Openssl and java jsse TLS key refresh
Hi,
I have Openssl based TLS server where a java jsse (java secure socket
extention) client connects.
After a bit to exchange the server tries to renegotiate,
here's a sample code
ret = SSL_accept (ssl);
CHK_SSL_ERR(ret);
char buffer[256];
int count = 0;
static BIO *out = BIO_new_fp(stdout,BIO_NOCLOSE);
SSL_SESSION *session = SSL_get_session(ssl);
SSL_SESSION_print(out, session);
while(true)
{
memset(buffer, 0, sizeof(buffer));
if (retryRead(ssl, buffer, sizeof(buffer)) 0)
{
sscanf(buffer, Request :%d, count);
printf('%s'\n, buffer);
memset(buffer, 0x00, sizeof(buffer));
sprintf(buffer, Response :%d, count);
if (retryWrite(ssl, buffer, strlen(buffer)) = 0)
{
printf(ERROR writing response\n);
}
if (count != 0 count % 5 == 0)
{
SSL_renegotiate(ssl);
int pending = SSL_renegotiate_pending(ssl);
int handShake = SSL_do_handshake(ssl);
int timeout = 200;
printf(do_handshake %d\n, handShake);
int renegCount = count + 1000;
do {
timeout--;
SSL_do_handshake(ssl);
/*memset(buffer, 0, sizeof(buffer));
sprintf(buffer, renegotiating %d, renegCount++);
Write(buffer, strSize);
if (Read(buffer, strSize) != strSize)
{
printf(ERROR: unexpected read size\n);
}
printf(%s\n, buffer);*/
}
while(SSL_renegotiate_pending(ssl) timeout 0);
SSL_SESSION *newSession = SSL_get_session(ssl);
if (newSession)
{
printf(Session B\n);
SSL_SESSION_print(out, newSession);
}
printf(session compare %d\n, SSL_SESSION_cmp(session,
newSession));
printf(timeout %d\n, timeout);
if (timeout = 0)
{
printf(ERROR in refreshing keys\n);
}
}
memset(buffer, 0, sizeof(buffer));
}
else
{
printf(Error reading response\n);
}
}
int retryWrite(SSL *pSSL, char *pBuffer, int pSize)
{
int ret = SSL_write(pSSL, pBuffer, pSize);
while (ret = 0)
{
int err = SSL_get_error(pSSL, ret);
if (err == SSL_ERROR_WANT_READ) {
ret = SSL_write(pSSL, pBuffer, pSize);
}
else if (err == SSL_ERROR_WANT_WRITE) {
ret = SSL_write(pSSL, pBuffer, pSize);
}
else
{
printf(ERROR in RetryWrite %d\n, err);
return -1;
}
}
return ret;
}
int retryRead(SSL *pSSL, char *pBuffer, int pSize)
{
int ret = SSL_read(pSSL, pBuffer, pSize);
while (ret = 0)
{
int err = SSL_get_error(pSSL, ret);
if (err == SSL_ERROR_WANT_READ) {
ret = SSL_read(pSSL, pBuffer, pSize);
}
else if (err == SSL_ERROR_WANT_WRITE) {
ret = SSL_read(pSSL, pBuffer, pSize);
}
else
{
//ret = SSL_read(pSSL, pBuffer, pSize);
printf(ERROR in retryRead %d\n, err);
return -1;
}
}
return ret;
}
I'm (the Openssl TLS server) gets an error at the time of read.
And after looking in the openssl sources the error is SSL_ERROR_SSL defined in
ssl.h
I'm wondering if anyone else ran into this kind of a problem with a java client
connecting.
The refresh works if a openssl client connects but not with a java ssl one.
by the way i'm using java
java version 1.5.0_09
Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_09-b01)
Java HotSpot(TM) Client VM (build 1.5.0_09-b01, mixed mode)
openssl 0.9.8
Is this a limitation with the java implementation of TLS ?
Is there a possible work around ?
As always any insights would be appreciated.
-Kunal
_
Put your friends on the big screen with Windows Vista® + Windows Live™.
http://www.microsoft.com/windows/shop/specialoffers.mspx?ocid=TXT_TAGLM_CPC_MediaCtr_bigscreen_102007
SSL_renegotiate and SSL_do_handshake
Hi ,
I have client that would connects to a server for a long duration of time.
And i'm trying to refresh the session keys.
From what I have read for open ssl 0.9.7 and up the step to do the same are
pretty simple.
SSL_renegotiate(SSL *)
SSL_do_handshake(SSL *)
and then to confirm call SSL_renegotiate_pending to check status.
the problem I'm seeing is that i don't see the SSL_renegotiate_pending
returning 0 to indicate
renegotiation completed.
I'm using openssl 0.9.7. and SSL_get_version returning TLSv1, which i think is
fine.
Q1) By the way i'm making this call from the client. should this matter ?
Q2) is there any thing else that i need to do. or am i missing something ?
Any insights would appreciated
-Kunal
here the client code snippet
void run() {
time_t lastRenewTime;
time_t currentTime;
time(lastRenewTime);
static BIO *out = BIO_new_fp(stdout,BIO_NOCLOSE);
printf(SSL/TLS version : %s \n, SSL_get_version(mySSL));
SSL_SESSION *session = SSL_get_session(mySSL);
printf(session A\n);
SSL_SESSION_print(out, session);
while (1)
{
time(currentTime);
if ((currentTime - lastRenewTime) 10)
{
printf(renegotiating ...\n);
SSL_renegotiate(mySSL);
int pending = SSL_renegotiate_pending(mySSL);
int handShake = SSL_do_handshake(mySSL);
int timeout = 2;
printf(do_handshake %d\n, handShake);
// int );
do {
timeout--;
// i think the actual renegotiate req would only go to server
whenever a data is sent. right ?
SendDataToServer();
SSL_do_handshake(mySSL);
} while(pending SSL_renegotiate_pending(mySSL) timeout 0);
SSL_SESSION *newSession = SSL_get_session(mySSL);
printf(session compare %d\n, SSL_SESSION_cmp(session, newSession));
if (!newSession) {
printf(session B \n);
SSL_SESSION_print(out, session);
}
printf(timeout %d\n, timeout);
if (timeout = 0)
{
printf(ERROR in refreshing keys\n);
}
}
// read from and write to server.
}
}
_
Your smile counts. The more smiles you share, the more we donate. Join in.
www.windowslive.com/smile?ocid=TXT_TAGLM_Wave2_oprsmilewlhmtagline
RE: SSL_renegotiate and SSL_do_handshake
Ok, so it's kindof working now.
kinda because after a do_handshake, any read on the server server return -1,
but if you ignore this one and continue, subsequent read works.
And data transfer works if back to normal with the new session.
Any reason why the read would fail ?
Are there any setting that i could use on the SSL_CTX that might be helpful.
Or is there a alternative way to handle this.
1) the read would block till renegotiation successfully completes.
2) i don't know, maybe read returns zero.
I don't have access to the server code so possibly can't change the way the
read is performed.
Again any insights would be appreciated.
Thanks
Kunal
From: [EMAIL PROTECTED]
To: openssl-users@openssl.org
Subject: SSL_renegotiate and SSL_do_handshake
Date: Thu, 29 Nov 2007 13:11:04 -0800
Hi ,
I have client that would connects to a server for a long duration of time.
And i'm trying to refresh the session keys.
From what I have read for open ssl 0.9.7 and up the step to do the same are
pretty simple.
SSL_renegotiate(SSL *)
SSL_do_handshake(SSL *)
and then to confirm call SSL_renegotiate_pending to check status.
the problem I'm seeing is that i don't see the SSL_renegotiate_pending
returning 0 to indicate
renegotiation completed.
I'm using openssl 0.9.7. and SSL_get_version returning TLSv1, which i think is
fine.
Q1) By the way i'm making this call from the client. should this matter ?
Q2) is there any thing else that i need to do. or am i missing something ?
Any insights would appreciated
-Kunal
here the client code snippet
void run() {
time_t lastRenewTime;
time_t currentTime;
time(lastRenewTime);
static BIO *out = BIO_new_fp(stdout,BIO_NOCLOSE);
printf(SSL/TLS version : %s \n, SSL_get_version(mySSL));
SSL_SESSION *session = SSL_get_session(mySSL);
printf(session A\n);
SSL_SESSION_print(out, session);
while (1)
{
time(currentTime);
if ((currentTime - lastRenewTime) 10)
{
printf(renegotiating ...\n);
SSL_renegotiate(mySSL);
int pending = SSL_renegotiate_pending(mySSL);
int handShake = SSL_do_handshake(mySSL);
int timeout = 2;
printf(do_handshake %d\n, handShake);
// int );
do {
timeout--;
// i think the actual renegotiate req would only go to server
whenever a data is sent. right ?
SendDataToServer();
SSL_do_handshake(mySSL);
} while(pending SSL_renegotiate_pending(mySSL) timeout 0);
SSL_SESSION *newSession = SSL_get_session(mySSL);
printf(session compare %d\n, SSL_SESSION_cmp(session, newSession));
if (!newSession) {
printf(session B \n);
SSL_SESSION_print(out, session);
}
printf(timeout %d\n, timeout);
if (timeout = 0)
{
printf(ERROR in refreshing keys\n);
}
}
// read from and write to server.
}
}
Your smile counts. The more smiles you share, the more we donate. Join in!
_
Your smile counts. The more smiles you share, the more we donate. Join in.
www.windowslive.com/smile?ocid=TXT_TAGLM_Wave2_oprsmilewlhmtagline
Get public key hash/Certificate thumbprint
Hi, i'm interested in getting the certificate thumbprint, how do i get it from a x509 structure ? is the thumbprint the public key hash. if so is there an easier way to getting it, other than first getting the public key and then hashing it. thanks any info would be appreciated ! Kunal _ More photos; more messages; more whatever – Get MORE with Windows Live™ Hotmail®. NOW with 5GB storage. http://imagine-windowslive.com/hotmail/?locale=en-usocid=TXT_TAGHM_migration_HM_mini_5G_0907
RE: Get public key hash/Certificate thumbprint
Thanks, for the inputs. But theres a problem considering SHA1 isn't correct the cert could be sha256. is there a way the X509 has a fn that would return the cert thumbprint. and even before that is the cert thumbprint same as public key hash ? From: [EMAIL PROTECTED] To: openssl-users@openssl.org Subject: RE: Get public key hash/Certificate thumbprint Date: Thu, 13 Sep 2007 20:30:44 -0400 Here is some code to help you get started with creating a finger print. X509 *tempCert; EVP_MD *tempDigest; unsigned char tempFingerprint[EVP_MAX_MD_SIZE]; unsigned int tempFingerprintLen; tempCert = SSL_get_peer_certificate( sslTemp ); tempDigest = (EVP_MD*)EVP_sha1( ); whiteFingerprintLen = EVP_MD_size( whiteDigest ); if ( create_cert_digest( tempCert, tempDigest, tempFingerprint, tempFingerprintLen ) = 0) From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of k b Sent: Thursday, September 13, 2007 7:06 PM To: openssl-users@openssl.org Subject: Get public key hash/Certificate thumbprint Hi, i'm interested in getting the certificate thumbprint, how do i get it from a x509 structure ? is the thumbprint the public key hash. if so is there an easier way to getting it, other than first getting the public key and then hashing it. thanks any info would be appreciated ! Kunal More photos; more messages; more whatever – Get MORE with Windows Live™ Hotmail®. NOW with 5GB storage. Get more! _ Gear up for Halo® 3 with free downloads and an exclusive offer. It’s our way of saying thanks for using Windows Live™. http://gethalo3gear.com?ocid=SeptemberWLHalo3_WLHMTxt_2
Cert Serial number
Hi,how do i convert ASN1_INTEGER to either an int or long.thanks ! _ See what you’re getting into…before you go there. http://newlivehotmail.com
RE: Converting RSA to EVP_pkey
Thanks Marek, so then how do i convert RSA to EVP_pkey ? Subject: Re: Converting RSA to EVP_pkey From: [EMAIL PROTECTED] To: openssl-users@openssl.org Date: Fri, 27 Jul 2007 01:09:59 +0200 Hello, 2) I was looking and found this d2i_RSAPrivateKey. From what it looks like, this doesn't seem to be what i want. and i was wondering when what does this convert to and from. This function convert from DER format to INTERNAL format (RSA). Best regards. -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] _ PC Magazine’s 2007 editors’ choice for best web mail—award-winning Windows Live Hotmail. http://imagine-windowslive.com/hotmail/?locale=en-usocid=TXT_TAGHM_migration_HMWL_mini_pcmag_0707__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Converting RSA to EVP_pkey
is this the best way to do it ? EVP_pkey *pkey = EVP_PKEY_new(); EVP_PKEY_assign_RSA(pkey, rsa); thanks ! From: [EMAIL PROTECTED] To: openssl-users@openssl.org Subject: RE: Converting RSA to EVP_pkey Date: Thu, 26 Jul 2007 16:16:36 -0700 Thanks Marek, so then how do i convert RSA to EVP_pkey ? Subject: Re: Converting RSA to EVP_pkey From: [EMAIL PROTECTED] To: openssl-users@openssl.org Date: Fri, 27 Jul 2007 01:09:59 +0200 Hello, 2) I was looking and found this d2i_RSAPrivateKey. From what it looks like, this doesn't seem to be what i want. and i was wondering when what does this convert to and from. This function convert from DER format to INTERNAL format (RSA). Best regards. -- Marek Marcola __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] _ PC Magazine’s 2007 editors’ choice for best web mail—award-winning Windows Live Hotmail. http://imagine-windowslive.com/hotmail/?locale=en-usocid=TXT_TAGHM_migration_HMWL_mini_pcmag_0707__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] _ Local listings, incredible imagery, and driving directions - all in one place! Find it! http://maps.live.com/?wip=69FORM=MGAC01
Converting RSA to EVP_pkey
Hi,I have a RSA * to a private key and want to convert it to an EVP_pkey. 1) Is there a way to convert from RSA to EVP_pkey.would the following function the right candidate to do the job EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x,pem_password_cb *cb, void *u);Also what if there's not password . do i need still need the calls to be registered. in case i don't have want to prompted for password.2) I was looking and found this d2i_RSAPrivateKey. From what it looks like, this doesn't seem to be what i want. and i was wondering when what does this convert to and from. thanks ! _ Don't get caught with egg on your face. Play Chicktionary! http://club.live.com/chicktionary.aspx?icid=chick_wlmailtextlink
Re: Base64 encoding with BIO_new_mem_buf
One other issue though the base64 encoded string contains new line character at the end. is there a way through the api to not include it. From: k b [EMAIL PROTECTED] Reply-To: openssl-users@openssl.org To: openssl-users@openssl.org Subject: Re: Base64 encoding with BIO_new_mem_buf Date: Thu, 12 Jul 2007 12:20:46 -0700 that was indeed the problem, a read only buffer. Thanks Jim ! From: Jim Fox [EMAIL PROTECTED] Reply-To: openssl-users@openssl.org To: openssl-users@openssl.org Subject: Re: Base64 encoding with BIO_new_mem_buf Date: Thu, 12 Jul 2007 11:21:28 -0700 (PDT) And yeah even with the correct size it still doesn't work. The BIO_new_mem_buf creates a read-only buffer. If you want to write to memory use bio = BIO_new(BIO_s_mem()); and use BIO_get_mem_ptr to get a pointer to the buffer. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] _ Local listings, incredible imagery, and driving directions - all in one place! http://maps.live.com/?wip=69FORM=MGAC01 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] _ http://newlivehotmail.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Base64 encoding with BIO_new_mem_buf
Hi,
I'm trying to use BIO to do base64 encoding.
but here's the problem
in the sample code below,
if I comment out like 1 (which uses mem bio) and uncomment 2 (one
that uses file bio)
everything works and the encoded string is written the std out.
Which is good as it tells me that things are working fine.
But what i really want is the encoded string in a char buffer.
And so i comment out 2 and use 1 instead. As its suppose to write
the encoded string into a buffer,
but the problem here is pEncBuf is empty even though bytesWritten says it
wrote 4 bytes.
And i can't explain why it won't work.
So to sum it up
file Bio works and mem bio doesn't.
If any one of you have any ideas please let me know.
thanks !
/// code
int b64encode(const char *pPlainText, int pSize, char *pEncBuf, unsigned int
*pEncSize);
int main(int argc, char *argv[])
{
char ch[] = adsf;
char enc[128];
int encSize= 0;
b64encode(ch, strlen(ch), enc, encSize);
printf([%s], enc);
}
int b64encode(const char *pPlainText, int pSize, char *pEncBuf, unsigned int
*pEncSize)
{
BIO *bio, *b64;
b64 = BIO_new(BIO_f_base64 ());
bio = BIO_new_mem_buf(pEncBuf, *pEncSize); 1
//bio = BIO_new_fp (stdout, BIO_NOCLOSE); 2
BIO_push (b64, bio);
int bytesWritten = BIO_write(b64, pPlainText, pSize);
printf(Bytes Written %d, %s\n, bytesWritten, *pEncBuf);
BIO_flush (bio);
BIO_free_all (bio);
return bytesWritten;
}
/// code ends
_
http://newlivehotmail.com
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: Base64 encoding with BIO_new_mem_buf
Thanks for pointing it out Jim, actually that was a error in creating the
sample code for the post
the actual code looks more like the one show below
int main(int argc, char *argv[])
{
char ch[] = adsf;
char enc[128];
int encSize= 128;
b64encode(ch, strlen(ch), enc, encSize);
printf([%s]\n, enc);
}
And yeah even with the correct size it still doesn't work.
here's the output i get from all the printfs
$./a.out
Bytes Written 4, (null)
[]
$
From: Jim Fox [EMAIL PROTECTED]
Reply-To: openssl-users@openssl.org
To: openssl-users@openssl.org
Subject: Re: Base64 encoding with BIO_new_mem_buf
Date: Thu, 12 Jul 2007 10:40:31 -0700 (PDT)
But what i really want is the encoded string in a char buffer.
And so i comment out 2 and use 1 instead. As its suppose to
write the encoded string into a buffer,
but the problem here is pEncBuf is empty even though bytesWritten says it
wrote 4 bytes.
And i can't explain why it won't work.
Your code is creating a mem buf of zero length. The second argument
to BIO_new_mem_buf is the actual length of the buffer.
Jim
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
_
http://liveearth.msn.com
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: Base64 encoding with BIO_new_mem_buf
that was indeed the problem, a read only buffer. Thanks Jim ! From: Jim Fox [EMAIL PROTECTED] Reply-To: openssl-users@openssl.org To: openssl-users@openssl.org Subject: Re: Base64 encoding with BIO_new_mem_buf Date: Thu, 12 Jul 2007 11:21:28 -0700 (PDT) And yeah even with the correct size it still doesn't work. The BIO_new_mem_buf creates a read-only buffer. If you want to write to memory use bio = BIO_new(BIO_s_mem()); and use BIO_get_mem_ptr to get a pointer to the buffer. Jim __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] _ Local listings, incredible imagery, and driving directions - all in one place! http://maps.live.com/?wip=69FORM=MGAC01 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Certificate signature algorithm
Hi, I'm trying to figure out if a particular cert that i receive has SHA1 or SHA256 as its signature algorithm. I know this could be done by using either i2t_ASN1_OBJECT(buffer, x509-sig_alg-algorithm) or i2a_ASN1_OBJECT(bio, x509-sig_alg-algorithm) The problem is, if the cert has sha1 sign algorithm i get a regular LN but if the cert has a sha256 sign algorithm get this 1.2.840.113549.1.1.11 So my questions is : 1) Is there a better way to figure out if the cert is sha1 or sha256. 2) or is there a way I get an LN for a sha256 cert too. Thanks Kunal _ Need a break? Find your escape route with Live Search Maps. http://maps.live.com/?icid=hmtag3 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Verification error
Hi, I'm trying to verify a cert chain against a trusted chain of cert, and here's what i get error 20 at 1 depth lookup:unable to get local issuer certificate can someone shed some more light at the error, like 1) what doest it mean 2) and is the problem in the cert chain that i'm trying to validate 3) or theres some problem in cert chain that i trust. Thanks, any insight would be helpful -KB _ Download Messenger. Join the im Initiative. Help make a difference today. http://im.live.com/messenger/im/home/?source=TAGHM_APR07 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
EVP_DecryptFinal
Hi, I'm decrypting using the EVP api and I'm encountering the following error when i do a EVP_DecryptFinal hashVerify:: ERROR error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt I have 2 questions 1) what's hashVerify got to do in the decryption process ? 2) any ideas what's wrong ? thanks in advance. _ View Athletes Collections with Live Search http://sportmaps.live.com/index.html?source=hmemailtaglinenov06FORM=MGAC01 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Subject: Is there an ftp client library to communicate withsftp server?
Hi, I'm decrypting using the EVP api and I'm encountering the following error when i do a EVP_DecryptFinal hashVerify:: ERROR error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt I have 2 questions 1) what's hashVerify got to do in the decryption process ? 2) any ideas what's wrong ? thanks in advance. _ Get the latest Windows Live Messenger 8.1 Beta version. Join now. http://ideas.live.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RSA_padding_check_PKCS1_type_1
Hi Steve, here's the output - 82 91 3b b5 03 9d 39 0c-31 0f 66 fa 22 da ce b9 ..;...9.1.f 0010 - 08 8f b6 d6 -Kunal From: Dr. Stephen Henson [EMAIL PROTECTED] Reply-To: openssl-users@openssl.org To: openssl-users@openssl.org Subject: Re: RSA_padding_check_PKCS1_type_1 Date: Mon, 25 Sep 2006 13:23:48 +0200 On Sun, Sep 24, 2006, k b wrote: Thanks for your prompt response Steve. actually this the error i'm getting 6536:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150: 6536:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1269: 6536:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:374:Type=X509_SIG ignore the earlier reported error, that was my mistake, i wasn;t passing the signature correctly. Where does this other signature come from? Was it from OpenSSL or another library? It's from some other library that the CA is using. Try this command: openssl rsautl -verify -in sig.bin -certin -inkey cert.pem -hexdump and post the result. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RSA_padding_check_PKCS1_type_1
Hi ,
Sorry my bad again to post this on openssl-dev.
I'm running into this error
1823:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type
is
not 01:rsa_pk1.c:100:
1823:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check
failed:rsa_eay.c:632:
just to quickly give a background i'm trying to verify a signature and
that's
when i run into the above error.
code snippet that calls openssl is shown below.
so this verify_sign works if i use my own cert (generated by openssl ) and a
signature but when i use this
to consume someone else i run into the above mentioned error.
From what it looks it seems that the signature isn't computed right or
padded
right.
Is that what this error means ?
Second is this verify_sign function correct. or am i missing something or
not
considering some corner case.
Any pointers would be appreciated. As i'm out of ideas.
.
int verify_sign(X509 *pSignerCert, unsigned int *pSignature, size_t
pSignatureSize,
unsigned int *pPlainData, size_t pPlainDataSize)
{
int returnStatus;
EVP_MD_CTX md_ctx;
EVP_PKEY*pubKey = NULL;
if (!pSignerCert) {
printf(x509 is NULL\n);
return -10;
}
pubKey = X509_get_pubkey(pSignerCert);
if (!pubKey) {
printf(Signature successfully verified.\n);
}
EVP_MD_CTX_init(md_ctx);
EVP_VerifyInit(md_ctx, EVP_sha1());
int update = EVP_VerifyUpdate(md_ctx, pPlainData, pPlainDataSize);
//int size = RSA_size(pubKey-pkey.ptr);
printf(returnStatus %d size \n, update);
returnStatus = EVP_VerifyFinal(md_ctx, (const unsigned char *)
pSignature,
pSignatureSize, pubKey);
ERR_print_errors_fp(stdout);
if (returnStatus == 1) {
printf(Signature successfully verified.\n);
returnStatus = 0;
}
else if (returnStatus = 0) {
char *str = (returnStatus == 0) ? Incorrect : Error verifying;
printf(verify_sign: '%s' signature!\r\n, str);
returnStatus = (returnStatus == 0) ? -100 : -200;
}
EVP_PKEY_free (pubKey);
EVP_MD_CTX_destroy(md_ctx);
return returnStatus;
}
Thanks for you inputs in advance.
Best
Kunal
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: RSA_padding_check_PKCS1_type_1
Thanks for your prompt response Steve. actually this the error i'm getting 6536:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long:asn1_lib.c:150: 6536:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:1269: 6536:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:374:Type=X509_SIG ignore the earlier reported error, that was my mistake, i wasn;t passing the signature correctly. Where does this other signature come from? Was it from OpenSSL or another library? It's from some other library that the CA is using. Thanks Kunal From: Dr. Stephen Henson [EMAIL PROTECTED] Reply-To: openssl-users@openssl.org To: openssl-users@openssl.org Subject: Re: RSA_padding_check_PKCS1_type_1 Date: Sun, 24 Sep 2006 22:21:54 +0200 On Sun, Sep 24, 2006, k b wrote: Hi , Sorry my bad again to post this on openssl-dev. I'm running into this error 1823:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is not 01:rsa_pk1.c:100: 1823:error:04067072:rsa routines:RSA_EAY_PUBLIC_DECRYPT:padding check failed:rsa_eay.c:632: just to quickly give a background i'm trying to verify a signature and that's when i run into the above error. code snippet that calls openssl is shown below. so this verify_sign works if i use my own cert (generated by openssl ) and a signature but when i use this to consume someone else i run into the above mentioned error. From what it looks it seems that the signature isn't computed right or padded right. Is that what this error means ? Second is this verify_sign function correct. or am i missing something or not considering some corner case. Any pointers would be appreciated. As i'm out of ideas. . It usually means that the verify operation has failed because either the signature is invalid or corrupted or the wrong public key is used. Where does this other signature come from? Was it from OpenSSL or another library? Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
SHA 256 Cert
HI, How do i tell if a X509 cert is a SHA256 cert. Thanks kb __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: SHA 256 Cert
Hi Marek,
Thanks for the reply,
How do i find it through the X509 struct ?
X509 *myX509 =
is this the field ?
myX509-sig_alg-algorithm-nid
and what value should i hold that would tell me that it's sha256
thanks
Bisla
From: Marek Marcola [EMAIL PROTECTED]
Reply-To: openssl-users@openssl.org
To: openssl-users@openssl.org
Subject: Re: SHA 256 Cert
Date: Mon, 18 Sep 2006 19:53:08 +0200
Hello,
How do i tell if a X509 cert is a SHA256 cert.
Checking signature algorithm OID, which is:
pkcs-1 OBJECT IDENTIFIER ::= {
iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1
}
sha256WithRSAEncryption OBJECT IDENTIFIER ::= { pkcs-1 11 }
Best regards,
--
Marek Marcola [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
RE: How do I remove padding during AES decryption
Jaya, You would have to use the EVP api that would do it for you. see http://www.openssl.org/docs/crypto/EVP_EncryptInit.html -kbisla From: Bhat, Jayalakshmi Manjunath [EMAIL PROTECTED] Reply-To: openssl-users@openssl.org To: openssl-users@openssl.org Subject: How do I remove padding during AES decryption Date: Sat, 16 Sep 2006 14:58:11 +0530 Hi all Please can any one tell me how do I remove the pad bytes during AES decyrption using AES_cbc_encryption. Regards, Jaya. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Base 64 decode using BIO_f_base64 and BIO chain
Hi,
I'm trying to read a base64 encoded msg from an in memory buffer and decode
it (and possible write to a file or to mem)
I can't figure out what's wrong with the code snippet below.
From what I have read in the openssl book and other docs, looks like this is
how it should be done (see code snippet below).
The problem is BIO_read(b64, msg, 512) always retuns zero. but if i do
BIO_read(bio, msg, 512)
everything works. Which tells me that the b64 isn't working or hasn't been
configured/attached to bio correctly.
I want b64bio. isn't this the way to set the chain correctly
BIO_push(b64, bio);
Can someone please point out where i'm going wrong.
Thanks in advance for you comments.
// reads b64 encoded msg (pReadBuffer) and writes to pWriiteFile.
void decode(char *pReadBuffer, int pLength, char *pWriteFile)
{
char msg[512];
int readbytes = -1;
printf(buffer write file %s\n, pWriteFile);
// the decode msg is written to this bio
BIO *fileWrBIO = BIO_new_file(pWriteFile, w);
BIO *b64 = BIO_new(BIO_f_base64());
BIO *bio = BIO_new_mem_buf(pReadBuffer, pLength);
BIO_push(b64, bio);
while ((readbytes = BIO_read(b64, msg, 512)) 0)
{
BIO_write(fileWrBIO, msg, readbytes);
BIO_flush(fileWrBIO);
memset(msg, 0x00, sizeof(msg));
printf(while bytes read %d\n, readbytes);
}
printf(bytes read %d\n, readbytes);
BIO_free_all(bio);
BIO_free_all(fileWrBIO);
}
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Reading in memory DER using BIO
Is there a way that i can get an X509 cert from an array holding a cert in
DER format.
I know to read PEM format cert you got to do the following.
static X509 *loadCertFromMem(char *pCert, int pLength)
{
STACK_OF(X509_INFO) *sk = NULL;
X509*returnCert = NULL;
BIO *bin = NULL;
if (!(sk = sk_X509_new_null())) {
printf(getCert: sk_X509_new_null memory allocation failure\n);
goto end;
}
bin = BIO_new_mem_buf(pCert, pLength);
printf(build the bio\n);
if (!(sk = PEM_X509_INFO_read_bio(bin, NULL, NULL, NULL)))
{
printf(getCert:error reading from BIO\n);
goto end;
}
//printf(%s \n, pCert);
while(sk_X509_INFO_num(sk))
{
X509_INFO *info = sk_X509_INFO_shift(sk);
printf(inside while \n);
if (info-x509 != NULL)
{
printf(x509 not null \n);
returnCert = malloc(sizeof(X509));
returnCert = memcpy(returnCert, info-x509, sizeof(X509));
info-x509 = NULL;
X509_INFO_free(info);
break;
}
}
end:
BIO_set_close(bin, BIO_NOCLOSE);
BIO_free(bin);
sk_X509_INFO_free(sk);
return(returnCert);
}
So my question is How do i read a DER using a BIO cause the cert in is
memory and not in a file (for file i know there are d2i functions that
return X509).
Thanks
KB
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: Validating Cert Chain
Thanks for all the reponse,
i have a question about this following method
int X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
X509 *x509, STACK_OF(X509) *chain);
if i understand this correctly the argument 'x509' is the cert that u want
to be verified the 'chain' is the chain of untrusted certificates(leading
up to a cert that is trusted or root, right ?).
So i one calls X509_verify_cert(X509_STORE_CTX); it would verify the x509
cert specified as well as all the chain. is that correct ?
also how do i get a STACK_OF(X509) from files containg pem certs ?
-kb
From: Marek Marcola [EMAIL PROTECTED]
Reply-To: openssl-users@openssl.org
To: openssl-users@openssl.org
Subject: Re: Validating Cert Chain
Date: Sat, 26 Aug 2006 01:22:19 +0200
Hello,
Hi,
How do i validate a certificate chain. is there a EVP api for it ?
thanks
If we are talking about verifying X509 cert against CA certs this
may be done for example like:
-
FILE *fp;
X509_STORE * CAcerts;
X509 * cert;
X509_STORE_CTX ca_ctx;
char *strerr;
/* load CA cert store */
if (!(CAcerts; = X509_STORE_new())) {
goto err;
}
if (X509_STORE_load_locations(CAcerts, cacert.pem, NULL) != 1) {
goto err;
}
if (X509_STORE_set_default_paths(CAcerts) != 1) {
goto err;
}
/* load X509 certificate */
if (!(fp = fopen (cert.pem, r))){
goto err;
}
if (!(cert = PEM_read_X509 (fp, NULL, NULL, NULL))){
goto err;
}
/* verify */
if (X509_STORE_CTX_init(ca_ctx, CAcerts, cert, NULL) != 1) {
goto err;
}
if (X509_verify_cert(ca_ctx) != 1) {
strerr = (char *) X509_verify_cert_error_string(ca_ctx.error);
printf(Vrification error: %s, strerr);
goto err;
}
X509_STORE_free(CAcerts);
X509_free(cert);
Hope this helps.
Best regards,
--
Marek Marcola [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Validating Cert Chain
Hi, How do i validate a certificate chain. is there a EVP api for it ? thanks Kunal From: Marek Marcola [EMAIL PROTECTED] Reply-To: openssl-users@openssl.org To: openssl-users@openssl.org Subject: Re: OpenSSL Generating Extra Packets Date: Fri, 25 Aug 2006 23:51:45 +0200 Hello, I am working on an application on Mac OS X that's using OpenSSL to talk to a server via SSL. Because I'm using custom nonblocking socket code, I setup a BIO pair to do the SSL encoding internally. Everything works great--handshaking is successful, data is properly encrypted and decrypted, and the application and server are both properly sending and receiving data--except that OpenSSL is generating a lot of records that, when decoded, have no data. I.e., they are valid SSL application data records, but the records have no payload. This is a problem both because I'm wasting about 24 kB/min and because matrixSsl, which runs the SSL stack on the server, aborts the connection fairly quickly because it interprets the large number of payload-less SSL packets as a DoS attack. I verified both that BIO_write is never told to write 0 bytes to either end of the BIO pair, and that BIO_write never returns 0 from either end of the pair. Does anyone have any idea what I could be doing wrong, or else, perhaps what setting I need to disable so that these packets aren't generated internally? Sending empty SSL record (I mean record with only MAC) before SSL record with real application data guards against some timing CBC attacks and is enabled in OpenSSL by default. To disable this set SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS with SSL_CTX_set_options(). matrixSsl has hard encoded limit (1024) for internal counter called ignoredMessageCount which is incremented when receiving empty SSL record. And I must say: reading source of matrixSsl was always pleasure for me - great, clear implementation. Best regards, -- Marek Marcola [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: 3DES Encryption / Decryption using the EVP api
Marek, that was good pointer i'll add that . Thanks !
From: Marek Marcola [EMAIL PROTECTED]
Reply-To: openssl-users@openssl.org
To: openssl-users@openssl.org
Subject: Re: 3DES Encryption / Decryption using the EVP api
Date: Fri, 18 Aug 2006 11:08:55 +0200
Hello,
I want to decrypt using 3DES and want to use the EVP api.
Here's what i'm doing, it will be nice someone could validate if my
approach
is correct. here's the code that i have come up with...
int 3desDecrypt(unsigned char * pEncData, int pDataSize)
{
int dec_data_size = 0;
EVP_CIPHER_CTX *dec_ctx = (EVP_CIPHER_CTX *)
malloc(sizeof(EVP_CIPHER_CTX));
EVP_CIPHER_CTX_init(dec_ctx);
EVP_DecryptInit(dec_ctx, EVP_des_ede3_cbc(), myStruct-key,
myStruct-IV);
char *decrypt_data = do_decrypt(dec_ctx, pEncData, pDataSize,
dec_data_size);
// use the decrypt_data
free(decrypt_data);
EVP_CIPHER_CTX_cleanup(dec_ctx);
return 0;
}
unsigned char *do_decrypt(EVP_CIPHER_CTX * ctx, unsigned char *data, int
inl, int *dec_data_size)
{
unsigned char *buf;
int ol;
int bl = EVP_CIPHER_CTX_block_size (ctx);
buf = (unsigned char *) malloc (inl + bl);
EVP_DecryptUpdate (ctx, buf, ol, data, inl);
*dec_data_size = *dec_data_size + ol;
EVP_DecryptFinal(ctx, buf + ol, ol);
*dec_data_size = *dec_data_size + ol;
// return the decrypted buffer.
return buf;
}
Looks good, but my proposition is to add some error code checking
(for bad padding for example) something like that:
if(!EVP_DecryptFinal(...)){
/* error handling routine */
}
Best regards,
--
Marek Marcola [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
3DES Encryption / Decryption using the EVP api
hi ,
I want to decrypt using 3DES and want to use the EVP api.
Here's what i'm doing, it will be nice someone could validate if my approach
is correct. here's the code that i have come up with...
int 3desDecrypt(unsigned char * pEncData, int pDataSize)
{
int dec_data_size = 0;
EVP_CIPHER_CTX *dec_ctx = (EVP_CIPHER_CTX *)
malloc(sizeof(EVP_CIPHER_CTX));
EVP_CIPHER_CTX_init(dec_ctx);
EVP_DecryptInit(dec_ctx, EVP_des_ede3_cbc(), myStruct-key,
myStruct-IV);
char *decrypt_data = do_decrypt(dec_ctx, pEncData, pDataSize,
dec_data_size);
// use the decrypt_data
free(decrypt_data);
EVP_CIPHER_CTX_cleanup(dec_ctx);
return 0;
}
unsigned char *do_decrypt(EVP_CIPHER_CTX * ctx, unsigned char *data, int
inl, int *dec_data_size)
{
unsigned char *buf;
int ol;
int bl = EVP_CIPHER_CTX_block_size (ctx);
buf = (unsigned char *) malloc (inl + bl);
EVP_DecryptUpdate (ctx, buf, ol, data, inl);
*dec_data_size = *dec_data_size + ol;
EVP_DecryptFinal(ctx, buf + ol, ol);
*dec_data_size = *dec_data_size + ol;
// return the decrypted buffer.
return buf;
}
Thanks in advance.
Kunal
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: How to verify signature data with RSA PKCS1
Thanks Stephens, that worked. i'm just curious what if one uses #openssl rsautl -sign -inkey ./private/cakey.pem -in plain.txt -out signature.bin to create a signature, how would you verify it in a c. essentially what i mean is can u pass null in 2nd argument to the EVP_VerifyInit (md_ctx, null); indicating there is no hashing algo to be used. Is this right or is there some other way. KB From: Dr. Stephen Henson [EMAIL PROTECTED] Reply-To: openssl-users@openssl.org To: openssl-users@openssl.org Subject: Re: How to verify signature data with RSA PKCS1 Date: Tue, 1 Aug 2006 01:58:46 +0200 On Mon, Jul 31, 2006, k b wrote: Thanks Steve for pointing out that i posting to the wrong list, sorry my bad for some reason i didn't read it right. anyways... I've moved it now. lemme give some background i have a plain text file plain.txt i call # openssl rsautl -sign -inkey ./private/cakey.pem -in plain.txt -out signature.bin so my first question That command uses the RSA algorithm directly to sign the data. That isn't normally done instead the data is digested and the digest signed instead. If you use a digest command such as openssl sha1 with the -sign option it will do the right thing. 1) what kind of hashing alogrithm would the above command use ? is it possible to suggest one to use like sha1 or md5 etc ... It doesn't use one. in my c code i'm using the EVP_verify interface to verify the signature.bin here's what i do * I load the cert * read the public key into EVP_PKEY * read the plaintext into a buffer 'plainTextData' * read the signature.bin into a buffer 'sig_buf' and then do the followin EVP_MD_CTX_init(md_ctx); EVP_VerifyInit (md_ctx, EVP_sha1()); --- here i'm not sure which hash algo to specify. ??? EVP_VerifyUpdate (md_ctx, plainTextData, plainTextSize); err = EVP_VerifyFinal (md_ctx, sig_buf, sig_len, pkey); here what i get 11908:error:0D0890A1:asn1 encoding routines:ASN1_verify:unknown message digest algorithm:a_verify.c:141: 11908:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:asn1_lib.c:132: 11908:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:tasn_dec.c:935: 11908:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:304:Type=X509_SIG Any lead would appreciated, as i'm out of ideas. If you use openssl sha1 to sign with you should have more luck. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
