you.
Further identical requests will probably not get you any
further until you've determined what problems you're
having, and what your boss actually wants you to do with
OpenSSL.
--
Brian Hatch "Always plant a lie inside
Systems anda truth, m
.
IIRC, the OpenSSL PRNG seeds itself as it is used anyway, so even if
you wanted to seed it with constant data for testing purposes,
over time it's going to start giving you different output
anyway.
--
Brian Hatch The roll of elder
Systems andbrot
th totaly unrandom junk if it needs to, and the list
of offered ciphers is sorted by speed as measured on
my 686, rather than by cipher strength.
But then again, I can't think of any other valid
reasons for doing things this way. It kinda hurt
writing it, even though it was correct for the
> One more thing.
>
> The error string is:
>
> "error:0002:lib(0):func(0):system lib"
Suggest you call
ERR_load_error_strings()
and/or
SSL_load_error_strings()
so those become humanly readable...
--
Brian Hatch Time fli
kernel, for what should
> be fairly obvious reasons).
Excellent explanation, it's all clear to me now, thanks. I don't
use Wine often (I use Crossover's version on the unfortunate and
rare occasion where I need native Word) but I wanted to make sure
I wasn't missing any
data, or is it snagging true entropy from the underlying
unix-like system (/dev/*random, etc) ?
--
Brian Hatch "I don't mean to alarm
Systems andyou, but your pants
Security Engineer are talking to you."
http://www.ifokr.org/br
f it.
> Oh, and thanks for making me look at this - I've just realised the locking
> in ssl/ssl_sess.c is wrong ... commiting a fix shortly. :-)
No prob. But while you've decreased my workload with your response,
seems I've added to yours. Sorry. ;-)
--
Br
it's not clean for the
purpose in this case. (One section of code has a SSL_SESISON*
and another needs to get a copy without having access to the
underlying SSL*, but the code come from two products, so I wouldn't
want to introduce a memory leak in the one that actually does t
D. Since the order will differ based
on hardware, accelerators, etc, this is probably impossible to define.
I'll try to use 'openssl speed' to guestimate a proper order. Once
I get the rest of it working...
--
Brian Hatch "So Zathras talks to dirt.
an do, but it preferss 256 bit AES over
168 bit 3DES in the HIGH suit, for example. I want the worst
crypto (fastest speed, since security is not a design goal at
all) possible.
I know you'd never want this in a secure setup, that's not what
I'm working on.
--
Brian Hatch
tion of MITM. The emails written by Rich, Geoff, David, and
I have agreed on the facts of what SSL/TLS can do, what security
(x509 usage) it offers and when it fails.
It's only the definition of MITM in which we've divided into separate camps.
Let's all agree to dissag
pond to the list, and I hope not to respond off the
list either.
[1] Yes, we all dissagree with the definition of 'MITM', which is why
I just called this 'attacks'.
--
Brian Hatch "Look, somebody's got to have
Systems and
stworthy. What if I'm
a verisign employee and can manage to generate a verisign-signed
cert for www.microsoft.com? I can MITM, and no alerts will occur
until/unless they figure out what happened and revoke my
certificate, which requires that CRL checking is available in
7;ve been saying above is that if something uses SSL, it
is secure. I still say it must have SSL done *right* for it to
be secure.
All over the world, applications are being written by people with
no crypto background, using third party libraries, who blindly
piece together sample code until an SSL ha
eone interposes themselves in between
you and the endpoint and you do not know that they are there? Is there
not a generic term for it? Wouldn't that be oh never mind.
I'm exiting this thread now.
--
Brian Hatch "Ouch! That's really painful.&q
ITM attacks, but you need to do all the
checks above, it doesn't just happen by itself.
I'm going to shut up now - this thread's gone on far too long
with no illumination in sight.
[1] Assuming no one has the server's private key
[2] Assuming your CA is trustworthy, and tha
e too
Protecting the private key is your most important task. Period.
Doesn't this make sense?
--
Brian Hatch It compiles!
Systems andLet's ship it!
Security Engineer -- the Microsoft motto
http://www.ifokr.org/bri/
Every message PGP signed
pgp0.pgp
Description: PGP signature
rball, as well
as the Viega 'network security with openssl' book.
--
Brian Hatch Schizophrenia:
Systems andit beats being alone.
Security Engineer
http://www.ifokr.org/bri/
Every message PGP signed
pgp0.pgp
Description: PGP signature
ver.crt','r')
> 1666:error:20074002:BIO routines:FILE_CTRL:system
> lib:bss_file.c:261:
My guess is that your server cert is called 'server.crt'
and you're telling it to read 'sever.crt'.
Spelling is important
--
Brian Hatch &qu
tty easy to guess anyway.
> Source of randomness are available all around your program, you just need
> to mine them.
And distrust them appropriately. (IE give them an estimated 'bytes
of entropy' value that's much lower than their actual byte count.)
--
Brian Hatch
ine is headless anyway)
and the processes running are always the same (though
characteristics such as CPU time change, etc)
Worse yet, I just helped out in porting a bit of code to
WinCE, and I have no idea what's available for it wrt
randomness.
--
Brian Hatch "H
he amount of data
I had available was more than sufficient to keep the pool stirred.
At least, that's my method.
--
Brian Hatch "Zathras work here. Zathras
Systems andwere born here. You work up
Security Engineer there, Zathras work down
http
a different connection, then the
proxy my decide to discard or inline OOB packets, either of
which could ruin your day.
--
Brian Hatch A conclusion is
Systems andthe place where
Security Engineer you got tired
http://www.ifokr.org/bri/ of thinking.
E
LS" book.
(Eric's also the author of ssldump, which might be handy.)
I recommend a copy of John Viega (et al)'s Network Security
with OpenSSL as well.
The former is geared more toward theory, the later is geared
more toward implementation. They go very well together.
--
Brian Hatch
ND_bytes Error: error:24064064:lib(36):func(100):reason(100)
>
> How can i get the textual reason of the Error??
#include
main() {
ERR_load_crypto_strings();
...
ERR_free_strings();
}
See also SSL_load_error_strings;
--
Brian Hatch $ echo
at much
code, is still something you'd be better off doing after you've
already restricted your process as much as possible.
--
Brian Hatch What do you want?
Systems and Who are you?
Security Engineer Why are you here?
http://www.ifokr.org/bri/
Every m
use_RSA_PrivateKEY_file s.t. I have access to the RSA struct
before I send it to SSL_use_RSAPrivateKey.
--
Brian Hatch Ask me about
Systems andmicrowaving cats
Security Engineer for fun and profit.
http://www.ifokr.org/bri/
Every message PGP signed
pgp0.pgp
Description: PGP signature
e (*p == '\0')
> in rsa_pk1.c (code below)as buffer is all initilized
> to '\0'.I dont see any data in p being filled when
> RAND_bytes(p,j) is called.
So your code tries to make j bytes of non \0 chars in p,
yes? Seems to work for me, actually. I just copy/pasted
it an
dd
with a non-zero final value, where that value accurately defines
how much randomness you expect in the data.
You might want to read the RAND_add man page.
--
Brian Hatch "Don't give
Systems andaway the homeworld."
Security Engineer
http://www
cipher) in the chain to be sure
that the data on the wire is the same data coming in my bio chains?
Am I adding an encrypt and decrypt bio onto my socket in a totally
brain dead manner?
--
Brian Hatch Stupidity is
Systems andnot a handicap.
Security Engi
d to
> retrieve the EVP_CIPHER_CTX structure from the BIO to do that, see the 0.9.7
> manual pages for precise details.
Hmmn. Not a bad plan - I'll check into that.
--
Brian Hatch "You don't frighten easily."
Systems and "I work for Am
any data to the client.
Any quick ideas where my brain or code is failing me?
--
Brian Hatch LLooccall EEcchhoo iiss
Systems anduunnddeeaatteedd.
Security Engineer
http://www.ifokr.org/bri/
Every message PGP signed
pgp0.pgp
Description: PGP signature
ompiling for WIN32, no main procedure is compiled.
Did you use old openssl-0.9.6[a-g] libraries or
0.9.7? The version of stunnel-4.04.exe compiled
by Mike requires 0.9.7. (New dlls available
at both stunnel.mirt.net and stunnel.org)
Followups should probably go to the Stunnel mailing
list instea
going as fast as I can.
Many thanks to Mike for his work making this new version that
promises to make SSL tunnel configuration a lot easier for the
Windows folks and those afraid of command lines with lots and
lots of arguments.
--
Brian Hatch I just got lost in
Sys
> U, where can we get it?
I'm trying to get it on stunnel.org right now. Takes
a while to get those bits from Poland...
--
Brian Hatch For Sale: Parachute
Systems andUsed once.
Security Engineer Never opened.
http://www.ifokr
There's an intro OpenSSL article at www.unixreview.com that
folks might want to peruse.
--
Brian Hatch "Fashion is what one
Systems andwears oneself. What
Security Engineer is unfashionable is
http://www.ifokr.org/bri/ what ot
something *random* for your RAND_seed. If you don't
have /dev/urandom, then grab egd/prgd and use it as a source
instead. Or worst case use a file with RAND_load_file which
you overwrite each time with new random info via RAND_write_file.
And no, current system time/pid/ppid/num procs/etc is *n
> and then invokes gcc. It should work like a charm.
Really? I was told by numerous folks, including some from sun
that it wouldn't work. I'm going to high-tail it over and give
this a try.
--
Brian Hatch"Funny thing about retiring: you no
Systems and
^^^
> Duh.
Solaris 8 ships with a perl that was compiled with Sun cc.
Thus to install modules/etc that require compilation, you
must use Sun cc. Even if you install gcc, you cannot compile
code that will link correctly with sun's supplied perl.
Answer: Buy sun&#
> I never got an answer so let's try again...
>
> Now that RSA released it's patent to the public, how do we compile
> openssl without RSARef ???
./configure
Unless you take steps to link against RSARef, you won't.
In fact, go delete the damned thing from your
i get an error message :
Don't use the '-v' unless you want to verify certs. My guess is
that you don't. '-v' doesn't mean verbose for stunnel.
> I don't have any certificates under /usr/local/ssl/certs to verify !!!
then don't specify '-v'
me individually though, it
doesn't belong on openssl until it's an openssl problem.
--
Brian HatchNostalgia isn't
Systems and what it used to be.
Security Engineer
http://www.ifokr.org/bri/
Every message PGP signed
PGP signature
time. But you must not seed the PRNG
with the same data ever (for example the 3000 '0' bytes in my code above)
or you make it easy for folks to narrow down the possibilities they must
try to break your connection(s).
--
Brian HatchEveryone is entitled
Systems and
better from stunnel.org.
stunnel 3.8 is broken. It will only work with older versions of
openssl because it -- stunnel -- is broken.
Don't blame the openssl folks for keeping application programers honest.
--
Brian Hatch"But not denying it doesn't
Systems and
t; somefile
openssl genrsa -rand somefile -out .
(yeah, the -20 is totaly arbitrary, and it probably generates 5000
characters or so, but you're rather assured it'll be enough for
openssl)
--
Brian HatchSchizophrenia:
Systems and it beats b
stunnel
still unpatched, I started a new branch (the 3.8pX patch set) which
addresses this and other patches for stunnel. Thus it's not truely
the official site, but I'm incorporating all info I have and anything
folks give me.
Oh, and nods to Ralf S. Engelschall and the Ope
reading s.t. users can know
which missing files may be the culprit, rather than
making them use truss/strace/etc.
--
Brian HatchI've finally learned
Systems and to honk. It's the hatred.
Security Engineer-- me
http://www.ifokr.org/bri/
Every m
> I have installed stunnel and it seems to be working reasonably well. I have
> also installed OpenSSL and I also seem to have the certificates working well
> on that. I have compiled stunnel to use OpenSSL. I can get stunnel to work
> when I set -v1 (requires only server certificate) but I h
48 matches
Mail list logo
