Re: [openssl.org #2655] speed sha1 hang up - 1.0.1 snapshot 20111211 - Cygwin

[Andy Polyakov via RT]

 Where is it caught?
 Addentum: programm caught in different functions: I saw
 OPENSSL_Cleanse(), EVP_DigestUpdate(), sha1_something and others.
 
 I provided   'thread apply 1 info reg'  only if it get caugth in
 sha1_block_data_order_ssse3 ().

The implied question was if program is making progress or is it caught
is some limbo state. Program behavior appears to be sane, in which case
one should look for explanation for the phenomena in the environment. Is
it virtual machine? Which OS is it? What is the host? I.e. VMware, Xen,
...? Have you ever observed anomalies in ping output? Anomalies like
it's reporting negative round-trip time?


__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: One lousy bit...

[Ben Laurie]

On Mon, Dec 12, 2011 at 3:19 PM, Marshall Clow mclow.li...@gmail.com wrote:
 I've been testing out the LLVM static analysis tool
 http://clang-analyzer.llvm.org/ on various code bases, and it's lighting
 up a particular construct used in OpenSSL.

 Let me state my position right up front:
 I have no idea if this causes any problems in OpenSSL, but I don't think
 this code is doing what the authors intended.


 Example of what clang is whinging about (from rsa_eay.c):

 547 BIGNUM local_d;
 548 BIGNUM *d = NULL;
 549
 550 if (!(rsa-flags  RSA_FLAG_NO_CONSTTIME))
 551 {
 552 d = local_d;
 553 BN_with_flags(d, rsa-d, BN_FLG_CONSTTIME);

 What is says is:
 Line 553: Left operand of '' is a garbage value.

 Here's the relevant definition (from bn.h):

 296 /* get a clone of a BIGNUM with changed flags, for *temporary* use only
 297 * (the two BIGNUMs cannot not be used in parallel!) */
 298 #define BN_with_flags(dest,b,n)  ((dest)-d=(b)-d, \
 299 (dest)-top=(b)-top, \
 300 (dest)-dmax=(b)-dmax, \
 301 (dest)-neg=(b)-neg, \
 302 (dest)-flags=(((dest)-flags  BN_FLG_MALLOCED) \
 303                |  ((b)-flags  ~BN_FLG_MALLOCED) \
 304                |  BN_FLG_STATIC_DATA \
 305                |  (n)))

 The problem is on line 302, which (I believe) intends to clear all the bits
 in dest-flags except the BN_FLG_MALLOCED bit (0x01). But in the code in
 rya_eay.c, that bit is uninitialized.

That's not quite what it does, is it? It preserves the original
MALLOCED flag from dest and copies the remaining flags from b, ored
with n, which makes sense.


 So, we end up with a temporary BIGNUM where the BN_FLG_MALLOCED flag is
 garbage.

 Again - I do not know if this actually causes any problems.

I guess it only causes problems if someone attempts to free the copy,
which I presume they will not in this case. However, it is a bug. Yay
for LLVM!


 The same construct occurs in:
 bn_gcd.c line 571
 crypto/rsa/rsa_gen.c line 173
 crypto/rsa/rsa_lib.c line 417
 crypto/bn/bn_gcd.c line 546
 rsa_eay.c line 767

 -- Marshall

 Marshall Clow Idio Software   mailto:mclow.li...@gmail.com

 A.D. 1517: Martin Luther nails his 95 Theses to the church door and is
 promptly moderated down to (-1, Flamebait).
    -- Yu Suzuki

__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: How to: read a certificate from PIV smart card, encode some text with its public key?

[Umaxik]

Many thanks, Douglas!

You helped me to sort this problem out after I had spent a week or so.

Some words to finish this topic:

My goal was to encrypt/decrypt some data with the PIV card (i.e., only the
card keeper may use the data). It can be done in the easier way:

1. PIV cards can have their Key Management Key destined to provide key
establishment during transactions.
2. If this KMK uses ECDH, I can emulate C(1;1) scheme (NIST
SP800-73-3,part2). That is:
2.1. I create and store in code my own EC public key (openssl affords to
create EC private keys and certificates with public keys included).
2.2. The card is authorized.
2.3. I call its 'General authentication' operation with KMK and this public
key.
2.4. As a result, I have the secret code. This code is suitable for AES
encryption.

Therefore, I use openssl in order to create this public key and to operate
with AES encryption.

Best regards,
Max Ushakov
-- 
View this message in context: 
http://old.nabble.com/How-to%3A-read-a-certificate-from-PIV-smart-card%2C-encode-some-text-with-its-public-key--tp32941067p32966373.html
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: How to: read a certificate from PIV smart card, encode some text with its public key?

[Douglas E. Engert]

On 12/13/2011 7:32 AM, Umaxik wrote:


Many thanks, Douglas!

You helped me to sort this problem out after I had spent a week or so.


Good to hear.



Some words to finish this topic:

My goal was to encrypt/decrypt some data with the PIV card (i.e., only the
card keeper may use the data). It can be done in the easier way:

1. PIV cards can have their Key Management Key destined to provide key
establishment during transactions.
2. If this KMK uses ECDH, I can emulate C(1;1) scheme (NIST
SP800-73-3,part2). That is:
2.1. I create and store in code my own EC public key (openssl affords to
create EC private keys and certificates with public keys included).
2.2. The card is authorized.
2.3. I call its 'General authentication' operation with KMK and this public
key.


Are you using any of the OpenSC code to talk to the card, or are you
using some other code to send the 'General authentication' command to the card?

If anyone is interested: https://github.com/dengert/OpenSC
under the ECDH branch has the code that can be applied to OpenSC-0.12.2
to support PKCS#11 C_DeriveKey for the PIV card. There is also a pkcs11-tool



2.4. As a result, I have the secret code. This code is suitable for AES
encryption.

Therefore, I use openssl in order to create this public key and to operate
with AES encryption.


And you should only need to save the (ephemeral) public key, and destroy
the private key, and the AES key.



Best regards,
Max Ushakov


--

 Douglas E. Engert  deeng...@anl.gov
 Argonne National Laboratory
 9700 South Cass Avenue
 Argonne, Illinois  60439
 (630) 252-5444
__
OpenSSL Project http://www.openssl.org
Development Mailing List   openssl-dev@openssl.org
Automated List Manager   majord...@openssl.org

Re: [openssl.org #2655] speed sha1 hang up - 1.0.1 snapshot 20111211 - Cygwin

[Andrey Kulikov via RT]

Tested on two computers.

Both native (i.e. non-VM) Windows7 x64 Professional (without SP1).
One has E8600 CPU, the other is laptop with i5 mobile CPU.
Both has 8G RAM.
Both working stable for a monthes.
No abnormalities, no BSODs.

gcc version 3.4.4 (cygming special, gdc 0.12, using dmd 0.125)
Cygwin DLL version is 1.7.9-1

Package list (output of  cygcheck -cd )attached.

On 13 December 2011 13:28, Andy Polyakov via RT r...@openssl.org wrote:
 Program behavior appears to be sane,
 Is  it virtual machine? Which OS is it? What is the host? I.e. VMware, Xen,
 ...? Have you ever observed anomalies in ping output? Anomalies like
 it's reporting negative round-trip time?



Cygwin Package Information

Package   Version

_update-info-dir  01006-1

alternatives  1.3.30c-10

autoconf  10-1

autoconf2.1   2.13-10

autoconf2.5   2.68-1

automake  4-10

automake1.10  1.10.3-1

automake1.11  1.11.1-1

automake1.4   1.4p6-10

automake1.5   1.5-10

automake1.6   1.6.3-11

automake1.7   1.7.9-10

automake1.8   1.8.5-10

automake1.9   1.9.6-10

base-cygwin   3.0-1

base-files4.0-6

base-passwd   3.1-2

bash  4.1.10-4

bash-completion   1.3-1

binutils  2.22.51-1

bison 2.4.2-1

build-docbook-catalog 1.5-2

bzip2 1.0.6-2

ca-certificates   1.78-1

cmake 2.8.4-1

coreutils 8.14-1

cpio  2.11-1

crypt 1.1-1

csih  0.9.4-1

curl  7.22.0-2

cvs   1.12.13-10

cvsps 2.2b1-1

cygrunsrv 1.34-1

cygutils  1.4.6-1

cygwin1.7.9-1

cygwin-doc1.7-1

dash  0.5.7-1

dbus  1.4.16-1

diffutils 2.9-1

docbook-dsssl 1.79-2

docbook-sgml303.0-1

docbook-sgml313.1-1

docbook-sgml404.0-1

docbook-sgml414.1-1

docbook-sgml424.2-1

docbook-sgml434.3-1

docbook-sgml444.4-1

docbook-sgml454.5-1

docbook-utils 0.6.14-1

docbook-xml4124.1.2-2

docbook-xml42 4.2-4

docbook-xml43 4.3-2

docbook-xml44 4.4-2

docbook-xml45 4.5-1

docbook-xsl   1.76.1-1

dog   1.7-1

dos2unix  5.3.1-1

ed1.0-1

editrights1.01-2

file  5.09-1

findutils 4.5.9-2

flex  2.5.35-1

font-adobe-dpi75  1.0.2-1

font-alias1.0.3-1

font-bh-dpi1001.0.2-1

font-bh-dpi75 1.0.2-1

font-bitstream-dpi100 1.0.2-1

font-bitstream-dpi75  1.0.2-1

font-cursor-misc  1.0.2-1

font-encodings1.0.4-1

font-micro-misc   1.0.2-1

font-misc-cyrillic1.0.2-1

font-misc-misc1.1.1-1

font-screen-cyrillic  1.0.3-1

font-sun-misc 1.0.2-1

font-util 1.2.0-1

font-winitzki-cyrillic1.0.2-1

font-xfree86-type11.0.3-1

fontconfig2.8.0-1

gamin 0.1.10-11

gawk  4.0.0-1

gcc-core  3.4.4-999

gcc-g++   3.4.4-999

gcc-mingw-core20050522-3

gcc-mingw-g++ 20050522-3

gdb   7.3.50-3

geoip 1.3.14-1

gettext   0.18.1.1-2

git   1.7.5.1-1

git-completion1.7.5.1-1

git-gui   1.7.5.1-1

git-oodiff20080328-2

gitk  1.7.5.1-1

grep  2.6.3-1

groff 1.20.1-2

gsettings-desktop-schemas 3.2.0-1

gzip  1.4-1

hexedit   1.2.12-2

indent2.2.11-1

ipc-utils 1.0-1

jadetex   3.13-1

less  444-1

libapr1   1.4.5-1

libaprutil1   1.3.12-1

libattr1  2.4.43-1

libblkid1 2.17.2-1

libbz2_1  1.0.6-2

libcharset1   1.14-2

libcurl4  7.22.0-2

libdb4.5  4.5.20.2-2

libdbus1_31.4.16-1

libedit0  20090923-1

libexpat1 2.0.1-1

libfam0   0.1.10-11

libffi4   4.5.3-3

libfontconfig12.8.0-1

libfontenc1   1.1.0-1

libfreetype6  2.4.7-1

libgcc1   4.5.3-3

libgcrypt11   1.4.6-1

libgdbm4  1.8.3-20

libGL1