Re: CVE-0224-2014 CCS byte
On Nov 22, 2014 2:35 AM, Dr. Stephen Henson st...@openssl.org wrote: On Sat, Nov 22, 2014, Deepak wrote: Hi, Can a SSL client upgraded with patch for CVE-0224-2014 (say OpenSSL 0.9.8zb) talk to SSL server which does not have this patch (say OpenSSL 0.9.8u) ? Problem I have - Server -Apache 2.2.22 with mod_ssl compiled with OpenSSL 0.9.8u Client - privately maintained PKI code based upon OpenSSL 0.9.8h to which we regularly backport OpenSSL patches. We have backported fix for cve 0224 to this code. This client is rejecting handshake from above Server with error that it received CCS byte early. How do I debug what is going on and solve this problem? There is a bug related to renegotiation and session tickets which can trigger a bogus CCS early error but it wasn't known to affect 0.9.8-0.9.8. I'd suggest you try disabling session tickets to see if that helps. If it does try backporting commit 249a3e362fe406f8bc05cd3 to 0.9.8. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org Why do we see this problem in select few cases ? .. All of the users of our customized PKI are not complaining. Else this could be a major problem. Thank you.
Query regarding openssl initialisation of aes-ni.
Hi All, I am using the below openssl version: # openssl version OpenSSL 1.0.0 29 Mar 2010 I am facing one problem with IPSec Strongswan daemon with openssl. Strongswan uses openssl APIs for packet encryption. In my hardwas aes-ni is enabled, this I have confirmed through /proc/cpuinfo. IPSec daemon is crashing for accessing NULL pointer. On further debugging the ctx-cipher is becoming NULL after openssl initializing the ctx. Please see the below call trace: #4 0x7fab0ecf61b7 in EVP_CIPHER_CTX_set_key_length (c=0x7fab05xx0, keylen=16) at evp_enc.c:520 No locals. #5 0x7fab0f24a4ab in crypt (this=0x2626640, data=..., iv=..., dst=value optimized out, enc=1) at /strongswan/src/libstrongswan/plugins/openssl/openssl_crypter.c:137 len = value optimized out out = 0x2626a70 \210\360{\017\253\177 ctx = {cipher = 0x0, engine = 0x0, encrypt = 1, buf_len = 0, oiv = '\000' repeats 15 times, iv = '\000' repeats 15 times, buf = '\000' repeats 31 times, num = 0, app_data = 0x0, key_len = 0, flags = 256, cipher_data = 0x0, final_used = 0, block_mask = 0, final = '\000' repeats 31 times} #6 0x7fab0f24a5e4 in encrypt (this=0x7fab05fa38b0, data=..., iv=..., dst=0x40b2) at /strongswan/src/libstrongswan/plugins/openssl/openssl_crypter.c:160 No locals. #7 0x0043dfec in encrypt (this=0x2626740) at /strongswan/src/charon/encoding/payloads/encryption_payload.c:366 iv = {ptr = 0x2626620 \272\262]*\212\306=\313W\347r\031\234D\034, len = 16} padding = {ptr = 0x2625310 A\255Z`\037JbK\f\272\226, len = 11} to_crypt = {ptr = 0x26268d0 ', len = 192} result = {ptr = 0x2626a70 \210\360{\017\253\177, len = 192} rng = value optimized out block_size = 16 From the the below link: http://rt.openssl.org/Ticket/Display.html?id=2305user=guestpass=guest came to know that problem is with openssl multiple initialisations of aes-ni. If I do the change as mentioned in the link, everything works fine. How can I make sure that my crash is related to the same issue? Can someone tell me, is there any way to find which applications are using openssl and causing the multiple initialisations? As I am very new to openssl, please do reply to my query and it will be really helpfull to me if someone clarifies when the loading of ENGINES happens? Please let me know the correct group to post this question if in case if I mailed to wrong group. Thanks, Bhargav
Freeze to mailing list memberships
We will soon be freezing the mailing list memberships for a couple of days. We are moving to a new server and upgrading the mail infrastructure. (For mail wonks who might care: replacing the aging majordomo setup with a more-current mailman setup, among other things.) -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.memailto:rs...@jabber.me Twitter: RichSalz
FIPS mode with SP800-56b statements?
Dear all, I'm trying to map the SP800-56b NIST document to the OpenSSL capabilities running in FIPS mode. There is a table full of should not, should, shall and so on, needed to be filled by any NIST approved product, but there are certain issues, that seems that OpenSSL doesn't pass, and the NIST validators requires a rationale for deviation, for each no. I saw (two years ago may be?) a guy asking about this table in an openssl mailing list, but the data wasn't available. So, is there anyone that has filled this table and explained a rationale for deviations? Or where could I find this information? You can see an example of the table from a random company in https://www.niap-ccevs.org/st/st_vid10523-st.pdf (page 53) or in https://www.niap-ccevs.org/st/st_vid10505-st.pdf (page 40) For instance, in NIST SP800-56b section Reference 7.2.2.3, it says that (talking about RSA-OAEP Decryption Operation) the observable behavior of the mask generation function *should not* reveal even partial information about the MGF seed employed in the process . Do you know why OpenSSL doesn't fulfil that capability? I'm not able to find why OpenSSL in FIPS mode may reveal partial information about the MGF seed and I'm not able to find why this is not harmful. Just for the records, the sections that I think that OpenSSL doesn't fulfil, are: 6.6 (shall not), 7.2.1.3 (should not), 7.2.3.3 (should not) and 8.3.2 (should not). Thanks for your help in advance and kind regards, Alberto. -- Alberto Román Engineering team http://www.alienvault.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
undefined reference errors, e.g. to `ERR_load_crypto_strings'
Dear Sirs or Madams, I have the problem that I keep getting undefined reference errors whenever I try to access pretty much any OpenSSL-related command. I elaborated on my problem in the following thread: http://stackoverflow.com/questions/27106580/undefined-reference-to-err-load-crypto-strings Can anyone please help me? Cheers Alex __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: undefined reference errors, e.g. to `ERR_load_crypto_strings'
Reverse the order of the libraries. Use -lssl -lcrypto. -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Alexander Raiola Sent: Tuesday, November 25, 2014 8:34 AM To: openssl-users@openssl.org Subject: undefined reference errors, e.g. to `ERR_load_crypto_strings' Dear Sirs or Madams, I have the problem that I keep getting undefined reference errors whenever I try to access pretty much any OpenSSL-related command. I elaborated on my problem in the following thread: http://stackoverflow.com/questions/27106580/undefined-reference-to-err-load-crypto-strings Can anyone please help me? Cheers Alex __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Adding new cipher to openssl.
Hello everyone, Greetings for the day.. ! I was trying to add a new cipher to openssl so as to use it with the digital certificate, is it possible ? Thankyou. Regards, Niraj.
Re: Adding new cipher to openssl.
On Wed, Nov 26, 2014 at 10:44:34AM +0530, Niraj Sorathiya wrote: I was trying to add a new cipher to openssl so as to use it with the digital certificate, is it possible ? Is this a homework assignment? A class project? This question does not belong on the openssl-dev list, moved to Bcc, and replies redirected to openssl-users. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Adding new cipher to openssl.
I was trying to add a new cipher to openssl so as to use it with the digital certificate, is it possible ? You asked this a week ago. You also asked this three weeks ago. The answer is yes it is possible but there is NO TOOL OR DOCUMENTATION. Stephen Henson suggested looking at the gost engine. Please stop. :��IϮ��r�m (Z+�K�+1���x��h[�z�(Z+���f�y���f���h��)z{,���