date:20110516

help,IO completion port, bio pair, handshake

2011-05-16 Thread gold ani

hi all
 i'm a newbie to the openssl and plan to integrate SSL to my server. my
server is developed based on IO completion port. so i want
to separate the  SSL engine from the socket object totally. after googled in
mail list, i found it is possible by using BIO pair mechanism .
 after almost two weeks paining, i decide to turn to you.(i know this topic
was discussed many times in the mail list,but i still cannot figure out)
 please help me out of it.
 i think i was trapped by some wrong things.


 to make you better understand, i wrote a simple server and past below. My
idea is:
1.make the bio pair.bioInternal,bioNetwork
2.got client accept.
3.receive data from client (eg.client hello)
4.feed the data(eg.client hello) to bioNetwork
5. waiting data(eg.server hello) in bioNetwork and send back to client.
6.(repeat the step 3,4,5 until the handshake process finish)

code.(writed by VS2008)---
#include openssl/ssl.h
#include winsock2.h
#include stdlib.h
#include stdio.h


int _tmain(int argc, _TCHAR* argv[])
{
SSL_load_error_strings();
SSL_library_init();
OpenSSL_add_all_algorithms();
 SSL_CTX* pCTX=SSL_CTX_new(TLSv1_server_method());

/*INIT*/
{
char cCurDir[255];
::GetCurrentDirectory( 255,cCurDir );

char cTmp[1024];

sprintf( cTmp,%s\\pem\\ca.cer,cCurDir );
if(!SSL_CTX_load_verify_locations(pCTX, cTmp, NULL) )
goto bad_ssl;

sprintf( cTmp,%s\\pem\\ns.cer,cCurDir );
if(!SSL_CTX_use_certificate_file(pCTX, cTmp, SSL_FILETYPE_PEM))
goto bad_ssl;

sprintf( cTmp,%s\\pem\\ns.key,cCurDir );
if(!SSL_CTX_use_PrivateKey_file(pCTX, cTmp, SSL_FILETYPE_PEM))
goto bad_ssl;

if (!SSL_CTX_check_private_key(pCTX))
goto bad_ssl;
}

SOCKET sktAccepted = INVALID_SOCKET;
 /*windows network*/
{
WSADATA neto;
if (WSAStartup(MAKEWORD(2,2), neto)!=0)
goto bad_ssl;

SOCKET sk = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);
if(sk == SOCKET_ERROR)
goto bad_ssl;

SOCKADDR_IN sa;
sa.sin_addr.S_un.S_addr =  INADDR_ANY;
sa.sin_family = AF_INET;
sa.sin_port = htons(8001);

if(bind(sk, (SOCKADDR*)sa, sizeof(sa))== SOCKET_ERROR)
goto bad_ssl;

if(listen(sk,5)== SOCKET_ERROR)
goto bad_ssl;

sktAccepted = accept(sk, (struct sockaddr *)sa, NULL);
if(sktAccepted == INVALID_SOCKET)
goto bad_ssl;
}

//after got client accept,prepare for handshake
SSL* pSSL = SSL_new( pCTX );
if( pSSL == NULL )
goto bad_ssl;

BIO* pBIOnet = BIO_new( BIO_s_mem() );
BIO* pBIOint = BIO_new( BIO_s_mem() );
//BIO* pBIO_SSL = BIO_new(BIO_f_ssl());

BIO_make_bio_pair( pBIOint,pBIOnet );

//long lOptions = SSL_ctrl( pSSL, SSL_CTRL_OPTIONS, 0, 0) | SSL_OP_ALL;
//SSL_ctrl(pSSL, SSL_CTRL_OPTIONS, lOptions, 0);

SSL_set_accept_state( pSSL );
SSL_set_bio( pSSL,pBIOint,pBIOint );
//BIO_set_ssl( pBIO_SSL, pSSL, BIO_NOCLOSE);

SSL_set_mode(pSSL, SSL_MODE_AUTO_RETRY);
 char cTmp[4*1024];
//waitting data from client
while( true )
{
//(here.always got 124 len data from client.i use client tool 'openssl
s_client -connect 127.0.0.1:8001' )
int iRe = recv( sktAccepted,cTmp,4*1024,0);
if( iRe == 0 || iRe == SOCKET_ERROR  )
break;
//data got from network. send to SSL
int iWritedLen = BIO_write( pBIOnet,cTmp,iRe );
BIO_flush( pBIOnet );

if( SSL_in_init( pSSL ) )
{
int iRe = SSL_accept( pSSL );// SSL_do_handshake( pSSL );
if( iRe = 0 )
{
int iErrCode = SSL_get_error( pSSL,iRe );
printf(Error happen during BIO_do_handshake(..).err:%d\n,iErrCode );
switch( iErrCode )
{
case SSL_ERROR_WANT_READ:
{//where can i got data to feed SSL?
}
break;
case SSL_ERROR_WANT_WRITE:
break;
}
}
 //if( 0 )
{
//in handshake process, after data got from network,there should be data
needed sending back to client.for example.Server Hello
int iPendingLen = BIO_pending( pBIOnet );
if( iPendingLen  0 )
{
int iReadedDataLen = BIO_read( pBIOnet,cTmp,iPendingLen );//(the data is
exactly the same with the data recived from client.??!)
//send to client
send( sktAccepted,cTmp,iReadedDataLen,0 );
}
}
}
else
{//handshake is done.then the data is application logic data.
//got plain application data.
if( BIO_pending( pBIOint )  0 )
{
//read and dealing...
//(...)
}
}
}

 bad_ssl:
  //destroy all resource...
  //(...)

  return 0;

}

many thanks.
anakin.jin

RE: Using self-signed certificates with openssl

2011-05-16 Thread Roger No-Spam

 From: dthomp...@prinpay.com
 To: openssl-users@openssl.org
 Subject: RE: Using self-signed certificates with openssl
 Date: Fri, 13 May 2011 22:06:55 -0400

  From: owner-openssl-us...@openssl.org On Behalf Of Roger No-Spam
  Sent: Friday, 13 May, 2011 04:15

  We have decided to use openssl to protect a connection in our system

  with TLS. Clients will be authenticated using X509 certificates. To cut 
  a long story short, a decision has been taken to use self-signed
 certificates. 
  On the server, each client's self-signed cert will be loaded by a call to 
  SSL_CTX_load_verify_locations(). This is pretty much working as expected, 

 To be exact: you can't be doing a load_verify_locations for each of 
 multiple certs -- unless you do it dynamically one per SSL_accept().
 To statically accept multiple certs, you can put them all in one file, 
 or in one directory with hashlinks (or hashnames), and use that file 
 or that directory (or possibly one of each) for load_verify_locations.

We put all client's certs in one file, that is loaded by a call to 
SSL_CTX_load_verify_locations().

  apart from one thing. If we modify the client's private key (modified a
 bit 
  in the privateExponent), the TLS connection is still successfully
 established. 
  I had expected the signature verification (certificate verify message) 
  of the handshake to fail in this case.

  Are there any gotchas with self-signed certs? Or is there something
 else 
  we have missed that explains why the signature verification is successful 
  with the modified key?

 It's not the cert; the same thing happens with just keys in rsautl.

 OpenSSL normally stores and uses RSA privatekey in Chinese Remainder Theorem

 format, which is quite a bit faster. If you damage only the privateExponent 
 'd' it doesn't affect the private key operation. If you damage a CRT
 component 
 it (silently!) falls back to modexp-d instead, so if you damage *both* a CRT

 component *and* d *then* you get a bad signature, and a handshake failure. 
 I *think* this works for any bit in any CRT component, but I didn't try to 
 work out the math (and certainly didn't test completely).

Thanks, that explains it!

 What is your threat (model) here? If an attacker can get at your clear 
 privatekey file, I can't imagine why they would only flip one bit; and 
 if they can get at an encrypted privatekey file, any tampering including 
 a bit flip should be detected and refuse to load the key at all.

This was just something I quickly did as informal testing, to trigger a 
signature validation failure. It is not a valid test case. But the result had 
me worried that I had misunderstood how self-signed certs can be used in 
openssl. But I think everything is explained now. Thanks for your help.

Regards Roger

Trouble with SSL handshake

2011-05-16 Thread CoachDom

Good Morning,

My situation is very strange, i guess.

At work we use a CFT server, which is very popular in Europe for File
transfert between corporation, like bank.

In my case one of our customer is a bank, and they want that our file
transfert to be securised over SSL.

CFT include SSL support based on Openssl library and internal library.

My CFT server run under linux, an old debian i cannot upgrade due to
operationnal environment.

We need to play each other client/server role, so on both side we configured
CFT with our respective Authority certificate, and created local certificate
signed for the ssl connexion.

when i play the role of server, and our customer play the role of client,
everything runs fines and file transfert is ok.

When i play the role of client, trying to connect to our customer server, it
doesnt work.

The handshake doesnt finish.

i run an strace on my process wich manage the ssl handshake, and here is
what i got :

fcntl64(8, F_SETLK64, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0},
0xbfdef720) = 0
_llseek(8, 512, [512], SEEK_SET)= 0
fcntl64(8, F_SETLKW64, {type=F_RDLCK, whence=SEEK_SET, start=0, len=0},
0xbfdef6e0) = 0
read(8, \7\0\0\0\0\0\0\0\6\0\0\0REFRCA\0\0\0\0\0\0\0\0\0\0\0\0..., 512) =
512
fcntl64(8, F_SETLK64, {type=F_UNLCK, whence=SEEK_SET, start=0, len=0},
0xbfdef6e0) = 0
_llseek(7, 32814, [32814], SEEK_SET)= 0
read(7, \0UEFRLCLUS\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0..., 8193)
= 8193
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
time([1305131804])  = 1305131804
write(1, OPNSSL.text_error(PKI2CRY:803)=e..., 98) = 98
gettimeofday({1305131804, 420297}, NULL) = 0
gettimeofday({1305131804, 420316}, NULL) = 0
semop(2031638, 0xbfdf0fc0, 1)   = 0
semop(2031638, 0xbfdf0fc0, 1)   = 0
msgsnd(32769, {2, \34pg\265}, 4, 0)


But im unable to find to what error it is related !

that is why i write here, in case someone has an idea !

Regards.

--
Carrel Dominique

Re[2]: openssl config; full form of multi-valued field

2011-05-16 Thread A.B.COKO/OB

Viktor, thank you a lot for the syntax: really that manual IS misleading!
Well, now I can configure good (for Microsoft) CRL distribution points: 
  crlDistributionPoints = ca_cdp
  [ ca_cdp ]
   fullname = @ca_cdp_uries
   reasons  = keyCompromise
  [ ca_cdp_uries ]
   URI.1 = 
ldap:///CN=CA,CN=IssuerW2k8,CN=CDP,CN=Public%20Key%20Services,CN=Services,etc
   URI.2 = http://issuerw2k8.wud.lan/CertEnroll/ROOTCA.crl

(2) *** But: ***
how shall I cope with Authority Info Access?
Manual says:  authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
I need ldap URI with commas inside. And OpenSSL refuses my both assumptions:
 (a)  authorityInfoAccess = some_section
 (b)  authorityInfoAccess = caIssuers;@some_other_section

If there were a way to escape comma symbol in string values where sequences 
expected!
So please, more hints..

Alexey



__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Why would RSA_size() crash?

2011-05-16 Thread G S

Hi all.

I'm trying to use the OpenSSL crypto lib.  I've generated a public/private
RSA key pair.  Then I wrote some code to try to encrypt an eight-byte random
string.  But it crashes in RSA_size().  Here's the code:

BIO* bp = BIO_new_mem_buf(_publicKey, -1);//
Create a new memory buffer BIO.
RSA* pubKey = PEM_read_bio_RSA_PUBKEY(bp, 0, 0, 0);//
And read the RSA key from it.
BIO_free(bp);

// Allocate a string to hold the encrypted result.
unsigned char encryptedRandKey[RSA_size(pubKey)];

_pubKey is a null-terminated character string that contains the RSA public
key in PEM format (including -BEGIN and so forth).  RSA_size() crashes
with bad access.  Removing BIO_free() didn't make any difference.  I also
just tried assigning the value of RSA_size() to an int, and it crashed.

Any ideas here?

Thanks!

Gavin

Re: No shared cipher error using ECDSA

2011-05-16 Thread Mike Bell

Thanks Viktor,
 
I hadn't properly understood the relationship between the certificate and the 
cipher, so I'll look at that now. I think I'm also confusing the OpenVPN  
OpenSSL relationship. 
 
OpenVPN does appear to be using TLS according to the logs, so I had tried to 
specify 
   tls-cipher ECDHE-ECDSA-AES256-SHA
in CLIENT.OVPN and SERVER.OVPN config files, but got the same error. 
 
Thanks for your help, you've given new ideas to research. 
 
 
 
On Fri, May 13, 2011 at 06:36:34PM +0100, Mike Bell wrote:

 I had originally put 
 cipher AES-128-CBC
 in SERVER.OVPN  CLIENT.OVPN, not OPENSSL.CNF files (it's been a long week!)

I am not familiar with your VPN product, so you'll have to figure out
what configuration options are applicable. If the product uses SSL cipher
suites, then a cipher name is almost always a cipherlist, whose syntax
is described in the ciphers(1) manpage. If on the other hand, as the
protocol in question is not TLS, cipher specification uses a different
syntax, then you need to figure out how to configure a cipher that is
compatible with ECDSA certificates.

Do not confuse a block algorithm e.g. (AES-128-CBC) with a cipher-suite,
which specifies also the authentication and message digest algorithms.
Generally, OpenSSL ciphersuites are defined for TLS. It is not clear
how these translate to your VPN device.

-- 
Viktor.


From: Victor Duchovni victor.ducho...@morganstanley.com
To: openssl-users@openssl.org openssl-users@openssl.org
Sent: Friday, 13 May 2011, 17:56
Subject: Re: No shared cipher error using ECDSA

On Fri, May 13, 2011 at 05:41:52PM +0100, Mike Bell wrote:

 However I keep getting a no shared cipher error. 
 
 In my client  server openssl.cnf files I've specified
 cipher AES-128-CBC

This is not an EC cipher, and if you configure an EC cert, but specify
a cipher that is one of the ones reported by openssl ciphers -v aECDSA,
you get no shared cipher errors.

    ECDHE-ECDSA-AES256-SHA  SSLv3 Kx=ECDH    Au=ECDSA Enc=AES(256)  Mac=SHA1
    ECDHE-ECDSA-DES-CBC3-SHA SSLv3 Kx=ECDH    Au=ECDSA Enc=3DES(168) Mac=SHA1
    ECDHE-ECDSA-AES128-SHA  SSLv3 Kx=ECDH    Au=ECDSA Enc=AES(128)  Mac=SHA1
    ECDHE-ECDSA-RC4-SHA    SSLv3 Kx=ECDH    Au=ECDSA Enc=RC4(128)  Mac=SHA1
    ECDHE-ECDSA-NULL-SHA    SSLv3 Kx=ECDH    Au=ECDSA Enc=None      Mac=SHA1

Don't explicitly specify the cipher, just the certificates are sufficient,
or specify a cipher class

    !eNULL:!SSLv2:aECDSA:@STRENGTH

which eliminates the NULL cipher:

    $ openssl ciphers -v '!eNULL:!SSLv2:aECDSA:@STRENGTH'
    ECDHE-ECDSA-AES256-SHA  SSLv3 Kx=ECDH    Au=ECDSA Enc=AES(256)  Mac=SHA1
    ECDHE-ECDSA-DES-CBC3-SHA SSLv3 Kx=ECDH    Au=ECDSA Enc=3DES(168) Mac=SHA1
    ECDHE-ECDSA-AES128-SHA  SSLv3 Kx=ECDH    Au=ECDSA Enc=AES(128)  Mac=SHA1
    ECDHE-ECDSA-RC4-SHA    SSLv3 Kx=ECDH    Au=ECDSA Enc=RC4(128)  Mac=SHA1

-- 
    Viktor.
__
OpenSSL Project                                http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                          majord...@openssl.org

RE: Application is failing with cipher or hash unavailable

2011-05-16 Thread pradeepreddy

Hi,

After lot of struggles, finally get rid of this error, but I cant tell the
reason, how was it rectified.
We installed our libs on a new machine.

Now a different error is seen.

After client and server conection is established, TLSv1 Encrypted Alert+21
is sent by the client.

Google search did not help. All I could find out was, error alert is
encrypted. Did not understand what condition was seen by client's openssl to
throw this error and how to know the condition?

Any inputs on this.

Dave Thompson-5 wrote:

From: owner-openssl-us...@openssl.org On Behalf Of pradeepreddy
Sent: Thursday, 12 May, 2011 18:37

I have tried with all the ciphers. This same application works well on
windows.

I run my application again with s_server, but hit with the same error:
SSL_ERROR_SSL
error:140D308A:SSL routines:TLS1_SETUP_KEY_BLOCK:cipher or
hash unavailable

And on s_server [with -msg -debug], folwing messages are :

client hello
server hello
SSL_accept:SSLv3 write certificate A
TLS 1.0 Handshake [length 0004], ServerHelloDone
0e 00 00 00
SSL_accept:SSLv3 write server done A
SSL_accept:SSLv3 flush data
SSL_accept:failed in SSLv3 read client certificate A
ERROR
shutting down SSL
CONNECTION CLOSED
SSL_accept:failed in SSLv3 read client certificate A

Both -msg and -debug should have given you (redundant)
hex dumps of all messages; did you delete them?
But only -state, which you didn't say you used, should give
lines like 'SSL_accept:SSLv3 write server done A' .

If there is no ServerKeyExchange (you didn't just delete it)
then the selected suite probably uses RSA key agreement.
But that doesn't help much; there are kRSA suites with
all or nearly all data-ciphers and several hashes.

You can decode the dump of client-hello to determine what
list of suites (and compressions) the client is offering,
and of server-hello to determine what the server selected.
If you can install wireshark from www.wireshark.org on a
personal Windows machine that sees the same network link,
that can do the decode for you automatically.
There may be equivalent tools for Unix, but I don't know.

This mean, client and server are agreed on cipher. In what
cases client
verifies the TLS1_SETUP_KEY_BLOCK? which drove client to
throw this error?

It's not a matter of verifying. The client is trying to
*do* setup for the selected suite, and also compression,
and failing. Key setup is a slightly misleading name;
it's actually setting several internal pointers as well as
the actual keys, and this first step -- determining pointers
effectively to code for the selected cipher, hash, and
compression -- is what is failing.

Most likely the client has offered a suite or compression
it doesn't actually support, which it shouldn't, or some of
OpenSSL's memory has been clobbered by a bug in your client.

Look at the selected suite in server-hello, and compare
to the build options for the build(s) you are using.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org

--
View this message in context:
http://old.nabble.com/Application-is-failing-with-cipher-or-hash-unavailable-tp31597508p31628139.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org

Re: openssl config; full form of multi-valued field

2011-05-16 Thread Alexandre Aufrere

I'd try that way:
authorityInfoAccess = @aias

[aias]
caIssuers;URI.1=http://pervaya.ssilka/..
caIssuers;URI.2=http://vtoraya.ssilka/..

but this is just my guess... might be wrong.

Alexandre


Le 16/05/2011 11:52, A.B.COKO/\OB a écrit :
 Viktor, thank you a lot for the syntax: really that manual IS misleading!
 Well, now I can configure good (for Microsoft) CRL distribution points: 
   crlDistributionPoints = ca_cdp
   [ ca_cdp ]
fullname = @ca_cdp_uries
reasons  = keyCompromise
   [ ca_cdp_uries ]
URI.1 = 
 ldap:///CN=CA,CN=IssuerW2k8,CN=CDP,CN=Public%20Key%20Services,CN=Services,etc
URI.2 = http://issuerw2k8.wud.lan/CertEnroll/ROOTCA.crl

 (2) *** But: ***
 how shall I cope with Authority Info Access?
 Manual says:  authorityInfoAccess = caIssuers;URI:http://my.ca/ca.html
 I need ldap URI with commas inside. And OpenSSL refuses my both assumptions:
  (a)  authorityInfoAccess = some_section
  (b)  authorityInfoAccess = caIssuers;@some_other_section

 If there were a way to escape comma symbol in string values where sequences 
 expected!
 So please, more hints..

 Alexey



 __
 OpenSSL Project http://www.openssl.org
 User Support Mailing Listopenssl-users@openssl.org
 Automated List Manager   majord...@openssl.org

-- 
Alexandre Aufrere - OpenTrust


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Check signature

2011-05-16 Thread Sergey


Hello,

I have a program, written on C++ and QT.
I need to implement checking of signature in my  program, so that it 
would do the same check, as this openssl command:


openssl dgst -sha1 -signature signature.bin -verify pubkey.pem file.txt

what is the most optimal method, I can use?
What functions I must call?

--
Thank you!
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Why would RSA_size() crash?

2011-05-16 Thread John Hascall



 I'm trying to use the OpenSSL crypto lib.  I've generated a public/private
 RSA key pair.  Then I wrote some code to try to encrypt an eight-byte random
 string.  But it crashes in RSA_size().  Here's the code:
 
 BIO* bp = BIO_new_mem_buf(_publicKey, -1);//
 Create a new memory buffer BIO.
 RSA* pubKey = PEM_read_bio_RSA_PUBKEY(bp, 0, 0, 0);//
 And read the RSA key from it.
 BIO_free(bp);

Are you checking the pointer pubKey after PEM_read_bio_RSA_PUBKEY?
If it is NULL, RSA_size will die.

 // Allocate a string to hold the encrypted result.
 unsigned char encryptedRandKey[RSA_size(pubKey)];


John
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

R: Why would RSA_size() crash?

2011-05-16 Thread Francesco Petruzzi

Is pubKey a valid pointer after PEM_read_bio_RSA_PUBKEY?

If it  is NULL there is an error in PEM data.

 

Da: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
Per conto di G S
Inviato: lunedì 16 maggio 2011 12:13
A: openssl-users@openssl.org
Oggetto: Why would RSA_size() crash?

 

Hi all.

I'm trying to use the OpenSSL crypto lib.  I've generated a public/private
RSA key pair.  Then I wrote some code to try to encrypt an eight-byte random
string.  But it crashes in RSA_size().  Here's the code:

BIO* bp = BIO_new_mem_buf(_publicKey, -1);//
Create a new memory buffer BIO.
RSA* pubKey = PEM_read_bio_RSA_PUBKEY(bp, 0, 0, 0);//
And read the RSA key from it.
BIO_free(bp);

// Allocate a string to hold the encrypted result.
unsigned char encryptedRandKey[RSA_size(pubKey)];

_pubKey is a null-terminated character string that contains the RSA public
key in PEM format (including -BEGIN and so forth).  RSA_size() crashes
with bad access.  Removing BIO_free() didn't make any difference.  I also
just tried assigning the value of RSA_size() to an int, and it crashed.

Any ideas here?

Thanks!

Gavin

check RSA signature

2011-05-16 Thread Sergey


Hello,

I have a program, written on C++ and QT.
I need to implement checking of file signature in my  program, so that 
it would do the same check, as this openssl command:


openssl dgst -sha1 -signature signature.bin -verify pubkey.pem file.txt

Can i do it, calling some QT methods?
If no, are there some methods in QT, which allow to check any signatures?

--
Thank you!
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re[2]: openssl config; full form of multi-valued field

2011-05-16 Thread A.B.COKO/OB


Alexandre, you've got it!!!

Monday, May 16, 2011, 3:07:54 PM, you wrote:
AA I'd try that way:
AA authorityInfoAccess = @aias
AA [aias]
AA caIssuers;URI.1=http://pervaya.ssilka/..
AA caIssuers;URI.2=http://vtoraya.ssilka/..

(3)  So maybe you know how to deal with unknown (to ssl)
extentions? For example:
  MS revocation lists have 1.3.6.1.4.1.311.21.14 - CRL_SELF_CDP
Its structure is much the same as crlDistributionPoints (I even
inserted row format data, successfully).
0:d=0  hl=3 l= 180 cons: SEQUENCE
3:d=1  hl=3 l= 177 cons: SEQUENCE  
6:d=2  hl=3 l= 174 cons: cont [ 0 ]
9:d=3  hl=3 l= 171 cons: cont [ 0 ]
   12:d=4  hl=3 l= 168 prim: cont [ 6 ]

I tried:
  1.3.6.1.4.1.311.21.14 = ASN1:SEQUENCE:crl_self
  [ crl_self ]
  URI.1 = UTF8:ldap:///CN=CA,CN=IssuerW2k8,CN=CDP,CN=Public
  URI.2 = UTF8:http://issuerw2k8.wud.lan/CertEnroll/RootCA.crl
or
  1.3.6.1.4.1.311.21.14 = ASN1:SEQUENCE:crl_self
  [ crl_self ]
   fullname = SEQUENCE:crl_self_2
  [ crl_self_2 ]
   URI.1 = UTF8:ldap:///CN=CA,CN=IssuerW2k8,CN=CDP,
   URI.2 = UTF8:http://issuerw2k8.wud.lan/CertEnroll/RootCA.crl

Inner content differs, software do not recognize such object.

Your general advice: Can one construct an object for openssl.conf
just looking at its DER (or parsed) content, such as above??

Thanks in advance, Alex



   

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Why would RSA_size() crash?

2011-05-16 Thread G S

Duh, thanks to the people who pointed out that the pointer returned by
PEM_read_bio_RSA_PUBKEY might be null, and indeed it is (sadly I have to use
Xcode, which refuses to show any local variables and GDB claims they don't
exist).

The question now is why it's null, since I know the string itself is
populated.  It may be that newlines are getting stripped somehow.  I store
all of the key text in a database and return it to the app as an XML
element.  Dumping the element to the console shows newlines, but a printf of
the character string I use as the BIO source does not show newlines.

Re: Why would RSA_size() crash?

2011-05-16 Thread John Hascall


 Duh, thanks to the people who pointed out that the pointer returned by
 PEM_read_bio_RSA_PUBKEY might be null, and indeed it is (sadly I have to use
 Xcode, which refuses to show any local variables and GDB claims they don't
 exist).

This is probably the optimizer, try compiling with -O0 -g3
(and make sure you/the linker aren't stripping symbols)
Pretty much always a good idea when developing.

John


 The question now is why it's null, since I know the string itself is
 populated.  It may be that newlines are getting stripped somehow.  I store
 all of the key text in a database and return it to the app as an XML
 element.  Dumping the element to the console shows newlines, but a printf of
 the character string I use as the BIO source does not show newlines.
 
 --485b397dd4e3cb172604a364d672
 Content-Type: text/html; charset=ISO-8859-1
 Content-Transfer-Encoding: quoted-printable
 
 Duh, thanks to the people who pointed out that the pointer returned by PEM_=
 read_bio_RSA_PUBKEY might be null, and indeed it is (sadly I have to use Xc=
 ode, which refuses to show any local variables and GDB claims they don#39;=
 t exist).br
 brThe question now is why it#39;s null, since I know the string itself i=
 s populated.=A0 It may be that newlines are getting stripped somehow.=A0 I =
 store all of the key text in a database and return it to the app as an XML =
 element.=A0 Dumping the element to the console shows newlines, but a printf=
  of the character string I use as the BIO source does not show newlines.br=
 
 
 --485b397dd4e3cb172604a364d672--
 __
 OpenSSL Project http://www.openssl.org
 User Support Mailing Listopenssl-users@openssl.org
 Automated List Manager   majord...@openssl.org
 

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Cert Renewal issue + CAcert.org

2011-05-16 Thread Zico

I am learning various sites and blogs to make it clear, but, it's yet
unclear to me! I think, you may help me if you want and that will be a big
favor for me.

What I am trying to do is: I am trying to renew cert of one server which
was certified by CAcert.org. What I am trying to follow is:


1. Generate Private key: with openssl genrsa -des3 -out myserv.key 2048
2. Remove passphrase from key:
3. Generate CSR: with openssl req -new -key myserv.key -out myserv.csr
4. Submit this csr into 3rd party
5. get the certificate and SAVE IT AS MYSERV.CRT ( am I correct here? )
6. Concatenation CRT+PRIVATE KEY and SAVE THE CONCATENATION AS PEM FORMAT
7. RE-ENCODE PEM INTO PKCS12
8. Create JKS
9. Now what? how can I install JKS for tomcat and apache? what do you
suggest me to do? any link?

Can you please help me regarding this?


-- 
Best,
Zico

Re: Application is failing with cipher or hash unavailable

2011-05-16 Thread Gayathri Sundar

You could hack ur client and server to use cipher null and see the
alert in clear..most,y should be digest failure.

On Monday, May 16, 2011, pradeepreddy pradeepreddy@gmail.com wrote:

Hi,

After lot of struggles, finally get rid of this error, but I cant tell the
reason, how was it rectified.
We installed our libs on a new machine.

Now a different error is seen.

After client and server conection is established, TLSv1 Encrypted Alert+21
is sent by the client.

Google search did not help. All I could find out was, error alert is
encrypted. Did not understand what condition was seen by client's openssl to
throw this error and how to know the condition?

Any inputs on this.

Dave Thompson-5 wrote:

From: owner-openssl-us...@openssl.org On Behalf Of pradeepreddy
Sent: Thursday, 12 May, 2011 18:37

I have tried with all the ciphers. This same application works well on
windows.

I run my application again with s_server, but hit with the same error:
SSL_ERROR_SSL
error:140D308A:SSL routines:TLS1_SETUP_KEY_BLOCK:cipher or
hash unavailable

And on s_server [with -msg -debug], folwing messages are :

This mean, client and server are agreed on cipher. In what
cases client
verifies the TLS1_SETUP_KEY_BLOCK? which drove client to
throw this error?

Most likely the client has offered a suite or compression
it doesn't actually support, which it shouldn't, or some of
OpenSSL's memory has been clobbered by a bug in your client.

Look at the selected suite in server-hello, and compare
to the build options for the build(s) you are using.

__
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org

--
View this message in context:
http://old.nabble.com/Application-is-failing-with-cipher-or-hash-unavailable-tp31597508p31628139.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

__
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org

RE: How to disable SSL/TLS Renegotiation

2011-05-16 Thread Yannay Alon-BAY004

Hi Bob, 

 

Your question is of interest to me because I had posted a question about
renegotiation too and got no response yet: 

 

I have a client and server that communicate with PSK-AES128-CBC-SHA.
In making openssl I selected no-tlsext. What I see is that client
initiates legacy renegotiation and server supports and accepts it. I did
not set the SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION.

Would you think this is expected?

Wouldn't it be better for the server to reject this legacy
renegotiation?

 

Re your point 1:  Sure it can happen if you are the server and the
client starts renegotiation, or if you are the client and the server
starts renegotiation. Additionally, there is some code in bio_ssl.c
which triggers renegotiation after timeout or amount of data received,
but you can probably disable these conditions, or not use bio_ssl.c at
all.

 

Re your point 2: to the best of my knowledge - No.   Note that
renegotiation will behave differently if you build openssl with/without
tls-extension. Without extension, you get legacy renegotiation. With
extensions you get support of the renegotiation_info extension. 

 

My inputs above are based on 1.0.0d only. I am not an openssl expert, so
please don't assume that all I have said above is proven.

 

Regards

Alon

 

 

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Yan, Bob
Sent: Tuesday, March 08, 2011 1:07 AM
To: openssl-users@openssl.org
Subject: How to disable SSL/TLS Renegotiation 

 

I have two questions regarding to SSL/TLS Renegotiation:

 

1) Can SSL/TLS Renegotiation happen automatically during the normal
SSL_read and SSL_write operation on a SSL connection? Basically if the
application doesn't invoke the SSL_renegotiate function, can SSL/TLS
Renegotiation still happen automatically on a SSL connection?

 

2) Can the SSL/TLS Renegotiation be disabled? Such as if the peer
requests the SSL/TLS renegotiation, the SSL_read or SSL_write will
return an error but not SSL_ERROR_WANT_READ/WRITE?

 

Thanks

Bob

Re: Why would RSA_size() crash?

2011-05-16 Thread G S

On Mon, May 16, 2011 at 6:53 AM, John Hascall j...@iastate.edu wrote:


  (sadly I have to use
  Xcode, which refuses to show any local variables and GDB claims they
 don't
  exist).

This is probably the optimizer, try compiling with -O0 -g3


Thanks, John, I am building Debug.  I verified that -O0 is being used,
however -g3 does not appear in the transcript.  What does that option do?

Re: Why would RSA_size() crash?

2011-05-16 Thread G S

Ah, I see the g3 option generates extra debugging info.  I'll give it a
shot.  I have a bug open with Apple about this anyway.  It has proven to be
very hard to pin down.  Restarting Xcode will usually eliminate the problem
and let you step through code... ONCE.  If you want to do it again, you have
to quit Xcode, reload the project, and go.  Infuriating.

And often it will afflict some files but not others.  I checked the
currently troublesome one to make sure it was -O0.

Re: Cert Renewal issue + CAcert.org

2011-05-16 Thread Eduardo Navarro

Java has tools to create the key pairs and the CSR; you are not required to do 
this with OpenSSL. I provided some links below that have some commands.

https://www.digicert.com/easy-csr/keytool.htm
http://nl.globalsign.com/en/support/ssl+certificates/java/java+based+webserver/keytool+commands/

In the end the process is similar to:

1. Create keystore and create new CSR within it.
2. Send CSR
3. Get back the response
4. import response into the keystore

As for Apache/Tomcat, that I have no direct experience doing, but it should be 
no more than adding a module and making a few config tweaks.

Thanks,

-Eduardo


From: Zico 
Sent: Monday, May 16, 2011 10:16 AM
To: openssl-users@openssl.org 
Subject: Cert Renewal issue + CAcert.org

I am learning various sites and blogs to make it clear, but, it's yet unclear 
to me! I think, you may help me if you want and that will be a big favor for 
me.  

What I am trying to do is: I am trying to renew cert of one server which was 
certified by CAcert.org. What I am trying to follow is:


1. Generate Private key: with openssl genrsa -des3 -out myserv.key 2048
2. Remove passphrase from key:
3. Generate CSR: with openssl req -new -key myserv.key -out myserv.csr
4. Submit this csr into 3rd party
5. get the certificate and SAVE IT AS MYSERV.CRT ( am I correct here? )
6. Concatenation CRT+PRIVATE KEY and SAVE THE CONCATENATION AS PEM FORMAT
7. RE-ENCODE PEM INTO PKCS12
8. Create JKS
9. Now what? how can I install JKS for tomcat and apache? what do you suggest 
me to do? any link? 


Can you please help me regarding this?


-- 
Best,
Zico

Re: Cert Renewal issue + CAcert.org

2011-05-16 Thread Zico

On Mon, May 16, 2011 at 9:08 PM, Eduardo Navarro
eduardo.nava...@live.comwrote:

   4. import response into the keystore



Thanks Eduardo for your nice and very very effective email. But, I am having
problem with this number 4. What I need to do here actually? Do i need to
install this? Or.. do I need to replace ( just rename the old one with the
new one) it and do some configuration in tomcat ?

What do you say?

-- 
Best,
Zico

RE: Cert Renewal issue + CAcert.org

2011-05-16 Thread Eduardo Navarro



Use the same tool from the JDK, keytool.exe. Your response should be nothing more than a certificate, the private key that is associated to that certificate had an alias , which you to specify during the import process. Sent from my Windows Phone

From: ZicoSent: Monday, May 16, 2011 11:40 AMTo: openssl-users@openssl.orgSubject: Re: Cert Renewal issue + CAcert.org

 On Mon, May 16, 2011 at 9:08 PM, Eduardo Navarro
eduardo.nava...@live.comwrote:
 
   4. import response into the keystore

 
 
 Thanks Eduardo for your nice and very very effective email. But, I am having
 problem with this number 4. What I need to do here actually? Do i need to
 install this? Or.. do I need to replace ( just rename the old one with the
 new one) it and do some configuration in tomcat ?
 
 What do you say?
 
 -- 
 Best,
 Zico
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: No shared cipher error using ECDSA

2011-05-16 Thread Victor Duchovni

On Mon, May 16, 2011 at 11:56:41AM +0100, Mike Bell wrote:

 Thanks Viktor,
 
 I hadn't properly understood the relationship between the certificate
 and the cipher, so I'll look at that now. I think I'm also confusing
 the OpenVPN? OpenSSL relationship.

 OpenVPN does appear to be using TLS according to the logs, so I had
 tried to specify

   tls-cipher ECDHE-ECDSA-AES256-SHA

 in CLIENT.OVPN and SERVER.OVPN config files, but got the same error. 

Are you sure that the OpenSSL version used by OpenSSL supports EC
ciphersuites? Generally, you need OpenSSL 1.0.0 for that. Partial support
for EC was available in 0.9.8, and no EC support is present in 0.9.7.

To enable EECDH key-exchange, the server may need to specify a curve,
which OpenVPN may not be doing. I don't believe that the curve
from the certificate is used by default when no curve is specified
explicitly via SSL_CTX_set_tmp_ecdh() and no callback is specified via
SSL_CTX_set_tmp_ecdh_callback().

Thus code not explicitly designed to use ECDSA ciphers may not work
when configured to use only ECDSA. It will only use any non-ECDSA
ciphers allowed.

-- 
Viktor.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Application is failing with cipher or hash unavailable

2011-05-16 Thread Gayathri Sundar

Alert 21 seems to be decryption failure.

Sent from my iPad

On May 16, 2011, at 6:12 AM, pradeepreddy pradeepreddy@gmail.com wrote:

Hi,

After lot of struggles, finally get rid of this error, but I cant tell the
reason, how was it rectified.
We installed our libs on a new machine.

Now a different error is seen.

After client and server conection is established, TLSv1 Encrypted Alert+21
is sent by the client.

Google search did not help. All I could find out was, error alert is
encrypted. Did not understand what condition was seen by client's openssl to
throw this error and how to know the condition?

Any inputs on this.

Dave Thompson-5 wrote:

From: owner-openssl-us...@openssl.org On Behalf Of pradeepreddy
Sent: Thursday, 12 May, 2011 18:37

I have tried with all the ciphers. This same application works well on
windows.

I run my application again with s_server, but hit with the same error:
SSL_ERROR_SSL
error:140D308A:SSL routines:TLS1_SETUP_KEY_BLOCK:cipher or
hash unavailable

And on s_server [with -msg -debug], folwing messages are :

This mean, client and server are agreed on cipher. In what
cases client
verifies the TLS1_SETUP_KEY_BLOCK? which drove client to
throw this error?

Most likely the client has offered a suite or compression
it doesn't actually support, which it shouldn't, or some of
OpenSSL's memory has been clobbered by a bug in your client.

Look at the selected suite in server-hello, and compare
to the build options for the build(s) you are using.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org

--
View this message in context:
http://old.nabble.com/Application-is-failing-with-cipher-or-hash-unavailable-tp31597508p31628139.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org

Cross-compile openssl-fips-1.2.2 for arm-linux

2011-05-16 Thread openssl-fips-1.2.2


Hi, 

I am trying to cross-compile openssl-fip-1.2.2 for arm-linux on a Linux
x86-host system. The compilation goes through, but the tests fail to run on
the target with errors as shown below.

1. This is how I compiled the library.
   
   # setting environment variables;
   export CROSS_COMPILE=/usr/bin/armv4-uclibc-
   export HOSTCC=/usr/lib/ccache/gcc
   export FIPS-SIG=/home/test/openssl-fips-1.2.2/incore2

   ./Configure linux-generic32 fipscanisterbuild
   NOTE: Since the Configure did not allow me to choose ARCH as linux-arm I
choose linux-generic32 

   make

Compilation completes without errors.

2. Run tests on the target
   # ./fips_shatest
   ERROR:2d06906e:lib=45,func=105,reason=110:file=fips.c:line=238:
   # ./fips_dsatest
   ERROR:2d06906e:lib=45,func=105,reason=110:file=fips.c:line=238:

Can anyone please tell me if there is anything wrong in the steps that I
followed to compile openssl-fips module.

Thanks,
Basker

-- 
View this message in context: 
http://old.nabble.com/Cross-compile-openssl-fips-1.2.2-for-arm-linux-tp31632691p31632691.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Cross-compile openssl-fips-1.2.2 for arm-linux

2011-05-16 Thread Dr. Stephen Henson

On Mon, May 16, 2011, openssl-fips-1.2.2 wrote:

 
 Hi, 
 
 I am trying to cross-compile openssl-fip-1.2.2 for arm-linux on a Linux
 x86-host system. The compilation goes through, but the tests fail to run on
 the target with errors as shown below.
 
 1. This is how I compiled the library.

# setting environment variables;
export CROSS_COMPILE=/usr/bin/armv4-uclibc-
export HOSTCC=/usr/lib/ccache/gcc
export FIPS-SIG=/home/test/openssl-fips-1.2.2/incore2
 
./Configure linux-generic32 fipscanisterbuild
NOTE: Since the Configure did not allow me to choose ARCH as linux-arm I
 choose linux-generic32 
 
make
 
 Compilation completes without errors.
 
 2. Run tests on the target
# ./fips_shatest
ERROR:2d06906e:lib=45,func=105,reason=110:file=fips.c:line=238:
# ./fips_dsatest
ERROR:2d06906e:lib=45,func=105,reason=110:file=fips.c:line=238:
 
 Can anyone please tell me if there is anything wrong in the steps that I
 followed to compile openssl-fips module.
 

The incore2 script only works with the unvalidated FIPS 2.0 module. You need
the original incore script for the 1.2.2 module.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: check RSA signature

2011-05-16 Thread Jeffrey Walton

On Mon, May 16, 2011 at 8:51 AM, Sergey sh0...@gmail.com wrote:
 Hello,

 I have a program, written on C++ and QT.
 I need to implement checking of file signature in my  program, so that it
 would do the same check, as this openssl command:

 openssl dgst -sha1 -signature signature.bin -verify pubkey.pem file.txt
Checking the on-disk file is a weaker assurance than in-memory code
and data. Verifying in-memory code an data can be a bit more difficult
since you will need to work against an executable format - for
example, PE/PE+ and ELF32/ELF64. From experience, both formats are
very workable.

On the Windows platform, I generally prefer to use Code Signing for
the on-disk verification, and custom checks for in-memory assurances.
For Linux, I use both - on startup I check the on-disk image, and
intermittently check in-memory code and data to detect tampering.


 Can i do it, calling some QT methods?
 If no, are there some methods in QT, which allow to check any signatures?
You will have to code it yourself using C/C++. The framework (Qt,
GNOME, etc) really does not matter much.

Jeff
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Why would RSA_size() crash?

2011-05-16 Thread G S

OK, this is perplexing.  I have a PEM-format RSA key in a character string
called _publicKey, with newlines between the header, key data, and trailer.
Like this:

-BEGIN PUBLIC KEY
MCwwHRTJKoZIhvcNAQEBBQADGwAwGAIRALPMoZzXMLIKhidteVfdR28CAwEAAQ==
-END PUBLIC KEY-

But PEM_read_bio_RSA_PUBKEY is still returning NULL, as in this:

BIO* bp = BIO_new_mem_buf(_publicKey, -1);  // Create a new
memory buffer BIO.
RSA* pubKey = 0;
if(bp)
{
pubKey = PEM_read_bio_RSA_PUBKEY(bp, 0, 0, 0);  // And read
the RSA key from it.
BIO_free(bp);
}

Does anybody see anything I'm doing wrong?  I verified that the key string
matches what's in the PEM file that was generated on the command line.

Thanks!

Re: Why would RSA_size() crash?

2011-05-16 Thread G S

A follow-up: After seeing an example, I tried printing the result of
ERR_reason_error_string(ERR_get_error()).  It's null.

Re: Why would RSA_size() crash?

2011-05-16 Thread Jeffrey Walton

On Mon, May 16, 2011 at 9:53 AM, John Hascall j...@iastate.edu wrote:

 Duh, thanks to the people who pointed out that the pointer returned by
 PEM_read_bio_RSA_PUBKEY might be null, and indeed it is (sadly I have to use
 Xcode, which refuses to show any local variables and GDB claims they don't
 exist).

    This is probably the optimizer, try compiling with -O0 -g3
    (and make sure you/the linker aren't stripping symbols)
    Pretty much always a good idea when developing.
Don't forget to define DEBUG and NDEBUG for debug and release. And for
debug builds, -Wall -Wextra goes a long way (it beats checking boxes).

Jeff
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Application is failing with cipher or hash unavailable

2011-05-16 Thread Dave Thompson

 From: owner-openssl-us...@openssl.org On Behalf Of Gayathri Sundar
 Sent: Monday, 16 May, 2011 16:06

 Alert 21 seems to be decryption failure.
 
Alert description aka alert code 21, yes.

But OP says he is getting an encrypted alert, apparently in 
wireshark, which then can't and doesn't decode Description.
It shows *content*type 21 =(any)alert, also protocolver 
and length, because only record header is in clear.

snip rest



__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Application is failing with cipher or hash unavailable

2011-05-16 Thread Dave Thompson

 From: owner-openssl-us...@openssl.org On Behalf Of Gayathri Sundar
 Sent: Monday, 16 May, 2011 10:18

 You could hack ur client and server to use cipher null and see the
 alert in clear..most,y should be digest failure.
 
If you mean MAC failure (actually MAC-or-decryption-failure, 
since they were combined to avoid possibly helping an attacker), 
that should *never* happen unless there is a bug at either peer 
or actual tampering in the communication channel.

It could also be close-notify. That's the only alert 
that should normally occur after handshake.

 On Monday, May 16, 2011, pradeepreddy 
 pradeepreddy@gmail.com wrote:

  After lot of struggles, finally get rid of this error, but 
 I cant tell the
  reason, how was it rectified.
  We installed our libs on a new machine.
 
  Now a different error is seen.
 
  After client and server conection is established, TLSv1 
 Encrypted Alert+21
  is sent by the client.
 
As shown by wireshark, I assume. Immediately after Finished 
(which wireshark is only able to shows as 
'encrypted handshake message' 'contenttype:22')? 
Or after more data? Or a time delay (maybe timeout)?

Yes, alerts are encrypted once handshake is completed.
Aside from using a null cipher as suggested above, 
so the encrypted alert (and any other data) is readable:

- does either your client or server or both log or display 
anything about the error?

- if not, can you substitute s_server for the real server? 
It does display/log any error alert. But this will only work 
if the client is spontaneously sending the alert without 
waiting for or needing any data the real server sends.

snip rest


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Application is failing with cipher or hash unavailable

2011-05-16 Thread Gayathri Sundar

Am not sure what the poster of this msg is actually doing, but I faced a
similar problem when I was trying to achieve SSL from kernel, I had to work
on sk_buff chains and fragmented SSL Records, and during my development, I
got a lot of error alerts of 21 as some boundary conditions were not met. I
am sure here they are trying to process SSL from kernel and not using
openssl from userland..there is no other reason as to why this alert has to
come.

thanks
--Gayathri

On Mon, May 16, 2011 at 8:12 PM, Dave Thompson dthomp...@prinpay.comwrote:

  From: owner-openssl-us...@openssl.org On Behalf Of Gayathri Sundar
  Sent: Monday, 16 May, 2011 10:18
  You could hack ur client and server to use cipher null and see the
  alert in clear..most,y should be digest failure.
 
 If you mean MAC failure (actually MAC-or-decryption-failure,
 since they were combined to avoid possibly helping an attacker),
 that should *never* happen unless there is a bug at either peer
 or actual tampering in the communication channel.

 It could also be close-notify. That's the only alert
 that should normally occur after handshake.

  On Monday, May 16, 2011, pradeepreddy
  pradeepreddy@gmail.com wrote:

   After lot of struggles, finally get rid of this error, but
  I cant tell the
   reason, how was it rectified.
   We installed our libs on a new machine.
  
   Now a different error is seen.
  
   After client and server conection is established, TLSv1
  Encrypted Alert+21
   is sent by the client.
  
 As shown by wireshark, I assume. Immediately after Finished
 (which wireshark is only able to shows as
 'encrypted handshake message' 'contenttype:22')?
 Or after more data? Or a time delay (maybe timeout)?

 Yes, alerts are encrypted once handshake is completed.
 Aside from using a null cipher as suggested above,
 so the encrypted alert (and any other data) is readable:

 - does either your client or server or both log or display
 anything about the error?

 - if not, can you substitute s_server for the real server?
 It does display/log any error alert. But this will only work
 if the client is spontaneously sending the alert without
 waiting for or needing any data the real server sends.

 snip rest


 __
 OpenSSL Project http://www.openssl.org
 User Support Mailing Listopenssl-users@openssl.org
 Automated List Manager   majord...@openssl.org

RE: Replace renewed intermediate certificate in the keystore chain: in Java

2011-05-16 Thread Dave Thompson

 From: owner-openssl-us...@openssl.org On Behalf Of Mohan Radhakrishnan
 Sent: Monday, 16 May, 2011 00:13

 Not sure why I mixed up the order earlier but this procedure works.
 
 If the old leaf is first in the .pem file followed by the
 new intermediate and the old root the intermediate is renewed
 successfully. I have to use the already existing chain alias.
 
(To be exact: the alias for the existing *privatekey* entry, 
which *includes* the chain.)

 I think this is what should have worked for you too ?
 
Yes that did work for me, and now for you.

Another way that works and I prefer is old leaf plus new 
intermediate and NO root, because as I explained there's 
no benefit to having the root in the privatekey entry.
But you were already using with-root, and I guess you 
want to continue doing so, and it does no harm.

snip earlier


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Why would RSA_size() crash?

2011-05-16 Thread Dr. Stephen Henson

On Mon, May 16, 2011, G S wrote:

 A follow-up: After seeing an example, I tried printing the result of
 ERR_reason_error_string(ERR_get_error()).  It's null.

ERR_print_errors_fp(stderr) might be more useful: see FAQ.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

An Invitation to Neuroscientists and Physicists: Singapore Citizen Mr. Teo En Ming (Zhang Enming) Reports First Hand Account of Mind Intrusion and Mind Reading

2011-05-16 Thread Singapore Citizen Mr. Teo En Ming (Zhang Enming) 张恩鸣


16 May 2011 Monday 7:28 P.M. Singapore Time
For Immediate Release

SINGAPORE, SINGAPORE - Singapore Citizen Mr. Teo En Ming (Zhang Enming) 
would like to report first hand account of mind intrusion and mind 
reading. I have been hearing voices for quite some time now but I have 
not been able to identify the persons physically. A number of 
un-identified persons have intruded into my mind and they are able to 
read my thoughts. I could not explain the mechanism by which these 
un-identified persons have been reading my mind at the moment but there 
is definitely a scientific explanation for it. I know very clearly that 
I am not suffering from schizophrenia at all.


I am fully aware that no common man would believe me except the select 
few scientific researchers working in top secret government projects and 
the human guinea pigs who are being experimented on. One of the 
possibilities is that I have a microchip implanted into my brain, 
possibly when I was an infant. It may take a few years, a few decades, 
or even a few centuries before mind reading is finally brought to light 
before the general public.


I would like to invite neuroscientists, engineers and physicists to 
speak on the scientific explanation behind mind intrusion and mind reading.


Please remember what Singapore Citizen Mr. Teo En Ming (Zhang Enming) 
have said. Mark my words. You will know the truth in future. It is no 
longer a conspiracy theory. I can affirm that it (mind intrusion and 
mind reading) is indeed happening to me.



Yours truly,
Singapore Citizen Mr. Teo En Ming (Zhang Enming) 
Dip(Mechatronics)(Singapore Polytechnic) BEng(Hons)(Mechanical 
Engineering)(National University of Singapore)

Singapore Identity Card No/NRIC: S78*6*2*H
Toa Payoh Lorong 5, Singapore
Mobile Phone: +65-8369-2618
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Why would RSA_size() crash?

2011-05-16 Thread G S

Thanks to those who answered.  It was a simple goof using std::string's
substr() method; I was treating the second parameter as the end position
rather than the character count, thus lopping off some essential characters
and causing the failure.  It works now.

38 matches

Mail list logo