Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-12 Thread silvioprog 
On Mon, Dec 12, 2016 at 3:53 PM, Jeffrey Walton  wrote:

> > So what is the correct way, 1 or 2?
> >
> > 1)
> >
> > RAND_poll()
> > /* RAND_bytes is unnecessary */
> > /* RAND_add is unnecessary */
> >
> > 2)
> >
> > RAND_poll()
> > RAND_bytes(buf, 128);
> > /* RAND_add is unnecessary */
>
> On Windows, you call CryptGenRandom to obtain your seed for the
> OpenSSL PRNG. On Linux, you use one of the random devices, like
> /dev/srandom, /dev/random, or /dev/urandom.
>
> Windows Phone and Windows Store apps add a twist, like requiring calls
> to BCryptGenRandom. There's no way to wrote portable code when you
> factor in Windows Phone and Windows Store. It will be a #define mess.
>
> Jeff


Perfect! So I just need to call RAND_poll(), because it seems already
choosing that funcs above. :-)

https://github.com/openssl/openssl/blob/master/crypto/rand/rand_win.c#L49

https://github.com/openssl/openssl/blob/master/crypto/rand/rand_unix.c#L161

Thanks a lot dude!

--
Silvio Clécio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-12 Thread Jeffrey Walton 
> So what is the correct way, 1 or 2?
>
> 1)
>
> RAND_poll()
> /* RAND_bytes is unnecessary */
> /* RAND_add is unnecessary */
>
> 2)
>
> RAND_poll()
> RAND_bytes(buf, 128);
> /* RAND_add is unnecessary */

On Windows, you call CryptGenRandom to obtain your seed for the
OpenSSL PRNG. On Linux, you use one of the random devices, like
/dev/srandom, /dev/random, or /dev/urandom.

Windows Phone and Windows Store apps add a twist, like requiring calls
to BCryptGenRandom. There's no way to wrote portable code when you
factor in Windows Phone and Windows Store. It will be a #define mess.

Jeff
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-12 Thread Salz, Rich 
Seed the RNG, via RAND_poll.  When or if you need random bytes, call 
RAND_bytes.  If you just need crypto keys, call the appropriate keygen API.

Done.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-12 Thread silvioprog 
On Mon, Dec 12, 2016 at 3:33 PM, silvioprog  wrote:
[...]

> So what is the correct way, 1 or 2?
>

*"which is ..."

-- 
Silvio Clécio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-12 Thread silvioprog 
On Mon, Dec 12, 2016 at 3:28 PM, Salz, Rich  wrote:

> > > You fed RAND_bytes output back into RAND_add?  That's silly.
> > Yes. Is it unnecessary? My steps are:
>
> It is a bad idea.  It is pointless.  Don't do it.


So what is the correct way, 1 or 2?

1)

RAND_poll()
/* RAND_bytes is unnecessary */
/* RAND_add is unnecessary */

2)

RAND_poll()
RAND_bytes(buf, 128);
/* RAND_add is unnecessary */

:-S

-- 
Silvio Clécio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-12 Thread Salz, Rich 
> > You fed RAND_bytes output back into RAND_add?  That's silly.

> Yes. Is it unnecessary? My steps are:

It is a bad idea.  It is pointless.  Don't do it.


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-12 Thread silvioprog 
On Mon, Dec 12, 2016 at 3:04 PM, Salz, Rich  wrote:

> > "In short, I just replaced the RAND_screen() call to the RAND_poll(),
> generated a random buffer using RAND_bytes() (based on
> https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it
> via RAND_add()"
>
> You fed RAND_bytes output back into RAND_add?  That's silly.


Yes. Is it unnecessary? My steps are:

...
- RAND_scree()
+ RAND_poll()
+ RAND_bytes(buf, 128);
+ RAND_add(buf, length(buf), length(buf));
...

(I noticed I sent wrong patch, the correct one declare the RAND_bytes func
^^' )

-- 
Silvio Clécio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-12 Thread Salz, Rich 
> "In short, I just replaced the RAND_screen() call to the RAND_poll(), 
> generated a random buffer using RAND_bytes() (based on 
> https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it via 
> RAND_add()"

You fed RAND_bytes output back into RAND_add?  That's silly.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-12 Thread silvioprog 
Oops,

I meant:

"In short, I just replaced the RAND_screen() call to the RAND_poll(),
generated a random buffer using RAND_bytes() (based on
https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding it via
RAND_add()"

On Mon, Dec 12, 2016 at 2:46 PM, silvioprog  wrote:
[...]

> In short, I just removed the RAND_screen() call, generated a random buffer
> using RAND_bytes() (based on https://wiki.openssl.org/
> index.php/Random_Numbers#Software) seeding via RAND_add().
>

-- 
Silvio Clécio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-12 Thread silvioprog 
Finally I think I solved this problem! :-)

This is the patch I'm going to send to the `ssl_openssl_lib` authors:
http://pastebin.com/VgSpnwxB .

In short, I just removed the RAND_screen() call, generated a random buffer
using RAND_bytes() (based on
https://wiki.openssl.org/index.php/Random_Numbers#Software) seeding via
RAND_add().

Thanks a lot for the help, dudes! :-)

On Sun, Dec 4, 2016 at 12:01 AM, silvioprog  wrote:

> Thanks for sharing the links, I'm going to check them.
>
> The original code call RAND_screen() only once in the app initialization,
> so can I replace it by RAND_add()? (I'm newbie on SSL)
>
> I've noticed the application is just a HTTP client consuming some web
> services via HTTPS. It doesn't call explicitly any OpenSSL random function,
> so I think it uses the default OpenSSL configurations.
>
> On Sat, Dec 3, 2016 at 3:42 PM, Jeffrey Walton  wrote:
> [...]
>
>> Also see https://wiki.openssl.org/index.php/Library_Initialization and
>> https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues.
>>
>> The short of it is, you should stop relying on auto-initialization of
>> the RNG, and seed it yourself with a call to `RAND_add`.
>>
>> Jeff
>
>
-- 
Silvio Clécio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-03 Thread silvioprog 
Thanks for sharing the links, I'm going to check them.

The original code call RAND_screen() only once in the app initialization,
so can I replace it by RAND_add()? (I'm newbie on SSL)

I've noticed the application is just a HTTP client consuming some web
services via HTTPS. It doesn't call explicitly any OpenSSL random function,
so I think it uses the default OpenSSL configurations.

On Sat, Dec 3, 2016 at 3:42 PM, Jeffrey Walton  wrote:
[...]

> Also see https://wiki.openssl.org/index.php/Library_Initialization and
> https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues.
>
> The short of it is, you should stop relying on auto-initialization of
> the RNG, and seed it yourself with a call to `RAND_add`.
>
> Jeff


-- 
Silvio Clécio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-03 Thread silvioprog 
Thanks for replying!

I found two libraries at application's directory: libeay32.dll and
ssleay32.dll, both with file version 0.9.8.14 and product version 0.9.8n.

I totally agree about properly initializing the random number generator,
however I don't know how to do that yet. That code I'm using is a third
party Pascal binding for the OpenSSL C library, and I've noticed that many
other packages was based on that implementation too (eg:
https://github.com/graemeg/freepascal/blob/master/packages/openssl/src/openssl.pas#L4442
- it seems based on an old LibOpenSsl version).

The application I'm fixing uses the same file this link above, and I can
edit it without problems. I removed the line RAND_screen and now the
application initializes fast, but I'm not sure if it will turn my
application vulnerable.

If I get to solve it I will try some patch sharing it to the authors of
these bindings.

On Sat, Dec 3, 2016 at 2:34 PM, Salz, Rich  wrote:

> What version of openssl are you using?  Current versions do not call
> RAND_screen or other long-term heap-walking on Windows.
>
>
>
> You absolutely **must** properly initialize the random number generator.
> If you fail to do that, attackers can guess the keys that you use.  You
> will be providing only the illusion of security.
>
>
>
> Please pass this along to that other app.  What it, and you, are doing is
> horrible.
>
>
>
> --
>
> Senior Architect, Akamai Technologies
>
> Member, OpenSSL Dev Team
>
> IM: richs...@jabber.at Twitter: RichSalz
>

-- 
Silvio Clécio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-03 Thread Jeffrey Walton 
> I'm trying to speed up the initialization of a legacy HTTP client
> application. Debugging that code, I found the following functions being
> called each application startup:
>
>   initialization
> SSL_library_init()
> SSL_load_error_strings()
> OpenSSL_add_all_algorithms()
> RAND_screen()
>
> however, the execution of RAND_screen()  spends about 3 seconds.

Also see https://wiki.openssl.org/index.php/Library_Initialization and
https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues.

The short of it is, you should stop relying on auto-initialization of
the RNG, and seed it yourself with a call to `RAND_add`.

Jeff
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Doubt about OpenSSL library initialization in an HTTP client application

2016-12-03 Thread Salz, Rich 
What version of openssl are you using?  Current versions do not call 
RAND_screen or other long-term heap-walking on Windows.

You absolutely *must* properly initialize the random number generator.  If you 
fail to do that, attackers can guess the keys that you use.  You will be 
providing only the illusion of security.

Please pass this along to that other app.  What it, and you, are doing is 
horrible.

--
Senior Architect, Akamai Technologies
Member, OpenSSL Dev Team
IM: richs...@jabber.at Twitter: RichSalz
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users