[openssl-users] Understanding RSA_sign and type argument

[Ignacio Alamo Corsino]

Hello everyone,


i am having some issues understanding the RSA_sign function:

RSA_sign(int type, const unsigned char *m, unsigned int m_len, unsigned char 
*sigret, unsigned int *siglen, RSA *rsa);


As far as I know, the signing is a four step process:

- Calculate hash with digest algorithm  (given as argument to this 
function -> m)

- Encapsulate hash in a DigestInfo structure (X509_SIG)

- Structure padding (in RSA_private_encrypt)

- Private key operation on this padded structure (in RSA_private_encrypt)


Is that correct?


So, during the TLS handshake, the RSA_sign function is called in the 
CertificateVerify step.

For my tests, everytime this function is called, the hashing type is SHA512 
even though I specify to use a SHA256 hash.

These are the commands that I use to test TLS:

#openssl s_server -accept 443 -cert cert.pem -key key.pem  -Verify 1 -msg 
-debug -cipher eNULL:aRSA:!SHA512:SHA256 -serverpref
#openssl s_client -connect localhost:443 -cert client_cert.pem   -key 
client.key -state -cipher eNULL:aRSA:!SHA512:SHA256

How can I force TLS to use a SHA256 digest for DH?
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Session Ticket Support in Openssl TLS 1.2

[Benjamin Kaduk via openssl-users]

On 06/09/2017 07:54 PM, Neetish Pathak wrote:
>
> On Thu, Jun 8, 2017 at 3:45 PM, Matt Caswell  > wrote:
>
>
>
> On 08/06/17 23:12, Neetish Pathak wrote:
> > Thanks.
> > I had one query regarding the TLS 1.3 implementation on server
> side. I
> > have a simple client server program with session resumption
> working with
> > TLS 1.2.
> > When I use TLS 1.3, I see that server hello message has a malformed
> > packet.
>
> How do you know it is malformed? The format of the ServerHello message
> has changed in TLSv1.3, so if you expect it to look like a TLSv1.2
> ServerHello then you will be surprised.
>
>
>
> *I know the ServerHello is malformed from the WIRESHARK LOGS. It shows
> an exception for the ServerHello with malformed packet message.*

It is quite likely that your version of wireshark does not know how to
properly decode the TLS 1.3 ServerHello.  When interpreted as a TLS 1.2
ServerHello, it is expected to show as malformed, because the protocol
formats are different between the two protocols.  This is what Matt was
trying to say.

Someone could look at the raw hex dump of the packet and decode it
manually as a TLS 1.3 ServerHello to confirm whether it is actually
malformed or just a wireshark error.

-Ben
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Session Ticket Support in Openssl TLS 1.2

[Neetish Pathak]

Thanks Matt

On Thu, Jun 8, 2017 at 3:45 PM, Matt Caswell  wrote:

>
>
> On 08/06/17 23:12, Neetish Pathak wrote:
> > Thanks.
> > I had one query regarding the TLS 1.3 implementation on server side. I
> > have a simple client server program with session resumption working with
> > TLS 1.2.
> > When I use TLS 1.3, I see that server hello message has a malformed
> > packet.
>
> How do you know it is malformed? The format of the ServerHello message
> has changed in TLSv1.3, so if you expect it to look like a TLSv1.2
> ServerHello then you will be surprised.
>


*I know the ServerHello is malformed from the WIRESHARK LOGS. It shows an
exception for the ServerHello with malformed packet message.*


>
> > Though the SSL handshake is successful. I am not observing
> > session resumption.
> > I want to know what causes server hello to have a malformed packet.
> > Also, is any extra configuration required for TLS 1.3 ?
> > I am assuming TLS 1.3 can also use session Ids/ tickets for session
> > resumption.
>
> You probably want to read this blog post:
>
> https://www.openssl.org/blog/blog/2017/05/04/tlsv1.3/
>
> *This blogpost is highly useful. Thanks for directing me here. I
am following the guidelines.*


> Session ids are not used in TLSv1.3 and session tickets work very
> differently. Session resumption should work just fine but there are some
> things to be aware of (discussed in the blog post).
>
> Matt
>
>
> >
> > Thanks
> > Best Regards,
> > Neetish
> >
> > On Thu, Jun 8, 2017 at 1:47 AM, Matt Caswell  > > wrote:
> >
> >
> >
> > On 08/06/17 01:26, Neetish Pathak wrote:
> > > Hello All,
> > >
> > > I am new to the Openssl community.
> > > I am using the latest version of Openssl (with TLS 1.3 enabled) for
> > > performance benchmarking. I wanted to know if the session ticket
> support
> > > for session resumption enabled;ed by default for OpenSSL TLS v 1.2
> or it
> > > needs to be explicitly enabled?
> >
> > It is on by default.
> >
> > Matt
> >
> > --
> > openssl-users mailing list
> > To unsubscribe:
> > https://mta.openssl.org/mailman/listinfo/openssl-users
> > 
> >
> >
> >
> >
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Code Health Tuesday -- Fix the FAQ

[Salz, Rich via openssl-users]

It's been awhile since we did a code health Tuesday and we're overdue for one 
next week.

Our online FAQ is really old; it's outdated and incorrect.  We haven't fully 
figured out how much of the older versions and older platforms we should 
document.

So, let's fix it.  Move anything older than 1.0.2 to the new "old" section.  
Move anything about really old platforms that aren't fully supported, or have 
strange wonky compilers, etc., to that same section.  And along the way, let's 
fix up any other entries that come to mind.

The repo is here: https://github.com/openssl/web  The FAQ can be found here: 
https://github.com/openssl/web/tree/master/docs

Feel free to clone the fork the repo and make pull requests.  If that's too 
much work, open an issue with the suggested revisions (but please if it's about 
moving entries, do a PR).  The FAQ is mostly plain text, with some 
markdown-like additions.  It should be easy to figure out.

Thanks!  We'll post a reminder about this after the weekend.

--
Senior Architect, Akamai Technologies
Member, OpenSSL Dev Team
IM: richs...@jabber.at Twitter: RichSalz

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users