Re: [openssl-dev] (future) STORE vs X509_LOOKUP_METHOD by_dir

[Roumen Petrov]

Hi Richard,

Richard Levitte wrote:

Hi,

I've some ponderings that I need to bounce a bit with you all.

Some have talked about replace the X509_LOOKUP_METHOD
X.509 lookup method could return certificate , revocation list or 
EVP_KEY (structure x509_object_st).


Unfortunately   functionality of EVP_KEY was never implemented.
Another point is specific names of structures - x509_lookup_method_st , 
x509_lookup_st, x509_object_st.
Third point is quite specific implementation - functions not just to 
retrieve objects( X.509 or CRL) but to fill them into "context of X509 
store".


Current lookup functionality look like "store" but implementation is 
specific to X.509 store.




bit with the
STORE module I'm building, and while STORE isn't ready for it yet


I hope that you store functionality will fill gap between load of keys 
and load of certificates (+crl).


Loadable module (engine) has interface to load key(private or public)  
but lack load of X.509 certificates or CRL.




, I
have some thoughts on how the two can approach each other.  This would
involve one or two hooks / callbacks, that a STORE user could specify
(details later) to pick and choose freely among the objects that the
STORE module finds (be it on file or whatever else that can be
represented as a URI).

I think that functionality requires three phases :
1) instantiation : at this point store is created
2) specification (optional):  set or check capability of store. For 
instance store could return only X.509 certificates or to request store 
to return only keys.

3) inquiry: fetch data based on specified criteria.


The troublesome part would be to try to mimic by_dir...  It highly
depends on the specified paths to really be directories, and that it
should find what it wants by adding very specific file names (a hash
of the subject name with a ".{n}" or ".r{n}" extension for X.509 certs
and for X.509 CRLs).  And sure, that works, but will really only work
with regular files.

I'm not sure what is issue.

Lets see X.509 lookup method get_by_subject.

- by_dir
2) specification : set directory(path), limit results to X.509 or CRL 
and may be to inform store that questions will be performed by subject.


For instance URI scheme could befile://path?certificate="name"

3) query : from subject calculate hash and then process "{hash}.{n}" or 
"{hash}.r{n}" depending from URI


- Ldap
It is similar, URI is described in RFCs - at point 2) set host, port, base 
distinguished name, attribute (for instance cACertificate), construct filter 
from specified name.




What if someone would specify a LDAP URI that can return a bunch of
objects?

So...  my ponderings are going along these lines:

1. Should the directory X509_LOOKUPs be restricted to on disk
directories, or should "directory" be redefined as "whatever URI
that returns a collection of objects"?  The latter would mean that
all those objects get loaded and that a hook / callback would then
be called to check if it's an object that corresponds to what we
search for.
I think that replacement of "by_dir" lookup has to be restricted to file 
system operation.

Files could be located on network, memory not only on disk.



2. For on disk directories, should we preserve the rehash file form?
In other words, if we decide to load everything we can find, shall
we restrict the loading to files matching the regexp
[0-9a-f]{8}\.r?[0-9]+  ?  If not, are we about to create a new form
of key store for ourselves and our users?  Should we?


For hash-dir please keep current file name format.


Quite a lot also depends on what OpenSSL version we aim for.  I would
very much like to see the STORE module itself become part of 1.1.1,
but a new key store to replace our current rehash links will obviously
have to wait 'til 1.2.0.

Cheers,
Richard


Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4681] Resolved: X.509 load method

[Roumen Petrov]

Rich Salz via RT wrote:

According to our records, your request has been resolved. If you have any
further questions or concerns, please respond to this message.

Resolved?
Hmm, how to implement X.509 lookup method with  1.1+ API?

Regards,
Roumen Petrov

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [RFC v2 2/2] pem: load engine keys

[Roumen Petrov]

Hi Richard,

Richard Levitte wrote:

In message<20161206.223057.237264374331072901.levi...@openssl.org>  on Tue, 06 Dec 
2016 22:30:57 +0100 (CET), Richard Levitte  said:

levitte> [SNIP]

The easiest was actually to rewrite PEM_read_bio_PrivateKey()
entirely, so it solely uses the internal store_file functions I've
provided.
I wonder what kind of impact this would have on the community at
large.


PEM_read_bio_PrivateKey use custom password callback . You propose "Store-API" 
with UI_METHOD  as password callback.
Rewrite of pem_read... method obsoletes pem_password_cb.

What about to ensure a transition period?
For instance in openssl 1.1 to provide new functions based on UI_METHOD and to 
mark existing as deprecated.


One remark for store load function api - in most cases (load from file) it is 
password callback but is other cases it could be PIN or something different.
Please use more generic description.
For instance engine callback is defined in generic way -  ui_method and its 
callback_data.




Cheers,
Richard


Regards,
Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [RFC v2 2/2] pem: load engine keys

[Roumen Petrov]

HI Richard,

Richard Levitte wrote:

In message<58472e4f.3010...@roumenpetrov.info>  on Tue, 06 Dec 2016 23:31:59 +0200, 
Roumen Petrov<open...@roumenpetrov.info>  said:

openssl> Hi Richard,
openssl>
[SNIP]
openssl> > Check.  My STORE branch is made to support that.
openssl> One URI could represent more then one item.
openssl> STORE_INFO_types is enumerate but URI could be associated to custom
openssl> data (handle) and this data could be used to get other data(handles).
openssl>
openssl> See capi engine CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char
openssl> *id)
[SNIP]
openssl> Is above case PKEY is loaded only if CERT is located(found).

I'm trying to understand but am failing.  Looking at your example,
it's quite clear that what you want to retrieve is a key, even though
you have to go through the corresponding certificate to get to it.
After first review of API delared in openssl/store.h I misunderstand 
goal of load method.


I think that code of capi engine could be considered as sample what is 
need for an loadable module (engine) to use "OpenSSL Store API". I post 
above code just to get idea where currently is used an "external store api".
Just imagine how existing capi code could be changed to use store-API 
and to implement loader(scheme?).


I'm asking as currently there is no interface (API) that could associate 
key (private) and X.509 certificate. Currently engines implement custom 
command as work-around. For instance LOAD_CERT_CTRL (pkcs11 and e_nss) 
and LOAD_CERT_EVP(e_nss).


This one of areas where applications could benefit from "Store API".

I post a sniped from CAPI code because it is part of OpenSSL, but king 
of "external store api" is used by other engines.




However,*nothing*  stops anyone from making a loader for the "capi"
scheme (if there is such a thing) that has a load method that will
return the certificate (STORE_INFO_CERT) on the first call and the
associated key (STORE_INFO_PKEY) on the second for the same URI.  It's
all about caching information, and there is a context variable (type
STORE_LOADER_CTX, which is just a template type for loader defined
'struct store_loader_ctx_st') to be used exactly for that kind of
purpose.


I guess that "load" method is supposed to return all data at once.

Actually it is an iterator!

Please update comments before method and if possible to change name of 
method.




[SNIP]
In your example above, I fail to see where the custom data would be
needed...  And frankly, STORE is first of all meant to handle types
that can be used with the rest of OpenSSL.  That being said, adding a
"whatever" STORE_INFO type isn't very hard either.  I'm just not
terribly convinced yet, but let's keep talking, I'll probably
understand sooner or later what you're actually after.
I also fail to see why a store scheme has to return "custom data". Note 
that thread start from request for load TPM keys and some one mention 
that TMP key has custom data.



In addition to load of key from file there is one another interfaces 
where could be used store api - see RT4681.
The goal is expired from fact that X.509 load method is hidden in 
OpenSSL 1.1.
I guess that "by dir" and "by file" could be updated to use store api. 
Also applications has to able to register that a "store scheme" could by 
used by X.509 lookups.




Cheers,
Richard ( oh, and if example code is needed, I can provide )


+4 for OpenSSL store api ;)

Regards,
Roumen

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [RFC v2 2/2] pem: load engine keys

[Roumen Petrov]

Hi Richard,

Richard Levitte wrote:

[SNIP]
James.Bottomley>1. We agreed that usability is greatly enhanced if openssl 
simply loads
James.Bottomley>   a key when presented with the file/uri etc. without the 
user having
James.Bottomley>   to specify what the format of a key is

Check.  My STORE branch is made to support that.

One URI could represent more then one item.
STORE_INFO_types is enumerate but URI could be associated to custom data 
(handle) and this data could be used to get other data(handles).


See capi engine CAPI_KEY *capi_find_key(CAPI_CTX * ctx, const char *id)
..
hstore = capi_open_store(ctx, NULL);
if (!hstore)
return NULL;
cert = capi_find_cert(ctx, id, hstore);
if (cert) {
key = capi_get_cert_key(ctx, cert);
CertFreeCertificateContext(cert);
}
CertCloseStore(hstore, 0);
..
Is above case PKEY is loaded only if CERT is located(found).

I guess that STORE_INFO_types could be bit-mask and to support 
application specific data in addition.



[SNIP]
Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Still showing openssl 1.0.2 snapshot issue

[Roumen Petrov]

Salz, Rich wrote:

[SNIP]
I posted yesterday, what's your config. I standard config/make does 
not do this for me.

For instance:
CONFIGURE_ARGS=--prefix=... -DOPENSSL_NO_BUF_FREELISTS shared no-ssl2 
no-ssl3 zlib-dynamic enable-gost enable-unit-test linux-x86_64


Roumen

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [RFC 1/2] engine: add new flag based method for loading engine keys

[Roumen Petrov]

David Woodhouse wrote:

The assumption in all the current engine code is that key_id can be
passed as something like a file name.

This is mostly documentation issue.
Usually OpenSSL man pages use filename for , but actually it is 
just a string and engine is responsible how to process



  There are some new users that
actually want to pass a BIO, so add a new load_key method for engines
that takes a flag value.
Engine could use some URN formats for . For instance if  
starts with file:/ engile could try to load from filesystem.



The first defined flag is
ENGINE_LOAD_KEY_FLAG_BIO which means that the key_id is actually a bio
pointer.
I'm not sure that is good idea to pass pointers between loadable 
modules. It could be used if there is no alternative. In this case URN 
format for   could inform engine how to load key.


[SNIP]

Regadrs,
Roumen Petrov
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4681] X.509 load method

[Roumen Petrov via RT]

This is an enhancement request.

OpenSSL 1.1 hides details of structures used to load X.509 certificates, 
in particular - x509_lookup_method_st , x509_lookup_st and x509_object_st.
This impact non OpenSSL projects as external application has to 
duplicated those structures.

Request is OpenSSL do not change those structures until new 
implementation in a binary incompatible release.


It seems to me current look-up method is quite complex.
For instance get_by_subject performs two main steps load and query - see 
"by_dir".
In first step code using "query constraint" fetch data and adds each 
item found to store. Update of store requires thread lock.
In second step code query entire store using "query constraint" and 
prepare result. Query of store requires thread lock.

I guess that could be used more simple "callback" model - a method with 
callback context.
Method fetch data, return only item (certificate, CRL, etc.) on each 
call and so until end of data.
With this model library is responsible to update store and to prepare 
result. Lock of store could be managed internally.


Regards,
Roumen


-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4681
Please log in as guest with password guest if prompted

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4590] accessors without const return arguments

[Roumen Petrov via RT]

Stephen Henson via RT wrote:
> On Sat Jun 25 22:09:59 2016, open...@roumenpetrov.info wrote:
>> Above is reason the request to remove const from return argument of get0
>> methods.
> We had a discussion about this and the preference was to have get methods
> retain const for various reasons.
>
> Instead the DSA_SIG/ECDSA_SIG structures now no longer pre-allocate r/s so 
> they
> aren't immediately freed when you set them.

Please update documentation (status of 3.8.2016):
1) DSA_SIG_new.pod
DSA_SIG_new() allocates and initializes a B structure.

So now function only allocates signature.


2) ECDSA_SIG_new.pod
ECDSA_SIG_new() allocates a new B structure (note: this
function also allocates the BIGNUMs) and initializes it.

Same here, but please indicate that this is changed in 1.1.


>> The issue is not only for ECDSA but also for DSA_SIG and RSA, DSA, DH
>> keys where situation is similar.
> Do you have some examples of how this affects other structures? For RSA/DSA/DH
> keys the fields are NULL initially unless I've missed something.
Impact is over other software where more or less situation is the same - 
code allocates and initialize(!) keys.
In deserialization process just updates allocated key material.

It seemt to me now is more easy just to perform "const cast hack" 
instead to rewrite totally code.

Roumen


-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4590
Please log in as guest with password guest if prompted

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] prefer headers from source tree

[Roumen Petrov]

Hello,

Build of master branch fail of on command line is specified include path 
(-I ...) with headers from another openssl version.
Please see attached 
"0002-make-templates-prepend-path-to-source-headers.patch" file with 
proposed modification of make template.

Tested wilt unix build. Windows modification is similar.

Roumen
>From a7e0111eea1ef51d62a673e8511e9017945c2780 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sat, 21 May 2016 10:29:51 +0300
Subject: [PATCH 2/2] make templates: prepend path to source headers

---
 Configurations/unix-Makefile.tmpl| 10 +-
 Configurations/windows-makefile.tmpl |  8 
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/Configurations/unix-Makefile.tmpl b/Configurations/unix-Makefile.tmpl
index 34971a9..cb36178 100644
--- a/Configurations/unix-Makefile.tmpl
+++ b/Configurations/unix-Makefile.tmpl
@@ -871,7 +871,7 @@ EOF
 $target: $args{generator}->[0] $deps
 	( trap "rm -f \$@.*" INT 0; \\
 	  $generator \$@.S; \\
-	  \$(CC) \$(CFLAGS) $incs -E \$@.S | \\
+	  \$(CC) $incs \$(CFLAGS) -E \$@.S | \\
 	  \$(PERL) -ne '/^#(line)?\\s*[0-9]+/ or print' > \$@.i && \\
 	  mv -f \$@.i \$@ )
 EOF
@@ -884,7 +884,7 @@ EOF
   }
   return <<"EOF";
 $args{src}: $args{generator}->[0] $deps
-	\$(CC) \$(CFLAGS) $incs -E \$< | \\
+	\$(CC) $incs \$(CFLAGS) -E \$< | \\
 	\$(PERL) -ne '/^#(line)?\\s*[0-9]+/ or print' > \$@
 EOF
   }
@@ -918,7 +918,7 @@ EOF
   if (!$disabled{makedepend} && $makedepprog =~ /\/makedepend/) {
   $recipe .= <<"EOF";
 $obj$depext: $deps
-	-\$(MAKEDEPEND) -f- -o"|$obj$objext" -- \$(CFLAGS) $ecflags$incs -- $srcs \\
+	-\$(MAKEDEPEND) -f- -o"|$obj$objext" -- $incs \$(CFLAGS) $ecflags -- $srcs \\
 	>\$\@.tmp 2>/dev/null
 	-\$(PERL) -i -pe 's/^.*\\|//; s/ \\/(.|[^ ])*//; \$\$_ = undef if (/: *\$\$/ || /^(#.*| *)\$\$/); \$\$_.="\\n" unless !defined(\$\$_) or /\\R\$\$/g;' \$\@.tmp
 	\@if cmp \$\@.tmp \$\@ > /dev/null 2> /dev/null; then \\
@@ -932,13 +932,13 @@ EOF
   if ($disabled{makedepend} || $makedepprog =~ /\/makedepend/) {
   $recipe .= <<"EOF";
 $obj$objext: $deps
-	\$(CC) \$(CFLAGS) $ecflags$incs -c -o \$\@ $srcs
+	\$(CC) $incs \$(CFLAGS) $ecflags -c -o \$\@ $srcs
 EOF
   }
   if (!$disabled{makedepend} && $makedepprog !~ /\/makedepend/) {
   $recipe .= <<"EOF";
 $obj$objext: $deps
-	\$(CC) \$(CFLAGS) $ecflags$incs -MMD -MF $obj$depext.tmp -MT \$\@ -c -o \$\@ $srcs
+	\$(CC) $incs \$(CFLAGS) $ecflags -MMD -MF $obj$depext.tmp -MT \$\@ -c -o \$\@ $srcs
 	\@touch $obj$depext.tmp
 	\@if cmp $obj$depext.tmp $obj$depext > /dev/null 2> /dev/null; then \\
 		rm -f $obj$depext.tmp; \\
diff --git a/Configurations/windows-makefile.tmpl b/Configurations/windows-makefile.tmpl
index 0d21c50..bba7e51 100644
--- a/Configurations/windows-makefile.tmpl
+++ b/Configurations/windows-makefile.tmpl
@@ -349,7 +349,7 @@ EOF
 $target: "$args{generator}->[0]" $deps
 	set ASM=\$(AS)
 	$generator \$@.S
-	\$(CC) \$(CFLAGS) $incs /EP /C \$@.S > \$@.i && move /Y \$@.i \$@
+	\$(CC) $incs \$(CFLAGS) /EP /C \$@.S > \$@.i && move /Y \$@.i \$@
 del /Q \$@.S
 EOF
   }
@@ -362,7 +362,7 @@ EOF
   }
   return <<"EOF";
 $target: "$args{generator}->[0]" $deps
-	\$(CC) \$(CFLAGS) $incs /EP /C "$args{generator}->[0]" > \$@.i && move /Y \$@.i \$@
+	\$(CC) $incs \$(CFLAGS) /EP /C "$args{generator}->[0]" > \$@.i && move /Y \$@.i \$@
 EOF
   }
   }
@@ -400,13 +400,13 @@ s/^Note: including file: *//;
 END { print '$obj$objext: ',join(" ", sort keys \%collect),"\\n" }
 <<
 $obj$objext: $obj$depext
-	\$(CC) \$(CFLAGS) $ecflags$incs -c \$(COUTFLAG)\$\@ @<<
+	\$(CC) $incs \$(CFLAGS) $ecflags -c \$(COUTFLAG)\$\@ @<<
 $srcs
 <<
 EOF
 return <<"EOF"	if ($disabled{makedepend});
 $obj$objext: $deps
-	\$(CC) \$(CFLAGS) $ecflags$incs -c \$(COUTFLAG)\$\@ $srcs
+	\$(CC) $incs \$(CFLAGS) $ecflags -c \$(COUTFLAG)\$\@ $srcs
 EOF
  }
 
-- 
1.8.4

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4590] accessors without const return arguments

[Roumen Petrov via RT]

Hello,

Recently declaration of a number of get0 methods was changed to return 
constant values (BIGNUM).

Lets me quote description of an allocator "/ECDSA_SIG_new()/ allocates a 
new *ECDSA_SIG* structure (note: this function also allocates the 
BIGNUMs) and initialize it."

Now lets try to write deserialization of a ECDSA signature. With set 
method allocated and never user ECDSA members r and s has to be freed 
and replaced by new one. As result extra allocation of big numbers 
impact performance and increase memory usage.

Above is reason the request to remove const from return argument of get0 
methods.

The issue is not only for ECDSA but also for DSA_SIG and RSA, DSA, DH 
keys where situation is similar.


Regards,
Roumen Petrov



-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4590
Please log in as guest with password guest if prompted

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] use of X.509 lookup methods, X509_OBJECT internal or opaque?

[Roumen Petrov]

Salz, Rich wrote:

Can you look at https://github.com/openssl/openssl/pull/1044 [SNIP ]
I pushed a new version that adds your feedback.

10x, it's fine by me.

Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] use of X.509 lookup methods, X509_OBJECT internal or opaque?

[Roumen Petrov]

Hi Rich,

Salz, Rich wrote:

Can you look at https://github.com/openssl/openssl/pull/1044 and see if it 
addresses the issues?

Yes.

May be with some definitions for backward compatibility. I mean for 
renamed pre 1.1 functions - with inserted  ..._CTX into name of :

- X509_STORE_get_by_subject
- X509_STOREget1_{certs|crls}

I understand idea of new function X509_STORE_CTX_get_X509_by_subject. 
X509 is misleading.

What about X509_STORE_CTX_get_obj_by_subject?

Regards,
Roumen


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] use of X.509 lookup methods, X509_OBJECT internal or opaque?

[Roumen Petrov]

Hi Rich,

Scope of my request is "use of a lookup method".

Salz, Rich wrote:

You need

(1)
I test port to current openssl code with following definitions 
X509_OBJECT_new() and X509_OBJECT_get0_X509_CRL.  :


diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index ff64821..8547b0d 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -450,6 +450,12 @@ int X509_OBJECT_get_type(X509_OBJECT *a)
 return a->type;
 }

+X509_OBJECT *X509_OBJECT_new()
+{
+X509_OBJECT *ret;
+return OPENSSL_malloc(sizeof (*ret));
+}
+
 void X509_OBJECT_free(X509_OBJECT *a)
 {
 if (a == NULL)

diff --git a/crypto/x509/x509_lu.c b/crypto/x509/x509_lu.c
index c4ca619..ff64821 100644
--- a/crypto/x509/x509_lu.c
+++ b/crypto/x509/x509_lu.c
@@ -433,9 +433,18 @@ void X509_OBJECT_up_ref_count(X509_OBJECT *a)

 X509 *X509_OBJECT_get0_X509(X509_OBJECT *a)
 {
+if (a == NULL) return NULL;
+if (a->type != X509_LU_X509) return NULL;
 return a->data.x509;
 }

+X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *a)
+{
+if (a == NULL) return NULL;
+if (a->type != X509_LU_CRL) return NULL;
+return a->data.crl;
+}
+
 int X509_OBJECT_get_type(X509_OBJECT *a)
 {
 return a->type;


After port I note that two new functions (see bellow) will simplify code:

(2)

 X509 *X509_STORE_get_X509_by_subject(X509_STORE_CTX *vs,
X509_NAME *name)
 X509_CRL *X509_STORE_get_X509_CRL_by_subject(X509_STORE_CTX *vs,
X509_NAME *name) And replace the existing
"X509_STORE_get_X509_by_subject"


This is my request - to define:
- X509 *X509_STORE_get_X509_by_subject(X509_STORE_CTX *vs, X509_NAME *name)
- X509_CRL *X509_STORE_get_X509_CRL_by_subject(X509_STORE_CTX *vs, 
X509_NAME *name)
( Side effect is that with functions from (2) program code will avoid 
use of functions from (1) )




We also need X590_OBJECT_new() and X509_OBJECT_free and X509_CRL
*X509_OBJECT_get0_X509_CRL(X509_OBJECT *a).

It is good to have:
- X590_OBJECT_new()
- X509_CRL* X509_OBJECT_get0_X509_CRL(X509_OBJECT *)
- int X509_OBJECT_set0_X509_CRL(X509_OBJECT*, X509_CRL*)
- int X509_OBJECT_set0_X509(X509_OBJECT*, X509* )
but this is out of scope for now.

It is related to API for X509_LOOKUP_METHOD. Lets to discuss separately 
when accessors for X509_LOOKUP_METHOD are defined.



Make sure the memory issues are addressed and avoid double-free.

Right?

"You need" is misleading.  These are new accessors needed  because the 
X509_OBJECT was made opaque.  In other words we did it :)


Regards,
Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

[Roumen Petrov]

Hello Richard,

Richard Levitte wrote:

In message <571f2941.4040...@openssl.org> on Tue, 26 Apr 2016 09:39:29 +0100, Matt 
Caswell <m...@openssl.org> said:

[SNIP]
I've seen no other opinion, so I went with it.  Would you mind having
a look at GH#995?  I did a bit of change in the docs, but could need
some help expressing it in a better manner.

Also, I'd like to hear from Douglas and Tomas if these changes found
in said pull request would fit your bill better...  basically, it
allows (or should allow, unless I've goofed something up) a call set
like this:

 RSA_set0_key(rsa, n, e, NULL);
 /* other stuff done, such as calculatig d */
 RSA_set0_key(rsa, NULL, NULL, d);
As methods allows user to set only public part I would like to propose 
to add new key method "...set0_privkey" to set just private key.
This will allow to avoid duplicate of key public part between get0 and 
set0 key methods.



For protocol "0009-sshkey.c-opaque-DSA-structure.patch" is practical 
sample of an upgrade to 1.1 API. RSA is similar.




Cheers,
Richard



Roumen

>From 57d17bdf3ef9975b6f09a597557843943909b5b9 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 3 Apr 2016 21:24:27 +0300
Subject: [PATCH 09/31] sshkey.c: opaque DSA structure

---
 sshkey.c | 180 +--
 1 file changed, 140 insertions(+), 40 deletions(-)

diff --git a/sshkey.c b/sshkey.c
index 6d4a377..0bba185 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -4,7 +4,7 @@
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
  * Copyright (c) 2010,2011 Damien Miller.  All rights reserved.
  * X509 certificate support,
- * Copyright (c) 2002-2015 Roumen Petrov.  All rights reserved.
+ * Copyright (c) 2002-2016 Roumen Petrov.  All rights reserved.
  *
  * Redistribution and use in source and binary forms, with or without
  * modification, are permitted provided that the following conditions
@@ -362,7 +362,11 @@ sshkey_size(const struct sshkey *k)
 		return BN_num_bits(k->rsa->n);
 	case KEY_DSA:
 	case KEY_DSA_CERT:
-		return BN_num_bits(k->dsa->p);
+		{
+		BIGNUM *p = NULL;
+		DSA_get0_pqg(k->dsa, , NULL, NULL);
+		return BN_num_bits(p);
+		}
 	case KEY_ECDSA:
 	case KEY_ECDSA_CERT:
 		return sshkey_curve_nid_to_bits(k->ecdsa_nid);
@@ -588,17 +592,27 @@ sshkey_new(int type)
 		break;
 	case KEY_DSA:
 	case KEY_DSA_CERT:
+		{
+		BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL;
+
 		if ((dsa = DSA_new()) == NULL ||
-		(dsa->p = BN_new()) == NULL ||
-		(dsa->q = BN_new()) == NULL ||
-		(dsa->g = BN_new()) == NULL ||
-		(dsa->pub_key = BN_new()) == NULL) {
+		(p = BN_new()) == NULL ||
+		(q = BN_new()) == NULL ||
+		(g = BN_new()) == NULL ||
+		(pub_key = BN_new()) == NULL) {
+			BN_free(p);
+			BN_free(q);
+			BN_free(g);
+			BN_free(pub_key);
 			if (dsa != NULL)
 DSA_free(dsa);
 			free(k);
 			return NULL;
 		}
+		DSA_set0_pqg(dsa, p, q, g);
+		DSA_set0_key(dsa, pub_key, NULL);
 		k->dsa = dsa;
+		}
 		break;
 	case KEY_ECDSA:
 	case KEY_ECDSA_CERT:
@@ -646,8 +660,19 @@ sshkey_add_private(struct sshkey *k)
 		break;
 	case KEY_DSA:
 	case KEY_DSA_CERT:
-		if (bn_maybe_alloc_failed(k->dsa->priv_key))
+		{
+		BIGNUM *pub_key = NULL, *priv_key = NULL;
+
+		if (bn_maybe_alloc_failed(priv_key))
+			return SSH_ERR_ALLOC_FAIL;
+		DSA_get0_key(k->dsa, _key, NULL);
+		pub_key = BN_dup(pub_key);
+		if (pub_key == NULL) {
+			BN_free(priv_key);
 			return SSH_ERR_ALLOC_FAIL;
+		}
+		DSA_set0_key(k->dsa, pub_key, priv_key);
+		}
 		break;
 #undef bn_maybe_alloc_failed
 	case KEY_ECDSA:
@@ -914,14 +939,22 @@ to_blob_buf(const struct sshkey *key, struct sshbuf *b, int force_plain)
 		break;
 #ifdef WITH_OPENSSL
 	case KEY_DSA:
+		{
+		BIGNUM *p = NULL, *q = NULL, *g = NULL, *pub_key = NULL;
+
 		if (key->dsa == NULL)
 			return SSH_ERR_INVALID_ARGUMENT;
+
+		DSA_get0_pqg(key->dsa, , , );
+		DSA_get0_key(key->dsa, _key, NULL);
+
 		if ((ret = sshbuf_put_cstring(b, typename)) != 0 ||
-		(ret = sshbuf_put_bignum2(b, key->dsa->p)) != 0 ||
-		(ret = sshbuf_put_bignum2(b, key->dsa->q)) != 0 ||
-		(ret = sshbuf_put_bignum2(b, key->dsa->g)) != 0 ||
-		(ret = sshbuf_put_bignum2(b, key->dsa->pub_key)) != 0)
+		(ret = sshbuf_put_bignum2(b, p)) != 0 ||
+		(ret = sshbuf_put_bignum2(b, q)) != 0 ||
+		(ret = sshbuf_put_bignum2(b, g)) != 0 ||
+		(ret = sshbuf_put_bignum2(b, pub_key)) != 0)
 			return ret;
+		}
 		break;
 # ifdef OPENSSL_HAS_ECC
 	case KEY_ECDSA:
@@ -1971,13 +2004,25 @@ sshkey_from_private(const struct sshkey *k, struct sshkey **pkp)
 	case KEY_DSA_CERT:
 		if ((n = sshkey_new(k->type)) == NULL)
 			return SSH_ERR_ALLOC_FAIL;
-		if ((BN_copy(n->dsa->p, k->dsa->p) == NULL) ||
-		(BN_copy(n->dsa->q, k->dsa->q) == NULL) ||
-		(BN_copy(n->dsa->g,

[openssl-dev] remove defines that access X.509 store

[Roumen Petrov]

Hi,

Please find attached file 
"0004-remove-defines-X509_STORE_set_verify_.-as-context-is.patch" with a 
patch that removes two defines that access X.509 store members directly.


As the X509_STORE is opaque build of source that use those defines fail.

Regards,
Roumen
>From 32b59c4406581d9e0418ba9b61a1abe2044468ff Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sat, 16 Apr 2016 19:10:19 +0300
Subject: [PATCH 4/4] remove defines X509_STORE_set_verify_... as context is
 now opaque

---
 include/openssl/x509_vfy.h | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/include/openssl/x509_vfy.h b/include/openssl/x509_vfy.h
index 4bf27e9..fa186a0 100644
--- a/include/openssl/x509_vfy.h
+++ b/include/openssl/x509_vfy.h
@@ -104,9 +104,6 @@ DEFINE_STACK_OF(X509_VERIFY_PARAM)
 
 int X509_STORE_set_depth(X509_STORE *store, int depth);
 
-# define X509_STORE_set_verify_cb_func(ctx,func) ((ctx)->verify_cb=(func))
-# define X509_STORE_set_verify_func(ctx,func)((ctx)->verify=(func))
-
 void X509_STORE_CTX_set_depth(X509_STORE_CTX *ctx, int depth);
 
 # define X509_STORE_CTX_set_app_data(ctx,data) \
-- 
1.8.4

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] use of X.509 lookup methods, X509_OBJECT internal or opaque?

[Roumen Petrov]

Hi Openssl developers,

Recent modification to X509... structures prevent external 
implementation of X509_LOOKUP_METHOD.
Main issue that 1.1beta5 is not usable. A lot of X509... structures are 
now opaque, but there is no access neither memory management functions.
I hop that soon will be provided API for X509_LOOKUP_METHOD and etc., 
and then we could discuss corresponding API.



This email is only for X509_OBJECT as the primary subject is use of 
lookup methods.


1) X509_STORE_get_X509_by_subject
The new function is with argument type and return X509_OBJECT. If is 
called with X509_LU_CRL returned X509_OBJECT will contain X509_CRL.
So the question is why to use this new method instead existing 
X509_STORE_get_by_subject?


What about to declare method as:
  X509*  X509_STORE_get_X509_by_subject(X509_STORE_CTX *vs, 
X509_NAME *name)

and to declare another method as:
   X509_CRL* X509_STORE_get_X509_CRL_by_subject(X509_STORE_CTX *vs, 
X509_NAME *name)


Definition could use internally X509_OBJECT with corresponding search type.


2) X509_OBJECT allocation.
Function X509_STORE_get_by_subject require pointer to allocated 
X509_OBJECT. This and implementation of X509_LOOKUP_METHOD require 
X509_OBJECT allocation method.

Unfortunately X509_OBJECT_new is not defined in 1.1beta5.


3) release of X509_OBJECT content.
X509_OBJECT_free is a new function that call X509_OBJECT_free_contents.
Unfortunately public function X509_OBJECT_free_contents release content 
but does not change content type nor clear (zero) content.
If program code call X509_OBJECT_free_contents and then at some point 
call X509_OBJECT_free double free error occur.


It seems to me current OpenSSL code is not impacted as functions like 
X509_STORE_add_ does not use X509_OBJECT_free

X509_OBJECT_free_contents(obj);
OPENSSL_free(obj);

If function X509_OBJECT_free_contents remain public please ensure that 
double free will not occur.
It seems to me change of content type to X509_LU_RETRY will prevent 
double free.



4)  access to X509_OBJECT content.
Current API provide access to certificate content but lack for access to 
revocation list content.
Function X509_OBJECT_get0_X509 returns always certificate if argument is 
not null. This does not look correct.
The function must return X.509 certificate only if argument is not null 
and content type is for certificate.

For instance
X509 *X509_OBJECT_get0_X509(X509_OBJECT *a)
{
 return a != NULL && a->type == X509_LU_X509 ? a->data.x509 : NULL;
}

Please define content access function for revocation list:
X509_CRL *X509_OBJECT_get0_X509_CRL(X509_OBJECT *a)



I'm concerned that according plan next release is final one.

Roumen



--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] get engine function for EC key

[Roumen Petrov]

Hi,

Currently access to engine member is available for some keys:
$ grep -r get0_engine include/
include/openssl/dh.h:ENGINE *DH_get0_engine(DH *d);
include/openssl/dsa.h:ENGINE *DSA_get0_engine(DSA *d);
include/openssl/rsa.h:ENGINE *RSA_get0_engine(RSA *r);


Please add function for EC_KEY.

If possible constify key argument and result for all those access functions.

Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] OPENSSL_cleanup now error is "invalid pointer"

[Roumen Petrov]

Hi

With current master "corrupted double-linked list" disappear but error 
still exist, see below



Roumen Petrov wrote:

[SNIP]

Stack trace
*** Error in '/apps/openssl': corrupted double-linked list: 
0x006de730 ***

^C
Program received signal SIGINT, Interrupt.
0x76fb338b in __lll_lock_wait_private () from /lib64/libc.so.6
(gdb) bt
#0  0x76fb338b in __lll_lock_wait_private () from 
/lib64/libc.so.6

#1  0x76f3024a in _L_lock_12669 () from /lib64/libc.so.6
#2  0x76f2d975 in malloc () from /lib64/libc.so.6
#3  0x77de1b26 in _dl_map_object () from 
/lib64/ld-linux-x86-64.so.2
#4  0x77ded387 in dl_open_worker () from 
/lib64/ld-linux-x86-64.so.2
#5  0x77de8924 in _dl_catch_error () from 
/lib64/ld-linux-x86-64.so.2

#6  0x77decc7b in _dl_open () from /lib64/ld-linux-x86-64.so.2
#7  0x76fe0752 in do_dlopen () from /lib64/libc.so.6
#8  0x77de8924 in _dl_catch_error () from 
/lib64/ld-linux-x86-64.so.2

#9  0x76fe0812 in __libc_dlopen_mode () from /lib64/libc.so.6
#10 0x76fb9825 in init () from /lib64/libc.so.6
#11 0x77282120 in pthread_once () from /lib64/libpthread.so.0
#12 0x76fb993c in backtrace () from /lib64/libc.so.6
#13 0x76f232a4 in __libc_message () from /lib64/libc.so.6
#14 0x76f293d7 in malloc_printerr () from /lib64/libc.so.6
#15 0x76f2ab0c in _int_free () from /lib64/libc.so.6
#16 0x7781b962 in CRYPTO_free (str=0x6de850, 
file=0x778eb3e6 "crypto/threads_pthread.c", line=99) at 
crypto/mem.c:226
#17 0x7787e7f5 in CRYPTO_THREAD_lock_free (lock=0x6de850) at 
crypto/threads_pthread.c:99
#18 0x7780eda5 in EVP_PKEY_free_it (x=0x6e9310) at 
crypto/evp/p_lib.c:447
#19 0x7780ecf4 in EVP_PKEY_free (x=0x6e9310) at 
crypto/evp/p_lib.c:431
#20 0x77811307 in EVP_PKEY_CTX_free (ctx=0x6de3a0) at 
crypto/evp/pmeth_lib.c:331
#21 0x777f7cd3 in EVP_MD_CTX_reset (ctx=0x6be5d0) at 
crypto/evp/digest.c:138
#22 0x777f7d34 in EVP_MD_CTX_free (ctx=0x6be5d0) at 
crypto/evp/digest.c:154

#23 0x777f59a3 in md_free (a=0x6be510) at crypto/evp/bio_md.c:116
#24 0x777359b8 in BIO_free (a=0x6be510) at 
crypto/bio/bio_lib.c:138
#25 0x0042d54a in dgst_main (argc=1, argv=0x7fffd950) at 
apps/dgst.c:444
#26 0x00438844 in do_cmd (prog=0x6b5f20, argc=11, 
argv=0x7fffd900) at apps/openssl.c:570
#27 0x00437ff3 in main (argc=11, argv=0x7fffd900) at 
apps/openssl.c:274

(gdb)

I use "0004-avoid-corrupted-double-linked-list-in-EVP_PKEY.patch" as 
work-around.


Local repository is updated up to:
commit acde647fb0347f64af8f8678b73ce41f2f499c02
Author: Kazuki Yamaguchi <k...@rhe.jp>
Date:   Thu Apr 21 17:35:53 2016 +0900

Fix EC_KEY_set_private_key() to call key->group->meth->set_private()


Now error is:
*** Error in `/util/../apps/openssl': munmap_chunk(): invalid 
pointer: 0x00fbe590 ***

=== Backtrace: =
/lib64/libc.so.6(+0x7e3d7)[0x7f95457ec3d7]
/util/../libcrypto.so.1.1(CRYPTO_free+0x57)[0x7f954635e0e2]
/util/../libcrypto.so.1.1(CRYPTO_THREAD_lock_free+0x39)[0x7f95463c19f1]
/util/../libcrypto.so.1.1(+0x17951d)[0x7f954635151d]
/util/../libcrypto.so.1.1(EVP_PKEY_free+0x70)[0x7f954635146c]
/util/../libcrypto.so.1.1(EVP_PKEY_CTX_free+0x55)[0x7f9546353a7f]
/util/../libcrypto.so.1.1(EVP_MD_CTX_reset+0xd7)[0x7f954633a487]
/util/../libcrypto.so.1.1(EVP_MD_CTX_free+0x18)[0x7f954633a4e8]
/util/../libcrypto.so.1.1(+0x1600b9)[0x7f95463380b9]
/util/../libcrypto.so.1.1(BIO_free+0x11d)[0x7f954627abcc]
/util/../apps/openssl[0x42d879]
/util/../apps/openssl[0x438cf8]
/util/../apps/openssl[0x4384b5]
/lib64/libc.so.6(__libc_start_main+0xf5)[0x7f954578fd05]
/util/../apps/openssl[0x41ba99]
=== Memory map: 

Work-around "avoid-corrupted-double-linked-list-in-EVP_PKEY" from my 
previous post resolve issue:


Roumen

P.S. diff for protocol
diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index a8fa301..0dfb93b 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -436,6 +436,7 @@ static void EVP_PKEY_free_it(EVP_PKEY *x)
 x->engine = NULL;
 #endif
 CRYPTO_THREAD_lock_free(x->lock);
+x->lock = NULL;
 }

 static int unsup_alg(BIO *out, const EVP_PKEY *pkey, int indent,


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] build with defined ENGINE_REF_COUNT_DEBUG

[Roumen Petrov]

Hi,

Please see attached file 
0003-build-with-defined-ENGINE_REF_COUNT_DEBUG.patch .
If ENGINE_REF_COUNT_DEBUG is defined build fail. Proposed patch resolve 
issue.


Regards,
Roumen
>From 3db4a9eb01f6caf1c59c50d8f6a3f6ec73cc71df Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 13 Mar 2016 20:02:42 +0200
Subject: [PATCH 3/3] build with defined ENGINE_REF_COUNT_DEBUG

---
 crypto/engine/eng_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c
index d0bc716..185cb9c 100644
--- a/crypto/engine/eng_lib.c
+++ b/crypto/engine/eng_lib.c
@@ -122,7 +122,7 @@ int engine_free_util(ENGINE *e, int locked)
 CRYPTO_atomic_add(>struct_ref, -1, , global_engine_lock);
 else
 i = --e->struct_ref;
-engine_ref_debug(e, 0, -1)
+engine_ref_debug(e, 0, -1);
 if (i > 0)
 return 1;
 REF_ASSERT_ISNT(i < 0);
-- 
1.8.4

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] What about DSA_SIG_get0 ? Was: ECDSA_SIG_get0() for const ECDSA_SIG *

[Roumen Petrov]

Hello ,

Issue 4436 report only ECDSA_SIG_get0 but DSA is the same.
Perhaps  DSA_SIG_get0  could use constant signature pointer.

Stephen Henson via RT wrote:

Fixed now. Closing ticket.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see:http://www.openssl.org



Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] OPENSSL_cleanup new issue

[Roumen Petrov]

Hi Matt,

Matt Caswell wrote:

Hi Roumen

On 10/03/16 22:21, Roumen Petrov wrote:

Hello,

With new thread model in some configurations openssl hands on unload of
engine.

I just pushed commit 773fd0bad4 to master which should hopefully resolve
this issue.
It seems to me hang is resolved after recent changes in init.c - commit 
"Fix the init cleanup order" (


58a8fc25d73d8558df25d998f85d4714fbbe74ac)

.
May be cleanup function could free error list after all other clean-up code.


I would like to test engine "reference counters but build fail - please 
apply patch 0003-build-with-defined-ENGINE_REF_COUNT_DEBUG.patch.



I'm not sure that memory leaks are resolved - valgrind report that 
err_string_lock and ex_data_lock are not freed.




Now some regression tests of an engine fail with "corrupted 
double-linked list" .Tests call openssl dgst command with key from file 
or engine. Keys are rsa, dsa and ec. Digest verify command fail only if 
key format is from engine , key is EC key with prime256v1 or secp521r1. 
Tests pass with EC secp384r1. Also all test pass if engine code print 
debug messages to stderr.


Stack trace
*** Error in '/apps/openssl': corrupted double-linked list: 
0x006de730 ***

^C
Program received signal SIGINT, Interrupt.
0x76fb338b in __lll_lock_wait_private () from /lib64/libc.so.6
(gdb) bt
#0  0x76fb338b in __lll_lock_wait_private () from /lib64/libc.so.6
#1  0x76f3024a in _L_lock_12669 () from /lib64/libc.so.6
#2  0x76f2d975 in malloc () from /lib64/libc.so.6
#3  0x77de1b26 in _dl_map_object () from /lib64/ld-linux-x86-64.so.2
#4  0x77ded387 in dl_open_worker () from /lib64/ld-linux-x86-64.so.2
#5  0x77de8924 in _dl_catch_error () from 
/lib64/ld-linux-x86-64.so.2

#6  0x77decc7b in _dl_open () from /lib64/ld-linux-x86-64.so.2
#7  0x76fe0752 in do_dlopen () from /lib64/libc.so.6
#8  0x77de8924 in _dl_catch_error () from 
/lib64/ld-linux-x86-64.so.2

#9  0x76fe0812 in __libc_dlopen_mode () from /lib64/libc.so.6
#10 0x76fb9825 in init () from /lib64/libc.so.6
#11 0x77282120 in pthread_once () from /lib64/libpthread.so.0
#12 0x76fb993c in backtrace () from /lib64/libc.so.6
#13 0x76f232a4 in __libc_message () from /lib64/libc.so.6
#14 0x76f293d7 in malloc_printerr () from /lib64/libc.so.6
#15 0x76f2ab0c in _int_free () from /lib64/libc.so.6
#16 0x7781b962 in CRYPTO_free (str=0x6de850, file=0x778eb3e6 
"crypto/threads_pthread.c", line=99) at crypto/mem.c:226
#17 0x7787e7f5 in CRYPTO_THREAD_lock_free (lock=0x6de850) at 
crypto/threads_pthread.c:99
#18 0x7780eda5 in EVP_PKEY_free_it (x=0x6e9310) at 
crypto/evp/p_lib.c:447
#19 0x7780ecf4 in EVP_PKEY_free (x=0x6e9310) at 
crypto/evp/p_lib.c:431
#20 0x77811307 in EVP_PKEY_CTX_free (ctx=0x6de3a0) at 
crypto/evp/pmeth_lib.c:331
#21 0x777f7cd3 in EVP_MD_CTX_reset (ctx=0x6be5d0) at 
crypto/evp/digest.c:138
#22 0x777f7d34 in EVP_MD_CTX_free (ctx=0x6be5d0) at 
crypto/evp/digest.c:154

#23 0x777f59a3 in md_free (a=0x6be510) at crypto/evp/bio_md.c:116
#24 0x777359b8 in BIO_free (a=0x6be510) at crypto/bio/bio_lib.c:138
#25 0x0042d54a in dgst_main (argc=1, argv=0x7fffd950) at 
apps/dgst.c:444
#26 0x00438844 in do_cmd (prog=0x6b5f20, argc=11, 
argv=0x7fffd900) at apps/openssl.c:570
#27 0x00437ff3 in main (argc=11, argv=0x7fffd900) at 
apps/openssl.c:274

(gdb)

I use "0004-avoid-corrupted-double-linked-list-in-EVP_PKEY.patch" as 
work-around.



Roumen







>From f6cee8a8c2c9362463cd75f6e64128097d8ce8a2 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 13 Mar 2016 20:02:42 +0200
Subject: [PATCH 3/4] build with defined ENGINE_REF_COUNT_DEBUG

---
 crypto/engine/eng_lib.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/engine/eng_lib.c b/crypto/engine/eng_lib.c
index dd47342..e6feef1 100644
--- a/crypto/engine/eng_lib.c
+++ b/crypto/engine/eng_lib.c
@@ -122,7 +122,7 @@ int engine_free_util(ENGINE *e, int locked)
 CRYPTO_atomic_add(>struct_ref, -1, , global_engine_lock);
 else
 i = --e->struct_ref;
-engine_ref_debug(e, 0, -1)
+engine_ref_debug(e, 0, -1);
 if (i > 0)
 return 1;
 REF_ASSERT_ISNT(i < 0);
-- 
1.8.4

>From d741a6f8998f90e65f8c3afd02a0a8ed66a70d55 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 13 Mar 2016 20:47:44 +0200
Subject: [PATCH 4/4] avoid "corrupted double-linked list" in EVP_PKEY

---
 crypto/evp/p_lib.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/crypto/evp/p_lib.c b/crypto/evp/p_lib.c
index a7d6244..05300ae 100644
--- a/crypto/evp/p_lib.c
+++ b/crypto/evp/p_lib.c
@@ -445,6 +445,7 @@ static void EVP_PKEY_free_it(EVP_PKEY *x)
 x->engine = NU

[openssl-dev] OPENSSL_cleanup new issue

[Roumen Petrov]

Hello,

With new thread model in some configurations openssl hands on unload of 
engine.


Steps to reproduce:
1) after installation add following lines to openssl.cnf before section 
[ new_oids ]

#begin
openssl_conf = config

[ config ]
engines = engine_section

[ engine_section ]
engine1 = engine1_config

[ engine1_config ]
#engine_id = dasync
dynamic_path = ${ENV::OPENSSL_ENGINES}/dasync.so
#end

2) check for dasync engine
$ OPENSSL_ENGINES=/usr/local/openssl64/master/lib/engines 
/usr/local/openssl64/master/bin/openssl engine -c  dasync

(dasync) Dummy Async engine support
 [RSA, AES-128-CBC, AES-128-CBC-HMAC-SHA1, SHA1]


Program hang on library cleanup:
(gdb) bt
#0  0x7f6b6ba7f4bc in __lll_lock_wait () from /lib64/libpthread.so.0
#1  0x7f6b6ba7c5e1 in pthread_rwlock_wrlock () from 
/lib64/libpthread.so.0
#2  0x7f6b6c03ace9 in CRYPTO_THREAD_write_lock (lock=out>) at crypto/threads_pthread.c:79
#3  0x7f6b6bfbd813 in ENGINE_finish (e=0x1071ba0) at 
crypto/engine/eng_init.c:142
#4  0x7f6b6bfbb9d8 in int_engine_module_finish (md=) 
at crypto/engine/eng_cnf.c:232
#5  0x7f6b6bf627c6 in module_finish (imod=0x1071e80) at 
crypto/conf/conf_mod.c:445

#6  CONF_modules_finish () at crypto/conf/conf_mod.c:432
#7  0x7f6b6bf62a39 in CONF_modules_free () at crypto/conf/conf_mod.c:465
#8  0x7f6b6bfe047a in OPENSSL_cleanup () at crypto/init.c:477
#9  0x7f6b6b6e1209 in __run_exit_handlers () from /lib64/libc.so.6
#10 0x7f6b6b6e1255 in exit () from /lib64/libc.so.6
#11 0x0041cf5d in main (argc=, argv=out>) at apps/openssl.c:361

(gdb)


My build is based on commit 603358de576217812cb3d752e97c78e476cdc879 
-plus remaining modifications from issue "#4207 engine key format in 1.1"


Regards,
Roumen Petrov



Roumen Petrov wrote:

Hello,

I just finish tests with new initialization methods. Memory detection 
tool report a number of memory leaks.


Startup code is:
OPENSSL_init_crypto(
OPENSSL_INIT_ENGINE_ALL_BUILTIN |
OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS |
OPENSSL_INIT_LOAD_CONFIG, NULL);

Default configuration describes a cryptographic module :
--
#[ default ]
openssl_conf = config

[ config ]
engines = engine_section

[ engine_section ]
engine1 = engine_conf1

[ engine_conf1 ]
engine_id = foo
...
--

At exit OPENSSL_cleanup is not enough.
It seems to me call of ENGINE_cleanup() and CONF_modules_unload(1) 
before cleanup suppress memory warnings.



Another point - why OPENSSL_config duplicate name of configuration file?


Regards,
Roumen


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] unified build dependencies

[Roumen Petrov]

Hello ,

It seems to me unified build system work quite well with simultaneous 
build jobs.
I would like to report a minor issue - I have to run make 3 times until 
all decencies are resolved. Second make rebuild about 450 items. Third 
time only speed is rebuild.
The build is in a clean source tree. After build into tree left a number 
of temporary dependency files (*.d.tmp).


Regards,
Roumen


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] OpenSSL 1.0.2g - make test fails with FIPS -- regression from 1.0.2f

[Roumen Petrov]

Brad House wrote:

It appears OpenSSL 1.0.2g introduced a regression when attempting to run
'make test' on a fips-enabled build on linux.   When compiling without FIPS, the
tests pass as expected.  However, with fips turned on, "make test" fails
when trying to use ssl2 it appears.  Running 'make test' is a fairly
standard practice to try to ensure there were no unexpected failures on
a given platform.

1.0.2f is unaffected, as is 1.0.1r.  However, 1.0.1s is also impacted.
Actually all 1.0.{1|2}* versions are impacted if build is with no-ssl2 
and no-ssl3

[SNIP]

Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #2363] bug: memory allocated by DH_new() may never be free()ed

[Roumen Petrov via RT]

It is expected DH_free(DH_new()); to leaks memory.  Usually XXX method 
initialize "extra data".

Sample code is without code that clear library, at least 
CRYPTO_cleanup_all_ex_data is missing.

Roumen



-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=2363
Please log in as guest with password guest if prompted

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] OPENSSL_cleanup additional

[Roumen Petrov]

Hello,

I just finish tests with new initialization methods. Memory detection 
tool report a number of memory leaks.


Startup code is:
OPENSSL_init_crypto(
OPENSSL_INIT_ENGINE_ALL_BUILTIN |
OPENSSL_INIT_ADD_ALL_CIPHERS |
OPENSSL_INIT_ADD_ALL_DIGESTS |
OPENSSL_INIT_LOAD_CONFIG, NULL);

Default configuration describes a cryptographic module :
--
#[ default ]
openssl_conf = config

[ config ]
engines = engine_section

[ engine_section ]
engine1 = engine_conf1

[ engine_conf1 ]
engine_id = foo
...
--

At exit OPENSSL_cleanup is not enough.
It seems to me call of ENGINE_cleanup() and CONF_modules_unload(1) 
before cleanup suppress memory warnings.



Another point - why OPENSSL_config duplicate name of configuration file?


Regards,
Roumen
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] shared build, master, 2016-02-23

[Roumen Petrov]

Hello,

The current master branch does not create shared libraries. Attached 
patch restore build with gnu tools.


Regards,
Roumen Petrov




>From 2c3d122965a0a6a0b8b2ae3188b7c16658e5a57a Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Tue, 23 Feb 2016 21:34:16 +0200
Subject: [PATCH 13/13] correct name of GNU shared libraries

---
 Makefile.shared | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/Makefile.shared b/Makefile.shared
index 313de4e..5100b5d 100644
--- a/Makefile.shared
+++ b/Makefile.shared
@@ -171,7 +171,7 @@ DO_GNU_DSO=\
 	$(DO_GNU_SO_COMMON)
 DO_GNU_SO=\
 	$(CALC_VERSIONS); \
-	SHLIB=lib$$SHLIB; \
+	SHLIB=lib$(LIBNAME).so; \
 	ALLSYMSFLAGS='-Wl,--whole-archive'; \
 	NOALLSYMSFLAGS='-Wl,--no-whole-archive'; \
 	$(DO_GNU_SO_COMMON)
-- 
1.8.4

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4320] [Patch] OpenSSL 1.1.0-pre3: "unable to load Key" error in PEM_get_EVP_CIPHER_INFO()

[Roumen Petrov via RT]

Hi Rich,

Rich Salz via RT wrote:
> fixed in commit 985c3146967633707f7c165df82bb0fd8f279758 thanks for the 
> report!
 From initial patch is missing line with header += 9.
Please could you review parsing with ENCRYPTED

Roumen

-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4320
Please log in as guest with password guest if prompted

>From b359b5caf689583b247d825892ccd6dd42474de1 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Thu, 18 Feb 2016 23:26:43 +0200
Subject: [PATCH 4/4] #4320 OpenSSL 1.1.0-pre3: "unable to load Key" error in
 PEM_get_EVP_CIPHER_INFO()

---
 crypto/pem/pem_lib.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index a75d9ac..5e8077e 100644
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -509,6 +509,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_NOT_ENCRYPTED);
 return (0);
 }
+header += 9;
 for (; (*header != '\n') && (*header != '\0'); header++) ;
 if (*header == '\0') {
 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_SHORT_HEADER);
@@ -536,7 +537,7 @@ int PEM_get_EVP_CIPHER_INFO(char *header, EVP_CIPHER_INFO *cipher)
 }
 *header = '\0';
 cipher->cipher = enc = EVP_get_cipherbyname(dekinfostart);
-*header = c;
+*header++ = c;
 
 if (enc == NULL) {
 PEMerr(PEM_F_PEM_GET_EVP_CIPHER_INFO, PEM_R_UNSUPPORTED_ENCRYPTION);
-- 
1.8.4

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] OPENSSL_config with default configuration

[Roumen Petrov]

Hello,

OPENSSL_config with NULL argument crash in master branch.
Please find attached file with proposed patch.


Regards,
Roumen
>From f6eee9281567e47ae23383c527845cc4a897d195 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Fri, 12 Feb 2016 22:18:59 +0200
Subject: [PATCH 4/5] OPENSSL_config with default configuration

	(OPENSSL_config with NULL argument)
---
 crypto/conf/conf_sap.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/crypto/conf/conf_sap.c b/crypto/conf/conf_sap.c
index 2021a02..e70fb7a 100644
--- a/crypto/conf/conf_sap.c
+++ b/crypto/conf/conf_sap.c
@@ -81,7 +81,8 @@ void OPENSSL_config(const char *config_name)
 OPENSSL_INIT_SETTINGS settings;
 
 memset(, 0, sizeof(settings));
-settings.config_name = strdup(config_name);
+if (config_name != NULL)
+settings.config_name = strdup(config_name);
 OPENSSL_init_crypto(OPENSSL_INIT_LOAD_CONFIG, );
 }
 #endif
-- 
1.8.4

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4312] documentation: RSA_new_method argument

[Roumen Petrov via RT]

Hello,

Function argument is pointer to ENGINE - please find attached patch

Regards,
Roumen Petrov

-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4312
Please log in as guest with password guest if prompted

>From 2f2e1f210ec3c8452ecd041604fd14071a4b59ca Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sat, 13 Feb 2016 10:41:49 +0200
Subject: [PATCH 3/5] documentation: RSA_new_method argument

---
 doc/crypto/RSA_set_method.pod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/doc/crypto/RSA_set_method.pod b/doc/crypto/RSA_set_method.pod
index d09fed2..add193e 100644
--- a/doc/crypto/RSA_set_method.pod
+++ b/doc/crypto/RSA_set_method.pod
@@ -24,7 +24,7 @@ RSA_new_method - select RSA method
 
  int RSA_flags(const RSA *rsa);
 
- RSA *RSA_new_method(RSA_METHOD *method);
+ RSA *RSA_new_method(ENGINE *engine);
 
 =head1 DESCRIPTION
 
-- 
1.8.4

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] BIO_new_connect after refactoring

[Roumen Petrov]

Richard Levitte wrote:

That patch just got merged into master, commit
80926502986a97eed53afe1d85fc074e40829547

10x
It seems to me #4296 is second report.


Cheers,
Richard

In message <56b718f3.9070...@roumenpetrov.info> on Sun, 07 Feb 2016 12:14:11 +0200, 
Roumen Petrov <open...@roumenpetrov.info> said:

openssl> Hello,
openssl>
openssl> With master branch my ssh ocsp tests start to fail again.
openssl> The program code call BIO_new_connect("127.0.01") and then parsing of
openssl> 'name' crash.
openssl> Please find attached proposed patch.


Roumen

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] BIO_new_connect after refactoring

[Roumen Petrov]

Hello,

With master branch my ssh ocsp tests start to fail again.
The program code call BIO_new_connect("127.0.01") and then parsing of 
'name' crash.

Please find attached proposed patch.

Roumen

>From 65f29abcce374e3ceddc93f2854493f1839eb305 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sat, 6 Feb 2016 14:07:39 +0200
Subject: [PATCH 09/16] avoid crash if hostserv is with host part only

	(if priority is set to host)
---
 crypto/bio/b_addr.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c
index f1ff5fe..a2a0dd2 100644
--- a/crypto/bio/b_addr.c
+++ b/crypto/bio/b_addr.c
@@ -505,7 +505,7 @@ int BIO_parse_hostserv(const char *hostserv, char **host, char **service,
 }
 }
 
-if (strchr(p, ':'))
+if (p != NULL && strchr(p, ':'))
 goto spec_err;
 
 if (h != NULL && host != NULL) {
-- 
1.8.4

-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4207] engine key format in 1.1

[Roumen Petrov via RT]

Also patches for commands:
- pkey : "0017-pkey-cmd-restore-keys-from-engine.patch"
- req : "0018-req-cmd-restore-keys-from-engine.patch"

>From 0ea1c0b9b600977e93efed4545166ec4ae245bc9 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sat, 9 Jan 2016 14:52:14 +0200
Subject: [PATCH 17/19] pkey cmd: restore keys from engine

---
 apps/pkey.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/apps/pkey.c b/apps/pkey.c
index 40db6f5..9a72df4 100644
--- a/apps/pkey.c
+++ b/apps/pkey.c
@@ -71,11 +71,11 @@ typedef enum OPTION_choice {
 
 OPTIONS pkey_options[] = {
 {"help", OPT_HELP, '-', "Display this summary"},
-{"inform", OPT_INFORM, 'F', "Input format (DER or PEM)"},
+{"inform", OPT_INFORM, 'f', "Input format (DER or PEM)"},
 {"outform", OPT_OUTFORM, 'F', "Output format (DER or PEM)"},
 {"passin", OPT_PASSIN, 's', "Input file pass phrase source"},
 {"passout", OPT_PASSOUT, 's', "Output file pass phrase source"},
-{"in", OPT_IN, '<', "Input file"},
+{"in", OPT_IN, 's', "Input file"},
 {"out", OPT_OUT, '>', "Output file"},
 {"pubin", OPT_PUBIN, '-',
  "Read public key from input (default is private key)"},
@@ -116,7 +116,7 @@ int pkey_main(int argc, char **argv)
 ret = 0;
 goto end;
 case OPT_INFORM:
-if (!opt_format(opt_arg(), OPT_FMT_PEMDER, ))
+if (!opt_format(opt_arg(), OPT_FMT_ANY, ))
 goto opthelp;
 break;
 case OPT_OUTFORM:
-- 
1.8.4

>From 5c976b9fc19533514faae5c3c5ac1664eb33080b Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 10 Jan 2016 21:20:01 +0200
Subject: [PATCH 18/19] req cmd: restore keys from engine

---
 apps/req.c | 8 
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/apps/req.c b/apps/req.c
index a0da788..335d777 100644
--- a/apps/req.c
+++ b/apps/req.c
@@ -136,8 +136,8 @@ OPTIONS req_options[] = {
 {"outform", OPT_OUTFORM, 'F', "Output format - DER or PEM"},
 {"in", OPT_IN, '<', "Input file"},
 {"out", OPT_OUT, '>', "Output file"},
-{"key", OPT_KEY, '<', "Use the private key contained in file"},
-{"keyform", OPT_KEYFORM, 'F', "Key file format"},
+{"key", OPT_KEY, 's', "Use the private key contained in file"},
+{"keyform", OPT_KEYFORM, 'f', "Key file format"},
 {"pubkey", OPT_PUBKEY, '-', "Output public key"},
 {"new", OPT_NEW, '-', "New request"},
 {"config", OPT_CONFIG, '<', "Request template file"},
@@ -235,7 +235,7 @@ int req_main(int argc, char **argv)
 goto opthelp;
 break;
 case OPT_ENGINE:
-(void)setup_engine(opt_arg(), 0);
+e = setup_engine(opt_arg(), 0);
 break;
 case OPT_KEYGEN_ENGINE:
 #ifndef OPENSSL_NO_ENGINE
@@ -259,7 +259,7 @@ int req_main(int argc, char **argv)
 template = opt_arg();
 break;
 case OPT_KEYFORM:
-if (!opt_format(opt_arg(), OPT_FMT_PEMDER, ))
+if (!opt_format(opt_arg(), OPT_FMT_ANY, ))
 goto opthelp;
 break;
 case OPT_IN:
-- 
1.8.4

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4249] ECDSA method flags

[Roumen Petrov via RT]

In 1.0.2 branch commit 94c2f77a62be7079ab1893ab14b18a30157c4532 add 
functions to set ECDSA_METHOD structure.
One on functions is to set flags. Until now ECDSA flags are defined only 
in non-installed header.


1) "0003-move-some-ECDSA_METHOD-declarations-after-descriptio.patch"
First patch is cosmetic correction of above mentioned commit - move some 
declarations after description.

2) "0004-public-flag-ECDSA_FLAG_FIPS_METHOD.patch"
Actual patch that moves ECDSA flags to public header.

3) "0005-remove-unused-flag-EC_FLAG_FIPS_CHECKED.patch"

OpenSSL describes flag EC_FLAG_FIPS_CHECKED but this flags is not used 
in fips enabled openssl build. It seems to me is enough to set flag 
ECDSA_FLAG_FIPS_METHOD to allow ECDSA method to work in fips mode.


Regards,
Roumen Petrov



>From 4e2150fb50fc07e1edd38938f3d3c32e8438 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Thu, 14 Jan 2016 20:52:34 +0200
Subject: [PATCH 3/5] move some ECDSA_METHOD declarations after description

---
 crypto/ecdsa/ecdsa.h | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h
index a6f0930..759a9b4 100644
--- a/crypto/ecdsa/ecdsa.h
+++ b/crypto/ecdsa/ecdsa.h
@@ -288,20 +288,20 @@ void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
  const ECDSA_SIG *sig,
  EC_KEY *eckey));
 
-void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
-
 /**  Set the flags field in the ECDSA_METHOD
  *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
  *   \param  flags flags value to set
  */
 
-void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
+void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
 
 /**  Set the name field in the ECDSA_METHOD
  *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
  *   \param  name name to set
  */
 
+void ECDSA_METHOD_set_name(ECDSA_METHOD *ecdsa_method, char *name);
+
 /* BEGIN ERROR CODES */
 /*
  * The following lines are auto generated by the script mkerr.pl. Any changes
-- 
1.8.4


>From c80719cbed504c390c069038e9e3ea7fcd7901ad Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Thu, 14 Jan 2016 20:53:15 +0200
Subject: [PATCH 4/5] public flag ECDSA_FLAG_FIPS_METHOD

---
 crypto/ecdsa/ecdsa.h| 9 +
 crypto/ecdsa/ecs_locl.h | 9 -
 2 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/crypto/ecdsa/ecdsa.h b/crypto/ecdsa/ecdsa.h
index 759a9b4..7b432b9 100644
--- a/crypto/ecdsa/ecdsa.h
+++ b/crypto/ecdsa/ecdsa.h
@@ -295,6 +295,15 @@ void ECDSA_METHOD_set_verify(ECDSA_METHOD *ecdsa_method,
 
 void ECDSA_METHOD_set_flags(ECDSA_METHOD *ecdsa_method, int flags);
 
+/*
+ * If this flag is set the ECDSA method is FIPS compliant and can be used in
+ * FIPS mode. This is set in the validated module method. If an application
+ * sets this flag in its own methods it is its responsibility to ensure the
+ * result is compliant.
+ */
+
+# define ECDSA_FLAG_FIPS_METHOD  0x1
+
 /**  Set the name field in the ECDSA_METHOD
  *   \param  ecdsa_method  pointer to existing ECDSA_METHOD
  *   \param  name name to set
diff --git a/crypto/ecdsa/ecs_locl.h b/crypto/ecdsa/ecs_locl.h
index d3a5efc..4cd5a21 100644
--- a/crypto/ecdsa/ecs_locl.h
+++ b/crypto/ecdsa/ecs_locl.h
@@ -86,15 +86,6 @@ struct ecdsa_method {
 
 # define ECDSA_METHOD_FLAG_ALLOCATED 0x2
 
-/*
- * If this flag is set the ECDSA method is FIPS compliant and can be used in
- * FIPS mode. This is set in the validated module method. If an application
- * sets this flag in its own methods it is its responsibility to ensure the
- * result is compliant.
- */
-
-# define ECDSA_FLAG_FIPS_METHOD  0x1
-
 typedef struct ecdsa_data_st {
 /* EC_KEY_METH_DATA part */
 int (*init) (EC_KEY *);
-- 
1.8.4


>From f7339510f472eacdafb0343bb14907de15102c18 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Thu, 14 Jan 2016 21:07:47 +0200
Subject: [PATCH 5/5] remove unused flag EC_FLAG_FIPS_CHECKED

---
 crypto/ec/ec.h| 1 -
 doc/crypto/EC_KEY_new.pod | 2 +-
 2 files changed, 1 insertion(+), 2 deletions(-)

diff --git a/crypto/ec/ec.h b/crypto/ec/ec.h
index 81e6faf..9146bc3 100644
--- a/crypto/ec/ec.h
+++ b/crypto/ec/ec.h
@@ -746,7 +746,6 @@ typedef struct ec_key_st EC_KEY;
 
 /* some values for the flags field */
 # define EC_FLAG_NON_FIPS_ALLOW  0x1
-# define EC_FLAG_FIPS_CHECKED0x2
 
 /** Creates a new EC_KEY object.
  *  \return EC_KEY object or NULL if an error occurred.
diff --git a/doc/crypto/EC_KEY_new.pod b/doc/crypto/EC_KEY_new.pod
index 0fa2de1..00dba25 100644
--- a/doc/crypto/EC_KEY_new.pod
+++ b/doc/crypto/EC_KEY_new.pod
@@ -73,7 +73,7 @@ of point_conversion_forms please refer to L<EC_POINT_new(3)|EC_POINT_new(3)>.
 EC_KEY_insert_key_method_data and EC_K

Re: [openssl-dev] [openssl.org #4194] engine command regression in 1.1

[Roumen Petrov via RT]

Salz, Rich via RT wrote:
> Tweaked, sigh.
> ; ./util/opensslwrap.sh engine - dynamic -pre 
> engine: Cannot mix flags and engine names.
> engine: Use -help for summary.
>  exit 1
>
If engine name cannot be at any position then please keep it as is. i.e. 
at last position. In this case please correct documentation with line in 
change log.


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4194] engine command regression in 1.1

[Roumen Petrov via RT]

Salz, Rich via RT wrote:
> Please see this:
>  
> https://github.com/openssl/openssl/compare/master...richsalz:rt4194?expand=1
>
It should fail with openssl engine - dynamic -pre 
SO_PATH:/lib/libfoo.so 

Help string looks good.

Roumen


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4194] engine command regression in 1.1

[Roumen Petrov via RT]

Salz, Rich via RT wrote:
> So you're saying just close this ticket?
>
No. My request is to restore flexible engine command line and optionally 
help string.
I only disagree with proposed partial correction for command line.


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4194] engine command regression in 1.1

[Roumen Petrov via RT]

Rich Salz via RT wrote:
> [SNIP]
> out = dup_bio_out(FORMAT_TEXT);
> - prog = opt_init(argc, argv, engine_options);
> if (!engines || !pre_cmds || !post_cmds)
> goto end;
> + while ((argv1 = argv[1]) != NULL && *argv1 != '-') {
> + sk_OPENSSL_STRING_push(engines, *argv1);
> + argc--;
> + argv++;
> + }
> + prog = opt_init(argc, argv, engine_options);
>
[SNIP]
Above patch is not complete. It seems to opt_init stop processing on 
first non-option argument.
In sample like :
openssl engine dynamic \
  -pre SO_PATH:/lib/libfoo.so \
  -pre ID:foo \
  -pre LOAD \
  -pre "CMD_FOO:some input data"

Arguments after dynamic are considered as engines The code try to use 
engines like "-pre",  "ID:foo" and "CMD_FOO:some input data".


Another sample is "Or to simply see the list of commands supported 
by the "foo" ENGINE;

openssl engine - dynamic \
  -pre SO_PATH:/lib/libfoo.so \
  -pre ID:foo \
  -pre LOAD
"
In above case engine is between "normal" arguments.

Roumen


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4207] engine key format in 1.1

[Roumen Petrov via RT]

Hi,

Implementation of common option processing for OpenSSL commands broke 
ENGINE key
format.
The patches attached to this email are only for tested command.


1) dgst command (see  0003-dgst-cmd-restore-keys-from-engine.patch)
Key form is described as any but value type of input ('<') is too 
restrictive - change input to string type.


2) rsa command (see 0004-rsa-cmd-restore-keys-from-engine.patch)
Similar as dgst.


3) dsa command (see 0005-dsa-cmd-implement-keys-from-engine.patch)
New.
Implementation of engine format is simple with common command processing.


4) ec command (see 0006-ec-cmd-implement-keys-from-engine.patch)
New.
Implementation of engine format requires specific load of input to be 
replaced to use  load_pubkey or load_key functions.
Then modification is similar as dsa.


5) rsautl command (see 0007-rsautl-cmd-restore-keys-from-engine.patch)
Key form input type 'f'(any) instead 'F' and input is from string type.


6) pkeyutl command (see 0008-pkeyutl-cmd-restore-keys-from-engine.patch)
Use key form input type 'f' instead 'F' .


Other commands are not tested yet.


Regards,
Roumen


>From 252430f0e1d0148b710caaa96de224384c5f8832 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 15 Nov 2015 11:00:00 +0200
Subject: [PATCH 03/15] dgst cmd: restore keys from engine

---
 apps/dgst.c | 10 +-
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/apps/dgst.c b/apps/dgst.c
index fb09a45..24c1f28 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -94,11 +94,11 @@ OPTIONS dgst_options[] = {
 {"rand", OPT_RAND, 's'},
 {"out", OPT_OUT, '>', "Output to filename rather than stdout"},
 {"passin", OPT_PASSIN, 's'},
-{"sign", OPT_SIGN, '<', "Sign digest using private key in file"},
-{"verify", OPT_VERIFY, '<',
- "Verify a signature using public key in file"},
-{"prverify", OPT_PRVERIFY, '<',
- "Verify a signature using private key in file"},
+{"sign", OPT_SIGN, 's', "Sign digest using private key in val"},
+{"verify", OPT_VERIFY, 's',
+ "Verify a signature using public key in val"},
+{"prverify", OPT_PRVERIFY, 's',
+ "Verify a signature using private key in val"},
 {"signature", OPT_SIGNATURE, '<', "File with signature to verify"},
     {"keyform", OPT_KEYFORM, 'f', "Key file format (PEM or ENGINE)"},
 {"hex", OPT_HEX, '-', "Print as hex dump"},
-- 
1.8.4


>From 1a02cfbf0a67583cc98377aa59c5b13f48219f05 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 15 Nov 2015 11:02:57 +0200
Subject: [PATCH 04/15] rsa cmd: restore keys from engine

---
 apps/rsa.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/apps/rsa.c b/apps/rsa.c
index cafa6f4..810713f 100644
--- a/apps/rsa.c
+++ b/apps/rsa.c
@@ -130,7 +130,7 @@ OPTIONS rsa_options[] = {
 {"help", OPT_HELP, '-', "Display this summary"},
 {"inform", OPT_INFORM, 'f', "Input format, one of DER NET PEM"},
 {"outform", OPT_OUTFORM, 'f', "Output format, one of DER NET PEM PVK"},
-{"in", OPT_IN, '<', "Input file"},
+{"in", OPT_IN, 's', "Input file"},
 {"out", OPT_OUT, '>', "Output file"},
 {"pubin", OPT_PUBIN, '-', "Expect a public key in input file"},
 {"pubout", OPT_PUBOUT, '-', "Output a public key"},
-- 
1.8.4


>From 942553a7d2e38297b57d0fa6a0c57b62c9d1507f Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sun, 15 Nov 2015 11:03:43 +0200
Subject: [PATCH 05/15] dsa cmd: implement keys from engine

---
 apps/dsa.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/apps/dsa.c b/apps/dsa.c
index 992d4e4..a2acd86 100644
--- a/apps/dsa.c
+++ b/apps/dsa.c
@@ -80,9 +80,9 @@ typedef enum OPTION_choice {
 
 OPTIONS dsa_options[] = {
 {"help", OPT_HELP, '-', "Display this summary"},
-{"inform", OPT_INFORM, 'F', "Input format, DER PEM PVK"},
+{"inform", OPT_INFORM, 'f', "Input format, DER PEM PVK"},
 {"outform", OPT_OUTFORM, 'F', "Output format, DER PEM PVK"},
-{"in", OPT_IN, '<', "Input file"},
+{"in", OPT_IN, 's', "Input file"},
 {"out", OPT_OUT, '>', "Output file"},
 {"noout", OPT_NOOUT, '-', "Don't print key out"},
 {"text", OPT_TEXT, '-', "Print the key in text"},
@@ -131,7 +131,7 @@ int dsa_main(int argc, char **argv)
 goto end;
 case OPT_INFORM:
 if (!

Re: [openssl-dev] [openssl.org #4194] engine command regression in 1.1

[Roumen Petrov via RT]

Salz, Rich via RT wrote:
> I don't know that I would call it a regression, but rather a difference. :)
> I'll fix the summary but not the old uncommon behavior.

Unlike other commands engine is flexible and documented behaviour (see 
previous post with quoted text).
As result in samples first is engine name then commands.
Just search in internet for samples - expect some recent openssl 
tutorial almost all other samples use name before options.

Request is only for engine. It is not for speed command for example.

This is reason to call issue regression.

Regards,
Roumen Petrov




___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4200] extra data for ec keys

[Roumen Petrov via RT]

Update patch sent to request tracker - without gap for CRYPTO_EX_INDEX


Salz, Rich wrote:
>> External cryptographic modules may store addition information to key.
>> What about to define CRYPTO_EX_DATA for ec keys?
> That is the plan -- we will remove EX_EX_DATA and the internal API and just 
> use the standard crypto_ex_data stuff.  Want to make a more complete patch as 
> a github pull request? :)  Otherwise I'll get to it soon.
>


>From 07ad1979667aeb2ba99a8ed88f679fb684b8cf1c Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Thu, 24 Dec 2015 09:59:29 +0200
Subject: [PATCH 01/13] extra data for EC_KEY

---
 crypto/ec/ec_lcl.h   |  1 +
 crypto/ec/ec_lib.c   | 10 ++
 include/openssl/crypto.h | 17 -
 include/openssl/ec.h |  6 ++
 util/libeay.num  |  2 ++
 5 files changed, 27 insertions(+), 9 deletions(-)

diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h
index ebfaae3..912aa8e 100644
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@@ -267,6 +267,7 @@ struct ec_key_st {
 point_conversion_form_t conv_form;
 int references;
 int flags;
+CRYPTO_EX_DATA ex_data;
 EC_EXTRA_DATA *method_data;
 } /* EC_KEY */ ;
 
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 7cb4759..e9e5832 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -1091,3 +1091,13 @@ int ec_precompute_mont_data(EC_GROUP *group)
 BN_CTX_free(ctx);
 return ret;
 }
+
+int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg)
+{
+return (CRYPTO_set_ex_data(>ex_data, idx, arg));
+}
+
+void *EC_KEY_get_ex_data(const EC_KEY *key, int idx)
+{
+return (CRYPTO_get_ex_data(>ex_data, idx));
+}
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index 0d88a06..7fedb77 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -270,15 +270,14 @@ DECLARE_STACK_OF(void)
 # define CRYPTO_EX_INDEX_X509_STORE_CTX   5
 # define CRYPTO_EX_INDEX_DH   6
 # define CRYPTO_EX_INDEX_DSA  7
-# define CRYPTO_EX_INDEX_ECDH 8
-# define CRYPTO_EX_INDEX_ECDSA9
-# define CRYPTO_EX_INDEX_RSA 10
-# define CRYPTO_EX_INDEX_ENGINE  11
-# define CRYPTO_EX_INDEX_UI  12
-# define CRYPTO_EX_INDEX_BIO 13
-# define CRYPTO_EX_INDEX_STORE   14
-# define CRYPTO_EX_INDEX_APP 15
-# define CRYPTO_EX_INDEX__COUNT  16
+# define CRYPTO_EX_INDEX_RSA  8
+# define CRYPTO_EX_INDEX_ENGINE   9
+# define CRYPTO_EX_INDEX_UI  10
+# define CRYPTO_EX_INDEX_BIO 11
+# define CRYPTO_EX_INDEX_STORE   12
+# define CRYPTO_EX_INDEX_APP 13
+# define CRYPTO_EX_INDEX_EC_KEY  14
+# define CRYPTO_EX_INDEX__COUNT  15
 
 /*
  * This is the default callbacks, but we can have others as well: this is
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 1dc2db1..923844c 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -868,6 +868,12 @@ void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
 void *(*dup_func) (void *),
 void (*free_func) (void *),
 void (*clear_free_func) (void *));
+
+#define EC_KEY_get_ex_new_index(l, p, newf, dupf, freef) \
+CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY, l, p, newf, dupf, freef)
+int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg);
+void *EC_KEY_get_ex_data(const EC_KEY *key, int idx);
+
 /* wrapper functions for the underlying EC_GROUP object */
 void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
 
diff --git a/util/libeay.num b/util/libeay.num
index e10a4f1..f92fba4 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4735,3 +4735,5 @@ OPENSSL_strlcat 5110	1_1_0	EXIST::FUNCTION:
 OPENSSL_memdup  5111	1_1_0	NOEXIST::FUNCTION:
 CRYPTO_memdup   5112	1_1_0	EXIST::FUNCTION:
 CRYPTO_strndup  5113	1_1_0	EXIST::FUNCTION:
+EC_KEY_get_ex_data  5114	1_1_0	EXIST::FUNCTION:EC
+EC_KEY_set_ex_data  5115	1_1_0	EXIST::FUNCTION:EC
-- 
1.8.4

___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] access-EC_KEY-method-property

[Roumen Petrov]

Salz, Rich wrote:

[SNIP]

I would like to request external applications to be able to change method -
see attached patch "0009-access-EC_KEY-method-property.patch".

Can you say how this would be used?  Since the key method is opaque...
Yes but a number of functions (see below) allow  implementation as 
external to openssl cryptographic module:

$  grep EC_KEY_ME util/libeay.num
EC_KEY_METHOD_set_compute_key   50601_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_set_verify50641_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_set_init  50651_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_get_init  50711_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_get_keygen50721_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_free  50731_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_new   50741_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_set_sign  50761_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_set_keygen50781_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_get_verify50791_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_get_sign  50811_1_0 EXIST::FUNCTION:EC
EC_KEY_METHOD_get_compute_key   50821_1_0 EXIST::FUNCTION:EC

I have working prototype that use... _new, ..._init, ..._sing and 
..._verify.



A cryptographic module  (engine) could be registered a method as 
default. In general engine that use externally stored keys should refuse 
to be register methods as default.


Lets engine load method use d2i_PUBKEY to decode "external" der encoded 
public key.

Result is EVP_KEY with KEY(public) with default method.

1) If default method match engine method then application could 
register(associate) extra data with key and to finish loading.


2) If methods differ then application:
a)
  could create new key with FOO_new_method(ENGINE)
  to duplicate public part to "new key"
  to associate "new key" to EVP_KEY with EVP_PKEY_set1_FOO
b)
  could change key method
  must associate engine with key

After above may register(associate) extra data with key and finally to 
finish loading.



Proposed patch adds EC_KEY_get_method that could be used in 1). It seems 
to me this is required part.


Under question is EC_KEY_set_method.
If a) recommended then EC_KEY_set_method is useless. I could drop from 
patch.
If b) is acceptable then in addition to EC_KEY_set_method API must 
support set engine method for opaque keys.



a) requires more memory, i.e. code to transfer(recreate) public key with 
engine

b) it is simple. For instance for rsa keys we could write:

RSA_set_method(pkey_rsa, meth);
pkey_rsa->engine = eng;
ENGINE_up_ref(eng);



Let me know how to proceed with this request.

Roumen Petrov

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] extra data for ec keys

[Roumen Petrov]

Hello,

After merge of ECDH and ECDSA and associating method to EC_KEY I would 
like to request some additional functionality.


External cryptographic modules may store addition information to key.
What about to define CRYPTO_EX_DATA for ec keys?
Proposed patch "0008-extra-data-for-EC_KEY.patch" - note that index 
CRYPTO_EX_INDEX is with gap in numbering but I would like patch to be 
minimal.



I would like to request external applications to be able to change 
method - see attached patch "0009-access-EC_KEY-method-property.patch".


Regards,
Roumen Petrov

>From 36e048c3bbd1c416194a20e8f0c1a84467bf2765 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Mon, 21 Dec 2015 17:56:34 +0200
Subject: [PATCH 08/15] extra data for EC_KEY

---
 crypto/ec/ec_lcl.h   |  1 +
 crypto/ec/ec_lib.c   | 10 ++
 include/openssl/crypto.h |  3 +--
 include/openssl/ec.h |  6 ++
 util/libeay.num  |  2 ++
 5 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/crypto/ec/ec_lcl.h b/crypto/ec/ec_lcl.h
index ebfaae3..912aa8e 100644
--- a/crypto/ec/ec_lcl.h
+++ b/crypto/ec/ec_lcl.h
@@ -267,6 +267,7 @@ struct ec_key_st {
 point_conversion_form_t conv_form;
 int references;
 int flags;
+CRYPTO_EX_DATA ex_data;
 EC_EXTRA_DATA *method_data;
 } /* EC_KEY */ ;
 
diff --git a/crypto/ec/ec_lib.c b/crypto/ec/ec_lib.c
index 7cb4759..e9e5832 100644
--- a/crypto/ec/ec_lib.c
+++ b/crypto/ec/ec_lib.c
@@ -1091,3 +1091,13 @@ int ec_precompute_mont_data(EC_GROUP *group)
 BN_CTX_free(ctx);
 return ret;
 }
+
+int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg)
+{
+return (CRYPTO_set_ex_data(>ex_data, idx, arg));
+}
+
+void *EC_KEY_get_ex_data(const EC_KEY *key, int idx)
+{
+return (CRYPTO_get_ex_data(>ex_data, idx));
+}
diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index 81e944d..bd8f07d 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -270,8 +270,7 @@ DECLARE_STACK_OF(void)
 # define CRYPTO_EX_INDEX_X509_STORE_CTX   5
 # define CRYPTO_EX_INDEX_DH   6
 # define CRYPTO_EX_INDEX_DSA  7
-# define CRYPTO_EX_INDEX_ECDH 8
-# define CRYPTO_EX_INDEX_ECDSA9
+# define CRYPTO_EX_INDEX_EC_KEY   8
 # define CRYPTO_EX_INDEX_RSA 10
 # define CRYPTO_EX_INDEX_ENGINE  11
 # define CRYPTO_EX_INDEX_UI  12
diff --git a/include/openssl/ec.h b/include/openssl/ec.h
index 1dc2db1..923844c 100644
--- a/include/openssl/ec.h
+++ b/include/openssl/ec.h
@@ -868,6 +868,12 @@ void *EC_KEY_insert_key_method_data(EC_KEY *key, void *data,
 void *(*dup_func) (void *),
 void (*free_func) (void *),
 void (*clear_free_func) (void *));
+
+#define EC_KEY_get_ex_new_index(l, p, newf, dupf, freef) \
+CRYPTO_get_ex_new_index(CRYPTO_EX_INDEX_EC_KEY, l, p, newf, dupf, freef)
+int EC_KEY_set_ex_data(EC_KEY *key, int idx, void *arg);
+void *EC_KEY_get_ex_data(const EC_KEY *key, int idx);
+
 /* wrapper functions for the underlying EC_GROUP object */
 void EC_KEY_set_asn1_flag(EC_KEY *eckey, int asn1_flag);
 
diff --git a/util/libeay.num b/util/libeay.num
index bce6ca0..a3766ec 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -4735,3 +4735,5 @@ OPENSSL_strlcat 5110	1_1_0	EXIST::FUNCTION:
 OPENSSL_memdup  5111	1_1_0	NOEXIST::FUNCTION:
 CRYPTO_memdup   5112	1_1_0	EXIST::FUNCTION:
 CRYPTO_strndup  5113	1_1_0	EXIST::FUNCTION:
+EC_KEY_get_ex_data  5114	1_1_0	EXIST::FUNCTION:EC
+EC_KEY_set_ex_data  5115	1_1_0	EXIST::FUNCTION:EC
-- 
1.8.4

>From a347853193f419f21e4757abf0a8b1b8d523066b Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Mon, 21 Dec 2015 19:41:42 +0200
Subject: [PATCH 09/15] access EC_KEY method property

---
 crypto/ec/ec_kmeth.c | 27 +++
 include/openssl/ec.h |  2 ++
 util/libeay.num  |  2 ++
 3 files changed, 31 insertions(+)

diff --git a/crypto/ec/ec_kmeth.c b/crypto/ec/ec_kmeth.c
index d6c2811..9b6f4d9 100644
--- a/crypto/ec/ec_kmeth.c
+++ b/crypto/ec/ec_kmeth.c
@@ -93,6 +93,33 @@ void EC_KEY_set_default_method(const EC_KEY_METHOD *meth)
 default_ec_key_meth = meth;
 }
 
+const EC_KEY_METHOD *EC_KEY_get_method(const EC_KEY *key)
+{
+return key->meth;
+}
+
+int EC_KEY_set_method(EC_KEY *key, const EC_KEY_METHOD *meth)
+{
+{
+/* method is set always, see ... _new_...  */
+void (*finish)(EC_KEY *key) = key->meth->finish;
+if (finish)
+finish(key);
+}
+
+#ifndef OPENSSL_NO_ENGINE
+if (key->engine) {
+ENGINE_finish(key->engine);
+key->engine = NULL;
+}
+#endif
+
+key->meth = meth;
+if (

[openssl-dev] [openssl.org #4195] remove duplicates in util/libeay.num

[Roumen Petrov via RT]

Hello,

After remove of some global variables in export file left double 
information for non existent functions.

For instance before:
X509_CERT_PAIR_it   3534 
EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
X509_CERT_PAIR_it   3534 
EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:

current:
X509_CERT_PAIR_it   35341_1_0 NOEXIST::FUNCTION:
X509_CERT_PAIR_it   35341_1_0 NOEXIST::FUNCTION:

Proposed patch removes duplicates.


Regards,
Roumen Petrov




>From 992be79410a3c909f4b1d2f492423aaf2c8a8454 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Sat, 21 Mar 2015 15:29:25 +0200
Subject: [PATCH 2/2] remove duplicates in util/libeay.num

---
 util/libeay.num | 13 -
 1 file changed, 13 deletions(-)

diff --git a/util/libeay.num b/util/libeay.num
index e9a678b..bce6ca0 100755
--- a/util/libeay.num
+++ b/util/libeay.num
@@ -1951,7 +1951,6 @@ ENGINE_unregister_ciphers   2528	1_1_0	EXIST::FUNCTION:ENGINE
 ENGINE_get_ciphers  2529	1_1_0	EXIST::FUNCTION:ENGINE
 d2i_OCSP_BASICRESP  2530	1_1_0	EXIST::FUNCTION:
 KRB5_CHECKSUM_it2531	1_1_0	NOEXIST::FUNCTION:
-KRB5_CHECKSUM_it2531	1_1_0	NOEXIST::FUNCTION:
 EC_POINT_add2532	1_1_0	EXIST::FUNCTION:EC
 ASN1_item_ex_i2d2533	1_1_0	EXIST::FUNCTION:
 OCSP_CERTID_it  2534	1_1_0	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
@@ -1983,7 +1982,6 @@ X509_CRL_it 2555	1_1_0	EXIST:!EXPORT_VAR_AS_FUNCTION
 X509_CRL_it 2555	1_1_0	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
 OCSP_BASICRESP_add_ext  2556	1_1_0	EXIST::FUNCTION:
 KRB5_ENCKEY_it  2557	1_1_0	NOEXIST::FUNCTION:
-KRB5_ENCKEY_it  2557	1_1_0	NOEXIST::FUNCTION:
 UI_method_set_closer2558	1_1_0	EXIST::FUNCTION:
 X509_STORE_set_purpose  2559	1_1_0	EXIST::FUNCTION:
 i2d_ASN1_GENERALSTRING  2560	1_1_0	EXIST::FUNCTION:
@@ -2193,7 +2191,6 @@ X509_ATTRIBUTE_it   2732	1_1_0	EXIST:EXPORT_VAR_AS_FUNCTION:
 OCSP_ONEREQ_get_ext_by_NID  2733	1_1_0	EXIST::FUNCTION:
 PKCS12_decrypt_skey 2734	1_1_0	EXIST::FUNCTION:
 KRB5_AUTHENT_it 2735	1_1_0	NOEXIST::FUNCTION:
-KRB5_AUTHENT_it 2735	1_1_0	NOEXIST::FUNCTION:
 UI_dup_error_string 2736	1_1_0	EXIST::FUNCTION:
 RSAPublicKey_it 2737	1_1_0	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:RSA
 RSAPublicKey_it 2737	1_1_0	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:RSA
@@ -2211,7 +2208,6 @@ HMAC_CTX_reset  2747	1_1_0	EXIST::FUNCTION:
 ENGINE_get_digest   2748	1_1_0	EXIST::FUNCTION:ENGINE
 OCSP_RESPONSE_print 2749	1_1_0	EXIST::FUNCTION:
 KRB5_TKTBODY_it 2750	1_1_0	NOEXIST::FUNCTION:
-KRB5_TKTBODY_it 2750	1_1_0	NOEXIST::FUNCTION:
 ACCESS_DESCRIPTION_it   2751	1_1_0	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
 ACCESS_DESCRIPTION_it   2751	1_1_0	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
 PKCS7_ISSUER_AND_SERIAL_it  2752	1_1_0	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
@@ -2266,7 +2262,6 @@ ASN1_tag2bit2788	1_1_0	EXIST::FUNCTION:
 UI_method_set_flusher   2789	1_1_0	EXIST::FUNCTION:
 X509_ocspid_print   2790	1_1_0	EXIST::FUNCTION:
 KRB5_ENCDATA_it 2791	1_1_0	NOEXIST::FUNCTION:
-KRB5_ENCDATA_it 2791	1_1_0	NOEXIST::FUNCTION:
 ENGINE_get_load_pubkey_function 2792	1_1_0	EXIST::FUNCTION:ENGINE
 UI_add_user_data2793	1_1_0	EXIST::FUNCTION:
 OCSP_REQUEST_delete_ext 2794	1_1_0	EXIST::FUNCTION:
@@ -2485,7 +2480,6 @@ OCSP_url_svcloc_new 2973	1_1_0	EXIST::FUNCTION:
 ASN1_template_free  2974	1_1_0	NOEXIST::FUNCTION:
 OCSP_SINGLERESP_add_ext 2975	1_1_0	EXIST::FUNCTION:
 KRB5_AUTHENTBODY_it 2976	1_1_0	NOEXIST::FUNCTION:
-KRB5_AUTHENTBODY_it 2976	1_1_0	NOEXIST::FUNCTION:
 X509_supported_extension2977	1_1_0	EXIST::FUNCTION:
 i2d_KRB5_AUTHDATA   2978	1_1_0	NOEXIST::FUNCTION:
 UI_method_get_opener2979	1_1_0	EXIST::FUNCTION:
@@ -2587,13 +2581,11 @@ asn1_do_lock3059	1_1_0	NOEXIST::FUNCTION:
 PKCS7_ATTR_VERIFY_it3060	1_1_0	EXIST:!EXPORT_VAR_AS_FUNCTION:VARIABLE:
 PKCS7_ATTR_VERIFY_it3060	1_1_0	EXIST:EXPORT_VAR_AS_FUNCTION:FUNCTION:
 KRB5_APREQBODY_it   3061	1_1_0	NOEXIST::FUNCTION:
-KRB5_APR

[openssl-dev] __STDC_VERSION__ is not defined

[Roumen Petrov]

Hello,

Compilation of an application with current master branch and c89 
compiler produce a lot of warnings.
Proposed patch 
"0001-__STDC_VERSION__-is-not-defined-for-c89-compilers.patch" fix them.


Regards,
Roumen

>From 7d430516d69e6161eee447833518914e6b473dbd Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Thu, 3 Dec 2015 23:43:24 +0200
Subject: [PATCH 01/15] __STDC_VERSION__ is not defined for c89 compilers

---
 include/openssl/e_os2.h | 6 --
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/include/openssl/e_os2.h b/include/openssl/e_os2.h
index 23602a5..7ab4788 100644
--- a/include/openssl/e_os2.h
+++ b/include/openssl/e_os2.h
@@ -321,8 +321,10 @@ typedef unsigned __int64 uint64_t;
  * some systems (e.g. Mac OS X).
  */
 # ifndef PRIu64
-#  if (__STDC_VERSION__ >= 199901L)
-#   include 
+#  ifdef __STDC_VERSION__
+#   if (__STDC_VERSION__ >= 199901L)
+#include 
+#   endif
 #  endif
 #  ifndef PRIu64
 #   define PRIu64 "lu"
-- 
1.8.4

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4194] engine command regression in 1.1

[Roumen Petrov via RT]

Hello,

OpenSSL engine command allows user to specify cryptographic module name 
at any position.
For instance README.ENGINE recommend following:
   openssl engine dynamic \
 -pre SO_PATH:/lib/libfoo.so \
   

The master branch (future 1.1) requires engine names to be specified 
after all options. This is regression introduced by new common " 
option-parsing".

Also new summary lack information for engine name as command line argument.


Regards,
Roumen Petrov

___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] about "Rename some BUF_xxx to OPENSSL_xxx"

[Roumen Petrov]

Hello,

After modification OPENSSL_strlcpy is declared twice.

Regards,
Roumen
>From 5f5b81e162eae025dcc40a7074a973621c7dac33 Mon Sep 17 00:00:00 2001
From: Roumen Petrov <open...@roumenpetrov.info>
Date: Mon, 21 Dec 2015 18:45:06 +0200
Subject: [PATCH 02/15] redundant redeclaration of 'OPENSSL_strlcpy'

---
 include/openssl/crypto.h | 1 -
 1 file changed, 1 deletion(-)

diff --git a/include/openssl/crypto.h b/include/openssl/crypto.h
index 8247f68..81e944d 100644
--- a/include/openssl/crypto.h
+++ b/include/openssl/crypto.h
@@ -332,7 +332,6 @@ int CRYPTO_is_mem_check_on(void);
 # define OPENSSL_free(addr)  CRYPTO_free(addr)
 
 size_t OPENSSL_strlcpy(char *dst, const char *src, size_t siz);
-size_t OPENSSL_strlcpy(char *dst, const char *src, size_t siz);
 size_t OPENSSL_strlcat(char *dst, const char *src, size_t siz);
 size_t OPENSSL_strnlen(const char *str, size_t maxlen);
 
-- 
1.8.4

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] OCSP issues in master 2015-10-17

[Roumen Petrov]

Dr. Stephen Henson wrote:

On Sat, Oct 17, 2015, Roumen Petrov wrote:


Hello,

After embed  some attributes OCSP in master stop to work.

The current status is the client comment report "Cert Status:
unknown" and "Nonce Verify error" for X.509 certificates used in my
ssh regression tests.


Try this patch:

diff --git a/crypto/asn1/tasn_new.c b/crypto/asn1/tasn_new.c
index 33a8e97..6a2ad62 100644
--- a/crypto/asn1/tasn_new.c
+++ b/crypto/asn1/tasn_new.c
@@ -352,6 +352,7 @@ static int asn1_primitive_new(ASN1_VALUE **pval, const
ASN1_ITEM *it,
  if (embed) {
  str = *(ASN1_STRING **)pval;
  memset(str, 0, sizeof(*str));
+str->type = utype;
  str->flags = ASN1_STRING_FLAG_EMBED;
  } else {
  str = ASN1_STRING_type_new(utype);

Thanks.
Now my ssh regression tests pass with master.


Regards,
Roumen Petrov

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] OCSP issues in master 2015-10-17

[Roumen Petrov]

Hello,

After embed  some attributes OCSP in master stop to work.

The current status is the client comment report "Cert Status: unknown" 
and "Nonce Verify error" for X.509 certificates used in my ssh 
regression tests.


The last known version to work is 
"47c9a1b5096be684c18335137284f0dfcefd12d6 : embed support for ASN1_STRING"
(optionally with "Appease gcc's Wmaybe-uninitialized" if build fail due 
to pedantic compiler flags).


First regression is from "af170194a88d6127d447bea826845c23ca192727 : 
embed OCSP_CERTID" - status is missing.


Regards,
Roumen Petrov

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #4029] incomplete get methods for X509_VERIFY_PARAM

[Roumen Petrov via RT]

Hello,

In master branch structure X509_VERIFY_PARAM is declared as opaque.

For following attributes "get"-method is not defined:
- check_time : applicable if flag X509_V_FLAG_USE_CHECK_TIME is set
- inh_flags
- purpose
- trust
- policies: stack of opaques ASN1 objects
- id : opaque structure, may require own set of "get"-methods

It seems to me for attributes name, flags and depth access is complete.
Please finish declaration of X509_VERIFY_PARAM  as opaque structure with 
definition of "get"-methods.

Regards,
Roumen Petrov

___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [PATCH] [openssl.org #2558] [patch] make windres controllable via build env var settings

[Roumen Petrov via RT]

Mike Frysinger via RT wrote:
 atm, the windres code in openssl is only usable via the cross-compile prefix
 option unlike all the other build tools.  So add support for the standard $RC
 / $WINDRES env vars as well.
 ---
 [SNIP]
   else{
   s/^CC=.*$/CC= $cc/;
   s/^AR=\s*ar/AR= $ar/;
   s/^RANLIB=.*/RANLIB= $ranlib/;
 + s/^WINDRES=\s*/WINDRES= \$\(CROSS_COMPILE\)/;
   s/^MAKEDEPPROG=.*$/MAKEDEPPROG= $cc/ if $cc eq gcc || ($cc eq 
 'cc'  $target =~ /darwin/);
   }
Is above line correct ?

[SNIP]
Regards,
Roumen


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] Seeking feedback on some #ifdef changes

[Roumen Petrov]

Hi Rich,

Salz, Rich wrote:

Looking at just OPENSSL_NO_xxx, we have over 100 openssl #ifdef options and we 
are considering removing nearly a third of them.  Please reply soon if the 
following plan would cause problems. This will happen only in master, for 
post-1.0.2.
We will remove the following options.  You could argue that the 
OPENSSL_NO_SHAxxx options be treated as crypto, but OpenSSL does not compile 
without SHA and SHA1 defined, and we have no interest in spending the time to 
fix it. So for consistency, we will remove all of them.


What about a) OPENSSL_NO_SSL2 and b) OPENSSL_NO_SSL3 and 
OPENSSL_NO_SSL3_METHOD ?
It seems to me master branch does not define #ifdef for those options in 
opensslconf.h .


Change log point that ssl v2 is removed. It is expected opensslconf.h to 
define unconditionally OPENSSL_NO_SSL2.


Please review ssl3. It seems to me b) is error in script.


 [SNIP]
 OPENSSL_NO_STORE

Also removing the code?


Regards,
Roumen Petrov

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl.org #3557] -nameopt utf8 behaviour in openssl 1.0.1i

[Roumen Petrov]

Salz, Rich wrote:

Look like a bug and a reasonable fix.  Thanks.

It seems to me OpenSSL requires separator option always to be specified.


[SNIP]

On Mon, Oct 6, 2014 at 12:07 AM, Dmitry Belyavsky via RT 
r...@openssl.orgmailto:r...@openssl.org wrote:
Hello OpenSSL Team,
[SNIP]

The output becomes correct when we specify -nameopt sep_comma_plus,utf8

The patch by Victor Wagner fixing this behaviour is attached.

Thank you!

--
SY, Dmitry Belyavsky

--- ../openssl-1.0.1i/crypto/asn1/a_strex.c 2014-07-22 23:41:23.0 
+0400
+++ crypto/asn1/a_strex.c   2014-10-05 19:45:32.790011154 +0400
@@ -414,6 +414,7 @@
 sep_mv_len = 3;
 break;

+   case 0:
 case XN_FLAG_SEP_COMMA_PLUS:
 sep_dn = ,;
 sep_dn_len = 1;



switch(case) statement define default case. May be is better to change 
default case and to document default separator .


Which separator to use by default :
 - to be compatible with previous versions, i.e. sep_comma_plus_space
 - or in rfc2253 style , i.e. sep_comma_plus ?



I think that this is documentation issue only - user could use 
composite like oneline or own set of flags as 'separator' is required.


Pages x509 and X509_NAME_print_ex could be updated to detail that 
'separator' flag is required.


Regards,
Roumen Petrov

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #832] ocsp and dsa key+socket option SO_REUSEADDR for responder

[Roumen Petrov via RT]

Rich Salz via RT wrote:
 SO_REUSEADDR is done.
It is not activated in ocsp.c .

The rest is fixed in 1.+

[SNIP]


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

1.0.2beta2 and X.509 certificate verification

[Roumen Petrov]

Hello,
It seems me logic verification logic for X.509 certificates is changed 
in a minor release.


$ cd BUILDDIR/test

$ openssl version
OpenSSL 1.0.1f 6 Jan 2014
$ openssl verify certCA.ss; echo $?
certCA.ss: C = AU, O = Dodgy Brothers, CN = Dodgy CA
error 18 at 0 depth lookup:self signed certificate
OK
0

$ ../util/opensslwrap.sh version
OpenSSL 1.0.2-beta2-dev xx XXX 
$ ../util/opensslwrap.sh verify certCA.ss; echo $?
certCA.ss: C = AU, O = Dodgy Brothers, CN = Dodgy CA
error 18 at 0 depth lookup:self signed certificate
C = AU, O = Dodgy Brothers, CN = Dodgy CA
error 20 at 0 depth lookup:unable to get local issuer certificate
2
===

There is extra error with code 20. This may break external applications 
with custom verification callback.


For historic reasons exit code of openssl verify command is not used and 
to me this is not so important.



Regards,
Roumen Petrov

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

current 1.0.2 with gcc for windows

[Roumen Petrov]

Hello,

Branch 1.0.2 cannot be compiled with 32-bit gcc compiler for windows due 
to specific definition of long long variable. Please find attached file

0002-use-ULL-for-GCC-instead-MSC-specific-UI64.patch.gz.


Next is related to tests. In cross compilation environment with 
emulation tests cannot be executed as makefile lack suffix for dependent 
executables . Please find attached proposed fix 
0001-use-EXE_EXT-in-dependecies.patch.gz .



Regards,
Roumen Petrov



0001-use-EXE_EXT-in-dependecies.patch.gz
Description: GNU Zip compressed data


0002-use-ULL-for-GCC-instead-MSC-specific-UI64.patch.gz
Description: GNU Zip compressed data

current 1.0.2 branch and fips

[Roumen Petrov]

Hello,

According the current version scheme 1.0.2 retain binary compatibility. 
In this case is expected external application linked 1.0.1 to work with 
1.0.2 without modification.


It seems to me now FIPS build retain binary but lost functional 
compatibility. For instance EVP_dss1 could be used in FIPS mode but now 
this functionality is if broken by commit Experimental 
multi-implementation support for FIPS capable OpenSSL. When in FIPS mode 
the approved implementations are used as normal, when not in FIPS mode 
the internal unapproved versions are used instead. This means that the 
FIPS capable OpenSSL isn't forced to use the (often lower perfomance) 
FIPS implementations outside FIPS mode.



What about to use following instead FIPS_get_digestbynid
==
diff --git a/crypto/evp/m_dss1.c b/crypto/evp/m_dss1.c
index a010103..5236abe 100644
--- a/crypto/evp/m_dss1.c
+++ b/crypto/evp/m_dss1.c
@@ -93,8 +93,16 @@ static const EVP_MD dss1_md=
sizeof(EVP_MD *)+sizeof(SHA_CTX),
};

+#ifdef OPENSSL_FIPS
+#include openssl/fips.h
+#endif
+
 const EVP_MD *EVP_dss1(void)
{
+#ifdef OPENSSL_FIPS
+   if (FIPS_mode())
+   return(FIPS_evp_dss1());
+#endif
return(dss1_md);
}
 #endif
==

It seems to me FIPS_get_digestbynid return limited number of EVP 
primitives .



Regards,
Roumen
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: Major OpenSSL 1.0.1d regression from 1.0.1c

[Roumen Petrov]

Hi,

FIPS enabled build fail at same line.

Brad House wrote:

It appears there is a major regression with OpenSSL 1.0.1d over
1.0.1c.  I've narrowed it down to setting a custom cipher
list I think as if I do not set a cipher list, the issue does
not occur.

I have reproduced the issue with the openssl s_server/s_client
command line utility.  You can see my full procedure below.

In short, it appears SSL negotiation succeeds, but as soon as
data is sent from the client to the server, the server spits
out:
67397216:error:1408F119:SSL routines:SSL3_GET_RECORD:decryption failed 
or bad record mac:s3_pkt.c:482:

And does NOT receive the data sent from the client side.


[SNIP]


test sslv2/sslv3 w/o DHE via BIO pair
*** IN FIPS MODE ***
Available compression methods:
  1: zlib compression
ERROR in CLIENT
140602657330880:error:1408F119:SSL routines:SSL3_GET_RECORD:decryption 
failed or bad record mac:s3_pkt.c:482:

TLSv1.2, cipher TLSv1/SSLv3 AES256-SHA, 2048 bit RSA
1 handshakes of 256 bytes done
make[1]: *** [test_ssl] Error 1


Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2745] Fwd: GOST engine memory problems

[Roumen Petrov]

Stephen Henson via RT wrote:

I've finally had time to look into this. Please see if this fixes the issue:
May be is not related, but this engine lack call of 
ENGINE_register_pkey_asn1_meths . It seems to me without this 
registration initialization is different . If engine configuration is 
with init =1 gost_pkey_asn1_meths is not called.



http://cvs.openssl.org/chngview?cn=22789
Probably issue is only in static build. After above correction 
pmeth_GostR3410_94 is used as flag to prevent double initialization.


Openssl 1.0.1 versions call internally ENGINE_register_all_complete.
Since 1.0.1* is binary compatible to 1.0.0* how to detect that engine 
initialization is finished ?I would like to avoid extra call to 
ENGINE_register_all_complete.



Steve.


Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2745] Fwd: GOST engine memory problems

[Roumen Petrov via RT]

Stephen Henson via RT wrote:
 I've finally had time to look into this. Please see if this fixes the issue:
May be is not related, but this engine lack call of 
ENGINE_register_pkey_asn1_meths . It seems to me without this 
registration initialization is different . If engine configuration is 
with init =1 gost_pkey_asn1_meths is not called.

 http://cvs.openssl.org/chngview?cn=22789
Probably issue is only in static build. After above correction 
pmeth_GostR3410_94 is used as flag to prevent double initialization.

Openssl 1.0.1 versions call internally ENGINE_register_all_complete.
Since 1.0.1* is binary compatible to 1.0.0* how to detect that engine 
initialization is finished ?I would like to avoid extra call to 
ENGINE_register_all_complete.

 Steve.

Roumen


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

FIPS build in 1.0.1+ stable branches

[Roumen Petrov]

Hello OpenSSL developers.

I could not understand *Check-in [22619]* Reduce version skew in 
openssl 1.0.1 stable branch. May be this version adds some useful 
improvements but FIPS build(compile) is broken. I wonder what is policy 
to update 1.0.1 stable branch.


After remove of  #include openssl/crypto.h some sources cannot be 
compiled(fips build).  It is not enough just to restore '#include 
openssl/crypto.h is some sources. Note that check-in add return 
RAND_SSLeay()-add(in, inlen, entropy); but add(...) is void function  
in this context. Another issue could be that some C-files does not 
include #include evp_locl.h that redefine FOO to private_FOO in FIPS 
build. The last 1.0.1 stable that could be build in FIPS mode is from 
2012-06-07 This bevsion pass tests. Please revert check-in  226109  in 
1.0.1 branch . Lets test it in 1.0.2 first.


About 1.0.2 stable branch, FIPS build until 2012-05-12 in is fine and 
all test pass.


Also all current non FIPS build are not affected in both branches as the 
tests pass.


Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: ENGINE reference leak using FIPS-capable OpenSSL

[Roumen Petrov]

Dr. Stephen Henson wrote:

On Wed, Apr 18, 2012, Erik Tkal wrote:


Any takers?  Should I be able to build a FIPS-capable OpenSSL and have some of 
the implementation be provided via an ENGINE (e.g. let's say I have a hardware 
module to perform AES) but some by the OpenSSL FIPS canister?  Or is it truly 
all or nothing?


Yes the FIPS capable OpenSSL should behave in a manner similar to non-FIPS
capable OpenSSL when not in FIPS mode, though it currently use the algorithm
implementations in the FIPS module even when not in FIPS mode.

I'll look into it.
Openssl test start to fail after only call FIPS_cipherinit in FIPS 
mode - 1.0.{1|2}_stable fips build:


aes-128-cbc
Error setting cipher AES-128-CBC
Error setting cipher AES-128-CBC
cmp: EOF on ./p.aes-128-cbc.clear



Steve.
--


Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2781] OpenSSL 1.x doesn't compile on mingw-w64 (targeting win32)

[Roumen Petrov]

Leandro Santiago via RT wrote:

I'm trying to compile openssl 1.0.1 (but I also tested the 1.0.0) on
mingw-w64 (gcc 4.7), but I'm having errors.
I tested in three configurations: Ubuntu 11.04 32-bit, Kubuntu 11.10
64-bit and Windows 7 32-bit having the same errors.

The command line I used was:

./Configure --prefix=$BUILD_PATH shared threads mingw32:gcc
--cross-compile-prefix=i686-w64-mingw32-
Platform is mingw, or may be you use patched version where mingw32 is 
defined.


[SNIP]

Roumen
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2781] OpenSSL 1.x doesn't compile on mingw-w64 (targeting win32)

[Roumen Petrov via RT]

Leandro Santiago via RT wrote:
 I'm trying to compile openssl 1.0.1 (but I also tested the 1.0.0) on
 mingw-w64 (gcc 4.7), but I'm having errors.
 I tested in three configurations: Ubuntu 11.04 32-bit, Kubuntu 11.10
 64-bit and Windows 7 32-bit having the same errors.

 The command line I used was:

 ./Configure --prefix=$BUILD_PATH shared threads mingw32:gcc
 --cross-compile-prefix=i686-w64-mingw32-
Platform is mingw, or may be you use patched version where mingw32 is 
defined.

[SNIP]

Roumen


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2750] [BUG] spec file doesn't properly build for lib64

[Roumen Petrov]

Kevin Vargo via RT wrote:

Some minor updates to the openssl.spec: wrapping ifarch around the various lib 
dirs to get the right files in the right places.

See attached diff



Configure script and spec are not consistent regarding multilib. It 
seems to me spec file should use libdir script parameter to override 
subpath computed by Configure.

Pseudo script
if arch x86_64
  define libdir lib64
else
  define libdir lib
...
define CONFIG_FLAGS ... --libdir=%libdir


Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2750] [BUG] spec file doesn't properly build for lib64

[Roumen Petrov via RT]

Kevin Vargo via RT wrote:
 Some minor updates to the openssl.spec: wrapping ifarch around the various 
 lib dirs to get the right files in the right places.

 See attached diff


Configure script and spec are not consistent regarding multilib. It 
seems to me spec file should use libdir script parameter to override 
subpath computed by Configure.
Pseudo script
if arch x86_64
   define libdir lib64
else
   define libdir lib
...
define CONFIG_FLAGS ... --libdir=%libdir


Roumen


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2752] objects.txt - update of extended key usage

[Roumen Petrov via RT]

Hi,

RFC  6187 X.509v3 Certificates for Secure Shell Authentication defines 
two extended key usage
( http://tools.ietf.org  /html/rfc6187#section-2.2.2 ) with numbers 21 
and 22 for secure shell client and server respectively.
Currently in OpenSSL last number defined is 10.

This request is only for ssh related numbers but obejct.txt could be 
updated to list more. As example on page http://www.imc.org  
/ietf-pkix/pkix-oid.asn last extended key usage is with number 29.

Regards,
Roumen Petrov

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: Accessing ENGINESDIR value

[Roumen Petrov]

Hi Dmitry,

Dmitry Belyavsky wrote:

Greetings!

What is the correct way to get the ENGINESDIR value  It is defined in
opensslconf.h but it is not enough to include opensslconf.h to get it
defined.

Why engine directory for openssl configuration is so important ?

Engine installation may depend from additional libraries . If dependent 
libraries are in /usr file system engine cannot be installed in root fs.
Also at run time path could be overridden by OPENSSL_ENGINES environment 
variable.


Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2718] openssl-fips-1.2.3: testsuite failures (SIGILL / Illegal instruction)

[Roumen Petrov]

Hi Guido,

Guido Trentalancia via RT wrote:

Hello.

I was trying to run the testsuite for openssl-fips-1.2.3 but I get a
problems with several tests.

[SNIP]

OpenSSL self-test report:

[SNIP]

Target:   linux-x86_64

[SNIP]

gcc version 4.6.1 (GCC)
Please could you confirm that during the build GCC 4.6.1 warn user for 
bad cast and that application will terminate it code is reached.


I note this on 64-bit platform with gcc 4.5.2 and as Steve suggest I 
switch to 0.9.8x fips build.



Regards,
Roumen Petrov

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2718] openssl-fips-1.2.3: testsuite failures (SIGILL / Illegal instruction)

[Roumen Petrov via RT]

Hi Guido,

Guido Trentalancia via RT wrote:
 Hello.

 I was trying to run the testsuite for openssl-fips-1.2.3 but I get a
 problems with several tests.
[SNIP]
 OpenSSL self-test report:
[SNIP]
 Target:   linux-x86_64
[SNIP]
 gcc version 4.6.1 (GCC)
Please could you confirm that during the build GCC 4.6.1 warn user for 
bad cast and that application will terminate it code is reached.

I note this on 64-bit platform with gcc 4.5.2 and as Steve suggest I 
switch to 0.9.8x fips build.


Regards,
Roumen Petrov


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: mdc2 algorithm and 0.9.8x, 1.0.0x and upcoming 1.01

[Roumen Petrov]

Dr. Stephen Henson wrote:

[SNIP]
Should be fixed now, see:
http://cvs.openssl.org/chngview?cn=22124
to make OpenSSL understand both formats when verifying and:

http://cvs.openssl.org/chngview?cn=22126
to use the same format as older versions of OpenSSL when creating signatures.
10x . I confirm that test between different openssl version pass. Also 
executable build with 1.x work well with shared library from 1.0.0x 
realeses and from 1.0.1(branch).

Steve.


Roumen
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: mdc2 algorithm and 0.9.8x, 1.0.0x and upcoming 1.01

[Roumen Petrov]

Dr. Stephen Henson wrote:

On Wed, Feb 01, 2012, Roumen Petrov wrote:

[SNIP]
Looking into this there is a long standing incompatibility between 
various functions that use mdc2 for signatures. Since SSLeay the 
function RSA_sign() using mdc2 as an argument uses a DigestInfo 
structure whereas using EVP ends up with a different octet string 
format signature. It's only when the signature code was revised to use 
RSA_sign more extensively that this is more apparent. How widespread 
is use of mdc2 for signatures and certificates? 
mdc2 is not important for certificates as the list of certificates 
included in some linux distributions does not include such certificates.


Is possible issue between 1.0.0 and 1.0.1stable branch to be related to 
different RSA methods:

- 1.0.0e: Eric Young's PKCS#1 RSA
- 1.0.1branch: Intel RSA-X method


I can address the 1.0.1 certificate issue fairly easily but I'm wondering if
some compatibility option is needed for dgst too.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see:http://www.openssl.org
__

Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

mdc2 algorithm and 0.9.8x, 1.0.0x and upcoming 1.01

[Roumen Petrov]

Hello all,

mdc2 algorithm is not listed as enabled by default in 1.0+.

What is current status to this algorithm ?

It seems to me** result of openssl 0.9.8t digest  command (*openssl* 
*dgst -mdcs2..) *is not compatible with openssl 1.0+ .


Another issue is between 0.9.8, 1.0.0 and upcoming 1.0.1 . If a 
certificate use mdcd2 algorithm created by openssl 0.9.8  it could be 
verified by 0.9.8 and 1.0.0+ but fail with 1.0.1(stable branch). Same if 
for certificates created by 1.0.0+ - verify command succeed with 0.9.8 
and 1.0.0+ and fail with 1.0.1. Certificates created with 1.01 could be 
verified only with 1.0.1 and verification fail with earlier version.


Issue with certificates apply to CRLs


Regards,
Roumen Petrov

P.S. high level log with test case  failure:

=== entering .../origin+x509-7.1x-0.9.8t/...
... testing with OpenSSL 0.9.8t 18 Jan 2012 ...
testid_rsa-rsa_mdc2.crt: OK
... testing with OpenSSL 1.0.0e 6 Sep 2011 ...
testid_rsa-rsa_mdc2.crt: OK
... testing with OpenSSL 1.0.1-beta3-dev xx XXX  ...
140694362371744:error:0D0680A8:asn1 encoding 
routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319:
140694362371744:error:0D07803A:asn1 encoding 
routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=X509_SIG
140694362371744:error:0D0C5006:asn1 encoding 
routines:ASN1_item_verify:EVP lib:a_verify.c:215:
testid_rsa-rsa_mdc2.crt: C = XX, ST = World, O = OpenSSH Test Team 
cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4, OU = OpenSSH 
Testers cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4-2, OU = OpenSSH 
Testers cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4-1, OU = OpenSSH 
Testers cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4-3, CN = OpenSSH 
RSA test certificate(rsa_mdc2), emailAddress = em...@not.set

error 7 at 0 depth lookup:certificate signature failure
...
=== entering .../origin+x509-7.1x-1.0.0e/...
... testing with OpenSSL 0.9.8t 18 Jan 2012 ...
testid_rsa-rsa_mdc2.crt: OK
... testing with OpenSSL 1.0.0e 6 Sep 2011 ...
testid_rsa-rsa_mdc2.crt: OK
... testing with OpenSSL 1.0.1-beta3-dev xx XXX  ...
140606705821344:error:0D0680A8:asn1 encoding 
routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319:
140606705821344:error:0D07803A:asn1 encoding 
routines:ASN1_ITEM_EX_D2I:nested asn1 error:tasn_dec.c:381:Type=X509_SIG
140606705821344:error:0D0C5006:asn1 encoding 
routines:ASN1_item_verify:EVP lib:a_verify.c:215:
testid_rsa-rsa_mdc2.crt: C = XX, ST = World, O = OpenSSH Test Team 
cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4, OU = OpenSSH 
Testers cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4-2, OU = OpenSSH 
Testers cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4-1, OU = OpenSSH 
Testers cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4-3, CN = OpenSSH 
RSA test certificate(rsa_mdc2), emailAddress = em...@not.set

error 7 at 0 depth lookup:certificate signature failure
...
=== entering .../origin+x509-7.1x-1.0.1_stable/...
... testing with OpenSSL 0.9.8t 18 Jan 2012 ...
2955:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong 
tag:tasn_dec.c:1315:
2955:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:nested 
asn1 error:tasn_dec.c:827:
2955:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP 
lib:a_verify.c:173:
testid_rsa-rsa_mdc2.crt: /C=XX/ST=World/O=OpenSSH Test Team 
cyrillic-\xD0\x90\xD0\x91\xD0\x92\xD0\x93\xD0\xB0\xD0\xB1\xD0\xB2\xD0\xB3 greek-\xCE\x91\xCE\x92\xCE\x93\xCE\x94\xCE\xB1\xCE\xB2\xCE\xB3\xCE\xB4

error 7 at 0 depth lookup:certificate signature failure
... testing with OpenSSL 1.0.0e 6 Sep 2011 ...
140412084995744:error:0D0680A8:asn1 encoding 
routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1319:
140412084995744:error:0D06C03A:asn1 encoding 
routines:ASN1_D2I_EX_PRIMITIVE:nested asn1 error:tasn_dec.c:831:
140412084995744:error:0D0C5006:asn1 encoding 
routines:ASN1_item_verify:EVP lib:a_verify.c:184:
testid_rsa-rsa_mdc2.crt: C = XX, ST = World, O = OpenSSH Test Team 
cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4, OU = OpenSSH 
Testers cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4-2, OU = OpenSSH 
Testers cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4-1, OU = OpenSSH 
Testers cyrillic-\D0\90\D0\91\D0\92\D0\93\D0\B0\D0\B1\D0\B2\D0\B3 
greek-\CE\91\CE\92\CE\93\CE\94\CE\B1\CE\B2\CE\B3\CE\B4-3, CN = OpenSSH 
RSA test

DTLS-SRTP and mingw

[Roumen Petrov]

One of recent changes is Add DTLS-SRTP negotiation from RFC 5764.

After update build fail for HEAD . The simple solution is to move 
function declarations from srtp.h to tls1.h


 int SSL_CTX_set_tlsext_use_srtp(SSL_CTX *ctx, const char *profiles);
 int SSL_set_tlsext_use_srtp(SSL *ctx, const char *profiles);
 SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);

 STACK_OF(SRTP_PROTECTION_PROFILE) *SSL_get_srtp_profiles(SSL *ssl);
 SRTP_PROTECTION_PROFILE *SSL_get_selected_srtp_profile(SSL *s);

Note one declaration is duplicated.

After this those functions will appear in ssleay.num and openssl apps 
will link.



Note that code in ssl/d1_srtp.c, marked on first line as ssl/t1_lib.c, 
is inside #ifndef OPENSSL_NO_SRTP.
May be OPENSSL_NO_TLSEXT is correct one as  mkdef.pl lack no_srtp and 
other parts of new code are not in ifdef ...NO_SRTP.


Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

2011-10-12 head, test fail , TLSv1.2 related ?

[Roumen Petrov]

Hi,

One of the changes is past week is to not enable ...  sorry I remove 
diffs files and I cannot remember exact change (file, date, etc)...


Result is that now regression test in head fail with :
...:error:04075070:rsa routines:RSA_sign:digest too big for rsa 
key:rsa_sign.c:119:
...:error:1409B006:SSL routines:SSL3_SEND_SERVER_KEY_EXCHANGE:EVP 
lib:s3_srvr.c:1972:

TLSv1.2, cipher (NONE) (NONE)


Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2594] Problem with X509 path loop detection - PATCH

[Roumen Petrov]

Nick Lewis via RT wrote:

Roumen

Thank you for looking at the patch

[SNIP]

+   if (issuer_num  (issuer_num  x_num))

Please find a corrected version below

Best Regards
Nick
   

[SNIP]
With update version i confirm that regression test of a software now 
pass with OpenSSL HEAD version.


I still have problem with HEAD regarding check if is for self signed. 
This case is not in openssl regression tests ans cannot be reproduced 
with openssl command line. Case is when callback function return 
true(ok) for when error is X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT for 
certificate that is not is trusted store. Later in code function 
check_trust() will return X509_TRUST_UNTRUSTED and check with comment /* 
If not explicitly trusted then indicate error */ will call again 
callback function with different error code. This functionality is not 
same as 1.0.0x.



Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2594] Problem with X509 path loop detection - PATCH

[Roumen Petrov via RT]

Nick Lewis via RT wrote:
 Roumen

 Thank you for looking at the patch
[SNIP]
 +   if (issuer_num  (issuer_num  x_num))

 Please find a corrected version below

 Best Regards
 Nick

[SNIP]
With update version i confirm that regression test of a software now 
pass with OpenSSL HEAD version.

I still have problem with HEAD regarding check if is for self signed. 
This case is not in openssl regression tests ans cannot be reproduced 
with openssl command line. Case is when callback function return 
true(ok) for when error is X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT for 
certificate that is not is trusted store. Later in code function 
check_trust() will return X509_TRUST_UNTRUSTED and check with comment /* 
If not explicitly trusted then indicate error */ will call again 
callback function with different error code. This functionality is not 
same as 1.0.0x.


Roumen


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: Engines memory-management problems

[Roumen Petrov]

Dmitry Belyavsky wrote:

Greetings!

On Thu, Sep 22, 2011 at 3:00 AM, Roumen Petrov
open...@roumenpetrov.info  wrote:

[SNIP]


What is result if register__gost methotds are moved from bind to init ?


Double-free occurs too.
The

openssl speed -engine gost -evp gost89
is successful,

but the

openssl engine gost

fails with the same diagnostics. BTW it seems to be a bug in engine
command, because when I use the DSO object to protect double-load, the
speed command reports can't use that engine (./apps/apps.c line
1492) and the engine command does not.



Hmm, I can not  reproduce crash . Both command pass in my 64 bit env. :
OpenSSL 1.0.0e 6 Sep 2011
built on: Thu Sep  8 01:45:55 EEST 2011
options:bn(64,64) rc4(8x,int) des(idx,cisc,16,int) aes(partial) 
idea(int) blowfish(idx)
compiler: gcc -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS 
-D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack 
-fno-strict-aliasing -m64 -DL_ENDIAN -DTERMIO -O3 -Wall -DMD32_REG_T=int 
-DOPENSSL_EXPERIMENTAL_JPAKE -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT 
-DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DWHIRLPOOL_ASM


Why gost engine in bind method check for if (id  strcmp(id, 
engine_gost_id)) return 0; ? Plase could you compare with capi engine 
function bind_helper() .


Off topic: destroy function may call ERR_unload_GOST_strings .

I could not found more reasons.
My tests show that ENGINE_get_ex_new_index will crash engine if is 
called from bind or if free callback is passed. This function is not 
called by gost engine so out of scope.


Roumen
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: Engines memory-management problems

[Roumen Petrov]

Hi Dmitry,

Dmitry Belyavsky wrote:

Greetings!

During the 1.x version the current scheme of
algorithms providing through engines was implemented.

Debugging our (Cryptocom LTD) engines, I’ve found some troubles in the
way it works, please tell me
where I’m mistaken.

Openssl is configured with shared zlib enable-rfc3779 options. System
is Linux. Version is 1.0.0d.

The engine section is

[gost_section]
   engine_id=gostdefault_algorithms = ALL
   RNG=PROGRAM
#   dynamic_path = /opt/openssl/lib/engines/libgost.so

(the dynamic_path parameter is commented out)

The command is
$ ./bin/openssl speed -engine gost -evp gost89

It causes a SEGFAULT with diagnostics

*** glibc detected ***
./apps/openssl: double free or corruption (!prev): 0x097a4cd8 ***

When debugging, I’ve found that dynamically allocated
EVP_PKEY_ASN1_METHOD and EVP_PKEY_METHOD structs are allocated twice,
because the openssl app causes two-times loading engine in such a
case. It happens because ENGINE_by_id does not find the gost engine
loaded before. Also this two-times allocation causes memory leaks
(DEBUG_OPENSSL_MEMORY shows them).

The sympthoms were fixed by the patch (rt #2598), though I prefer to
fix it more systematically.

When we try to prevent two-times engine loading and memory allocating
providing the DSO object (for example, nuron engine works so), it did
not  help because the structs are allocated before the DSO check.

What should we do to fix the two-times engine loading, allocation and
especially double-free? For our commercial engine we can use the
static instances of the internal structs of openssl instead of
allocating them, but it is very bad idea...

The other suspicious part of code is freeing the structs allocating
from the engine. They are freed from the libcrypto ENGINE_cleanup
code. AFAIK it can cause troubles at least in Windows systems where
the resources should be freed where thay are acquired, especially when
they are linked using different compiler versions.

Please tell me where I’m mistaken.

Thank you!
   


What is result if register__gost methotds are moved from bind to init ?

Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2594] Problem with X509 path loop detection - PATCH

[Roumen Petrov]

Nick Lewis via RT wrote:

The path loop detection in crypto/x509/x509_vfy.c:check_issued() does not work 
correctly for some combinations of ctx-chain, x and issuer. For example when 
the cert x is in the chain at a location other than the top, a path loop is 
incorrectly declared. Also if the cert x is at the top of the chain but it is self 
signed then a path loop is incorrectly declared. In practice the latter causes 
bugs in which trusted self signed certificates are seen as untrusted (e.g. some 
OCSP responses)

It is my understanding that a path loop should only exist if the issuer is 
present in the chain at a lower position to that of the cert x. Please find 
below a patch against SNAP20110815

Best Regards
Nick
_


diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
index 64df4d3..7bbe43b 100755
--- a/crypto/x509/x509_vfy.c
+++ b/crypto/x509/x509_vfy.c
@@ -443,15 +443,18 @@ static int check_issued(X509_STORE_CTX *ctx, X509 *x, 
X509 *issuer)
 {
 int i;
 X509 *ch;
+   int issuer_num = 0;
+   int x_num = 0;
 for (i = 0; i  sk_X509_num(ctx-chain); i++)
  {
  ch = sk_X509_value(ctx-chain, i);
  if (ch == issuer || !X509_cmp(ch, issuer))
-  {
-  ret = X509_V_ERR_PATH_LOOP;
-  break;
-  }
+  issuer_num = issuer_num ? issuer_num : i+1;
+if (ch == x || !X509_cmp(ch, x))
+  x_num = i+1;
  }
+   if (issuer_num  x_num)
+ret = X509_V_ERR_PATH_LOOP;
 }
   
The patch above fix some issues with self issued but break other 
non-self issued.



Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2594] Problem with X509 path loop detection - PATCH

[Roumen Petrov via RT]

Nick Lewis via RT wrote:
 The path loop detection in crypto/x509/x509_vfy.c:check_issued() does not 
 work correctly for some combinations of ctx-chain, x and issuer. For example 
 when the cert x is in the chain at a location other than the top, a path loop 
 is incorrectly declared. Also if the cert x is at the top of the chain but it 
 is self signed then a path loop is incorrectly declared. In practice the 
 latter causes bugs in which trusted self signed certificates are seen as 
 untrusted (e.g. some OCSP responses)

 It is my understanding that a path loop should only exist if the issuer is 
 present in the chain at a lower position to that of the cert x. Please find 
 below a patch against SNAP20110815

 Best Regards
 Nick
 _


 diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c
 index 64df4d3..7bbe43b 100755
 --- a/crypto/x509/x509_vfy.c
 +++ b/crypto/x509/x509_vfy.c
 @@ -443,15 +443,18 @@ static int check_issued(X509_STORE_CTX *ctx, X509 *x, 
 X509 *issuer)
  {
  int i;
  X509 *ch;
 +   int issuer_num = 0;
 +   int x_num = 0;
  for (i = 0; i  sk_X509_num(ctx-chain); i++)
   {
   ch = sk_X509_value(ctx-chain, i);
   if (ch == issuer || !X509_cmp(ch, issuer))
 -  {
 -  ret = X509_V_ERR_PATH_LOOP;
 -  break;
 -  }
 +  issuer_num = issuer_num ? issuer_num : i+1;
 +if (ch == x || !X509_cmp(ch, x))
 +  x_num = i+1;
   }
 +   if (issuer_num  x_num)
 +ret = X509_V_ERR_PATH_LOOP;
  }

The patch above fix some issues with self issued but break other 
non-self issued.


Roumen


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2504] Cross Compile MinGW DLLs on Linux

[Roumen Petrov]

Marc Wäckerlin via RT wrote:

Hi OpenSSL

I managed to Cross Compile OpenSSL on Linux so that I can develop OpenSSL 
applications that run on Windows entireliy inside a Linux build environment.

It even builds the executables and the DLLs on Linux.

Please add my changes to the official Configure script. The patch is in the 
attachment.

Remark after some testing: As far as I see, the change in the MinGW target (below 2. Change 
Link Arguments) is no more necessary in OpenSSL 1.0.0d. Just remove the die-Line 
and everything is fine. :-)

Full documentation and Details of the patch are on my Homepage: 
http://marc.waeckerlin.org/computer/blog/openssl_fuer_windows_mingw_unter_linux_crosscomilieren

 From the Homepage:
-
Details of the Patch

1. Remove die-Line

Without the patch, you first drop into the error message:

   

./config --cross-compile-prefix=i586-mingw32msvc- --prefix=/tmp/openssl shared 
mingw
 

Operating system: x86_64-whatever-linux2
Configuring for linux-x86_64
target already defined - linux-x86_64 (offending arg: mingw)

That's why the die-line is commented out.
   

Instead ./config I use ./Configure

2. Change Link Arguments

According to http://wagner.pp.ru/~vitus/articles/openssl-mingw.html, symbols 
are not exported by default, that's why there is need for adding 
-Wl,–export-all -shared.
   
Hmm, this is not true and the this build use util/libeay.num and 
util/ssleay.num to export symbols.
May be those files are not up to date . Backup them, try make 
util/libeay.num  make util/ssleay.num after ./Configure and compare 
with saved.




-

Thanks, Regards
Marc
   


Regards,
Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2504] Cross Compile MinGW DLLs on Linux

[Roumen Petrov via RT]

Marc Wäckerlin via RT wrote:
 Hi OpenSSL

 I managed to Cross Compile OpenSSL on Linux so that I can develop OpenSSL 
 applications that run on Windows entireliy inside a Linux build environment.

 It even builds the executables and the DLLs on Linux.

 Please add my changes to the official Configure script. The patch is in the 
 attachment.

 Remark after some testing: As far as I see, the change in the MinGW target 
 (below 2. Change Link Arguments) is no more necessary in OpenSSL 1.0.0d. 
 Just remove the die-Line and everything is fine. :-)

 Full documentation and Details of the patch are on my Homepage: 
 http://marc.waeckerlin.org/computer/blog/openssl_fuer_windows_mingw_unter_linux_crosscomilieren

  From the Homepage:
 -
 Details of the Patch

 1. Remove die-Line

 Without the patch, you first drop into the error message:


 ./config --cross-compile-prefix=i586-mingw32msvc- --prefix=/tmp/openssl 
 shared mingw
  
 Operating system: x86_64-whatever-linux2
 Configuring for linux-x86_64
 target already defined - linux-x86_64 (offending arg: mingw)

 That's why the die-line is commented out.

Instead ./config I use ./Configure
 2. Change Link Arguments

 According to http://wagner.pp.ru/~vitus/articles/openssl-mingw.html, symbols 
 are not exported by default, that's why there is need for adding 
 -Wl,–export-all -shared.

Hmm, this is not true and the this build use util/libeay.num and 
util/ssleay.num to export symbols.
May be those files are not up to date . Backup them, try make 
util/libeay.num  make util/ssleay.num after ./Configure and compare 
with saved.


 -

 Thanks, Regards
 Marc


Regards,
Roumen


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: MinGW building from cmd.exe woes

[Roumen Petrov]

Darryl Miles wrote:

[SNIP]

Tried using:
 ms\mingw32.bat

[SNIP]

Try with ./Configure  mingw .

Roumen
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: MinGW building from cmd.exe woes

[Roumen Petrov]

Darryl Miles wrote:

Roumen Petrov wrote:
[SNIP]
I have tried using perl Configure mingw ... manually but I have not 
been able to find a combination that works to produce a usable 
Makefile that mingw32-make.exe (a version of GNU Make) can use.

May be issue is to find working version of mingw make.
Another case is the shell . At least some make commands require unix 
like shell either bash from msys or bash from cygwin.



[SNIP]
Darryl

Roumen
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2463] [PATCH]: OpenSSL 1.0.0d: Add abbility to load server certificate by ENGINE.

[Roumen Petrov via RT]

Andrey Kulikov via RT wrote:
 Hello,

 Please find file attached: server_cert_from_engine4.patch
 This is a patch to allow loading server SSL certificate by ENGINE.

 [SNIP]

 After applying this patch s_server will accept -certform ENGINE option.

 This patch supplied by Stonesoft Corporation, who give me permission to
 supply it to OpenSSL.

 Feel free to contact with me with any related questions.

 Andrey.


No idea why patch use server in method names.

As the STORE it not available yet (enable in 0.98 but experimental in 1+ 
?!).
I vote for a simple temporary solution too ( 
http://www.stacken.kth.se/lists/heimdal-discuss/2005-04/msg4.html )

I prefer more generic method similar to ENGINE_load_ssl_client_cert, 
i.e. I need EVP keys, corresponding certificates and the certificate chain.
Of course engine ssl-cert method could be modified if SSL context is 
null to return above but current search criteria is limitation.

Roumen


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2463] [PATCH]: OpenSSL 1.0.0d: Add abbility to load server certificate by ENGINE.

[Roumen Petrov]

Andrey Kulikov via RT wrote:

Hello,

Please find file attached: server_cert_from_engine4.patch
This is a patch to allow loading server SSL certificate by ENGINE.

[SNIP]

After applying this patch s_server will accept -certform ENGINE option.

This patch supplied by Stonesoft Corporation, who give me permission to
supply it to OpenSSL.

Feel free to contact with me with any related questions.

Andrey.
   


No idea why patch use server in method names.

As the STORE it not available yet (enable in 0.98 but experimental in 1+ 
?!).
I vote for a simple temporary solution too ( 
http://www.stacken.kth.se/lists/heimdal-discuss/2005-04/msg4.html )


I prefer more generic method similar to ENGINE_load_ssl_client_cert, 
i.e. I need EVP keys, corresponding certificates and the certificate chain.
Of course engine ssl-cert method could be modified if SSL context is 
null to return above but current search criteria is limitation.


Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2454] enable engine key for dsa command

[Roumen Petrov via RT]

Obsolete code prevent dsa command to use keys stored into engine.
The attached patch remove open of input file and left all to load_xxx 
functions.
See for reference rsa command that work fine.

Roumen

Index: apps/dsa.c
===
RCS file: /work/repo/mirror/openssl/openssl/apps/dsa.c,v
retrieving revision 1.39
diff -u -r1.39 dsa.c
--- apps/dsa.c	6 Apr 2010 11:18:57 -	1.39
+++ apps/dsa.c	19 Feb 2011 20:45:27 -
@@ -254,17 +258,6 @@
 		goto end;
 		}
 
-	if (infile == NULL)
-		BIO_set_fp(in,stdin,BIO_NOCLOSE);
-	else
-		{
-		if (BIO_read_filename(in,infile) = 0)
-			{
-			perror(infile);
-			goto end;
-			}
-		}
-
 	BIO_printf(bio_err,read DSA key\n);
 
 		{

[openssl.org #2455] print dsa pubin/pubout options

[Roumen Petrov via RT]

See attached file with patch for openssl dsa command: print 
-pubin/-pubout options.
Also -engine flags is moved at same position as for rsa command.

Roumen

Index: apps/dsa.c
===
RCS file: /work/repo/mirror/openssl/openssl/apps/dsa.c,v
retrieving revision 1.39
diff -u -r1.39 dsa.c
--- apps/dsa.c	6 Apr 2010 11:18:57 -	1.39
+++ apps/dsa.c	19 Feb 2011 20:45:27 -
@@ -90,6 +90,8 @@
  * -seed- encrypt output if PEM format
  * -text	- print a text version
  * -modulus	- print the DSA public key
+ * -pubin	- Expect a public key in input file.
+ * -pubout	- Output a public key.
  */
 
 int MAIN(int, char **);
@@ -210,9 +212,6 @@
 		BIO_printf(bio_err, -passin arg input file pass phrase source\n);
 		BIO_printf(bio_err, -out argoutput file\n);
 		BIO_printf(bio_err, -passout argoutput file pass phrase source\n);
-#ifndef OPENSSL_NO_ENGINE
-		BIO_printf(bio_err, -engine e   use engine e, possibly a hardware device.\n);
-#endif
 		BIO_printf(bio_err, -desencrypt PEM output with cbc des\n);
 		BIO_printf(bio_err, -des3   encrypt PEM output with ede cbc des using 168 bit key\n);
 #ifndef OPENSSL_NO_IDEA
@@ -232,6 +231,11 @@
 		BIO_printf(bio_err, -text   print the key in text\n);
 		BIO_printf(bio_err, -noout  don't print key out\n);
 		BIO_printf(bio_err, -modulusprint the DSA public value\n);
+		BIO_printf(bio_err, -pubin  expect a public key in input file\n);
+		BIO_printf(bio_err, -pubout output a public key\n);
+#ifndef OPENSSL_NO_ENGINE
+		BIO_printf(bio_err, -engine e   use engine e, possibly a hardware device.\n);
+#endif
 		goto end;
 		}
 

Re: [openssl.org #2443] mkdef.pl cannot handle FIPS related functions

[Roumen Petrov via RT]

Dr. Stephen Henson wrote:
 [snip]
 I've updated the sources so they are now avaiable outside FIPS mode.

 Steve.

10x solved, please close.

Roumen


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

[openssl.org #2443] mkdef.pl cannot handle FIPS related functions

[Roumen Petrov via RT]

The mingw cross-build of current HEAD(2011-01-31) fail :
WARNING: mkdef.pl doesn't know the following algorithms:
 NEXTPROTONEG
Creating library file: libcrypto.dll.a
Cannot export FIPS_dh_free: symbol not defined
.
Cannot export RSA_X931_generate_key_ex: symbol not defined
collect2: ld returned 1 exit status
make[4]: *** [link_a.cygwin] Error 1
make[4]: Leaving directory `SRCDIR'
make[3]: *** [do_cygwin-shared] Error 2
make[3]: Leaving directory `SRCDIR'
make[2]: *** [libcrypto.dll.a] Error 2
make[2]: Leaving directory `SRCDIR'
make[1]: *** [shared] Error 2
make[1]: Leaving directory `SRCDIR'
make: *** [build_crypto] Error 1

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2443] mkdef.pl cannot handle FIPS related functions

[Roumen Petrov]

Stephen Henson via RT wrote:

[open...@roumenpetrov.info - Thu Feb 03 16:36:58 2011]:

The mingw cross-build of current HEAD(2011-01-31) fail :
WARNING: mkdef.pl doesn't know the following algorithms:
  NEXTPROTONEG
Creating library file: libcrypto.dll.a
Cannot export FIPS_dh_free: symbol not defined
.
 

I'm currently updating the Windows build system for FIPS. It may end up
being broken for a while until I can get all the pieces working
properly: it's a bit messy.

I *think* the above may be fixed in the next snapshot: I've added
support to mkdef.pl for the FIPS symbol so it should now exclude things
like FIPS_dh_free for non-FIPS builds.

Steve.
   

10x
Functions RSA_X931_derive_ex and RSA_X931_generate_key_ex are not 
available in non-fips mode (see attached 
openssl-cvs-mingw-NOFIPS.patch plus minor cleanup in .cvsignore files 
for generated asm-files).


Roumen

Index: crypto/rsa/rsa.h
===
RCS file: /work/repo/mirror/openssl/openssl/crypto/rsa/rsa.h,v
retrieving revision 1.87
diff -u -r1.87 rsa.h
--- crypto/rsa/rsa.h	3 Feb 2011 10:03:22 -	1.87
+++ crypto/rsa/rsa.h	3 Feb 2011 22:40:07 -
@@ -293,11 +293,13 @@
 /* New version */
 int	RSA_generate_key_ex(RSA *rsa, int bits, BIGNUM *e, BN_GENCB *cb);
 
+#ifdef OPENSSL_FIPS
 int RSA_X931_derive_ex(RSA *rsa, BIGNUM *p1, BIGNUM *p2, BIGNUM *q1, BIGNUM *q2,
 			const BIGNUM *Xp1, const BIGNUM *Xp2, const BIGNUM *Xp,
 			const BIGNUM *Xq1, const BIGNUM *Xq2, const BIGNUM *Xq,
 			const BIGNUM *e, BN_GENCB *cb);
 int RSA_X931_generate_key_ex(RSA *rsa, int bits, const BIGNUM *e, BN_GENCB *cb);
+#endif /*def OPENSSL_FIPS*/
 
 int	RSA_check_key(const RSA *);
 	/* next 4 return -1 on error */
Index: util/libeay.num
===
RCS file: /work/repo/mirror/openssl/openssl/util/libeay.num,v
retrieving revision 1.317
diff -u -r1.317 libeay.num
--- util/libeay.num	3 Feb 2011 12:59:00 -	1.317
+++ util/libeay.num	3 Feb 2011 22:52:24 -
@@ -3664,7 +3664,7 @@
 FIPS_rand_status4051	EXIST:OPENSSL_FIPS:FUNCTION:
 FIPS_rand_set_key   4052	EXIST:OPENSSL_FIPS:FUNCTION:
 CRYPTO_set_mem_info_functions   4053	NOEXIST::FUNCTION:
-RSA_X931_generate_key_ex4054	EXIST::FUNCTION:RSA
+RSA_X931_generate_key_ex4054	EXIST:OPENSSL_FIPS:FUNCTION:RSA
 int_ERR_set_state_func  4055	NOEXIST::FUNCTION:
 int_EVP_MD_set_engine_callbacks 4056	NOEXIST::FUNCTION:
 int_CRYPTO_set_do_dynlock_callback  4057	NOEXIST::FUNCTION:
@@ -3675,7 +3675,7 @@
 FIPS_rand_set_dt4062	EXIST:OPENSSL_FIPS:FUNCTION:
 CRYPTO_dbg_pop_info 4063	NOEXIST::FUNCTION:
 FIPS_dsa_free   4064	EXIST:OPENSSL_FIPS:FUNCTION:DSA
-RSA_X931_derive_ex  4065	EXIST::FUNCTION:RSA
+RSA_X931_derive_ex  4065	EXIST:OPENSSL_FIPS:FUNCTION:RSA
 FIPS_rsa_new4066	EXIST:OPENSSL_FIPS:FUNCTION:RSA
 FIPS_rand_bytes 4067	EXIST:OPENSSL_FIPS:FUNCTION:
 fips_cipher_test4068	EXIST:OPENSSL_FIPS:FUNCTION:
Index: .cvsignore
===
RCS file: /work/repo/mirror/openssl/openssl/.cvsignore,v
retrieving revision 1.14
diff -u -r1.14 .cvsignore
--- .cvsignore	28 Oct 2008 15:29:25 -	1.14
+++ .cvsignore	31 Jan 2011 21:05:33 -
@@ -16,6 +16,7 @@
 *.flc
 semantic.cache
 Makefile
+*.def*
 *.dll*
 *.so*
 *.sl*
Index: crypto/.cvsignore
===
RCS file: /work/repo/mirror/openssl/openssl/crypto/.cvsignore,v
retrieving revision 1.12
diff -u -r1.12 .cvsignore
--- crypto/.cvsignore	17 Apr 2008 10:19:05 -	1.12
+++ crypto/.cvsignore	31 Jan 2011 21:04:53 -
@@ -5,4 +5,4 @@
 *.flc
 semantic.cache
 *cpuid.s
-uplink-cof.s
+uplink-*.s
Index: crypto/aes/.cvsignore
===
RCS file: /work/repo/mirror/openssl/openssl/crypto/aes/.cvsignore,v
retrieving revision 1.5
diff -u -r1.5 .cvsignore
--- crypto/aes/.cvsignore	17 Apr 2008 10:19:05 -	1.5
+++ crypto/aes/.cvsignore	3 Aug 2009 22:10:14 -
@@ -3,3 +3,4 @@
 *.flc
 semantic.cache
 aes-*.s
+aesni-*.s
Index: crypto/modes/.cvsignore
===
RCS file: /work/repo/mirror/openssl/openssl/crypto/modes/.cvsignore,v
retrieving revision 1.1
diff -u -r1.1 .cvsignore
--- crypto/modes/.cvsignore	29 Dec 2008 00:27:06 -	1.1
+++ crypto/modes/.cvsignore	2 Feb 2011 21:38:33 -
@@ -2,3 +2,4 @@
 Makefile.save
 *.flc
 semantic.cache
+ghash-*.s

Re: [openssl.org #2374] [PATCH] mingw32 cant compile e_capi.c (1.0.0b)

[Roumen Petrov]

Guenter via RT wrote:

Hi,
it seems that all native MingW32 versions (tested with MingW32 4.50)
lack of stuff to compile e_capi.c:

[SNIP]

make[1]: *** [e_capi.o] Error 1
make[1]: Leaving directory `/d/openssl-1.0.0b/engines'

Therefore I've added some more define tests to OpenSSL 1.0.0b e_capi.c
to furher check what we have (or not) in wincrypt.h:
--- e_capi.c.orig   Mon Mar 15 23:29:20 2010
+++ e_capi.cThu Nov 18 17:43:19 2010
@@ -76,10 +76,16 @@
   

[SNIP]

*/
-#ifdef CERT_KEY_PROV_INFO_PROP_ID
+#if defined(CERT_KEY_PROV_INFO_PROP_ID)  \
+defined(CERT_STORE_PROV_SYSTEM_A)  \
+defined(CERT_STORE_READONLY_FLAG)
   # define __COMPILE_CAPIENG
   #endif /* CERT_KEY_PROV_INFO_PROP_ID */
   #endif /* OPENSSL_NO_CAPIENG */

patch also attached.
   
I agree with Guenter about win api from mingw.org. The code should 
compile fine for mingw-64 headers.


So if defined ... looks good. The comment could be more simple - some 
mingw projects don't define .


Roumen

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2374] [PATCH] mingw32 cant compile e_capi.c (1.0.0b)

[Roumen Petrov via RT]

Guenter via RT wrote:
 Hi,
 it seems that all native MingW32 versions (tested with MingW32 4.50)
 lack of stuff to compile e_capi.c:
[SNIP]
 make[1]: *** [e_capi.o] Error 1
 make[1]: Leaving directory `/d/openssl-1.0.0b/engines'

 Therefore I've added some more define tests to OpenSSL 1.0.0b e_capi.c
 to furher check what we have (or not) in wincrypt.h:
 --- e_capi.c.orig Mon Mar 15 23:29:20 2010
 +++ e_capi.c  Thu Nov 18 17:43:19 2010
 @@ -76,10 +76,16 @@

[SNIP]
 */
 -#ifdef CERT_KEY_PROV_INFO_PROP_ID
 +#if defined(CERT_KEY_PROV_INFO_PROP_ID)  \
 +defined(CERT_STORE_PROV_SYSTEM_A)  \
 +defined(CERT_STORE_READONLY_FLAG)
# define __COMPILE_CAPIENG
#endif /* CERT_KEY_PROV_INFO_PROP_ID */
#endif /* OPENSSL_NO_CAPIENG */

 patch also attached.

I agree with Guenter about win api from mingw.org. The code should 
compile fine for mingw-64 headers.

So if defined ... looks good. The comment could be more simple - some 
mingw projects don't define .

Roumen


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2246] dtls1.h includes winsock.h, overriding the #undefs from ossl_typ.h on Windows

[Roumen Petrov]

M.-A. Lemburg via RT wrote:

An application that only includes openssl/ssl.h from OpenSSL
1.0.0 and doesn't use winsock.h will run into problems on Windows,
since the dtls1.h header file includes the winsock.h header file long
after the ossl_typ.h header file was loaded.


What about to define WIN32_LEAN_AND_MEAN ?
[SNIP]
Openssl 1+ is switched to winsock2.

Roumen
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2246] dtls1.h includes winsock.h, overriding the #undefs from ossl_typ.h on Windows

[Roumen Petrov via RT]

M.-A. Lemburg via RT wrote:
 An application that only includes openssl/ssl.h from OpenSSL
 1.0.0 and doesn't use winsock.h will run into problems on Windows,
 since the dtls1.h header file includes the winsock.h header file long
 after the ossl_typ.h header file was loaded.

What about to define WIN32_LEAN_AND_MEAN ?
[SNIP]
Openssl 1+ is switched to winsock2.

Roumen


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

underscore in function name (OPENSSL_isservice)

[Roumen Petrov]

Hello all,

Check-in [19505] and [19557] cryptlib.c: allow application to override 
OPENSSL_isservice  adds  call for GetProcAddress with argument name of 
function that start with underscore.
The function OPENSSL_isservice is specific for windows platforms and on 
those platforms in not well defined naming convention for functions with 
C calling conventions - it is compiler dependent.


May be code after call could check for function name without underscode.

Roumen
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [PATCH] for compiling OpenSSL 1.0.0 (3/29/10) using MinGW

[Roumen Petrov]

Ray Satiro wrote:

Third time's the charm, hopefully...
--
Without this patch the make will error with Pick one target type from and a 
list of assembler types.
mingw32-make: *** [tmp\x86cpuid.asm] Error 1
--

I had to make some changes to compile OpenSSL 1.0.0 (3/29/10) using MinGW. The 
asmtype is not specified in MinGW builds so I added it to Mingw32.pl. I changed 
-mcpu back to -march.
Configure was now missing its mk1mf check, so I changed that back.
Also a minor type field character change in speed.c

My compiler coughed a lot of errors in e_capi.c, looked like wintrust.h stuff. 
I realized I didn't have this problem because in previous versions  no-capieng 
used to be a default option. After I passed it the compile was successful.

I have two unknown option messages:
Generating makefile
unknown option - no-capieng
unknown option - static-engine

However as implied above the script seems to be picking up on no-capieng when I 
specify it, although -DOPENSSL_NO_CAPIENG does not appear to be added to CFLAGS 
any longer. Is this expected? Not sure why static-engine was there and I can't 
reproduce that line. INSTALL.W32 reads like the behavior of making libs for 
ENGINES has changed since 0.9.8 but it's my understanding this still doesn't 
apply to MinGW and so static-engine opt is probably not needed there.

Also it appears that the resource ms\version32.rc file isn't compiled or added 
in.

If anyone has trouble you might try using a clean copy with these steps from a 
command prompt (not msys):

decompressed with winrar
cd openssl-1.0.0
unix2dos ..\openssl.patch
patch -p1  ..\openssl.patch
ms\mingw32.bat no-capiengms_make.out 21
cd out
..\ms\test  ..\ms_test.out 21



You could use standard build for 1.x+


Roumen
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: Windows support baseline [was: Unwanted dependencies to user32.dll]

[Roumen Petrov]

William A. Rowe Jr. wrote:

On 3/16/2010 4:53 PM, Kees Dekker wrote:

 * I saw a lot of NT4 code.


What NT4 code? You must be referring to _WIN32_WINNT macro
sometimes set
to 0x400. It does not denote NT4-specific code, it denotes
that NT4 is
required *minimum*. Meaning that it targets *all* Windows versions
*past* 4: 2000, XP, 2003, Vista, 2008, 7, etc.


Example: rand_win.c, check on osverinfo.dwMajorVersion  5 (i.e. NT4).
And all places, using GetVersion()= 0x8000 points to Win9x code.
But, please ignore this remark. My key point is the dependency to user32.dll. 
Sorry for causing confusion.


It is past time to deprecate all 9x and NT support, but I expect we will
only see this occur in OpenSSL 1.0.0 (in which case, deprecating 2000 is
equally valid, since Extended Support for Windows 2000 Server and Windows
2000 Professional ends on July 13, 2010).

These machines are toxins when connected to a public internet due to known
security flaws, we must go on the assumption that the typical user/operator
does not know how to/does not go to the trouble to disable unused services.
As a security layer provider, OpenSSL project would obviously be much more
attentive to such issues than a typical open source project.

Therefore Windows XP/2003 as a baseline, going forwards is completely
reasonable.  I realize this is a tangent of the original report, but its
certainly legitimate.


OpenSSL support many platforms and I could not found reason project to 
be limited in backward  compatible support as Microsoft Windows OS-es.



Roumen
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org