV NSWCDD, K72 Sent: April 11, 2012 4:19 AM To: openssl-users@openssl.org Subject: RE: expired ssl certificate Hi Nou Please help me understand more about this subject ( I am new to Openssl) 1. What happen if the peer presents an expired certificate and we do not implement callback using SSL_CTX_set_verify with SSL_VERIFY_PEER flag set, will the SSL_connect or SSL_accept fail ??? 2. What is the function of verification callback ? Just report error of expired certificate or actually let expired certificate be accepted ?? what is X509_.. function shoud I uses to let expired cert being accept ?? 3. what is the different between standard verify operation and the verify callback ??? Thank You Thao Dinh -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Nou Dadoun Sent: Tuesday, April 10, 2012 3:15 PM To: openssl-users@openssl.org Subject: RE: expired ssl certificate You can use a verification callback to look at the certificate after the standard verify operation has been performed to decide whether or not to allow the certificate anyway. Look at the O'Reilly book (http://doc.hackbbs.org/Reseaux/O_Reilly_-_Network_Security_with_OpenSSL.pdf ) page 132 or so has some sample code you can probably modify. Standard warnings apply .. N --- Nou Dadoun ndad...@teradici.com 604-628-1215 From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Srihari, Gautam Sent: April 10, 2012 3:04 AM To: openssl-...@openssl.org; openssl-users@openssl.org Subject: expired ssl certificate Hi, I have a server application and the client uses https to connect to the server. For this I had created an openssl self signed certificate cacert.pem which has been distributed to all the client applications. Now unfortunately the certificate has expired. I can create a new certificate. But distributing to all the clients is going to be difficult. Is there some way by using open ssl, I can make the server ignore expired certificates so I don't have to ask each client to update to a new certificate? The crux of the problem is that I want to continue to allow clients to use the server without Having them to upgrade anything i.e change should be done only on the server side. Reg., Gautam __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org smime.p7s Description: S/MIME cryptographic signature
RE: expired ssl certificate
Hi Nou Please help me understand more about this subject ( I am new to Openssl) 1. What happen if the peer presents an expired certificate and we do not implement callback using SSL_CTX_set_verify with SSL_VERIFY_PEER flag set, will the SSL_connect or SSL_accept fail ??? 2. What is the function of verification callback ? Just report error of expired certificate or actually let expired certificate be accepted ?? what is X509_.. function shoud I uses to let expired cert being accept ?? 3. what is the different between standard verify operation and the verify callback ??? Thank You Thao Dinh -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Nou Dadoun Sent: Tuesday, April 10, 2012 3:15 PM To: openssl-users@openssl.org Subject: RE: expired ssl certificate You can use a verification callback to look at the certificate after the standard verify operation has been performed to decide whether or not to allow the certificate anyway. Look at the O'Reilly book (http://doc.hackbbs.org/Reseaux/O_Reilly_-_Network_Security_with_OpenSSL.pdf ) page 132 or so has some sample code you can probably modify. Standard warnings apply .. N --- Nou Dadoun ndad...@teradici.com 604-628-1215 From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Srihari, Gautam Sent: April 10, 2012 3:04 AM To: openssl-...@openssl.org; openssl-users@openssl.org Subject: expired ssl certificate Hi, I have a server application and the client uses https to connect to the server. For this I had created an openssl self signed certificate cacert.pem which has been distributed to all the client applications. Now unfortunately the certificate has expired. I can create a new certificate. But distributing to all the clients is going to be difficult. Is there some way by using open ssl, I can make the server ignore expired certificates so I don't have to ask each client to update to a new certificate? The crux of the problem is that I want to continue to allow clients to use the server without Having them to upgrade anything i.e change should be done only on the server side. Reg., Gautam smime.p7s Description: S/MIME cryptographic signature
RE: Looking for command in openssl to verify CA
Hi Thank for your help. I learn a new thing every day. I really do not know there is a different between SERVER cert and Client cert. If I am have a self sign CA certificate, what is the different in option in openssl command which allow me to generate Server cert signed by my CA and Client cert ??? I have a script file which come from Network security with openSSL ( page 124) generate a root CA cert/key, server CA ( signed by root CA), server cert/key ( signed by server CA) and client cert/key ( signed by root CA). I look into openssl command and *.cnf files, but I do not see the different when generate Client or Server cert. I am lost. Please help. TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Wednesday, July 04, 2007 5:52 To: openssl-users@openssl.org Subject: RE: Looking for command in openssl to verify CA Hello, I try to Google for openssl x509 -purpose, but no information at all. What is that ?? I try this command and it gives me : Certificate purpose: SSL client : yes SSL client CA: no SSL server : no As you see, your SSL server certificate is not certified to this purpose. For SSL server certificate this should be yes. You must get correct certificate. SSL server CA: no Netscape SSL server: No Netscape SSL server CA: No S/MINE signing: YES S/MINE signing CA: NO S/MINE encrytion: YES S/MINE encrytion CA: NO CRL signing: No CRL signing CA: No Any Purpose: Yes Any Purpose CA: Yes OCSP helper: Yes OCSP helper CA: No This looks like end user certificate (mail, SSL client) but you need SSL server certificate. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Looking for command in openssl to verify CA
Hi All I have a couple CA certificates and couple Cert/Private keys. What command in openssl allow me to see what Cert/Private keys belong to what CA ?? Please help. Thank You Thao Dinh
RE: Looking for command in openssl to verify CA
Thank You Marek My program work fine with my own cert/private key, but give the following error if I load with real supposed certificate at client program. ~Error with certificate at depth: 0 issuer = /DC=dev/DC=jwrn/CN=JWRN Development subject = /DC=dev/DC=jwrn/CN=Users/CN=mon error 26:unsupported certificate purpose client2.c:67 Error Connecting SSL object 3083613872:error:14090086:SSL routine: SSL_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:884; Do you know what it means?? Client's cert format wrong ??? Please help TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Tuesday, July 03, 2007 17:31 To: openssl-users@openssl.org Subject: Re: Looking for command in openssl to verify CA Hello, I have a couple CA certificates and couple Cert/Private keys. What command in openssl allow me to see what Cert/Private keys belong to what CA ?? To find certificate and private key pair: $ openssl x509 -in vpn-server-crt.pem -modulus -noout Modulus=DDACB7ED10A3AE69E7FB0320471C0C3F9C6A3BC... $ openssl rsa -in vpn-server-key.pem -modulus -noout Modulus=DDACB7ED10A3AE69E7FB0320471C0C3F9C6A3BC... To find CA and certificate pair: $ openssl x509 -in vpn-server-crt.pem -issuer -noout issuer= __issuer_information__ $ openssl x509 -in cacert.pem -subject -noout subject= __issuer_information__ To verify certificate: $ openssl verify -CAfile cacert.pem vpn-server-crt.pem vpn-server-crt.pem: OK Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Looking for command in openssl to verify CA
Hi I try to Google for openssl x509 -purpose, but no information at all. What is that ?? I try this command and it gives me : Certificate purpose: SSL client : yes SSL client CA: no SSL server : no SSL server CA: no Netscape SSL server: No Netscape SSL server CA: No S/MINE signing: YES S/MINE signing CA: NO S/MINE encrytion: YES S/MINE encrytion CA: NO CRL signing: No CRL signing CA: No Any Purpose: Yes Any Purpose CA: Yes OCSP helper: Yes OCSP helper CA: No I do not have a clue for this command. Please help. TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Tuesday, July 03, 2007 18:36 To: openssl-users@openssl.org Subject: RE: Looking for command in openssl to verify CA Hello, My program work fine with my own cert/private key, but give the following error if I load with real supposed certificate at client program. ~Error with certificate at depth: 0 issuer = /DC=dev/DC=jwrn/CN=JWRN Development subject = /DC=dev/DC=jwrn/CN=Users/CN=mon error 26:unsupported certificate purpose client2.c:67 Error Connecting SSL object 3083613872:error:14090086:SSL routine: SSL_SERVER_CERTIFICATE:certificate verify failed:s3_clnt.c:884; Do you know what it means?? Client's cert format wrong ??? Try to check with: $ openssl x509 -in vpn-server-crt.pem -purpose -noout Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
How to pass Passphrase for Private key
Hi All OpenSsl collects passphrase through a callback function. The default callback prompts the user on the terminal. There are two methods to cancel this default: SSL_CTX_set_default_passwd_cb // provide callback SSL_CTX_set_default_passwd_cb_userdata Could you please explain what is the different between these two. I wrote some example using either one. It seems it is working fine, but I am not sure I understand deeply. Some examples combine both methods. I do not know why. What happen if my application requires more than one passphares? How do they which passphares go with which private keys. Can I just use SSL_CTX_set_default_passwd_cb_userdata only ??? Thank You Thao Dinh
RE: Multi-threaded SSL Socket Usage
Hi Andrew Get SSL and TLS Designing and Building Secure Systems, read section 8.9 ( page 274). Get Network Security with OpenSSL, read example 5-16. I hope it will clear a little bit for you. TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Andrew Armstrong Sent: Tuesday, May 15, 2007 6:18 To: openssl-users@openssl.org Subject: Multi-threaded SSL Socket Usage Hi Everyone, I hope I have found the right place to ask for some advice. An application we have developed is responsible for handling concurrent connections from multiple SSL Sockets. While the application works fine for a while; there will sometimes be an issue where a socket blocked on write. So we switched to non-blocking IO, and handled (supposedly) WANT_READ and WANT_WRITE correctly. We also have attempted to handle the other oddities correctly (detecting EAGAIN and retrying the write, etc), however sometimes while it is working fine for the most part, will eventually have sockets drop or not get written/read from correctly. It's a bit complicated to explain. The design of the application is that there are worker threads which pick up data and send them out via the sockets. This works for the most part, however as mentioned it will sometimes no longer appear to work (data is not received in a timely fashion for example). I would think this is just do to how complex the read/write logic is for openssl, nonblocking multi-threaded applications. Is there anyone out there with experience in using OpenSSL in a multi-threaded application that can provide some sample code or anything to help address these issues? It would be really appreciated if anyone can point me in the direction or even yet provide a basic sample application that handles concurrent connections from SSL Sockets correctly. It's terrible that there are so many pitfalls one needs to account for, yet there is no documentation about this (or example) in the OpenSSL library. Thanks, Andrew __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Looking for Performance C/C++ source codes for Openssl
Hi All I am looking for source codes in C/C++ to measure performance ( Latency,Bw) of my Client-Server Openssl. Beside Latency, what else should I consider to measure ??. Please help. Thank You TD
Clean SSL Error queue
Hi all What functions use to clean up SSl Error Queue in Multithread Applications ?? Thank You TD
Looking official tools to test Openssl Server
Hi All I have finished coding/testing with Openssl Client/Server applications. I am looking for any official tools out there to help me breaking my codes. These tools will send to my listening server wrong cert, cert signing with non-approved CA, cert with different level CA, expire Cert... Please let me know. Thank You Thao Dinh
RE: It is Memory leak ??
Hi DS Thank You very much for your help. I am stuck here. I create SSL connection as following: fd = accept(...); ssl = SSl_new(ctx); SSL_get_fd(ssl, fd); I spin off a thread for each connection using thread, pthread_detach.. I do not use BIO at all. Do I have to follow exactly TLS closue ?? Send close notify, then wait for close_notify form Server/client ??? I use TLS in my application. I also call Thread_setup(int) in the Network Security with OpenSSL book, but never call Thread_clenup(void) because Thread_setup(int) is called onetime only at initialization only. Thank again TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: Tuesday, April 17, 2007 15:21 To: openssl-users@openssl.org Subject: RE: It is Memory leak ?? Hi DS How do we handle closure in openssl??? . I just call: [snip] But sometimes I receive return 0 for both call. I do not know why, so I just call one time SSL_shutdown(ssl); SSl_free(ssl); close(sock); Please help. It depends on how you created the SSL connection in the first place. You may also need to free one or more BIOs. How did you create/open the SSL connection? DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: It is Memory leak ??
Hi DS How do we handle closure in openssl??? . I just call: SSL_shutdown(ssl); SSl_free(ssl); close(sock); then get out both in Serevr/Client, without waiting for receiving close_notify from either sides. Could that cause memory leak ?? I have called: SSL_shutdown(ssl); SSL_shutdown(ssl); SSl_free(ssl); close(sock); But sometimes I receive return 0 for both call. I do not know why, so I just call one time SSL_shutdown(ssl); SSl_free(ssl); close(sock); Please help. Thank You TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: Friday, April 13, 2007 16:19 To: openssl-users@openssl.org Subject: RE: It is Memory leak ?? I have Client/Server application using openSSSL. Server spin-off threads to handle each client SSL connection. I get the following memory leak report when I run valgrind. I think I am shutting down/freeing all the memory correctly. [snip] These are empty stacks. It's not a leak because the stacks are in fact empty. Ack, I just noticed we're talking about 4MB in over 100,00 blocks. The error you pasted is for an empty stack, but probably the objects that own these empty stacks were not properly freed. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
It is Memory leak ??
Hi All I have Client/Server application using openSSSL. Server spin-off threads to handle each client SSL connection. I get the following memory leak report when I run valgrind. I think I am shutting down/freeing all the memory correctly. ==4127== 4,344,913 bytes in 174,132 blocks are still reachable in loss record 64 of 64 ==4127== at0x4005400: malloc (vg_replace_malloc.c:149) ==4127==by 0x4EBB1D1D: (within /lib/libcrypto.so.0.9.8b) ==4127==by 0x4EBB239E: CRYPTO_malloc (in /lib/libcrypto.so.0.9.8b) ==4127== by 0x4EC04156: sk_new (in /lib/libcrypto.so.0.9.8b) ==4127== by 0x4EC041ED: sk_new_null (in /lib/libcrypto.so.0.9.8b) ==4127== by 0x4F052EDD: ssl3_get_client_certificate (in /lib/libssl.so.0.9.8b) ==4127== by 0x4F056094: ssl3_accept (in /lib/libssl.so.0.9.8b) ==4127==by 0x4F06AEB9: SSL_accept (in /lib/libssl.so.0.9.8b) ==4127==by 0x8095117: ILSCM::SslServerSocket::acceptNewClient() const (SslSocket.cc:828) ==4127== by 0x80A05D1: ILSCM::TcpServerConnection::processSocket(ILSCM::SocketStatus) (TcpServerConnection.cc:186) ==4127==by 0x808ECE8: ILSCM::SocketMonitor::processSocket(void*) (SocketMonitor.cc:257) ==4127==by 0x4E81E3DA: start_thread (in /lib/libpthread-2.5.so) ==4127== ==4127== LEAK SUMMARY : ==4127==definitely lost: 700 bytes in 5 blocks. ==4127== indirectly lost: 100 bytes in 5 blocks . ==4127==possibly lost: 384,101 bytes in 7,069 blocks . ==4127==still reachable: 5,069,443 bytes in 187,919 blocks. ==4127== suppressed: 0 bytes in 0 blocks. Does anyone have any thoughts. I do not have a clue here ??? Please help. Thank You TD
RSA Key Block
Hi All I have a general question about RSA Key Block. The output of PRF with the master_secret to give us many keys. It includes: client_write_MAC_secret, server_wriet_MAC_secret, client_write_key, server_write_key, client_write_IV, server_write_IV. Could you Please verify what I think about how four of these keys being use correcly: 1) SSL record format: Length + Data + MAC ( in general) : client server client_write_MAC_secret is used to encrypted the MAC portion message from clientserver client_write_key is used to encrypted the Data portion message from client server 2) SSL record format: Length + Data + MAC ( in general) : server client servert_write_MAC_secret is used to encrypted the MAC portion message from server client client_write_key is used to encrypted the Data portion message from server client 3) Data from Sever to Client is encrypted with different key from Client to Server ???. I just want to understand what going on underneath openssl. Thank You TD
RE: What is the difference netween SSL connection and session?
Hi Jaya Look on page 96 of SSL and TLS Design and Building Secure Systems book. Good Def. on Sessions. TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Bhat, Jayalakshmi Manjunath Sent: Thursday, April 05, 2007 0:47 To: openssl-users@openssl.org Subject: What is the difference netween SSL connection and session? Hi All, Please can any one tell me relationship between SSL_CTX,SSL,SSL_SESSION. And also the difference netween SSL connection and session? Regards, Jaya, __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Books on openssl
Hi I am a newbie with both openssl crypto . Do you recommend on any good books ( high level detail/process, without heavy math/theory) in this area beside: 1) Network Security with openssl 2) SSL And TLS Design and building Security System. Thank You TD
RE: Root Certificates dir
Hi Marek 1) Can I able to do both EPHEMERAL RSA and DH EPHEMERAL same time ?? Will Openssl call either EPHEMERAL RSA or DH EPHEMERAL depend what ciphers using ?? 2) what do you mean some compatibility problem ?? If SSSLv2 or SSLv3 try to connect my Server (TLS_RSA_WITH_3DES_EDE_CBC_SHA1) will my server crash ?? 3) I have core dump on SSL_CTX_free(ctx) ( I already check { if (ctx) SSL_CTX_free(ctx); } I have a SSL Server/Client application. Client can be independent or come from Server. If Client by itself, SSL_CTX_free(ctx) will call when I am done with Client. For Server, I create one CTX. For Each Client's SSL connection, I spin-off a thread and create SSL which share this CTX. Does openssl have a counter to let me know there are still some SSL connection which belong to this CTX before I call SSL_CTX_free(ctx). Something like this: if ( CTX_counter == 0) { if (ctx) SSL_CTX_free(ctx); } Sorry to ask you many question. I just want to understand. Thank You Thao Dinh -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Thursday, March 22, 2007 20:12 To: openssl-users@openssl.org Subject: RE: Root Certificates dir Hello, I asked you last week: I have to interface with a client running TLS_RSA_WITH_3DES_EDE_CBC_SHA1. For me, it means: .. Please very my thought is correctly . DH is not involved at all ??? I always think that DH have to be involved when using symmetric key. You answered Yes, in this case DH is not used. I have a problem with what to do with Ephemeral keying. In openssl, It seem to me that I have two choices to use Ephemeral keying: temporary RSA keys or Diffie_Hellman (DH) key agreement. For temporary RSA keys, using something like: SSL_CTX_set_options(ctx, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_EPHEMERAL_RSA) RSA *rsa; rsa=RSA_generate_key(512,RSA_F4,NULL,NULL); if (!SSL_CTX_set_tmp_rsa(SSL_context,rsa)){ ExitPostmaster(1); } RSA_free(rsa); For Diffie_Hellman (DH) , using something like: SSL_CTX_set_options(ctx, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_SINGLE_DH_USE) SSL_CTX_set_tmp_dh_calback(...); I can not use Diffie_Hellman (DH) key agreement because my TLS_RSA_WITH_3DES_EDE_CBC_SHA1 requirement. I can implement this but it does not help because the DH is not used in this case. I can not use temporary RSA keys because of: Temporary RSA keys are only used in some export ciphersuites which are now obsolete. The use of ephemeral RSA keys actually violates the standards in that particular ciphersuite. What else can I do to implement Ephemeral keying ??? Please help. I have limited knowledge in this openssl. Sorry for such late response. As already Steve said that is some compatibility problem and if you can live with that I do not see and problems. In this case you are not inventing your own crypto protocol (which is not easy and very dangerous) but you use some approved one. Maybe for different purpose but may be useful and maybe in some feature can be standard for example in TLS1.2 :-). Who knows. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Root Certificates dir
Hi Marek: I asked you last week: I have to interface with a client running TLS_RSA_WITH_3DES_EDE_CBC_SHA1. For me, it means: .. Please very my thought is correctly . DH is not involved at all ??? I always think that DH have to be involved when using symmetric key. You answered Yes, in this case DH is not used. I have a problem with what to do with Ephemeral keying. In openssl, It seem to me that I have two choices to use Ephemeral keying: temporary RSA keys or Diffie_Hellman (DH) key agreement. For temporary RSA keys, using something like: SSL_CTX_set_options(ctx, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_EPHEMERAL_RSA) RSA *rsa; rsa=RSA_generate_key(512,RSA_F4,NULL,NULL); if (!SSL_CTX_set_tmp_rsa(SSL_context,rsa)){ ExitPostmaster(1); } RSA_free(rsa); For Diffie_Hellman (DH) , using something like: SSL_CTX_set_options(ctx, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_SINGLE_DH_USE) SSL_CTX_set_tmp_dh_calback(...); I can not use Diffie_Hellman (DH) key agreement because my TLS_RSA_WITH_3DES_EDE_CBC_SHA1 requirement. I can implement this but it does not help because the DH is not used in this case. I can not use temporary RSA keys because of: Temporary RSA keys are only used in some export ciphersuites which are now obsolete. The use of ephemeral RSA keys actually violates the standards in that particular ciphersuite. What else can I do to implement Ephemeral keying ??? Please help. I have limited knowledge in this openssl. Thank You TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Thursday, March 15, 2007 14:03 To: openssl-users@openssl.org Subject: RE: Root Certificates dir Hello, I have to interface with a client running TLS_RSA_WITH_3DES_EDE_CBC_SHA1. For me, it means: 1) Authentification with RSA 2) Key exchange RSA 3) Encrytion 3DES_EDE_CBC 4) Digest SHA1 I agree. My question is how do they get Key exchange if they not using DH ?? Another thought is that: 1)Client will send Random number in ClientHello. 2)Server will response with another Random in ServerHello. 3) Client send PreMaster Secret encrypt with Server's public key. 4) This PreMaster Secret is used to encrypt data Yes, pre_master_secret (48 bytes) is generated on client with PRNG (to be more specific, first two bytes of this pre_master_secret should be protocol version, eg. 0x0300 for SSL3 and next 46 bytes should be random data). client_random and server_random are generated on client and server and are 32 bytes long with first four bytes created from actual time and 28 bytes from PRNG (this may differ when SSL2 client_hello is sent to SSL3/TLS1 server). Pre_master_secret encrypted on client is sent to server and decrypted. Based on this data (pre_master_secret, client_random and server_random) both sides generate so called key_material with special algorithms (using mostly MD5/SHA1 and XOR). Key_material may be any size, something like PRNG algorithms. Next key_material is used as keys to symmetric encryption algorithms (des/aes) and digest functions (sha1/md5/hmac). Please very my thought is correctly . DH is not involved at all ??? I always think that DH have to be involved when using symmetric key. Yes, in this case DH is not used. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Root Certificates dir
Dr. Steve Thank You very much for your help. I am OpenSSL to OpenSSL, so I can use ephemeral RSA keys. Thank again TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson Sent: Thursday, March 22, 2007 10:01 To: openssl-users@openssl.org Subject: Re: Root Certificates dir On Thu, Mar 22, 2007, Dinh, Thao V CIV NSWCDD, K72 wrote: I can not use temporary RSA keys because of: Temporary RSA keys are only used in some export ciphersuites which are now obsolete. The use of ephemeral RSA keys actually violates the standards in that particular ciphersuite. What else can I do to implement Ephemeral keying ??? Please help. I have limited knowledge in this openssl. Depends on what you want to interop with. If it is OpenSSL to OpenSSL then you could use ephemeral RSA keys (well you could the last time I tested it ages ago). If you want to interop with typical browsers then they'll probably choke due to the standard violation and you are SOL. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
TLS_RSA_WITH_3DES_EDE_CBC_SHA1
Hi I have to interface with a client running TLS_RSA_WITH_3DES_EDE_CBC_SHA1. My Questions are: 1) Which part in my Server's program dictate using this TLS_RSA_WITH_3DES_EDE_CBC_SHA1, beside calling TLSv1_method ?? It seem to me the certificate will dictate what Asymmetric/symmetric/hash ... will be used. Is it correctly ??? 2) For Ephemeral keying, because DH is not involved at all, so that the ephemeral Diffie-Hellman is not an option. It forces me to add in server initialization routine something like : SSL_CTX_set_options(ctx, SSL_OP_ALL|SSL_OP_NO_SSLv2|SSL_OP_EPHEMERAL_RSA) RSA *rsa; rsa=RSA_generate_key(2048,RSA_F4,NULL,NULL); if (!SSL_CTX_set_tmp_rsa(SSL_context,rsa)){ ExitPostmaster(1); } RSA_free(rsa); IS THAT ALL in Server side ??? 3) What happen if my client had RSA with less that 2048 bit ?? For me, it does not matter ( e.g. not break any connection) because in RSA case, the client will use Server Ephemeral key to encrypt the Pre-Master key. Is it correctly ??? Please help. I am still on learning mode. TD
RE: Root Certificates dir
Hi Marek Last year, you wrote that If you add to server initialization routine something like: RSA *rsa; rsa=RSA_generate_key(512,RSA_F4,NULL,NULL); if (!SSL_CTX_set_tmp_rsa(SSL_context,rsa)){ ExitPostmaster(1); } RSA_free(rsa); So this routine is only called one time ??? Cost ?? So FOR ALL OF THE SESSION, THE SAME temp rsa above is used to encrypted the pre_master_secret from client to server and decrypted. But because of pre_master_secret, client_random and server_random are different for each sessions, so the symmetric encryption is different for each session. Is this correctly what I am thinking ?? How about RSA_generate_key(1024,RSA_F4,NULL,NULL) ?? Thank You TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Thursday, March 15, 2007 14:03 To: openssl-users@openssl.org Subject: RE: Root Certificates dir Hello, I have to interface with a client running TLS_RSA_WITH_3DES_EDE_CBC_SHA1. For me, it means: 1) Authentification with RSA 2) Key exchange RSA 3) Encrytion 3DES_EDE_CBC 4) Digest SHA1 I agree. My question is how do they get Key exchange if they not using DH ?? Another thought is that: 1)Client will send Random number in ClientHello. 2)Server will response with another Random in ServerHello. 3) Client send PreMaster Secret encrypt with Server's public key. 4) This PreMaster Secret is used to encrypt data Yes, pre_master_secret (48 bytes) is generated on client with PRNG (to be more specific, first two bytes of this pre_master_secret should be protocol version, eg. 0x0300 for SSL3 and next 46 bytes should be random data). client_random and server_random are generated on client and server and are 32 bytes long with first four bytes created from actual time and 28 bytes from PRNG (this may differ when SSL2 client_hello is sent to SSL3/TLS1 server). Pre_master_secret encrypted on client is sent to server and decrypted. Based on this data (pre_master_secret, client_random and server_random) both sides generate so called key_material with special algorithms (using mostly MD5/SHA1 and XOR). Key_material may be any size, something like PRNG algorithms. Next key_material is used as keys to symmetric encryption algorithms (des/aes) and digest functions (sha1/md5/hmac). Please very my thought is correctly . DH is not involved at all ??? I always think that DH have to be involved when using symmetric key. Yes, in this case DH is not used. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Root Certificates dir
Hi I have to interface with a client running TLS_RSA_WITH_3DES_EDE_CBC_SHA1. For me, it means: 1) Authentification with RSA 2) Key exchange RSA 3) Encrytion 3DES_EDE_CBC 4) Digest SHA1 My question is how do they get Key exchange if they not using DH ?? Another thought is that: 1)Client will send Random number in ClientHello. 2)Server will response with another Random in ServerHello. 3) Client send PreMaster Secret encrypt with Server's public key. 4) This PreMaster Secret is used to encrypt data Please very my thought is correctly . DH is not involved at all ??? I always think that DH have to be involved when using symmetric key. Thank You TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Monday, March 12, 2007 14:24 To: openssl-users@openssl.org Subject: RE: Root Certificates dir Hello, I have basic question for Client-Sever using SSL. Both Client/Server have to use SL_CTX_load_verify_locations to load Trust Root. Yes. But Client will load its own private/public key, does not need to load server cert at all . Yes, client loads its private key (which has public part too) and client certificate. When server needs to authenticate client than server sends to client CertificateRequest handshake message and client send its own certificate in Certificate handshake message. Server will load its own private/public key, does not need to load client cert at all. Yes, server loads its private key (which has public part too) and server certificate. Depending on negotiated cipher parameters this certificate is used to key-exchange or server authentication, but in any case it is send to client in Certificate handshake message. The peer cert will exchange at Handshake time. IS this true?? Yes. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
CE 5.0 OS
Hi I am coding an application using SSL ( in Linux) to talk to a Black Box Server sitting in CE 5.0 OS. I have hard time to find out about what opennssl on CE 5.0 OS security component. Do you know where I can find out more about CE 5.0 OS security ??? Any warning for me about using openssl between Linux and Window CE ?? Openssl is openssl , no matter Linux or Window ??? Thank You TD
Root Certificates dir
Hi I am working on Client-Server applications using SSL. My Server has 3 or 4 Trust Root ' certs I use SSL_CTX_load_verify_locations pointing to a directory which stores all Trust Root ' certs . I created a directory ( T1) and load all Trust Root certs into this T1 directory. My question is : 1) Do I have concatenant all Trusted Root in to one cert ?? ( cat root1 root2 root3 root) ? Please help. Thank You TD
RE: Root Certificates dir
Hi Marek Thank you very, very much. I do not execute c_rehash, So it keep telling me can not loading. Thank You. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Monday, March 12, 2007 13:30 To: openssl-users@openssl.org Subject: Re: Root Certificates dir Hello, I am working on Client-Server applications using SSL. My Server has 3 or 4 Trust Root ' certs I use SSL_CTX_load_verify_locations pointing to a directory which stores all Trust Root ' certs . I created a directory ( T1) and load all Trust Root certs into this T1 directory. My question is : 1) Do I have concatenant all Trusted Root in to one cert ?? ( cat root1 root2 root3 root) ? No, but you should execute c_rehash in that directory. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Root Certificates dir
Hi I have basic question for Client-Sever using SSL. Both Client/Server have to use SL_CTX_load_verify_locations to load Trust Root. But Client will load its own private/public key, does not need to load server cert at all . Server will load its own private/public key, does not need to load client cert at all. The peer cert will exchange at Handshake time. IS this true?? Please help. Thank You. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Monday, March 12, 2007 13:30 To: openssl-users@openssl.org Subject: Re: Root Certificates dir Hello, I am working on Client-Server applications using SSL. My Server has 3 or 4 Trust Root ' certs I use SSL_CTX_load_verify_locations pointing to a directory which stores all Trust Root ' certs . I created a directory ( T1) and load all Trust Root certs into this T1 directory. My question is : 1) Do I have concatenant all Trusted Root in to one cert ?? ( cat root1 root2 root3 root) ? No, but you should execute c_rehash in that directory. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Certificate location
Hi all I have Client-Server application. The requirement is every peer must load peer'sTrust Access List the public key for any component that will connect to. What is the best way to do that ?? Using SSL_CTX_set_default_verify_paths , SSL_CTX_load_verify_locations,...??? Do I have to use X509_store_new ??? Plaes help I am new to this SSL. Thank You TD
RE: Question about Diffie-Hellma
I have a cipher suit : TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA What is It meant TLS_DHE_RSA Combine between RSA with Diffie-Hellman ?? RSA is key transport. DH is key agreement. How do they use together ?? Please help. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Xiaoyu Ruan Sent: Thursday, March 01, 2007 15:30 To: openssl-users@openssl.org Subject: RE: Question about Diffie-Hellma Here is how DH works: 1. server determines p, q, sends p and q to client. 2. server selects a random number priv_key_s, computes pub_key_s = q^priv_key_s mod p, sends pub_key_s to client. 3. client selects a random number priv_key_c, computes pub_key_c = q^priv_key_c mod p, sends pub_key_c to client. 4. server computes shared_secret = pub_key_c^priv_key_s mod p. 5. client computes shared_secret = pub_key_s^priv_key_c mod p. Now server and client both have the same shared_secret, which is used in the symmetric cryptography like AES, DES, etc. Notice that DH itself is not an encryption scheme. DH is used for establishing a symmetric key between two parties. -Xiaoyu From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dinh, Thao V CIV NSWCDD, K72 Sent: Thursday, March 01, 2007 3:13 PM To: openssl-users@openssl.org Subject: Question about Diffie-Hellma Hi All I have a hard time to understand Diffie-Hellia Key agreement. This is a DH structure Typedef structure dh_st { BEGIUM *p; BEGIUM *q; BEGIUM *pub_key; BEGIUM *priv_key; } According to Openssl Book p and q, each pair chooses a random large integer priv_key member. A value for pub_key member is computed form the pub_key member and shared with peer. ...Using the value of priv_key and the peer's pub_key, each peer can independendly compute the shared secrete. Questions: 1) each peer can independently compute the shared secrete What is meant ?? Client has one shared key, Server has different shared key??? 2) How do Server decrypt the message encrypt by client ?? Pleas help. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Question about Diffie-Hellma
Hi All I have a hard time to understand Diffie-Hellia Key agreement. This is a DH structure Typedef structure dh_st { BEGIUM *p; BEGIUM *q; BEGIUM *pub_key; BEGIUM *priv_key; } According to Openssl Book p and q, each pair chooses a random large integer priv_key member. A value for pub_key member is computed form the pub_key member and shared with peer. ...Using the value of priv_key and the peer's pub_key, each peer can independendly compute the shared secrete. Questions: 1) each peer can independently compute the shared secrete What is meant ?? Client has one shared key, Server has different shared key??? 2) How do Server decrypt the message encrypt by client ?? Pleas help.
RE: Question about Diffie-Hellma
Thank You very much Xiaoyu -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Xiaoyu Ruan Sent: Thursday, March 01, 2007 15:30 To: openssl-users@openssl.org Subject: RE: Question about Diffie-Hellma Here is how DH works: 1. server determines p, q, sends p and q to client. 2. server selects a random number priv_key_s, computes pub_key_s = q^priv_key_s mod p, sends pub_key_s to client. 3. client selects a random number priv_key_c, computes pub_key_c = q^priv_key_c mod p, sends pub_key_c to client. 4. server computes shared_secret = pub_key_c^priv_key_s mod p. 5. client computes shared_secret = pub_key_s^priv_key_c mod p. Now server and client both have the same shared_secret, which is used in the symmetric cryptography like AES, DES, etc. Notice that DH itself is not an encryption scheme. DH is used for establishing a symmetric key between two parties. -Xiaoyu From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dinh, Thao V CIV NSWCDD, K72 Sent: Thursday, March 01, 2007 3:13 PM To: openssl-users@openssl.org Subject: Question about Diffie-Hellma Hi All I have a hard time to understand Diffie-Hellia Key agreement. This is a DH structure Typedef structure dh_st { BEGIUM *p; BEGIUM *q; BEGIUM *pub_key; BEGIUM *priv_key; } According to Openssl Book p and q, each pair chooses a random large integer priv_key member. A value for pub_key member is computed form the pub_key member and shared with peer. ...Using the value of priv_key and the peer's pub_key, each peer can independendly compute the shared secrete. Questions: 1) each peer can independently compute the shared secrete What is meant ?? Client has one shared key, Server has different shared key??? 2) How do Server decrypt the message encrypt by client ?? Pleas help. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
SSL_shutdown question.
Hi I need your help on SSL_shutdown(). . The Client send close notify to server first to initiates the close connection. This first call return 0 , which it is correctly. Then The Client call SSL_shutdown again to wait for close notify form Server. The second SSL_shutdown call RETURN 0 , INSTEAD OF 1. I DO KNOW WHY??. PLEASE HELP. The following Close() function to handle SSL_shutdown(). The client send out 5 messages, then call Close() function. The Server 's SSL_read return SSL_ERROR_ZERO_RETURN, then call Close(). The Server behaves correctly. AT Client side: . Call 1 to set socket to blocking. . Call 2, return err == 0 which it is right. ( send close notify). . Call 3 . Call 4 (waiting for close notify from Server) with RETURN 0 INSTEAD OF 1. why ??? At Server side: . Call 1 to set socket to blocking. . Call 2, return err== 1, complete shutdown . Jump to 8 which it is supposed to be. . Close() { 1.setSocketToBlocking() 2. int err = SSL_shutdown() 3. If (err == 0) // not complete yet 4. {err = SSL_shutdown() 5. if (err == 1) // complete shutdown 6. { --close all..; } else { cout Error endl; } 7. } 8. else if (err== 1) 9. { --close all..; } else if ( err 0) { cout ERROR.. endl; } } } Thank You. TD
RE: Problem with linking library
Minh Do you link to -lpthread, -lssl, and -lcrypto ?? TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Tuan Minh Nguyen Sent: Saturday, February 03, 2007 17:10 To: openssl-users@openssl.org Subject: Problem with linking library Hi all, which options should I use to compile when I see this error? : client.c:(.text+0xcb): undefined reference to `init_OpenSSL' client.c:(.text+0xfc): undefined reference to `handle_error' client.c:(.text+0x13f): undefined reference to `handle_error' common.c:(.text+0x51): undefined reference to `THREAD_setup' I try to run example EX5-1,-2-3-4 in the book O'Reilly - Network Security with OpenSSL. thank in advance, Minh. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: lack of progress
Steve Look at the script on page 124 of Network Security with OpenSSL. It will generate key/cert for you. You do not have to put separate files for the key/cert according to this script. TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of terry johnston Sent: Wednesday, January 31, 2007 11:48 To: openssl-users@openssl.org Subject: lack of progress Steven I am getting an error re. trying to add the private key to the context - should i have separate files for the key/cert? what is a realiable way of generating key/cert? thanks Terry -- terry johnston [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: openssl with non-blocking comms
Terry I ran into same problem a while ago. I had a blocking server, waiting for client to connect. I had non-blocking client connected to server, It never pass SSL_connect(). I changed non-blocking to blocking I/O BEFORE I called SSL_connect(). It worked fined. It seem to me you need to using blocking socket for SSL_connect to sit there to exchange all the certificate,ciphes You can use non-blocking socket for SSL_connect, but you have to put into a loop to call SSL_connect again after you received SSL_WANt_READ or SSL_Want _write. I hopes it help. TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of terry johnston Sent: Monday, January 29, 2007 16:16 To: openssl-users@openssl.org Subject: openssl with non-blocking comms Hello All. I am trying to implement openssl with a server that uses an event notification library under Linux. I am using bio pairs to separate the non-blocking comms from the ssl layer. I am currently not able to get past the first SSL_accept() call. Each new client connection does the following... - gets accepted normally - creates a bio pair - sets up read write event notification - receives a read notification - reads data adds it to the network bio using BIO_write() - does a SSL_accept(), which returns -1 - calls SSL_get_error(), which returns 111 - not yet implemented? - calls BIO_ctrl_pending() on the network bio, which shows there is nothing to get (presume I would call a BIO_read() to get any data for on-sending) - adds another read event notification but nothing arrives what am I doing wrong?! thank you in advance Terry Johnston -- terry johnston [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: openssl with non-blocking comms
Terry On the client side, I convert back from blocking socket to n0n-blocking socket after successfully calling SSL_connect. On the server side, I call accept(). After accept return socket, put ssl on this socket, then call SSL_accept(). If SSL_accept() successes, spin off a thread to handle this new connection. This new connection can be change to non-blocking if you want too. So one client will be handle by one thread from server. I hope it help. TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of terry johnston Sent: Tuesday, January 30, 2007 15:43 To: openssl-users@openssl.org Subject: RE: openssl with non-blocking comms hello Thao Thank you for trying but no, this does not help. If you want to build a single threaded scalable server using nonblocking i/o, you need to use exclusively nonblocking i/o. You can't conveniently block on one connection while it sorts itself out, as you put the other connections temporarily out of action. This is fine on a single connection server, but not if you want to support lots of connections. Thanks anyway. Terry On Tue, 30 Jan 2007 14:11:42 -0600, Dinh, Thao V CIV NSWCDD, K72 [EMAIL PROTECTED] said: Terry I ran into same problem a while ago. I had a blocking server, waiting for client to connect. I had non-blocking client connected to server, It never pass SSL_connect(). I changed non-blocking to blocking I/O BEFORE I called SSL_connect(). It worked fined. It seem to me you need to using blocking socket for SSL_connect to sit there to exchange all the certificate,ciphes You can use non-blocking socket for SSL_connect, but you have to put into a loop to call SSL_connect again after you received SSL_WANt_READ or SSL_Want _write. I hopes it help. TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of terry johnston Sent: Monday, January 29, 2007 16:16 To: openssl-users@openssl.org Subject: openssl with non-blocking comms Hello All. I am trying to implement openssl with a server that uses an event notification library under Linux. I am using bio pairs to separate the non-blocking comms from the ssl layer. I am currently not able to get past the first SSL_accept() call. Each new client connection does the following... - gets accepted normally - creates a bio pair - sets up read write event notification - receives a read notification - reads data adds it to the network bio using BIO_write() - does a SSL_accept(), which returns -1 - calls SSL_get_error(), which returns 111 - not yet implemented? - calls BIO_ctrl_pending() on the network bio, which shows there is nothing to get (presume I would call a BIO_read() to get any data for on-sending) - adds another read event notification but nothing arrives what am I doing wrong?! thank you in advance Terry Johnston -- terry johnston [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- terry johnston [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: SSL_ERROR_WANT ...
Hi Milan Read Chapter 8 of SSL and Tls Designing and Building Secure System Book(ERIC Rescorla). It gives you what going on underneath the OS for SSL socket. Hi DS However, do not select for read if you call BIO_read after calling BIO_write. You can deadlock if you do this. Consider: 1) You call BIO_write, you get SSL_ERROR_WANT_READ because handshaking has not been read yet. 2) You (perhaps in another thread) call BIO_read, it reads the handshaking data. A BIO_write will now succeed. 3) Ooops, the first thread calls 'select' and is now waiting for data that has already been read. I do not worry this case if each of my thread handles different client socket. I means that: 1) You call BIO_write on socket A, you get SSL_ERROR_WANT_READ because handshaking has not been read yet. 2) You (perhaps in another thread) call BIO_read on different socket B , it reads the handshaking data. A BIO_write will now succeed. 3)The first thread calls 'select' and is now waiting for data that has already been read. OK ?? Is it right ?? Please help. Thank You TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: Friday, January 26, 2007 9:08 To: openssl-users@openssl.org Subject: RE: SSL_ERROR_WANT ... WRITING: when BIO_write() returns me SSL_ERROR_WANT_READ, it`s because I have in SSL buffer some data for reading (perhaps the message from server) so I need to call the BIO_read function. No, you call the BIO_read function when you want to read data from the BIO. When BIO_write returns 'SSL_ERROR_WANT_READ' that means that you cannot write to the BIO until the BIO is able to read something. One thing you could do is select on the socket for read and when you get a read hit, call BIO_write again. BIO_write is when you want to write to the BIO. It may read or write from a socket as the SSL protocol requires. However, you call it when you want to write to the BIO. If it needs to read from the socket, it will tell you, and you can retry the BIO_write whenever you want. But somewhere I read, that this error is thrown, when the rehandshaking is making, so I need only wait a moment and then try again. Is right the first case or second. This is true too. However, it is probably cleaner to 'select' for read. However, do not select for read if you call BIO_read after calling BIO_write. You can deadlock if you do this. Consider: 1) You call BIO_write, you get SSL_ERROR_WANT_READ because handshaking has not been read yet. 2) You (perhaps in another thread) call BIO_read, it reads the handshaking data. A BIO_write will now succeed. 3) Ooops, the first thread calls 'select' and is now waiting for data that has already been read. I can have the SSL_ERROR_WANT_WRITE too. It means that the buffer is full and I can`t write there the whole record. Is it right to wait on select() and try it again when the select tells me, the socket is ready to write? Yes. That applies even if you call BIO_read and got SSL_ERROR_WANT_WRITE -- you should select for write and call BIO_read when the select succeeds (or a BIO_write succeeds, because that could do the writing without you knowing). READING: SSL_ERROR_WANT_READ - its possible I have some data in network buffer, but non in SSL buffer, so I must wait a while. Because the SSL hasn`t whole record. SSL_ERROR_WANT_WRITE - rehandshaking, only wait a moment and try it again This may be what's happening in specific cases, but the general meaning is this: SSL_ERROR_WANT_READ: The operation you tried cannot proceed until some data arrives on the socket. SSL_ERROR_WANT_WRITE: The operation you tried cannot proceed until some data can be written to the socket. Are the actions I do after receive some of this errors corect, or am I totaly misunderstud?? In either case, you should 'select' for the appropriate operation and retry whatever operation you were trying either when the 'select' indicates a hit or another BIO operation succeeds. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: a question about SSL_CTX_free
Guys: I have a listening socket, waiting for connections from clients. When a client connects to my server, I put SSL on socket and spin up a thread to handle it. One client is one thread. All of these connections are shared by same SSL_CTX ctx. This is the way I handle at the end of this connection: 1. If (SSL_shutdown(ssl)) 2. { 3. SSL_free(ssl); 4. SSL_free_ctx(); 5 close(socket); 6. } 7. Else 8. { 9. Throw exception(...); 10. } Is the right way to do??? Do I need both lines 3 and 4? Please help. Thank You TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of David Schwartz Sent: Monday, January 08, 2007 21:38 To: openssl-users@openssl.org Subject: RE: a question about SSL_CTX_free guys: the man page for SSL_CTX_free says: SSL_CTX_free() decrements the reference count of ctx, and removes the SSL_CTX object pointed to by ctx and frees up the allocated memory if the the reference count has reached 0. i have a couple of questions regarding this: 1. what make the reference count of ctx increase/decrease? Any time another object is created that references it. 2. if i call SSL_CTX_free, does that mean all ssl connections based on this ctx will be closed automatically? or i should close all ssl connections based on a ctx before i call SSL_CTX_free? Calling SSL_CTX_free is perfectly safe if you have a reference to the context and do not plan to use it further. Existing connections will not be harmed because they have their own references to the context, and the context will not be freed until its reference count reaches zero. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
How to know it is .pem or der format file
Hi I have couple private and cert files. How do what kind of format of these files?? Pem or .der format ??? Please help me. TD
BIO abstraction
Hi I look at couple example about using abstraction layer BIO over socket and attach the SSL object to the BIO. When time to delete, they delete SSL and socket only without delete BIO. I wonder why ?? ssl = SSL_new(ctx); Sbio = BIO_new_sock(sock, BIO_NO_CLOSE): SSL_set_bio(ssl, sbio,sbio); At the delete time: SSL_shutdown(ssl); SSL_free(ssl); Close(s); How about Sbio ? Please help me to understand this . Thank You Thao Dinh
Reference Counter for SSL
Hi I need help. I have one context (ctx). I create many SSL from this context, each will be in separated thread. Do SSL have any counter to keep up with how many SSL at any time ?? What is the name of this function ??? Please help
SSL_write SSL_read for Blpocking and Non Blocking
Hi I am new in this SSL. I need your help about SSL_read and SSL_write. For blocking socket, if SSL_write() ask to write out 1024 bytes, but the network buffer only have space for 512 bytes, will the SSL_write block until all 1024 bytes is written ?? How about Non blocking ?? For blocking socket, if SSL_read() ask to read 1024 bytes, but the received network buffer only have for 512 bytes, will the SSL_read block until all 1024 bytes is read ?? How about Non blocking ?? Please help. Thank You TD
RE: Reference Counter for SSL
Hi Marek Marcola I do the following: 1. Create ctx 2. Create ssl= new (ctx,...) 3. printf ( Number of ssl %d, ctx-references) Step 3 show me 2 instead of 1 ( I only have one socket ssl with ctx). Why ?? Please kindly help me. Thank You TD -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola Sent: Thursday, December 21, 2006 14:52 To: openssl-users@openssl.org Subject: Re: Reference Counter for SSL Hello, I have one context (ctx). I create many SSL from this context, each will be in separated thread. Do SSL have any counter to keep up with how many SSL at any time ?? What is the name of this function ??? Please help ctx-references Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]