Re: [openssl-users] [stunnel-users] stunnel 5.47 released
Query -- how does this relate to TLSv1.3 and the alpha version (which is not going to work with the final version -- and does not exist I think) -- and what version of openssl do you recommend? Thanks, Eric Eric S Eberhard VICS (Vertical Integrated Computer Systems) Voice: 928 567 3529 Cell: 928 301 7537 (not reliable except for text or if not home) 2933 W Middle Verde Rd Camp Verde, AZ 86322 -Original Message- From: stunnel-users [mailto:stunnel-users-boun...@stunnel.org] On Behalf Of Michal Trojnara Sent: Friday, June 22, 2018 11:10 PM To: stunnel-us...@stunnel.org; stunnel-annou...@stunnel.org; openssl-users@openssl.org Subject: [stunnel-users] stunnel 5.47 released Dear Users, I have released version 5.47 of stunnel. Version 5.47, 2018.06.23, urgency: HIGH * New features - Fast add_lock_callback for OpenSSL < 1.1.0. This largely improves performance on heavy load. - Automatic detection of Homebrew OpenSSL. - Clarified port binding error logs. - Various "make test" improvements. * Bugfixes - Fixed a crash on switching to SNI slave sections. Home page: https://www.stunnel.org/ Download: https://www.stunnel.org/downloads.html SHA-256 hashes: c4e675db996eb92beef885f72a3ed8af3c7603fea6b99d2873198dd6c0021d0b stunnel-5.47.tar.gz 985e1d65a3f4a7599cc78630960e1b2c97981f91ce6bc41f2eefcd371b4067a3 stunnel-5.47-win32-installer.exe 309cfb79329448f0c134aece0d10d0737e3728b25c288e9a76650837cd6f839c stunnel-5.47-android.zip Best regards, Mike -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: Increasing key size from 1024 to 2048?
Just curious -- what line of work is your company in? If you were CIA or NASA or something I'd see the need. If you are just a business -- wow! E On 10/10/2013 1:37 AM, int0...@safe-mail.net wrote: Hi, I've been asking this on the OpenVPN mailinglist, but didn't get an answer so far. Therefore I hope you can help me. We use OpenVPN in our company with the default cipher suite, which should be: DHE_RSA_BF_CBC_SHA So RSA is used for authentication, Blowfish in CBC mode for symmetric encryption. The keys for Blowfish are derived from ephermal Diffie-Hellman and changed every hour. We use a keysize of 1024 bit for RSA and therefore a modulus of 1024 bit for Diffie-Hellman (OpenVPN uses the Easy RSA scripts. These scripts use a variable KEY_SIZE when the Diffie-Hellman parameter or the RSA keys ar built. This variable is set to 1024). Furthermore we use a self-signed CA. Some days ago I recommended to update the key size to 2048 bit, mainly because some sources say 1024 bit aren't enough anymore. Because quite a lot of our staff uses OpenVPN, they asked me, if it is possible, to not update all keys at once - but only issue user certs with 2048 from now on for new OpenVPN users (and leave the old ones in places for later update). The process of doing that should look like that: a) Change variable KEY_SIZE used in Easy RSA scripts from 1024 to 2048 (bit). b) Create new Diffie-Hellman params with the Easy RSA build-dh script (will create the params with 2048 bit modulus). c) Update the OpenVPN server config with the path of the new Diffie-Hellman param file. Now here are my concerns and why _I_ think, that is a bad idea: If I do it like that, new users would get 2048 bit keys/cert as requested by the company. But theses certs would still be signed by our self signed CA which still uses the old 1024 bit key/cert. Given that an attacker has enough computing power, he could factorize n (from the pub key in the CA cert) to get p and q. With that he would have our CA's private key, being able to create a faked server cert and sign it with the CA key. With that server certificate the attacker could launch a man in the middle attack. That would mean: Authentication via RSA would be leveraged. So my question are: I. Am I right, or is that rubbish? II. Is an attacker able to get the CA cert at all? It looks as if during TLS handshake only the User certificate and the Server certificates are transmitted, but not the CA cert. III. To complicate things a bit more: OpenVPN supports a so called tls-auth directive which takes a 160 bit key. According to the OpenVPN documentation this key is used to generate a HMAC over every packet during TLS handshake (and append it?). It looks as if this is not part of TLS itself, but a modified implementation of TLS. They say, that without the key, not even the handshake would work. So my last question is: If the CA cert, can be requested from the OpenVPN Server somehow, that wouldn't work anymore, if such a key is used. Is that correct? Thanks a lot for your help! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Eric S. Eberhard VICS 2933 W Middle Verde Road Camp Verde, AZ 86322 928-567-3727 work 928-301-7537 cell http://www.vicsmba.com/index.html (our work) http://www.vicsmba.com/ourpics/index.html (fun pictures)
Re: strong TLS connections
Our monolithic program (which runs in well under a meg including the program and all memory it uses) is monitored for correct hash (an algorithm we have to give a 21 byte hash total of files for which I have never seen two different files with the same hash) from an off-site program AND onsite cron processes. It also has calls within itself to validate it has not been de-compiled and modified. It has timing alerts that make using gdb/dbx with break points virtually impossible. It is also tied to the serial number of the AIX box or network card address on others. If even one byte does not match what was sent, email alerts are sent, the program is removed (after document user ids dates and times), the port is disabled, and so forth. Nothing is impenetrable, but an ordinary patching is not going to do the job. Secondly, dynamic libraries if shared by say 10 programs could be modified for some purpose OTHER than my program. They may be debugging their software, and hence write a log file of data, not realizing that they are logging my raw credit card data. My software then becomes non-compliant due to the innocent actions of others. Or their software may require a certain version that has a vulnerability that I can't live with. And I don't want to have to monitor this. Third, I certify my software with the static link. I know -- and the PCI compliance auditors know -- that it is compliant. If I have no control over dynamic libraries I have no way of KNOWING I am compliant in that environment. Neither does the customer or the auditor. Stray debug logging is, in fact, one of the primary causes of non-PCI compliance. Fourth, I use different compiler switches than the open source (different thread choices, different one-char default behavior, etc). How that works without a static link is an open question (and there are many other issues). The point of a static link is that ... it is static. You know what your program will do and you know how it will behave and you have tested, certified, and deployed in that manner. It is easy to validate that it has not been harassed. The point of a dynamic link is to allow O/S updates that fix perceived bugs/holes. In some situations this may not be a good thing (like say in my stray debug example). And usually not relevant. I might be using only one particular encryption. The fixes might be for others. And ... as usual with all software, sometimes fixes also have unintended consequences. I still think that the highest security is achieved with a static link. The easiest to keep current and updated is obviously the dynamic link. So that balance should be what decides. E At 12:13 PM 10/30/2011, you wrote: There are taste issues on this -- but you may be happier with a static link. It will load a giga-blip faster too with static link, and you won't even notice :-) A lot will depend on what your software is and how much of it. We have thousands of customers. We do credit cards which requires certification and you cannot (should not) allow the customer to change your software by installing a dynamic library. In fact, what if they built themselves their own libraries that wrote the unencrypted text out to a file? Then they could steal credit card numbers. BAD BAD BAD. It is a security hole to allow dynamic libraries because you have no control on what is really there. If the code is running at the customer site, you have no control over it, whether it's static or dynamic linked. It might be a giga-blip easier for your customer/attacker to patch a dll, put it's still trivial to patch your monolithic program. Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com For pictures: http://www.vicsmba.com/ourpics/index.html (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: writing an SSH server
Thank you! Thank is great info for me if I ever need SSH (meaning SSL with the protocol). It may also help the original person as he may be able to solve his problem using inetd and openssh ... which is easy and reliable and works great if you have remotely reasonable traffic. Also, way less coding :-) Eric At 05:59 AM 10/28/2011, Jakob Bohm wrote: On 10/28/2011 2:08 AM, Eric S. Eberhard wrote: I end up using SSL because, weirdly, credit card companies and shipping companies (I do business software), and so forth, all use SSL -- almost always HTTPS -- and I don't have a call for a protocol. It would be REALLY cool if you could make a wrapper on stunnel to handle the H protocol portion as I could certainly use it. The H parts are not in openssl because they are in the openssh addon to openssl. There is such a wrapper, it is the SSH command itself from openssh (which uses openssl for crypto). There is also another such wrapper for Windows, it is called plink from the putty product (also open source). Either can be invoked with options to act similar to openssl stunnel (passing standard input to the other end and passing the other ends output to standard out). Both also support a different SSH tunneling mechanism for passing through TCP connections in parallel to its main connection. All the tunneled TCP connections are transmitted inside the same encrypted TCP connection as the main connection. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com For pictures: http://www.vicsmba.com/ourpics/index.html (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: strong TLS connections
I have an easy solution I use because not only do you have the problem with admins not having the library installed, you have the problem of them having the wrong version installed for something they need. Your app or theirs won't work. Or yours will, and they update openssl and it no longer does. And some places with strict security policies won't let you install things like openssl (but if they want your app they have to install it!). I simply build the static libraries and link them in. This means nothing need exist on the target machine and that you have a more stable product because you have tested against the library version you have static linked. You could argue it makes the program bigger and my answer is -- say what? My iPod could handle my entire business suite and data (for disk space, not actually running) -- so who cares. I have found this is often the easiest way to go. I also make a small wrapper that only builds certs from openssl and uses a different name, again making it appear to be my software. I also allow them to use a Web interface to my site to make a cert and download it. Eric At 11:09 AM 10/28/2011, Kristen J. Webb wrote: After all my wrangling, I'm leaning towards just using client certs. Is it a reasonable assumption that on UNIX'es these days I can expect to find libssl.so AND the openssl command line? If not, is it reasonable to assume that A sysadmin will install openssl to get my app to work? Otherwise, it would seem that something as easy and well documented as creating a CSR could be a lot more coding... Many thanks for all the useful comments! Kris On 10/27/11 7:20 AM, Michael S. Zick wrote: On Wed October 26 2011, Kristen J. Webb wrote: Having an app that can use certs, it appears, is nothing compared with how to deploy it and manage those certs ;) A general truism not specific to certs. Recognizing (or implementing) a need for trust is one thing; Determining (or establishing) what is to be trusted is quite another. Consider: Your roof leaks. Its easy to find a contractor who claims they will fix it. Its an entirely different matter to find one you can __trust__ to do the job correctly and to your satisfaction. Mike __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Mr. Kristen J. Webb Teradactyl LLC. PHONE: 1-505-242-1091 EMAIL: kw...@teradactyl.com VISIT: http://www.teradactyl.com Home of the True incremental Backup System __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com For pictures: http://www.vicsmba.com/ourpics/index.html (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: strong TLS connections
Kristen, Your points are all good. However, I have found the compatibility not good with customer installed versions versus my own. One of the problems, for example, could be that openssl compiles with a certain type of threads, not the same as your application. Same with semaphores and who knows what else. It could be many features like that. It could be changes in product I have found. Also, if they install in a different location than you, the header of your program will not find it (which can be solved with links on the user's system, sometimes). Sometimes the user installs a version with other dependencies (for example I use libxml2 but not the libzip ... and when a customer put the libzip version in, my application had problems). So then what I was doing was putting my versions of the dynamic libraries in my own location /usr/local/application_name/lib And linking that way and installing that way. But then when the security changes came ... I had to again install something and I realized it was easier to just install the static linked software. You also get tighter testing because it will force you to get the latest version, compile it, link it, test it, then install it. I do a LOT of cross-platform (AIX, Linux, OS/X, SCO, HP/UX, Windows, etc) work and have found that I am always safer linking exactly what I want and releasing that. I guess I feel I have more control over quality this way. BUT THIS IS JUST A DUMB OPINION -- most people disagree. I have found in practice that the dream of the O/S level updates magically making security updates work for your software is a dream that is more nightmare than pleasant. But that is just me. There are others who do agree, I am not alone, but I would guess a minority. As for the export question -- if they are not allowed certain things they are not allowed. Depending on your application, it may be OK. So if you require the illegal export of strong encryption and you install or ask them to install, you and they are in trouble. If your application is, say, a credit card application -- and it is static linked and can ONLY be used to process credit cards (and you let them generate keys through you) you are in fact able to export without legal complication. I export, had legal advise. I am not sure what you mean by the GNU licensing conflict. You are still only charging for your application, whether you static or dynamic link. I do always include the proper copyright files and put them in /usr/local/lib ... even though my link is static. I checked this as well. I will tell you that both my legal checks were cursory but I am confident they were sufficient. If you are really worried, check with a lawyer. On the GNU I think it is pretty much a matter of the intent of the license anyway. If you disclose it's use, include the proper copyright/license files, and don't charge for it, I think you are fine. There are taste issues on this -- but you may be happier with a static link. It will load a giga-blip faster too with static link, and you won't even notice :-) A lot will depend on what your software is and how much of it. We have thousands of customers. We do credit cards which requires certification and you cannot (should not) allow the customer to change your software by installing a dynamic library. In fact, what if they built themselves their own libraries that wrote the unencrypted text out to a file? Then they could steal credit card numbers. BAD BAD BAD. It is a security hole to allow dynamic libraries because you have no control on what is really there. You cannot look at a customer or credit card auditor and say with a straight face that you control the encryption and there is no security leak. If you statically link something in and certify it ... it is what is is. Under current credit card rules you may do minor updates just by notifying them -- so if you find a security patch that applies to your application (most don't for me) then you download, link statically, report to everyone who needs to know, and install your app again. Eric At 12:13 PM 10/28/2011, Kristen J. Webb wrote: On 10/28/11 12:39 PM, Eric S. Eberhard wrote: I have an easy solution I use because not only do you have the problem with admins not having the library installed, you have the problem of them having the wrong version installed for something they need. Your app or theirs won't work. Or yours will, and they update openssl and it no longer does. And some places with strict security policies won't let you install things like openssl (but if they want your app they have to install it!). I simply build the static libraries and link them in. This means nothing need exist on the target machine and that you have a more stable product because you have tested against the library version you have static linked. You could argue it makes the program bigger and my answer
Re: writing an SSH server
I believe the last function, the write, is missing a return false with the error message? Writing servers is VERY difficult to make 100% reliable, good logging, etc. I have many years experience and still avoid it when I can. You need to understand blocking and non-blocking calls, your network, etc. If you are on Unix -- use inetd if your volume is not too high. By too high I have productions systems with 10,000 connections continually with averaging 1,000 new connections per second. On inetd under AIX. In the old days of slow hardware people complained about the performance because it does have to create a new process. However your code becomes simple -- read/write to stdin/stdout. No need to open, accept, poll, close, or otherwise deal with sockets. Which then brings up stunnel ... and another performance barrier I supposed by throwing in another program. However -- I have easily used it for credit cards, UPS, USPS, Fedex, 10s of companies more obscure, Web interfaces, secure telnet, HTTPS, etc. On a modern machine you are unlikely, unless really resource strained, to care about the over head -- and you would have no programming to do at all. If stunnel is too limited, I'd still consider inetd. NOTE -- pretty much all code you write to work under inetd can later be transferred to a standalone server program. So you are wasting little time trying it. I actually have a generic server program I start with whenever I need a server (it's in C) that runs either under inetd or standalone. In practice I always use inetd -- it is dead reliable and if it is not working, Unix is not working. I am sure someone will disagree based on resource/performance reasons. You will have to judge that ... and like I said, trying it in inetd is not wasted time. If you are on Windows ignore this :-) Eric E At 01:48 PM 10/27/2011, David Durham wrote: Hi all, I'm new to C++ and libssl, but nevertheless trying to write an SSH server. I have gone through tutorials and believe I have a working server that initializes and SSL context, binds and listens on a TCP socket, and accepts a connection. Using a debugger I see that if I try to ssh myserver -p myport, the process hangs on the call to SSL_accept. I figure this is because the ssh client needs to do something before calling SSL_connect. I don't need authentication, I just want to use ssh kind of like a secure telnet. Here's my code, any advice is appreciated: bool SecureServer::Start () { SSL_CTX *ctx = SSL_CTX_new(SSLv23_server_method()); if (SSL_CTX_use_certificate_file(ctx, conf/ssl/server.crt, SSL_FILETYPE_PEM) = 0) { Error(failed to load server cert); return false; } if (SSL_CTX_use_PrivateKey_file(ctx, conf/ssl/server.key, SSL_FILETYPE_PEM) = 0) { Error(failed to load server private key); return false; } SSL *ssl = SSL_new(ctx); SocketType listen_sock = socket(AF_INET, SOCK_STREAM, 0); if (listen_sock = 0) { Error(failed creating socket); return false; } sockaddr_in sa_serv, sa_cli; sa_serv.sin_family = AF_INET; sa_serv.sin_addr.s_addr = INADDR_ANY; sa_serv.sin_port = htons(2002); /* Server Port number */ if (bind(listen_sock, (struct sockaddr*) ((sa_serv)), sizeof(sa_serv)) 0) { Error(bind failed); return false; } /* Receive a TCP connection. */ if (listen(listen_sock, 5) 0) { Error(listen failed); return false; } socklen_t clientLen = sizeof(sa_cli); SocketType sock = accept(listen_sock, (struct sockaddr*) ((sa_cli)), clientLen); printf(Connection from %x, port %x\n, sa_cli.sin_addr.s_addr, sa_cli.sin_port); SSL_set_fd(ssl, sock); if (SSL_accept(ssl) = 0) { Error(SSL handshake failed); return false; } char *message = Hello SSL; if (SSL_write(ssl, message, sizeof(message)) = 0) { Error(error on ssl write); } return true; } Thanks, Dave __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com For pictures: http://www.vicsmba.com/ourpics/index.html (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: writing an SSH server
I end up using SSL because, weirdly, credit card companies and shipping companies (I do business software), and so forth, all use SSL -- almost always HTTPS -- and I don't have a call for a protocol. It would be REALLY cool if you could make a wrapper on stunnel to handle the H protocol portion as I could certainly use it. As you pointed out there are two things -- the protocol and the encryption, there was third I was trying to address and that is the whole problem of running your own server under Unix ... that you can skip. When then open source code breaks out the connection from the protocol is another matter ... they may be mixing them. I actually was just trying to suggest there might be easier ways (and maybe I am wrong) -- I try to help new people and I usually come up with odd solutions that is theory many people say are slow when in practice make no difference. And, I am not sure, but below that routine may be an actual Unix accept and then you have those issues of blocking and non-blocking that become a pain and are not required. Anyway you can easily ignore me or if you need anything, glad to help. If you make an SSH server that runs in inetd I'd love to have it, and if you extend stunnel to do this (I think that would work) then you could add to the stunnel project which is cool (I have added very minor things to many open source programs, even libxml2 and so forth). Also, if you need anything on old-fashioned C, I do breath that :-) E At 02:55 PM 10/27/2011, you wrote: From: owner-openssl-us...@openssl.org On Behalf Of David Durham Sent: Thursday, 27 October, 2011 16:48 I'm new to C++ and libssl, but nevertheless trying to write an SSH server. I have gone through tutorials and believe I have a working server that initializes and SSL context, binds and listens on a TCP socket, and accepts a connection. Using a debugger I see that if I try to ssh myserver -p myport, the process hangs on the call to SSL_accept. I figure this is because the ssh client needs to do something before calling SSL_connect. I don't need authentication, I just want to use ssh kind of like a secure telnet. snip SSH and SSL are different protocols, even though there is only one letter difference in the acronym. See RFCs 4250-6. The underlying *crypto* primitives are mostly the same, and the widely-used openssh implementation uses the libcrypto part of OpenSSL, but the protocol part of openssh is entirely different from the libssl part of OpenSSL (including SSL_accept). AFAIK SSH always formally authenticates the server, although in practice this is usually done by accepting the server's key the first time manually, which people are supposed to think about but don't, and thereafter checking it is the same. Similarly I believe it always formally authenticates the client, but that can be e.g. anybody/dontcare. If you just want confidentiality with truly no authentication, SSL/TLS (and OpenSSL) can do that with the anonymous-DH and anonymous-ECDH suites. I assume you understand and accept the vulnerabilities you are creating by not authenticating. Also: You didn't show your Error() routine (method?). I hope it displays the OpenSSL error stack in some suitable way; that information is very often vital in debugging errors. And: char *message = Hello SSL; if (SSL_write(ssl, message, sizeof(message)) = 0) is a very basic (but all too common) C bug. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com For pictures: http://www.vicsmba.com/ourpics/index.html (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Question regarding to memory leak
As a general comment not all memory leaks reported by these tools are a bad thing. I often write code that has these type of leaks on purpose for performance reasons. For example a function that is called often and malloc's memory ... rather than malloc and free each time (causing context switching and generally slow) I just make the pointer static and a size variable static. I use the pointer until it is too small, then I realloc to a larger size. In modern systems often the leak is worth the performance gain. I run on IBM AIX. Having said that, I have not dug in to your specifics which may just be bugs, an error with the tool, or deliberate. Eric At 11:58 AM 6/24/2011, Yan, Bob wrote: Hi, I have used IBM purify to check my test program which invokes openssl library. There are some memory leaks reported by Purify, please see below. Could somebody point to me from which function those leaks were generated, and how to avoid those leaks? Thanks, Bob MLK: 1104 bytes leaked in 46 blocks This memory was allocated from: malloc [rtlib.o] CRYPTO_malloc [libcrypto.so.1.0.0] ASN1_STRING_type_new [libcrypto.so.1.0.0] ASN1_primitive_new [libcrypto.so.1.0.0] asn1_item_ex_combine_new [libcrypto.so.1.0.0] asn1_item_ex_combine_new [libcrypto.so.1.0.0] ASN1_item_ex_d2i [libcrypto.so.1.0.0] asn1_template_noexp_d2i [libcrypto.so.1.0.0] Block of 24 bytes (46 times); last block at 0x2c0f7218 MLK: 836 bytes leaked in 2 blocks This memory was allocated from: malloc [rtlib.o] CRYPTO_malloc [libcrypto.so.1.0.0] asn1_enc_save [libcrypto.so.1.0.0] ASN1_item_ex_d2i [libcrypto.so.1.0.0] asn1_template_noexp_d2i [libcrypto.so.1.0.0] asn1_template_ex_d2i [libcrypto.so.1.0.0] ASN1_item_ex_d2i [libcrypto.so.1.0.0] ASN1_item_d2i [libcrypto.so.1.0.0] Block of 432 bytes at 0x2c093668 Block of 404 bytes at 0x2c009d58 MLK: 800 bytes leaked in 20 blocks This memory was allocated from: malloc [rtlib.o] CRYPTO_malloc [libcrypto.so.1.0.0] ASN1_OBJECT_new [libcrypto.so.1.0.0] c2i_ASN1_OBJECT [libcrypto.so.1.0.0] asn1_ex_c2i[libcrypto.so.1.0.0] asn1_d2i_ex_primitive [libcrypto.so.1.0.0] ASN1_item_ex_d2i [libcrypto.so.1.0.0] asn1_template_noexp_d2i [libcrypto.so.1.0.0] Block of 40 bytes (20 times); last block at 0x2c097a78 MLK: 600 bytes leaked in 15 blocks This memory was allocated from: malloc [rtlib.o] CRYPTO_malloc [libcrypto.so.1.0.0] asn1_item_ex_combine_new [libcrypto.so.1.0.0] ASN1_item_ex_d2i [libcrypto.so.1.0.0] asn1_template_noexp_d2i [libcrypto.so.1.0.0] asn1_template_ex_d2i [libcrypto.so.1.0.0] ASN1_item_ex_d2i [libcrypto.so.1.0.0] asn1_template_noexp_d2i [libcrypto.so.1.0.0] Block of 40 bytes (15 times); last block at 0x2c0f6e98 MLK: 376 bytes leaked in 33 blocks This memory was allocated from: malloc [rtlib.o] CRYPTO_malloc [libcrypto.so.1.0.0] ASN1_STRING_set [libcrypto.so.1.0.0] asn1_ex_c2i[libcrypto.so.1.0.0] asn1_d2i_ex_primitive [libcrypto.so.1.0.0] ASN1_item_ex_d2i [libcrypto.so.1.0.0] asn1_template_noexp_d2i [libcrypto.so.1.0.0] asn1_template_ex_d2i [libcrypto.so.1.0.0] Block of 14 bytes (21 times); last block at 0x2c0f7168 Block of 12 bytes (2 times); last block at 0x2c096828 Block of 11 bytes (2 times); last block at 0x2c096338 Block of 5 bytes (6 times); last block at 0x2c0976f8 Block of 3 bytes (2 times); last block at 0x2c095e58 . . . Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http
RE: Using PCKS Padding in OpenSSL
Actually the 2.0 specs don't allow disk storage at all for magstripe -- you can keep cardholder data until auth. Since 1.2 specs are not required until 1/1/12 and 2.0 another year ... I was pointing more to the future (and had our software certified for 2.0 as 1.2 is only good until 2013 and 2.0 is good till 2016 and I wanted to avoid another audit so soon). Not knowing the nature of the data and network setup makes it hard to answer definitively but if it is going to be lying around, encrypting it first is, as I said, a good idea in many cases. E At 08:36 PM 6/7/2011, Dave Thompson wrote: From: owner-openssl-us...@openssl.org On Behalf Of Eric S. Eberhard Sent: Tuesday, 07 June, 2011 15:21 I would point out in that last approach -- encrypting and sending un secure (which is a good idea in many cases) does have a few considerations. If the data is sensitive (like magnetic strip data from a credit card) this is completely NOT ALLOWED. PCI and PA-DSS won't allow it to hit the disk. If you do hit the disk and you care about security on either end, you also need a secure delete snip To be exact, PCI DSS (and therefore PA-DSS) prohibits storing magstripe, CVV2 and PIN after authorization (even if encrypted). Authorization should always be real-time and thus there should be no good reason to store on disk during auth, but it isn't specifically prohibited. If you do store it, yes you will then need to wipe it. But this is not specific to my last approach. The OP's question seemed to be about files, and storing this data in a clear file securely transferred with FTPS, SFTP, or such would be even worse. At 08:44 PM 6/6/2011, Dave Thompson wrote: Another approach is to secure the files themselves, rather than just the transfer. That is, encrypt and perhaps sign the files when (or before) they are placed on the sending system(s), transfer them using plain FTP or HTTP or other, and decrypt and perhaps verify them on the receiving system(s). __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Using PCKS Padding in OpenSSL
I would point out in that last approach -- encrypting and sending un secure (which is a good idea in many cases) does have a few considerations. If the data is sensitive (like magnetic strip data from a credit card) this is completely NOT ALLOWED. PCI and PA-DSS won't allow it to hit the disk. If you do hit the disk and you care about security on either end, you also need a secure delete program. Simply deleting a file does not remove the data from the disk. It takes about 5 lines of C to make a secure delete which if anyone likes I can give them. Eric At 08:44 PM 6/6/2011, Dave Thompson wrote: From: owner-openssl-us...@openssl.org On Behalf Of greenelephant Sent: Sunday, 05 June, 2011 05:20 Thanks for the reply Dave. I am grateful for your advice. I am a novice as you have probably gathered. If I am not wrong in my judgement you seem to have some expertise on cryptology. Some, not a whole lot. I have stated SSL in my first post that I would like help with as you know. But with your expertise is there a better solution to use except SSL in terms of security using openssl? SSL/TLS (preferably the newest version supported, today usually TLS 1.1 or maybe 1.2) is a good general solution for security of Internet endpoint communication (particularly, but not only, web traffic using HTTPS). OpenSSL is a good implementation of SSL/TLS, plus some related (crypto) functionality, but not the only one; any other conforming and well-tested implementation available to you should be fine. For examples, Java includes its own SSL/TLS implementation (for Java), and I understand dot-NET does (for C#, VB, etc.) There are other protocols that may be better in specific situations (e.g. SSH as below) or necessary (e.g. IPsec and DNSsec are done at a level below where SSL can work). Also is SSL an ideal security solution for secured FTP transmissions using the openssl module to enable me to subvert any efforts to sabotage or breach security perpetrated by intruders or hackers using the methods of attacks (side channeling for instance) previously mentioned? FTP over SSL (FTPS) is a secure means of file transfer, if supported by both your server(s) and your client(s), which in my experience is not very common. When it is supported, the server and client code determines what module is used; it might be OpenSSL or something else. Another good and in my experience more common method of securing file transfer is SFTP, part of the SSH protocol suite. The crypto used in SSH is generally similar (though not identical) to SSL/TLS, and in fact the most widespread implementation OpenSSH uses libcrypto from OpenSSL, but the trust model is different (simpler). Instead of creating and verifying certificates, SSH requires you to manually verify a key fingerprint on the first connection between a given client and server (or else manually pre-transfer the encoded publickey). This isn't very good for communications with strangers (like sites you found on Google), but works okay for people that already have some contact (like your friends, customers of your company, etc). Another approach is to secure the files themselves, rather than just the transfer. That is, encrypt and perhaps sign the files when (or before) they are placed on the sending system(s), transfer them using plain FTP or HTTP or other, and decrypt and perhaps verify them on the receiving system(s). __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Running SSL on own socket code
The way I do things like this is to slightly modify OpenSSL (and keep track of the mods!) 1) Hunt down the socket code 2) Set a new variable, a pointer to a function (for each function you replace) (fptr in my example) 3) rename the routine to release_function 4) make a new function() which has the exact same args and a few lines of code int function() { If (!fptr) fptr = (int(*)())(release_function); return(*ftpr()); } In my code I put in the initialization routine: extern int (*fptr)(); fptr = (int(*)())(my_function); Note that is pseudo code and needs fleshing out. This is because often these functions are VERY tightly coupled including handshaking and things I don't really understand -- so I replace a low-level routine I do understand. And with new releases it only takes moments to re-do the 3-4 functions I do this with. It means that the OpenSSL code will still work as intended in all cases except where you chose to override. Using function pointers does have weird/odd/goofy syntax but works well. I primarily use this to override error logging as I have my own logging functions and I need to use syslog() for the version 1.2 PCI/PA-DSS compliance. I have also replaced low-level TCP code on occasion. In fact I would argue that all the logging functions should be released with this capability built in as that is one area I think a lot of people would like to customize, and if there is any interest I will modify the code and send it through channels to be included. Error handling is tightly coupled -- everywhere -- in the code, so my system makes using my own logging very easy. Eric At 07:22 AM 6/1/2011, Victor Duchovni wrote: On Tue, May 31, 2011 at 09:05:29AM -0400, Jeff Saremi wrote: I'd like to know the feasibility or complexity around using my own socket code with OpenSSL's ssl code. If I provide OpenSSL with a pair of BIOs to read and write would that be sufficient? How tightly integrated the code is with bio_connect and bio_socket? thanks jeff man BIO_new_bio_pair Look at the example. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Running SSL on own socket code
Depends exactly what the person wants to do and also if he wants to use existing code and if he is familiar with the bio pairs. My point was not specific to his needs as there was not a lot of detail, only that making changes to the code is better and easier when you override functions -- such as I must do with the error handling (and anyone else writing PCI compliant code BTW -- MUST MUST -- do). In the old days I was stupid and inserted my code in to open source code ... making updates a nightmare. This externalizes changes and makes updates a cinch. Eric At 11:09 AM 6/1/2011, Victor Duchovni wrote: On Wed, Jun 01, 2011 at 10:56:47AM -0700, Eric S. Eberhard wrote: The way I do things like this is to slightly modify OpenSSL (and keep track of the mods!) Completely unnecessary, OpenSSL supports custom I/O layers via BIO pairs. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Trying to get URI of CRL from certificate extension
Does fail mean? Core dump? Whether it does or not, it us generally good practice to make sure those pointers are not null unless you are certain the functions can never return a bad value. Also, for debugging, if you break it down then you can get the individual results with print statements and see what is failing. Finally as a general comment on coding -- statements like that val= generally have two effects: 1) the outcome can be confusing. I once had two programmers working for me with a complex statement like that (setting things, calling things, etc, all on one line) and precedence and all kinds of things came up ... so they were arguing over various possible results. I told them the most likely result of a programmer leaving me code that two smart programmers have to argue over it's meaning is termination of employment :-) Make code human readable by the dumbest programmers (like perhaps your boss ;-) ) 2) It is less efficient. Depending on the platform, can be considerably. Compilers try to optimize. If the statement is really complex it does not optimize the line. Processors read ahead and execute statements when the situation makes it possible (AIX does this very well) ... again, too complex, it cannot do that. As an aside, those that read ahead always assume a test evaluates to true, so all conditional statements should have the most likely code first. Of course, this assumes performance is that important. Rough code should be: if (!meth-d2i) /* error handling */ if (!meth-i2v) /* error handling */ ptr = d2i(0, data, ext-value-length); printf(ptr1=%x\r\n); if (!ptr) /* or some other illegal value if int or ??? */ /* error handling */ ptr = i2v(meth, meth-ptr, 0); printf(ptr2=%x\r\n); if (!ptr) /* or some other illegal value */ /* error handling */ val = meth-ptr; Of course I don't really know if those are pointers or what so very rough. They could be int or whatever, but the above code allows you to print the intermediate values. And likely has mistakes since I slapped it out. My point is reducing the number of lines with compound statements is harder for humans and computers to understand and leaves you no easy way to check intermediate values and debug. Eric At 11:57 PM 5/26/2011, you wrote: Hi, I am trying to get URI of the CRL from certificate extension using below function: static char *get_distribution_point(X509 *cert) { int extcount, i, j; const char*extstr; CONF_VALUE*nval; unsigned char *data; X509_EXTENSION*ext; X509V3_EXT_METHOD *meth; STACK_OF(CONF_VALUE) *val; if ((extcount = X509_get_ext_count(cert)) 0) { for (i = 0; i extcount; i++) { ext = X509_get_ext(cert, i); extstr = OBJ_nid2sn(OBJ_obj2nid(X509_EXTENSION_get_object(ext))); if (strcasecmp(extstr, crlDistributionPoints)) continue; if (!(meth = X509V3_EXT_get(ext))) break; data = ext-value-data; val = meth-i2v(meth, meth-d2i(0, data, ext-value-length), 0); for (j = 0; j sk_CONF_VALUE_num(val); j++) { nval = sk_CONF_VALUE_value(val, j); if (!strcasecmp(nval-name, URI)) return strdup(nval-value); } } } return 0; } Above function fails at val = meth-i2v(meth, meth-d2i(0, data, ext-value-length), 0); Any suggestions ? Please help Thanks Regards, Akash Deo Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Download fips 1.2.3
winzip will open tar files ... E At 01:20 PM 5/24/2011, you wrote: On 05/24/11 12:53 PM, Kyle Hamilton wrote: I don't think that Solaris's tar hits the bug every time. Do you think Oracle (nee Sun) would ship something that failed 100% of the time instead of 0.1% of the time? bug? no, this is not a bug. native posix tar doesn't read gzip files, gzip does. gnu tar munged gzip into tar to create a hybrid. gunzip -c filename.tar.gz | tar xvf - or gunzip filename.tar.gz tar xvf filename.tar works just great on Solaris and any other Unix platform. -- john r pierceN 37, W 123 santa cruz ca mid-left coast __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Download fips 1.2.3
If you tried to open it in Winzip (which can open tar files and tar.gz files) you can see if it is the Solaris or the file. To have Winzip do the tar.gz rename it to simply .tgz ... You could always transfer it from your PC if you do it this way -- if you are running Samba on the Solaris it is trivial. Eric At 02:55 PM 5/24/2011, you wrote: From: John R Pierce Sent: Tuesday, May 24, 2011 9:20 PM On 05/24/11 12:53 PM, Kyle Hamilton wrote: I don't think that Solaris's tar hits the bug every time. Do you think Oracle (nee Sun) would ship something that failed 100% of the time instead of 0.1% of the time? bug? no, this is not a bug. native posix tar doesn't read gzip files, gzip does. gnu tar munged gzip into tar to create a hybrid. gunzip -c filename.tar.gz | tar xvf - or gunzip filename.tar.gz tar xvf filename.tar works just great on Solaris and any other Unix platform. ... except when it doesn't, such as in the case in question.__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Download fips 1.2.3
You need to: gunzip openssl-fips-1.2.3.tar.gz That will create openssl-fips-1.2.3.tar Then tar -xvf openssl-fips-1.2.3.tar Eric At 03:11 PM 5/23/2011, Ruiyuan Jiang wrote: Hi, all Has anyone had problem with openssl-fips-1.2.3.tar.gz? When I tried to tar xvf on my Solaris 10 SPARC, the source had error message unexpected EOF. I have tried with different proxy servers and direct download from the site but had no luck. I now downloaded v1.2.2 and no problem with the source to configure and make. Thanks. Ryan Jiang This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Download fips 1.2.3
Oh -- if you like being efficient and not wasting disk space this works nicely: gunzip -c openssl-fips-1.2.3.tar.gz | tar xvf - This will uncompress on the fly and leave the compressed file. At 03:21 PM 5/23/2011, Eric S. Eberhard wrote: You need to: gunzip openssl-fips-1.2.3.tar.gz That will create openssl-fips-1.2.3.tar Then tar -xvf openssl-fips-1.2.3.tar Eric At 03:11 PM 5/23/2011, Ruiyuan Jiang wrote: Hi, all Has anyone had problem with openssl-fips-1.2.3.tar.gz? When I tried to tar xvf on my Solaris 10 SPARC, the source had error message unexpected EOF. I have tried with different proxy servers and direct download from the site but had no luck. I now downloaded v1.2.2 and no problem with the source to configure and make. Thanks. Ryan Jiang This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SSL Communication using BIO
You might also consider using stunnel which works perfectly and is easy to use in many cases and unless your volume is silly-high has plenty of performance to run in inetd mode which is very reliable. stunnel is based on openssl. It also makes your app independent of SSL changes which I like. Eric At 03:47 PM 5/23/2011, Wim Lewis wrote: On 23 May 2011, at 1:29 PM, Harshvir Sidhu wrote: Anyone any comments on this. Is openssl appropriate choice for my case? As I understand it you want OpenSSL to handle the protocol and encryption, but you don't want OpenSSL to do any network I/O itself: you want to do that (via the C# sockets class). An example of using OpenSSL in this way is in demos/state_machine/state_machine.c in the OpenSSL distribution. As David Schwartz says, the important thing is not to assume that reads and writes of your data correspond directly to reads and writes on the socket. SSL may need to perform multiple reads and writes before you see any data (for example, during a handshake or renegotiation). state_machine.c uses memory BIOs to buffer data going in and out of SSL. I think a better way to do it in current versions of OpenSSL is to make your own, nonblocking BIO which calls into your C# code as needed. But I could be wrong. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Download fips 1.2.3
Try this -- you may have a space problem. gunzip -c openssl-fips-1.2.3.tar.gz | tar xvf - (this uncompresses on the fly) You also might have had a space problem when you downloaded and the file is not complete, check the number of bytes against the ftp severver. Last, you may have accidently downloaded in ASCII mode instead of binary, which makes a mess of the file. Given that EOF seems to be the problem, I suspect download or gunzip space problems. May also want to try another mirror? Eric At 03:27 PM 5/23/2011, Ruiyuan Jiang wrote: Hi, Eric That is what I did exactly and failed on tar xvf and I don't have problem with 1.2.2. Ryan -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Eric S. Eberhard Sent: Monday, May 23, 2011 6:22 PM To: openssl-users@openssl.org; openssl-users@openssl.org Subject: Re: Download fips 1.2.3 You need to: gunzip openssl-fips-1.2.3.tar.gz That will create openssl-fips-1.2.3.tar Then tar -xvf openssl-fips-1.2.3.tar Eric At 03:11 PM 5/23/2011, Ruiyuan Jiang wrote: Hi, all Has anyone had problem with openssl-fips-1.2.3.tar.gz? When I tried to tar xvf on my Solaris 10 SPARC, the source had error message unexpected EOF. I have tried with different proxy servers and direct download from the site but had no luck. I now downloaded v1.2.2 and no problem with the source to configure and make. Thanks. Ryan Jiang This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List
Re: SSL Communication using BIO
or ... keep it simple and at least consider using stunnel. I have a LOT of applications using openssl, 3/4 I just use stunnel and forget about it. For a few when I need to do crazy things, I code and link in to my application. But you can save a lot of trouble with stunnel, at least as a first step (proof of concept). BTW, I also use the Windows version which you can download with an installer and it works great as well. E At 04:12 PM 5/23/2011, Gayathri Sundar wrote: actually I would seriously recommend you read the OpenSSL book written by Eric Rescorla, it discusses all the use cases of openssl, BIO, async/sync usages..so that you get an idea of how OpenSSL itself works. On Mon, May 23, 2011 at 6:02 PM, Neo Liu mailto:diablo...@gmail.comdiablo...@gmail.com wrote: I think you can read this article and it will be help. http://www.lenholgate.com/blog/2002/11/using-openssl-with-asynchronous-sockets.htmlhttp://www.lenholgate.com/blog/2002/11/using-openssl-with-asynchronous-sockets.html On Mon, May 23, 2011 at 4:59 PM, Harshvir Sidhu mailto:hvssi...@gmail.comhvssi...@gmail.com wrote: David, So are you suggesting that i change the approach in my Code. My application is for Windows and in Managed C++. In that i am using Callback function for receive, when the callback function is called, and when i call SSL_read in that, it hangs at recv call in the OpenSSL code, my assumption is that data was already read from socket, when callback was called. Another thing i would like to mention is I am using Sockets Managed Class, not the native sockets. Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl-users] Quick eyeball requested - self generate openssl certs/CA
A very simple one -- tax the time stamp register or the 4 byte cycles since 1970, and concatenate the process id (which is unique for a long time). The same process id cannot get either of those two numbers in two calls to be the same. Eric At 10:24 AM 5/19/2011, you wrote: On Thu May 19 2011, Tim Watts wrote: I think I might add some randomness into mine - seems easy enough. I won't pretend I fully understand why - mostly because I wasn't clear why the serial is important. If your CPU has a 'time stamp register' (cycle counts since power-up) - You can grab those contents as your counter (usually 8 bytes worth). Since this counter advances rapidly (GHz range today) it is unlikely you will ever have two machines, or two serial number creations, that strike at the same clock cycle since power-up. (Thats a pretty small target to hit.) Usually that will cost you one or two machine cycles to read the counter. Relatively fast way to get an 8 byte number I haven't used before. Concantinate that with 8 bytes of something else of your choice that doesn't vary with the clock cycles since power up. If truly paranoid - 'whiten' with the hash function of your choice. (or with AES as in another post here - many machines can do AES in hardware.) Mike __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Clients glomming onto a listener
I have found that fork() on modern machines as a negligible affect on performance and in fact I almost always use inetd instead of writing my own servers, mainly because it is dead reliable, easier to code, and again seems to have negligible affect on performance. One would have to do millions upon millions of connects to notice or care. Having said that, I use AIX mostly, and that performs better under load than Linux on Intel, and even Linux on the IBM p series platform. I would do it cheap and easy and worry about performance after-the-fact. Eric At 04:46 PM 5/10/2011, you wrote: On 10 May 2011, at 4:13 PM, David Schwartz wrote: On 5/10/2011 2:10 AM, John Hollingum wrote: Pretty much immediately after the accept the program forks a handler, but the rogue clients must be glomming onto the main process before the SSL negotiation is complete. Calling 'fork' with an accepted SSL connection has all kinds of known issues. The fundamental problem is that there are many operations that must occur both before and after the 'fork', for different reasons, and obviously can't do both. You could accept just the TCP connection in the main process and do all of the SSL handshake in the forked process (I think IO::Socket::SSL-start_SSL() is what you want for that) --- this would not be a high-performance approach (no SSL session cache, fork overhead) but if it's fast enough it's fast enough. It's possible to use openssl in a non-blocking, event-driven manner but I don't think Perl's SSL modules expose enough of the openssl API to do that. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Clients glomming onto a listener
I was not trying to compare O/S, only point out that my experience is more out of the AIX world than Linux world. I also want to point out again what I was saying ... you don't need to make a server and you don't need to fork() and all kinds of complicated stuff if you write it for inetd. You don't even need to write socket code (stdin/stdout read/write is all you need). The O/S will create the processes and clean them up on disconnects and so forth. Unless you are super performance limited, this is the best way to go because it always works and is always reliable (if inetd fails to function on a Unix O/S then the machine is essentially toast anyway). In addition it is more easily portable if you care about porting to more than one Unix. Using select is not always supported, socket flags not always the same, etc. All a non-issue under inetd. Eric At 08:57 AM 5/11/2011, you wrote: On Wed, May 11, 2011 at 08:39:49AM -0700, Eric S. Eberhard wrote: I have found that fork() on modern machines as a negligible affect on performance and in fact I almost always use inetd instead of writing my own servers, mainly because it is dead reliable, easier to code, and again seems to have negligible affect on performance. One would have to do millions upon millions of connects to notice or care. Having said that, I use AIX mostly, and that performs better under load than Linux on Intel, and even Linux on the IBM p series platform. I would do it cheap and easy and worry about performance after-the-fact. Eric Let's not start an OS A is better than OS B discussion here. You can safely fork single-threaded OpenSSL servers right after accept(3), and handle the SSL connection in a child. This makes the memory-resident session cache ineffective, but you can use callbacks to implement an external (Berkeley DB similar or shared memory, ...) session cache. Forking after SSL_accept() is tricky, since your parent process will have partial SSL connections in progress for other clients when a given handshake completes (event-based connection management) or will serialize all handshakes, but as you've observed that's not a good option. So, my suggestion is that a forking server is fine, just use an external session cache. The Postfix SMTP server is an example of this model. There before the TLS handshake, we also have an SMTP STARTTLS handshake, but that does not alter the analysis in any substantive way, just a few more packets to exchange before the TLS connection is ready. Note, Postfix is pre-forking, rather than forking, so there is a pool of processes, that serially accept connections, but this too does not impact the design analysis. - You can use a single process with event-based I/O. - You can use multiple threads in a single process. - You can fork after accept(2) and use an external session cache - You can pre-fork and handle clients serially one per process, with re-use of processes for another client after a client hangs-up. This too requires an external session cache. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Clients glomming onto a listener
Performance is related to the application. For example, a system that accepts 10 SSL connects per year has different requirements than one that accepts 1000 per second. Obviously there is a middle ground. My point is that theoretical performance differences are very real in the later case, and of no consequence in the first case. Cost of software development and upkeep and system management is much lower using say inetd and not bothering to make a server. I have systems with thousands of SSL connections per minute, holding 500-1000 at a time, going through inetd on a modest AIX box and have zero performance issue. Don't even notice they are there and they take low single digits of CPU usage combined. Depending on the application, usage, hardware, cost of software development, cost of software upkeep, simplicity in system management -- the answer to what is the best way is different. I often find people ignoring that simple concept and developing very complex software to be theoretically faster ... only to end up with complex and buggy code that is hard to manage in an environment where the extra performance was not needed. One has to also consider the cost to develop and manage. So there is no right or wrong answer, I am trying to get the programmer to think ... does he really need, in his case, blistering performance? Can he do it with a simple inetd module (which later could be the core for his own server)? Does he want it up quick and easy with no real management issues? I am only spurring thought, not telling anyone what is right or wrong in their case :-) E At 10:10 AM 5/11/2011, you wrote: Eric, you must be really kidding this time :), servers with this architecture are susceptible to dos and what not..am sure for embedded systems where memory is a big limiting factor the best would be async design, also code becomes easily portable in future. On Wed, May 11, 2011 at 10:39 AM, Eric S. Eberhard mailto:fl...@vicsmba.comfl...@vicsmba.com wrote: I have found that fork() on modern machines as a negligible affect on performance and in fact I almost always use inetd instead of writing my own servers, mainly because it is dead reliable, easier to code, and again seems to have negligible affect on performance. One would have to do millions upon millions of connects to notice or care. Having said that, I use AIX mostly, and that performs better under load than Linux on Intel, and even Linux on the IBM p series platform. I would do it cheap and easy and worry about performance after-the-fact. Eric At 04:46 PM 5/10/2011, you wrote: On 10 May 2011, at 4:13 PM, David Schwartz wrote: On 5/10/2011 2:10 AM, John Hollingum wrote: Pretty much immediately after the accept the program forks a handler, but the rogue clients must be glomming onto the main process before the SSL negotiation is complete. Calling 'fork' with an accepted SSL connection has all kinds of known issues. The fundamental problem is that there are many operations that must occur both before and after the 'fork', for different reasons, and obviously can't do both. You could accept just the TCP connection in the main process and do all of the SSL handshake in the forked process (I think IO::Socket::SSL-start_SSL() is what you want for that) --- this would not be a high-performance approach (no SSL session cache, fork overhead) but if it's fast enough it's fast enough. It's possible to use openssl in a non-blocking, event-driven manner but I don't think Perl's SSL modules expose enough of the openssl API to do that. __ OpenSSL Project http://www.openssl.orghttp://www.openssl.org User Support Mailing List mailto:openssl-users@openssl.orgopenssl-users@openssl.org Automated List Manager mailto:majord...@openssl.orgmajord...@openssl.org Eric S. Eberhard tel:%28928%29%20567-3727(928) 567-3727 Voice tel:%28928%29%20567-6122(928) 567-6122 Fax tel:%28928%29%20301-7537(928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.comhttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcfhttp://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id
Re: Multiple connection from 1 client
Harsh, I would take up his offer of help. Socket control over multiple sockets is tricky code and very specific to what you are trying to do. My environment is single threaded and does similar things to yours -- but as Gayathri said, there are many details and exceptions and although with some online help or books I am sure with enough time you could do it (took me forever the first time) I suspect that this offer is as good as they get. I am not jobless (lucky me) so I can't put in the time he can. Gayathri -- would you be interested in pure C coding on a contract basis (intermittent, not really a job, more like occasional tasks) -- the code we write runs on AIX, Linux, OS/X, SCO, HP/UX, Centos, etc. so it is a little tricky to make work. If you have interest let me know your rates and real email and so forth. Thanks, Eric At 08:33 PM 5/6/2011, you wrote: Harsh., If u have any specific doubts in writing this asynchronous state machine email me privately at suraj...@gmail.com. I am pretty much jobless right now and can spend some time on this. Thanks --Gayathri On Friday, May 6, 2011, Harshvir Sidhu hvssi...@gmail.com wrote: Thanks, I will give this a try. // Harshvir On Fri, May 6, 2011 at 6:44 PM, Eric S. Eberhard fl...@vicsmba.com wrote: Change the sockets. This is what I use: int setblock(fd, mode) int fd; int mode; /* True - blocking, False - non blocking */ { int flags; int prevmode; flags = fcntl(fd, F_GETFL, 0); prevmode = !(flags O_NDELAY); if (mode) flags = ~O_NDELAY; /* turn blocking on */ else flags |= O_NDELAY; /* turn blocking off */ fcntl(fd, F_SETFL, flags); return prevmode; } Since it returns the existing mode you can use as such: prevmode = setblock(fd,0) /* turn of blocking */ /* do your thing */ (void)setblock(fd,prevmode);/* restore to original condition */ At 04:15 PM 5/6/2011, you wrote: Thanks for the reply Gayathri. Do you mean to changing the sockets to non blocking, or when i create bio for ssl to make that as non blocking? Thanks. On Fri, May 6, 2011 at 6:03 PM, Gayathri Sundar mailto:suraj...@gmail.comsuraj...@gmail.com wrote: Harsh, Okay from what I can understand, if you make ur underlying fd non blocking then it would work fine. Blocking FDs, unless and until one client is finished with its processing the other client will not be able to communicate with the server as the previous fd is blocked. The server is waiting on the 1st client to finish. When you have 3 ports and 3 clients then ofcourse it will work. thanks --Gayathri On Fri, May 6, 2011 at 5:50 PM, Harshvir Sidhu mailto:hvssi...@gmail.comhvssi...@gmail.com wrote: Gayatri, My server code is single threaded and i am using blocking sockets, i am using fd_set and select to wait for event on socket, and then performing operation based on the event that acts on a socket. I have an array of sockets to listen. So if i start listening on 3 different ports and from my client machien, i try to connect on them at different ports then it works fine, but when i use 1 listen port then it dont work properly. What i mean to say by work properly is that the connection is established, but when i am waiting for select to return event, then it dont show any activity when i send data from client, only 1 of them works, 2 dont work. In addition to that, when i use WireShark to see packets, then it shows that machine has received the packet from client. But server dont show that alert. Thats why i think it could be some socket option which is affecting it. // Harshvir On Fri, May 6, 2011 at 5:37 PM, Gayathri Sundar mailto:suraj...@gmail.comsuraj...@gmail.com wrote: Harshvir, SO_REUSEADDR sock option has noting to do with ur problem, please go thro the socket ops man page to get a better understanding. First find out if ur server code is a blocking i/o or non blocking I/O..if former then connections will be handled sequentially..only after the 1st client is finished will the server be able to respond to the 2nd connect request. If non blocking then there should be no problem. Check the code if you see and O_NONBLOCK flag set in some fcntl call or check for FIONBIO flag. Thanks --Gayathri On Fri, May 6, 2011 at 5:29 PM, Harshvir Sidhu mailto:hvssi...@gmail.comhvssi...@gmail.com wrote: Well i think this link is for my question. I have already done 1-5 from the Before you ask list. Number 6, i dont know anyone who use openssl. Number 7, it will take a lot of time to go through all the code, i was just trying to save some time. I thought user discussion forums are for this only. I apologize for my understanding. __ OpenSSL Project
Re: Multiple connection from 1 client
And I cannot imagine a case where a blocking FD is useful except it is lazier to code that way. You need to use non-blocking. E At 04:03 PM 5/6/2011, you wrote: Harsh, Okay from what I can understand, if you make ur underlying fd non blocking then it would work fine. Blocking FDs, unless and until one client is finished with its processing the other client will not be able to communicate with the server as the previous fd is blocked. The server is waiting on the 1st client to finish. When you have 3 ports and 3 clients then ofcourse it will work. thanks --Gayathri On Fri, May 6, 2011 at 5:50 PM, Harshvir Sidhu mailto:hvssi...@gmail.comhvssi...@gmail.com wrote: Gayatri, My server code is single threaded and i am using blocking sockets, i am using fd_set and select to wait for event on socket, and then performing operation based on the event that acts on a socket. I have an array of sockets to listen. So if i start listening on 3 different ports and from my client machien, i try to connect on them at different ports then it works fine, but when i use 1 listen port then it dont work properly. What i mean to say by work properly is that the connection is established, but when i am waiting for select to return event, then it dont show any activity when i send data from client, only 1 of them works, 2 dont work. In addition to that, when i use WireShark to see packets, then it shows that machine has received the packet from client. But server dont show that alert. Thats why i think it could be some socket option which is affecting it. // Harshvir On Fri, May 6, 2011 at 5:37 PM, Gayathri Sundar mailto:suraj...@gmail.comsuraj...@gmail.com wrote: Harshvir, SO_REUSEADDR sock option has noting to do with ur problem, please go thro the socket ops man page to get a better understanding. First find out if ur server code is a blocking i/o or non blocking I/O..if former then connections will be handled sequentially..only after the 1st client is finished will the server be able to respond to the 2nd connect request. If non blocking then there should be no problem. Check the code if you see and O_NONBLOCK flag set in some fcntl call or check for FIONBIO flag. Thanks --Gayathri On Fri, May 6, 2011 at 5:29 PM, Harshvir Sidhu mailto:hvssi...@gmail.comhvssi...@gmail.com wrote: Well i think this link is for my question. I have already done 1-5 from the Before you ask list. Number 6, i dont know anyone who use openssl. Number 7, it will take a lot of time to go through all the code, i was just trying to save some time. I thought user discussion forums are for this only. I apologize for my understanding. On Fri, May 6, 2011 at 5:18 PM, Jeremy Farrell mailto:jfarr...@pillardata.comjfarr...@pillardata.com wrote: From: Harshvir Sidhu Hi, I have a server application, which accepts normal sockets and ssl socket connections. I am trying to make 3 connections to server from 1 client machine, on same server port. When i connect on normal sockets then it works with any number of connections. When i tried to connect SSL then they dont work. If i connect 1 client then it works. In my listen socket, I have SO_REUSEADDR socket option, at first i thought might be this is causing issue, but i tried to use SO_EXCLUSIVEADDRUSE even then it dont work. Has someone seen some issue like this, any possible suggestion for this? Thanks, // Harshvir http://www.catb.org/~esr/faqs/smart-questions.htmlhttp://www.catb.org/~esr/faqs/smart-questions.html Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Multiple connection from 1 client
Change the sockets. This is what I use: int setblock(fd, mode) int fd; int mode; /* True - blocking, False - non blocking */ { int flags; int prevmode; flags = fcntl(fd, F_GETFL, 0); prevmode = !(flags O_NDELAY); if (mode) flags = ~O_NDELAY; /* turn blocking on */ else flags |= O_NDELAY; /* turn blocking off */ fcntl(fd, F_SETFL, flags); return prevmode; } Since it returns the existing mode you can use as such: prevmode = setblock(fd,0) /* turn of blocking */ /* do your thing */ (void)setblock(fd,prevmode);/* restore to original condition */ At 04:15 PM 5/6/2011, you wrote: Thanks for the reply Gayathri. Do you mean to changing the sockets to non blocking, or when i create bio for ssl to make that as non blocking? Thanks. On Fri, May 6, 2011 at 6:03 PM, Gayathri Sundar mailto:suraj...@gmail.comsuraj...@gmail.com wrote: Harsh, Okay from what I can understand, if you make ur underlying fd non blocking then it would work fine. Blocking FDs, unless and until one client is finished with its processing the other client will not be able to communicate with the server as the previous fd is blocked. The server is waiting on the 1st client to finish. When you have 3 ports and 3 clients then ofcourse it will work. thanks --Gayathri On Fri, May 6, 2011 at 5:50 PM, Harshvir Sidhu mailto:hvssi...@gmail.comhvssi...@gmail.com wrote: Gayatri, My server code is single threaded and i am using blocking sockets, i am using fd_set and select to wait for event on socket, and then performing operation based on the event that acts on a socket. I have an array of sockets to listen. So if i start listening on 3 different ports and from my client machien, i try to connect on them at different ports then it works fine, but when i use 1 listen port then it dont work properly. What i mean to say by work properly is that the connection is established, but when i am waiting for select to return event, then it dont show any activity when i send data from client, only 1 of them works, 2 dont work. In addition to that, when i use WireShark to see packets, then it shows that machine has received the packet from client. But server dont show that alert. Thats why i think it could be some socket option which is affecting it. // Harshvir On Fri, May 6, 2011 at 5:37 PM, Gayathri Sundar mailto:suraj...@gmail.comsuraj...@gmail.com wrote: Harshvir, SO_REUSEADDR sock option has noting to do with ur problem, please go thro the socket ops man page to get a better understanding. First find out if ur server code is a blocking i/o or non blocking I/O..if former then connections will be handled sequentially..only after the 1st client is finished will the server be able to respond to the 2nd connect request. If non blocking then there should be no problem. Check the code if you see and O_NONBLOCK flag set in some fcntl call or check for FIONBIO flag. Thanks --Gayathri On Fri, May 6, 2011 at 5:29 PM, Harshvir Sidhu mailto:hvssi...@gmail.comhvssi...@gmail.com wrote: Well i think this link is for my question. I have already done 1-5 from the Before you ask list. Number 6, i dont know anyone who use openssl. Number 7, it will take a lot of time to go through all the code, i was just trying to save some time. I thought user discussion forums are for this only. I apologize for my understanding. On Fri, May 6, 2011 at 5:18 PM, Jeremy Farrell mailto:jfarr...@pillardata.comjfarr...@pillardata.com wrote: From: Harshvir Sidhu Hi, I have a server application, which accepts normal sockets and ssl socket connections. I am trying to make 3 connections to server from 1 client machine, on same server port. When i connect on normal sockets then it works with any number of connections. When i tried to connect SSL then they dont work. If i connect 1 client then it works. In my listen socket, I have SO_REUSEADDR socket option, at first i thought might be this is causing issue, but i tried to use SO_EXCLUSIVEADDRUSE even then it dont work. Has someone seen some issue like this, any possible suggestion for this? Thanks, // Harshvir http://www.catb.org/~esr/faqs/smart-questions.htmlhttp://www.catb.org/~esr/faqs/smart-questions.html Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures
Re: slow https conenctions
are those of the author and do not necessarily represent those of Serck Controls Ltd. This message has been scanned for malware by Mailcontrol. www.Mailcontrol.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: [PATCH] conversion to EBCDIC
You might find this useful: http://cprogramminglanguage.net/ascii-ebcdic-conversion-functions.aspx Eric At 07:08 AM 4/22/2011, you wrote: Hi, I am working on a MAINFRAME. The encoding page is EBCDIC and not ASCII, so i have to do some conversion to support openssl on a mainframe. I am not familiar to use this method to open patch so it may be confusing. Here is one patch like you ask with the diff tools : diff -r crypto/x509/x509_vfy.c openssl-work/x509_vfy.c 8c8 * --- * 15c15 * --- * 22c22 * --- * 37c37 * 4. If you include any Windows specific code (or a derivative thereof) from --- * 4. If you include any Windows specific code (or a derivative thereof) from 40c40 * --- --- * 52c52 * --- * 256c256 if ((ok = 0) !! X509_cmp(x, xtmp)) --- if ((ok = 0) !! X509_cmp(x, xtmp)) 266c266 else --- else 1108c1108 * will be duplicated by the parent, but this will rarely be used in --- * will be duplicated by the parent, but this will rarely be used in 1307c1307 ok = get_crl_sk(ctx, crl, dcrl, --- ok = get_crl_sk(ctx, crl, dcrl, 1455c1455 1455c1455 * a certificate was revoked. This has since been changed since --- * a certificate was revoked. This has since been changed since 1681a1682,1684 £ifdef CHARSET_EBCDIC char v_eÝ14~,*v; £endif 1682a1686 1688a1693,1698 £ifdef CHARSET_EBCDIC ascii2ebcdic(v_e, str, i 14 ? i : 14); v = v_eÝ0~; memcpy(str,v,i); £endif 1704c1714 é --- é 1738a1749,1754 £ifdef CHARSET_EBCDIC £ifdef CHARSET_EBCDIC ascii2ebcdic(v_e, buff2, atm.length 14 ? atm.length : 14); v = v_eÝ0~; memcpy(buff2,v,atm.length); £endif Regards = Ce message et toutes les pieces jointes (ci-apres le message) sont confidentiels et susceptibles de contenir des informations couvertes par le secret professionnel. Ce message est etabli a l'intention exclusive de ses destinataires. Toute utilisation ou diffusion non autorisee interdite. Tout message electronique est susceptible d'alteration. La SOCIETE GENERALE et ses filiales declinent toute responsabilite au titre de ce message s'il a ete altere, deforme falsifie. = This message and any attachments (the message) are confidential, intended solely for the addressees, and may contain legally privileged information. Any unauthorised use or dissemination is prohibited. E-mails are susceptible to alteration. Neither SOCIETE GENERALE nor any of its subsidiaries or affiliates shall be liable for the message if altered, changed or falsified. = Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Custom Optimization flags
In real life I have found various optimizations to cause more trouble than not, and to not really change real-world performance. Unless you are in a hard loop encrypting/decrypting I don't think anyone will notice. I do 10s of thousands of encryption/decryption calls each day and they add no noticeable change to performance. If it becomes a hassle, my advise, don't bother. Eric At 11:24 PM 4/14/2011, you wrote: Hey guys, I've got a couple of quick questions regarding building openSSL with custom compiler optimization flags. I'm attempting to optimize the builds of some select OS components specifically for the Intel Atom under Linux, (I'm using the 2.6.37 kernel, glibc 2.13, binutils 2.21, gcc 4.5.2; my toolchain has been optimized mostly with the CFLAGS='-O3 -fomit-frame-pointer -march=atom -mtune=atom') and am wondering the following: * How sensitive is it that the openSSL testsuite (make test) will detect incorrect aggressive compiler optimizations? My guess as to an answer is 'very', given the size of the testsuite, and the sensitivity to incorrect data that the crypto problem-space exhibits. * Can the openSSL build system detect the specific x86 extensions that a given processor supports, and include the relevant asm code? (This may be done at run-time dynamically instead, but how does the library know what the fastest code path should be?) * Does OpenSSL 1.0.0d have a code-path for the Atom? * Does anyone else have any experience involving tuning OpenSSL for the Atom? If so, I'd like to hear the specifics of your results in optimizing for this processor. If you have had any experience, I'd encourage you to share your results either on-list or privately. * (probably more of a question for the dev list): openssl does not have a parallel-build-safe build system... Is there a way to benchmark multi-threaded processors multi-core processors using the test-suite that makes use of every possible execution path? This would be a remarkably useful (synthetic) benchmark for real-world crypto performance on various architectures. Provided that I had a bit of direction and support, I'd be willing to add it to the test suite in small patches. I *would* need to know more than I currently know about crypto though :) For those wondering, this is the compile line I'm using with gcc 4.5.2: gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN \ -DHAVE_DLFCN_H -DL_ENDIAN -DTERMIO -O3 -march=atom \ -mtune=atom -fomit-frame-pointer -pipe -Wall -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DRMD160_ASM -DAES_ASM -DWHIRLPOOL_ASM For those wondering, I'm seeing test suite run-times of about 2 + 1/4 minutes to run using single-thread execution on an atom. Thanks for your help, John __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax (928) 301-7537 Cell Vertical Integrated Computer Systems, LLC Metropolis Support, LLC For Metropolis support and VICS MBA Supporthttp://www.vicsmba.com Pictures of Snake in Spring http://www.facebook.com/album.php?aid=115547id=1409661701l=1c375e1f49 Pictures of Camp Verde http://www.facebook.com/album.php?aid=12771id=1409661701l=fc0e0a2bcf Pictures of Land Cruiser in Sedona http://www.facebook.com/album.php?aid=50953id=1409661701 Pictures of Flagstaff area near our cabin http://www.facebook.com/album.php?aid=12750id=1409661701 Pictures of Cheryl in a Horse Show http://www.facebook.com/album.php?aid=32484id=1409661701 Pictures of the AZ Desert http://www.facebook.com/album.php?aid=58827id=1409661701 (You can see why we love this state :-) ) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Either a bug or a misunderstanding or Spyders in the code
I am trying to do encryption using the evp APIs. For testing I am using AES-128-ECB as the cypher. I have no problem encrypting and decrypting, rather I am having problems with the sizes of the buffers. My program is largely the same as evp_test.c function test1 with the release /openssl-0.9.8c/test, however this program does not handle the padding -- all the test cases have even block-count bytes and the padding is turned off. I removed the call to turn off the padding in my program. My program is also like a sample program I found on-line which handles the padding the same as I do: http://tldp.org/LDP/LG/issue87/vinayak.html When encrypting a string of 37 bytes and passing as such: if (!EVP_EncryptUpdate(ctx,out,outl,plaintext,37)) { outl becomes 48 at this point (which is the expected size since this alogrithm appears to block at 16 bytes). However, the next call as such: if (!EVP_EncryptFinal(ctx,out+outl,outl2)) { this sets outl2 to 16 ... meaning it padded one more additional block. If I send decrypt 64 bytes it gives the desired answer (e.g. my text is what I expect it to be). This is what I send: if (!EVP_DecryptUpdate(ctx,out,outl,ciphertext,64)) { outl is set to 48 (I would really like it to be 37 ...) if (!EVP_DecryptFinal(ctx,out+outl,outl2)) { outl2 is set to zero ... It would seem that the first encrypt SHOULD set 32, the final encrypt should set 16 and the final result should then be 48 bytes. It would also seem that the first decrypt should set 32, the final decrypt should set 5, and the final result should be 37 bytes. At a bare minimum, it would seem that the total from the two encrypt statements should be 48 and the total from the two decrypt statement should be 37 or 48, depending on your taste, but I find 37 more useful. Last, I should not have to store 64 bytes of encrypted data to successfully encrypt and decrypt 37 bytes of data. I have noticed that if I simply don't do the final calls for both encrypt and decrypt that everything appears to work on the encrypt and I save 48 bytes ... but when I decrypt it I only get back 32 bytes. And if I do a final decrypt on data that did not have a final encrypt I get an error. I suspect I am missing something because using openssl to encrypt the bytes from a file and in to a file yields a 64 byte file ... just like my program :-) But I don't understand why. 1) Should I always count on up to 2 extra blocks (1 for the remainder if any, one for no reason I can tell)? 2) When decrypting, is there a way to find out the original size (in my case 37)? 3) Am I missing something or is there a bug around here? 4) If I am going to handle large files that require multiple calls to the Encrypt routines, I presume I would turn the padding off until the very last block of data? Same with decrypt? My goal would be to be able to encrypt a file and get the exact same results as command line openssl. And the reverse. Thanks, Eric This email sent by: Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax 928-301-7537 -- you may call any time day or night, I turn it off when I sleep :-) Please try to use a land line first (reception often poor). Note the change in the domain from vicspdi.com to vicsmba.com For Metropolis support and VICS MBA Support http://www.vicsmba.com Completely updated web site of personal pictures with many new pictures! Includes horses, dogs, Corvairs, and more. http://www.vicsmba.com/ourpics/index.html Corvair pictures including the Judson setup on our 62 Sedan and lots of pictures of Cheryl's 62 Monza Wagon and our 62 Spyder convertible. http://www.vicsmba.com/ourpics/corvairs.html My younger brother Martin has started a very serious car company. A hot rod (very fast) electric roadster is the first offering. The chassis is built by Lotus to their specs. Check it out: http://www.teslamotors.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Either a bug or a misunderstanding or Spyders in the code
Kyle, Thank you ... I thought I was missing something (actually the behavior told me what you told me, I just wanted to confirm it was correct). I won't actually use ECB, it was randomly selected from the test file ... A follow-up then ... if I have 37 bytes I would call Update twice and Final once? If I have 32 bytes I would call Update once and Final once? Or two Updates? Is there a call to get the block size, or is that always 16? (I know it is in the ctx but I was hoping to get it sooner than that). Thank you again! Eric At 06:27 PM 10/13/2006, you wrote: OpenSSL does not store the plaintext size in block protocol usage. That's an application-layer issue. ECB mode, by the way, is REALLY discouraged. Padding doesn't come into play until the second-to-last and last blocks. You should get 16*(3 blocks of data +1 block for the EncryptFinal()) == 64 bytes. If you're writing less than a multiple of the block size, you should call EncryptFinal() on that write, not follow it up. This is arguably a bug in the block logic (the expected behavior you seem to want would be: you should get 32 bytes from the write of 37 bytes, with the final 5 bytes stored in a buffer until you call EncryptFinal, which would pad to the appropriate block length and then finish the encryption), but I'm not certain it should be changed -- SSL and TLS have a need for an application data flush feature that forces data to be flushed without the encryption state being reset. Every EncryptFinal() ciphertext block that you get from it, though, is going to be the same (at least in ECB mode). Personally, I regard the fact that OpenSSL supports ECB mode without a Configure option (or at least a warning when it's used) a bug. So, to answer your questions in order: 1) The second-to-last block is not an extra block. It contains application data. I believe that you can expect to get that last block. 2) No. 3) I think you're missing something. 4) Padding doesn't happen until a short block occurs anyway, so turning padding off until the final block won't change anything. Look at the source code to the command-line utility to see what it does, if you want to get identical results. Cheers, -Kyle H On 10/13/06, Eric S. Eberhard [EMAIL PROTECTED] wrote: I am trying to do encryption using the evp APIs. For testing I am using AES-128-ECB as the cypher. I have no problem encrypting and decrypting, rather I am having problems with the sizes of the buffers. When encrypting a string of 37 bytes and passing as such: if (!EVP_EncryptUpdate(ctx,out,outl,plaintext,37)) { outl becomes 48 at this point (which is the expected size since this alogrithm appears to block at 16 bytes). However, the next call as such: if (!EVP_EncryptFinal(ctx,out+outl,outl2)) { this sets outl2 to 16 ... meaning it padded one more additional block. If I send decrypt 64 bytes it gives the desired answer (e.g. my text is what I expect it to be). This is what I send: if (!EVP_DecryptUpdate(ctx,out,outl,ciphertext,64)) { outl is set to 48 (I would really like it to be 37 ...) if (!EVP_DecryptFinal(ctx,out+outl,outl2)) { [...] 1) Should I always count on up to 2 extra blocks (1 for the remainder if any, one for no reason I can tell)? 2) When decrypting, is there a way to find out the original size (in my case 37)? 3) Am I missing something or is there a bug around here? 4) If I am going to handle large files that require multiple calls to the Encrypt routines, I presume I would turn the padding off until the very last block of data? Same with decrypt? My goal would be to be able to encrypt a file and get the exact same results as command line openssl. And the reverse. Thanks, Eric __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] This email sent by: Eric S. Eberhard (928) 567-3727 Voice (928) 567-6122 Fax 928-301-7537 -- you may call any time day or night, I turn it off when I sleep :-) Please try to use a land line first (reception often poor). Note the change in the domain from vicspdi.com to vicsmba.com For Metropolis support and VICS MBA Support http://www.vicsmba.com Completely updated web site of personal pictures with many new pictures! Includes horses, dogs, Corvairs, and more. http://www.vicsmba.com/ourpics/index.html Corvair pictures including the Judson setup on our 62 Sedan and lots of pictures of Cheryl's 62 Monza Wagon and our 62 Spyder convertible. http://www.vicsmba.com/ourpics/corvairs.html My younger brother Martin has started a very serious car company. A hot rod (very fast) electric roadster is the first offering. The chassis is built by Lotus to their specs. Check it out: http://www.teslamotors.com