1.0.0a s_server with GOST certificate can't compute sha1 digest???

Andrey Kulikov Thu, 11 Nov 2010 15:43:32 -0800

Hello,

I'm trying to make s_server and s_client work with GOST encryption
using ccgost engine and certificates with GOST algos.
But it unable to work, complaining to bad mac computing.
(If I use RSA-based certificates, everything works just fine.)


Openssl 1.0.0a, Linux i386

I have ccgost statically linked in openssl.
I've add following lines to openssl config file:
=============================================
openssl_conf = openssl_def

[openssl_def]
engines = engine_section

[engine_section]
gost = gost_section

[gost_section]
engine_id = gost
default_algorithms = ALL
CRYPT_PARAMS = id-Gost28147-89-CryptoPro-A-ParamSet
=============================================

Then execute
export OPENSSL_CONF=<path to >/openssl.cnf

Generate key and self-signed certificate using GOST algos.

#Generate private key
./apps/openssl genpkey -engine gost -algorithm gost2001 -pkeyopt
paramset:A -out botkey.p8
# Create self-sign certificate
./apps/openssl req -config ./apps/openssl.cnf -x509 -days 1095 -subj
'/C=RU/CN=csp_srv/o=lapu...@mail.ru' -engine gost -new -key botkey.p8
-out botcert.pem

# Dump ASN format files to check that it what we expect
openssl asn1parse -in botkey.p8
openssl asn1parse -in botcert.pem


When start s_server

 ./apps/openssl s_server -www -engine gost -accept 4333  -state -cert
botcert.pem -key botkey.p8

./apps/openssl s_client -engine gost -ssl3  -connect localhost:4333

Client output (truncated):
================================
.....
3076867724:error:1411D144:SSL routines:ssl3_handshake_mac:digest
requred for handshake isn't computed:s3_enc.c:669:
3076867724:error:1411D144:SSL routines:ssl3_handshake_mac:digest
requred for handshake isn't computed:s3_enc.c:669:
3076867724:error:140943FC:SSL routines:SSL3_READ_BYTES:sslv3 alert bad
record mac:s3_pkt.c:1193:SSL alert number 20
3076867724:error:1409E0E5:SSL routines:SSL3_WRITE_BYTES:ssl handshake
failure:s3_pkt.c:590:
---
......
---
New, TLSv1/SSLv3, Cipher is GOST2001-GOST89-GOST89
Server public key is 256 bit
Secure Renegotiation IS supported
Compression: NONE
Expansion: NONE
SSL-Session:
    Protocol  : SSLv3
    Cipher    : GOST2001-GOST89-GOST89
    Session-ID: 214A3B31604763646B6E6A1DC0B793BC5979C454C25AE2ED2EE3947AA08078B0
    Session-ID-ctx:
    Master-Key:
93B1DB1A2B5A40CFB2E3328280FB200B044CF446E73353B735328253D690F88A01AEB9E004BC06085E4C81770269EBD7
    Key-Arg   : None
    PSK identity: None
    PSK identity hint: None
    Start Time: 1289516998
    Timeout   : 7200 (sec)
    Verify return code: 18 (self signed certificate)
================================

Server output (truncated):
================================
...
SSL_accept:SSLv3 write server done A
SSL_accept:SSLv3 flush data
SSL_accept:SSLv3 read client key exchange A
SSL3 alert write:fatal:bad record mac
SSL_accept:error in SSLv3 read certificate verify A
SSL_accept:error in SSLv3 read certificate verify A
3076998796:error:1411D144:SSL routines:ssl3_handshake_mac:digest
requred for handshake isn't computed:s3_enc.c:669:
3076998796:error:1411D144:SSL routines:ssl3_handshake_mac:digest
requred for handshake isn't computed:s3_enc.c:669:
3076998796:error:88073074:lib(136):GOST_IMIT_UPDATE:mac key not
set:gost_crypt.c:527:
3076998796:error:88073074:lib(136):GOST_IMIT_UPDATE:mac key not
set:gost_crypt.c:527:
3076998796:error:88073074:lib(136):GOST_IMIT_UPDATE:mac key not
set:gost_crypt.c:527:
3076998796:error:88073074:lib(136):GOST_IMIT_UPDATE:mac key not
set:gost_crypt.c:527:
3076998796:error:88073074:lib(136):GOST_IMIT_UPDATE:mac key not
set:gost_crypt.c:527:
3076998796:error:88073074:lib(136):GOST_IMIT_UPDATE:mac key not
set:gost_crypt.c:527:
3076998796:error:8808C074:lib(136):GOST_IMIT_FINAL:mac key not
set:gost_crypt.c:564:
3076998796:error:88073074:lib(136):GOST_IMIT_UPDATE:mac key not
set:gost_crypt.c:527:
3076998796:error:88073074:lib(136):GOST_IMIT_UPDATE:mac key not
set:gost_crypt.c:527:
3076998796:error:88073074:lib(136):GOST_IMIT_UPDATE:mac key not
set:gost_crypt.c:527:
3076998796:error:8808C074:lib(136):GOST_IMIT_FINAL:mac key not
set:gost_crypt.c:564:
3076998796:error:1408F119:SSL routines:SSL3_GET_RECORD:decryption
failed or bad record mac:s3_pkt.c:478:
ACCEPT
================================


The problem is in ssl3_final_finish_mac function (ssl/s3_enc.c:636),
called somewhere from ssl3_do_change_cipher_spec().
It try to compute  NID_md5 and NID_sha1 digests, but in
SSL->s3->handshake_dgst[] there is only one digest -
NID_id_GostR3411_94. So we got that errors.


Could please someone advice, what the root cause of this situation,
and how to deal with it?
How to get s_server and s_client working with GOST certificates?

Best wishes,
Andrey
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majord...@openssl.org

1.0.0a s_server with GOST certificate can't compute sha1 digest???

Reply via email to