Re: Recommandation related to tools to be used with OpenSSL
From: VictorMitu victorm...@yahoo.com I have the following scenario: i need an application that will do the following: 1. there is an input folder. In this folder, files will be copied/downloaded. 2. An application/script will periodically query this folder (auto-detection is also accepted). 3. if a new file is detected, the application will execute openssl smime -encrypt | openssl smime -sign commands on the file. 4. the output files (encrypted file and encrypted-signed files) will be dropped in an Output folder. The reverse operation is also expected: 1. an input folder will be queried periodically for new encrypted-signed files (auto-detection is also accepted). 2. if a new file is found, the following commands are applied: openssl smime -verify | openssl smime -decrypt and the following actions are perfromed: 2.1. The Signature is verified. The validation process will drop to an external file (txt, csv) the result of the validation (pass/failed). 2.2 The Encrypted file is decrypted in another folder. My question is actually a request for a recommandation related to an easy development tool (programming language, scripting) that is able to perform these operations, including the injection of openssl commands. Most languages can do this (execute external programs). Even a simple shell script run from cron... cd $INPUT_DIR ls | while read FILE do openssl_cmd1 $FILE $FILE.crypted openssl_cmd2 $FILE.crypted ... mv $FILE.crypted $OUTPUT_DIR/ rm -f $FILE done Copy/paste and adapt for the reverse. It depends on the level of sophistication you want... JD __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: FIPS linked as a shared library
Would you elaborate what is meant by 'strict binding' please. I have tried compiling with '-z now', I have tried RTLD_LAZY and RTLD_NOW as flags to dlopen and the env var LD_BIND_NOW also had no effect. I have reproduced the same issue of the shared lib Failing on both x86 and mips. Has anyone created and used a shared library? -Matt Bancroft -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Kyle Hamilton Sent: 18 January 2010 20:43 To: openssl-users Subject: Re: FIPS linked as a shared library The way that the FIPS module verifies its signature is that it forces itself to load (via a pre-main() section) and then calculate the checksum of the image in-core. Probably the reason why you're running into issues is because of the fixup step of the dynamic linker. If you expect to use FIPS, you should link it as a hard dependency (also known as 'strict binding', as opposed to 'lazy binding') so that it can be loaded as early as possible, to minimize the chances of the linker needing to run fixups after application-code memory allocation. As you've found, the image in-core *must* match the original image in-core when the signature was generated, and the linker changes the pointers of where things are located when it has to. -Kyle H On Mon, Jan 18, 2010 at 2:48 AM, Bancroft, Matthew matt.bancr...@siemens-enterprise.com wrote: Hello, I have generated the fipscanister.o and all associated files as described in the user guide. All the checks ran ok. I have created an application using the fipscanister.o which works fine. When I create the shared library the run time check called when FIPS_mode_set() is called fails. I have found that depending on where I am loading the library in my code the signature generated is different. Hence my question, Is it really possible to create a shared library, and not an application, using the FIPS module? The make file for the shared lib looks like this: CC = gcc LIBOBJS= $(BIN)/fipsShared.o libfipsShared.so: fipsShared.o FIPSLD_CC=$(CC) /openssl-fips-1.2/fips/fipsld -shared -o $@ $^ -DDEBUG_FINGERPRINT_PREMAIN /openssl-fips-1.2/libcrypto.a The build platform is a native MIPS, gcc-3.4.4, make 3.81, uclibc.0.9.28. Regards, Matt Bancroft matt.bancr...@siemens-enterprise.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Getting a pem from a p12
Hi, all. First of all: sorry about my poor SSL skills. I want to create an https connection to a third party https web service and the client must use a certificate to use that web service. I am using PHP (PHP uses libcurl and supports only PEM certificates) in my side (the client side). The third party mailed me a trust.keystore file and a .p12 file. How can I get the .pem file? I have been executing the following command but always requests for an input password (and I have no password!): openssl pkcs12 -clcerts -in input.p12 -out output.pem Could the trust.keystore be used to get the .pem file? Thanks in advance. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Getting a pem from a p12
(and I have no password!) You should ask the trust.keystore and .p12 file password to the one that sent them to you. Moreover, you should be sure you know what you are trying to get: do you want simply to convert the files from DER to PEM, or you want to extract all the certificates into PEM files? On Wed, Jan 20, 2010 at 2:55 PM, avelino avel...@mhpsc.com wrote: Hi, all. First of all: sorry about my poor SSL skills. I want to create an https connection to a third party https web service and the client must use a certificate to use that web service. I am using PHP (PHP uses libcurl and supports only PEM certificates) in my side (the client side). The third party mailed me a trust.keystore file and a .p12 file. How can I get the .pem file? I have been executing the following command but always requests for an input password (and I have no password!): openssl pkcs12 -clcerts -in input.p12 -out output.pem Could the trust.keystore be used to get the .pem file? Thanks in advance. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Problem with compiling of openSSL
I use windows cmd prompt to compile openssl (0.9.8) on XP. I have found Perl to be a main problem. make sure ActivePerl is the first perl on your path (set path=ActivePerl;%PATH%). And then run $$perl Configure other config option, look in install readme Also, if you want debug symbols you will have to edit nt.mak file. After running Configure and ms/do_(masm/nasm) edit nt.mak to add/remove appropriate CFLAGS. -Anand On Wed, Jan 20, 2010 at 4:31 AM, Christian Gehrmann - Setasign christian.gehrm...@setasign.de wrote: Hi, I'm an student at my company and got the task to compile openSSL under Windows XP. I tried to make it how it was described in the install.w32 file, but it won't work! I searched in google but there were no answer for my problem. The ./config works, that seems to be ok, but always when I try to compile it, I got errors during the make-command execution (see file attachment) I use CygWin with NASM, Perl5 and ActivePerl. Can somebody show me the right direction to fix my problem? Thanks Christian
recommended rsa api
Hi! I'm new to openssl. I need to encrypt and decrypt approx 1k block of data with rsa. What is recommended api for the case? I've found RSA_public_encrypt() and RSA_private_decrypt(). It looks like a kind of low level api. But here I've got a problem with OAEP padding. Another one is EVP_PKEY_encrypt() and EVP_PKEY_decrypt(). It is of a higher level. It encodes and decodes correctly only one block for me, but looks like it could operate on block of any size. And I've not found any use cases with google code search. It looks like I missed smth ;) Any advice is very welcome! -- Thanks in advance, Alexey sms stands for save my soul __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: recommended rsa api
Hi there Alexey
Many people will tell you to use the EVP stuff and quite frankly, they're
most likely right. However, I've not managed to figure out the EVP stuff so
I use the public_encrypt and private_decrypt functions instead. I have
written the following functions to encapsulate the functionality I need.
Adapt them as you like :-)
void
theEncryptor::generateRSAKeyPair(int bits)
{
rsa = RSA_generate_key(bits, 65537, NULL, NULL);
}
int
theEncryptor::publicEncrypt(unsigned char* data, unsigned char*
dataEncrypted,int dataLen)
{
return RSA_public_encrypt(dataLen, data, dataEncrypted, rsa,
RSA_PKCS1_PADDING);
}
int
theEncryptor::privateDecrypt(unsigned char* dataEncrypted,
unsigned char* dataDecrypted)
{
return RSA_private_decrypt(RSA_size(rsa), dataEncrypted,
dataDecrypted, rsa, RSA_PKCS1_PADDING);
}
Then since I am receiving a public key, I have a sockets framework:
void
theEncryptor::receivePublicKeyAndSetRSA(int sock, int bits)
{
int max_hex_size = (bits / 4) + 1;
char keybufA[max_hex_size];
bzero(keybufA,max_hex_size);
char keybufB[max_hex_size];
bzero(keybufB,max_hex_size);
int n = recv(sock,keybufA,max_hex_size,0);
n = send(sock,OK,2,0);
n = recv(sock,keybufB,max_hex_size,0);
n = send(sock,OK,2,0);
rsa = RSA_new();
BN_hex2bn(rsa-n, keybufA);
BN_hex2bn(rsa-e, keybufB);
}
void
theEncryptor::transmitPublicKey(int sock, int bits)
{
const int max_hex_size = (bits / 4) + 1;
long size = max_hex_size;
char keyBufferA[size];
char keyBufferB[size];
bzero(keyBufferA,size);
bzero(keyBufferB,size);
sprintf(keyBufferA,%s\r\n,BN_bn2hex(rsa-n));
sprintf(keyBufferB,%s\r\n,BN_bn2hex(rsa-e));
int n = send(sock,keyBufferA,size,0);
char recBuf[2];
n = recv(sock,recBuf,2,0);
n = send(sock,keyBufferB,size,0);
n = recv(sock,recBuf,2,0);
}
Best Wishes,
Ben.
On 20 January 2010 15:14, Alexey Luchko l...@ank-sia.com wrote:
Hi!
I'm new to openssl.
I need to encrypt and decrypt approx 1k block of data with rsa.
What is recommended api for the case?
I've found RSA_public_encrypt() and RSA_private_decrypt().
It looks like a kind of low level api.
But here I've got a problem with OAEP padding.
Another one is EVP_PKEY_encrypt() and EVP_PKEY_decrypt().
It is of a higher level.
It encodes and decodes correctly only one block for me,
but looks like it could operate on block of any size.
And I've not found any use cases with google code search.
It looks like I missed smth ;)
Any advice is very welcome!
--
Thanks in advance,
Alexey
sms stands for save my soul
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
--
Ben H D Jones
www.bhjones.com
Re: recommended rsa api
EVP is oneway of implementing your solution. Look at Example section of http://openssl.org/docs/crypto/EVP_EncryptInit.html# -Anand On Wed, Jan 20, 2010 at 10:14 AM, Alexey Luchko l...@ank-sia.com wrote: Hi! I'm new to openssl. I need to encrypt and decrypt approx 1k block of data with rsa. What is recommended api for the case? I've found RSA_public_encrypt() and RSA_private_decrypt(). It looks like a kind of low level api. But here I've got a problem with OAEP padding. Another one is EVP_PKEY_encrypt() and EVP_PKEY_decrypt(). It is of a higher level. It encodes and decodes correctly only one block for me, but looks like it could operate on block of any size. And I've not found any use cases with google code search. It looks like I missed smth ;) Any advice is very welcome! -- Thanks in advance, Alexey sms stands for save my soul __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: recommended rsa api
For RSA API take a look at http://openssl.org/docs/crypto/rsa.html# -Anand On Wed, Jan 20, 2010 at 11:18 AM, Anand Patel anand.apa...@gmail.comwrote: EVP is oneway of implementing your solution. Look at Example section of http://openssl.org/docs/crypto/EVP_EncryptInit.html# -Anand On Wed, Jan 20, 2010 at 10:14 AM, Alexey Luchko l...@ank-sia.com wrote: Hi! I'm new to openssl. I need to encrypt and decrypt approx 1k block of data with rsa. What is recommended api for the case? I've found RSA_public_encrypt() and RSA_private_decrypt(). It looks like a kind of low level api. But here I've got a problem with OAEP padding. Another one is EVP_PKEY_encrypt() and EVP_PKEY_decrypt(). It is of a higher level. It encodes and decodes correctly only one block for me, but looks like it could operate on block of any size. And I've not found any use cases with google code search. It looks like I missed smth ;) Any advice is very welcome! -- Thanks in advance, Alexey sms stands for save my soul __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
Hi, I am new to OpenSSL. I am trying to verify the compressed XML data, signed using PKCS#7. Then a four byte crc is appended to it and the whole data is now base64 encoded. All the above is done using windows libraries. The verification works fine in windows. Now I am trying to verify the above data(signed using windows libs) using OpenSSL. The data is decoded from base64 to bytes, crc is verified. Then I try to use the command d2i_pkcs7 to create the PKCS7 structure which results in the following error , error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag. The code I am using to do this is as follows: const unsigned char *q; q = (const unsigned char*)nBytes; PKCS7 *p7 = NULL; // I want to use this p7 structure in PKCS7_verify p7 = d2i_PKCS7(NULL, q, nCountOfBytes);// error occurs here where nBytes is a BYTE array storing the data. I don't have a clue what this error means, am I missing something here? -Ujwal
Re: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
On Tue, Jan 19, 2010, Ujwal Chinthala wrote: Hi, I am new to OpenSSL. I am trying to verify the compressed XML data, signed using PKCS#7. Then a four byte crc is appended to it and the whole data is now base64 encoded. All the above is done using windows libraries. The verification works fine in windows. Now I am trying to verify the above data(signed using windows libs) using OpenSSL. The data is decoded from base64 to bytes, crc is verified. Then I try to use the command d2i_pkcs7 to create the PKCS7 structure which results in the following error , error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag. The code I am using to do this is as follows: const unsigned char *q; q = (const unsigned char*)nBytes; PKCS7 *p7 = NULL; // I want to use this p7 structure in PKCS7_verify p7 = d2i_PKCS7(NULL, q, nCountOfBytes);// error occurs here where nBytes is a BYTE array storing the data. I don't have a clue what this error means, am I missing something here? I suspect that is caused by the binary data being corrupted somehow. For example the base64 data not being decoded correctly or it not being in DER format. What does the data look like? Is it ASCII text or are the first two characters 0x30, 0x82? Suggest you dump the binary data to a file and try: openssl pkcs7 -inform DER -in file.p7 If you get a similar error and the above doesn't help you could send it to me and I'll take a look. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
OpenSSL 1.0.0 beta5 release
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenSSL version 1.0.0 Beta 5 OpenSSL - The Open Source toolkit for SSL/TLS http://www.openssl.org/ OpenSSL is currently in a release cycle. The fifth beta is now released. This is expected be the final beta depending on the number of bugs reported. The beta release is available for download via HTTP and FTP from the following master locations (the various FTP mirrors you can find under http://www.openssl.org/source/mirror.html): o http://www.openssl.org/source/ o ftp://ftp.openssl.org/source/ The file names of the beta are: o openssl-1.0.0-beta5.tar.gz Size: 4006467 MD5 checksum: f869b6b044296f31cee710f178605ef2 SHA1 checksum: a16377c02625f803a5dcfaa9c11aeadcfd3703b6 The checksums were calculated using the following command: openssl md5 openssl-1.0.0-beta5.tar.gz openssl sha1 openssl-1.0.0-beta5.tar.gz Please download and test them as soon as possible. This new OpenSSL version incorporates 122 documented changes and bugfixes to the toolkit (for a complete list see http://www.openssl.org/source/exp/CHANGES). Also check the latest snapshots at ftp://ftp.openssl.org/snapshot/ or CVS (see http://www.openssl.org/source/repos.html) to avoid reporting previously fixed bugs. Since the fourth beta, the following has happened: - Provisional TLS session renegotiation fix - Option to output hash using older algorithm in x509 utility - Compression session handling bug fix - Build system fixes. - Other bug fixes. Reports and patches should be sent to openssl-b...@openssl.org. Discussions around the development of OpenSSL should be sent to openssl-...@openssl.org. Anything else should go to openssl-us...@openssl.org. The best way, at least on Unix, to create a report is to do the following after configuration: make report That will do a few basic checks of the compiler and bc, then build and run the tests. The result will appear on screen and in the file testlog. Please read the report before sending it to us. There may be problems that we can't solve for you, like missing programs. Yours, The OpenSSL Project Team... Mark J. Cox Ben Laurie Andy Polyakov Ralf S. Engelschall Richard Levitte Geoff Thorpe Dr. Stephen Henson Bodo Möller Ulf Möller Lutz JänickeNils Larsch -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iQEVAwUBS1cho6LSm3vylcdZAQJiQAf+MFwN93YBcJI6sQIjAr5RSql7gdP9H+NV zNBf6nkLCJcuwu9tXeheuLRfvye5wF+FpWE6qS5a8mgm3Z6S8aOnacBvyfyo57U7 mTs4eNG9YBwS/wK7cavxzKLsVX0zgOMurqLmONUlNBSrW9m2R7uupfLn+SzQYrov gZl48yqB5AVtM4MiwEWmK9EnXH4SCtOWG4TEi2G30hP/5ssKoM4Y+GrQMueZnTEW RXR+N+1uvmqzDfekoTE3bfXd0BNPMUNh7JmSxT/WlhPxDk7Tx5yMxqnZChPgsSFN a9V38M/yDzbL8Gz3zToOC+GsVmf560+7b6aC1LvUPLXZZWOXn/vLsA== =A39y -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
threads the default in openssl 0.9.8K and L
We're making the jump from OpenSSL 0.9.8d to 0.9.8l. I noticed while buiding L (and K for that matter) that HP complains when the Configure option 'threads' is specified but no system-specific compiler options were specified. 0.9.8d does not complain this way. I removed the 'threads' option, the complaint ceased, and build was ok. SO: is the 'threads' Configure option the default now -- for all platforms that know how? I went looking for notes about this in the CHANGES document but might be blind or it's not indicated. -DOPENSSL_THREADS appears to be defined on the compiler line by default now. thanks a bunch. +-+-+-+-+-+-+ Dave McLellan, Symmetrix Software EMC Corporation, 228 South St, Hopkinton MA Mail Stop LL/AA-24 office 508-249-1257, fax 508-544-2129 cell 978-500-2546, IM: mclellan_d...@yahoo.com +-+-+-+-+-+-+
OpenSSL 0.9.8m-beta1 release
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 OpenSSL version 0.9.8m-beta1 released OpenSSL - The Open Source toolkit for SSL/TLS http://www.openssl.org/ The OpenSSL project team is pleased to announce the release of version 0.9.8m-beta1 of our open source toolkit for SSL/TLS. This new OpenSSL version is a security and bug fix beta release which implements draft-ietf-tls-renegotiation-03.txt to address CVE-2009-3555. For a complete list of changes, please see http://www.openssl.org/source/exp/CHANGES. We have taken the unusual step of releasing a beta from the stable branch of OpenSSL for two reasons. Firstly the renegotiation specification may change before they are finalised. Secondly a large number of changes in OpenSSL 0.9.8 have been made since the last release and a beta release should encourage testing and help resolve any issues before the final release. It is expected that this will be the only beta release of OpenSSL 0.9.8m. OpenSSL 0.9.8m-beta1 is available for download via HTTP and FTP from the following master locations (you can find the various FTP mirrors under http://www.openssl.org/source/mirror.html): * http://www.openssl.org/source/ * ftp://ftp.openssl.org/source/ The distribution file names are: o openssl-0.9.8m-beta1.tar.gz Size: 3767860 MD5 checksum: 6168ce47e20b216c529b14e89144413b SHA1 checksum: 7fa59c637c29e4e679c6942442ec370338a8c69f The checksums were calculated using the following commands: openssl md5 openssl-0.9.8m-beta1.tar.gz openssl sha1 openssl-0.9.8m-beta1.tar.gz Please download and test them as soon as possible. Also check the latest snapshots at ftp://ftp.openssl.org/snapshot/ or CVS (see http://www.openssl.org/source/repos.html) to avoid reporting previously fixed bugs. Reports and patches should be sent to openssl-b...@openssl.org. Discussions around the development of OpenSSL should be sent to openssl-...@openssl.org. Anything else should go to openssl-us...@openssl.org. The best way, at least on Unix, to create a report is to do the following after configuration: make report That will do a few basic checks of the compiler and bc, then build and run the tests. The result will appear on screen and in the file testlog. Please read the report before sending it to us. There may be problems that we can't solve for you, like missing programs. Yours, The OpenSSL Project Team... Mark J. Cox Nils Larsch Ulf Möller Ralf S. Engelschall Ben Laurie Andy Polyakov Dr. Stephen Henson Richard Levitte Geoff Thorpe Lutz JänickeBodo Möller -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.9 (GNU/Linux) iQEVAwUBS1dBAqLSm3vylcdZAQJ29QgAwF7pjd+ruccAcMGsvA9frIMC9Y5lN4XB c/TruLxYG+R0OJ0I9HELqA60w7J9/nwafYdaDf/ZIeLja+BQAOTsR7ZrDdV6TcM4 NbUeS5nv0X8ttedg1SrYZXZEEAcgBeMu8B9wNfajgr923cSTxdJkDsxTsWGy0C9y HUMHYfFTC5fvnYZy2HHbXzZ1HCPRseOEkv0e+h6eSpYKf3gJXoXiCtfD+VrPM5dz SsnXqD/HDiFvDHKze7TsPC0yItr/jIOXQiO6HSJQ4c0wa6Xif1lBxqHrEMZ0+LFl 9RSJRw9Nye7SXtAHYjx9cQjBgb3Zmjxk9GHNZ9kNnKbLeuMBA9V1zA== =UdBU -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
multithreading question
Our server does a raw socket accept first, and then spawns a thread for each that brings up the ssl connection if applicable. The code flow is like this: int fd; SSL_CTX* ctx; SSL* ssl; BIO* fdbio = BIO_new_socket((int)fd, 0); BIO* bio = BIO_new_ssl(ctx, client); BIO_push(bio, fdbio); BIO_get_ssl(bio, ssl); The SSL_CTX is shared across the multiple threads. My question is whether BIO_new_ssl() should be serializing so that only one thread is instantiating an SSL instance at a time from the SSL_CTX. Wayne. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
On Tue, Jan 19, 2010, Ujwal Chinthala wrote: Hi, I am new to OpenSSL. I am trying to verify the compressed XML data, signed using PKCS#7. Then a four byte crc is appended to it and the whole data is now base64 encoded. All the above is done using windows libraries. The verification works fine in windows. Now I am trying to verify the above data(signed using windows libs) using OpenSSL. The data is decoded from base64 to bytes, crc is verified. Then I try to use the command d2i_pkcs7 to create the PKCS7 structure which results in the following error , error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag. The code I am using to do this is as follows: const unsigned char *q; q = (const unsigned char*)nBytes; PKCS7 *p7 = NULL; // I want to use this p7 structure in PKCS7_verify p7 = d2i_PKCS7(NULL, q, nCountOfBytes);// error occurs here where nBytes is a BYTE array storing the data. I don't have a clue what this error means, am I missing something here? That isn't actually a PKCS#7 structure. It is a CMS ContentInfo structure which is a superset of PKCS#7. You need to use the CMS routines instead. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re-negotiation handshake failed: Not accepted by client with OpenSSL 0.98m-beta1
I'm running apache 2.2.14 with mod_ssl using OpenSSL 0.98m-beta1. When renegotiating a client session, I get an error from apache: Re-negotiation handshake failed: Not accepted by client and a fatal unexpected_message alert in OpenSSL s_client. Below you will find log output for the renegotiation failure and log output for a successful legacy renegotiation against OpenSSL 0.98k. Here's the log output of Apache: ... [Wed Jan 20 23:35:15 2010] [debug] ssl_engine_kernel.c(487): [client 72.247.216.129] Changed client verification type will force renegotiation [Wed Jan 20 23:35:15 2010] [info] [client 72.247.216.129] Requesting connection re-negotiation [Wed Jan 20 23:35:15 2010] [debug] ssl_engine_kernel.c(724): [client 72.247.216.129] Performing full renegotiation: complete handshake protocol [Wed Jan 20 23:35:15 2010] [debug] ssl_engine_kernel.c(1875): OpenSSL: Handshake: start [Wed Jan 20 23:35:15 2010] [debug] ssl_engine_kernel.c(1883): OpenSSL: Loop: SSL renegotiate ciphers [Wed Jan 20 23:35:15 2010] [debug] ssl_engine_kernel.c(1883): OpenSSL: Loop: SSLv3 write hello request A [Wed Jan 20 23:35:15 2010] [debug] ssl_engine_kernel.c(1883): OpenSSL: Loop: SSLv3 flush data [Wed Jan 20 23:35:15 2010] [debug] ssl_engine_kernel.c(1883): OpenSSL: Loop: SSLv3 write hello request C [Wed Jan 20 23:35:15 2010] [info] [client 72.247.216.129] Awaiting re-negotiation handshake [Wed Jan 20 23:35:15 2010] [debug] ssl_engine_kernel.c(1875): OpenSSL: Handshake: start [Wed Jan 20 23:35:15 2010] [debug] ssl_engine_kernel.c(1883): OpenSSL: Loop: before accept initialization [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1858): OpenSSL: read 5/5 bytes from BIO#8425590 [mem: 8464e08] (BIO dump follows) [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1791): +-+ [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1830): | : 17 03 01 ... | [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1834): | 0005 - SPACES/NULS [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1836): +-+ [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1858): OpenSSL: read 32/32 bytes from BIO#8425590 [mem: 8464e0d] (BIO dump follows) [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1791): +-+ [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1830): | : 27 a1 4c ce 82 d0 d6 ab-a1 38 ce 43 a1 ac 1a 06 '.L..8.C | [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1830): | 0010: 97 8f 54 7e 5a 84 7c 1b-e8 51 63 54 ec a1 4a 3a ..T~Z.|..QcT..J: | [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1836): +-+ [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1858): OpenSSL: read 5/5 bytes from BIO#8425590 [mem: 8464e08] (BIO dump follows) [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1791): +-+ [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1830): | : 17 03 01 ... | [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1834): | 0005 - SPACES/NULS [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1836): +-+ [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1858): OpenSSL: read 32/32 bytes from BIO#8425590 [mem: 8464e0d] (BIO dump follows) [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1791): +-+ [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1830): | : 37 8a a5 a3 4e 3e 06 7c-56 8e 5b a0 68 5d 23 09 7...N.|V.[.h]#. | [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1830): | 0010: d6 c2 44 be 51 ed 30 dd-ef 66 76 92 d3 45 2f 0e ..D.Q.0..fv..E/. | [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_io.c(1836): +-+ [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_kernel.c(1893): OpenSSL: Write: SSLv3 read client hello B [Wed Jan 20 23:35:16 2010] [debug] ssl_engine_kernel.c(1912): OpenSSL: Exit: error in SSLv3 read client hello B [Wed Jan 20 23:35:16 2010] [error] [client 72.247.216.129] Re-negotiation handshake failed: Not accepted by client!? Here's the debug output for openssl s_client: ... TLS 1.0 Handshake [length 0004], HelloRequest 00 00 00 00 SSL_connect:SSL renegotiate ciphers
RE: multithreading question
Wayne Feick wrote: Our server does a raw socket accept first, and then spawns a thread for each that brings up the ssl connection if applicable. The code flow is like this: int fd; SSL_CTX* ctx; SSL* ssl; BIO* fdbio = BIO_new_socket((int)fd, 0); BIO* bio = BIO_new_ssl(ctx, client); BIO_push(bio, fdbio); BIO_get_ssl(bio, ssl); The SSL_CTX is shared across the multiple threads. My question is whether BIO_new_ssl() should be serializing so that only one thread is instantiating an SSL instance at a time from the SSL_CTX. Wayne. The BIO_new_ssl operation is notionally a read-only operation on the SSL_CTX. So you do not need to synchronize access to the SSL_CTX so long as no other thread might be doing an operation on it that is not notionally read-only. So long as only BIO_new_ssl operations overlap on the context, no external locking is needed. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: multithreading question
On Wed, Jan 20, 2010 at 07:55:35PM -0800, David Schwartz wrote: Wayne Feick wrote: Our server does a raw socket accept first, and then spawns a thread for each that brings up the ssl connection if applicable. The code flow is like this: int fd; SSL_CTX* ctx; SSL* ssl; BIO* fdbio = BIO_new_socket((int)fd, 0); BIO* bio = BIO_new_ssl(ctx, client); BIO_push(bio, fdbio); BIO_get_ssl(bio, ssl); The SSL_CTX is shared across the multiple threads. My question is whether BIO_new_ssl() should be serializing so that only one thread is instantiating an SSL instance at a time from the SSL_CTX. Wayne. The BIO_new_ssl operation is notionally a read-only operation on the SSL_CTX. So you do not need to synchronize access to the SSL_CTX so long as no other thread might be doing an operation on it that is not notionally read-only. So long as only BIO_new_ssl operations overlap on the context, no external locking is needed. Locking callbacks are needed for the reference counting in the CRYPTO library to not get messed up. Various bits of context are associated withe the new SSL object by reference. These read-only operations modify reference counts... -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
