Re: How to verify that DH private and public key have been generated ?
I have to use DH structure ( I have no choice ). So I 'll try EVP_PKEY_new()
as Dr. Henson said.
However I 'd like to learn and understand how to verify if DH_generate_key(
) has really set pbkey and pvkey.
ikuzar.
2011/3/24 Mike Mohr akih...@gmail.com
ikuzar,
I'm sorry to be blunt, but if you don't understand what I'm saying
then you shouldn't be writing code that deals with low-level
cryptographic objects/primitives. See the recent revelations from
Sony and Nokia for why: even multinational corporations with hundreds
of specialist developers can all too easily ship epic failboat code.
As Dr. Henson has already pointed out you should use the subroutines
that OpenSSL provides to you.
On Wed, Mar 23, 2011 at 4:50 PM, ikuzar razuk...@gmail.com wrote:
I do not understand what you mean.
1) I tried to print data's size returned by i2d_DHparams(const_dh,
dhbuf); without computing private nor public key. I have got 138 bytes.
Then I remade the same operation but I had computed private and public
key
using DH_generate_key(dh);
and I have still got 138 bytes ...it seems to be odd for me, because I
think
dh's size must be greater after computing keys.
2) I tried the following check before and after computing keys :
if (dh-priv_key == NULL)
printf(\n1)dh-priv_key is NULL\n);
else
printf(\n1)dh-priv_key is not NULL\n);
Before computing key, I have got priv_key is NULL. After computing,
priv_key
is not NULL
I 'm wondering what happens... could you tell me more about bit counting
? I
do not understand The private and public keys should be similar in size
to
p.
Thanks for your help.
2011/3/23 Mike Mohr akih...@gmail.com
Try checking the bit count of the structure members. The private and
public keys should be similar in size to p.
On Mar 23, 2011 10:27 AM, ikuzar razuk...@gmail.com wrote:
Hello,
I 'd like to know how to verify that DH private and public key have
been
generated ?
In my DH struct, p and g had been generated with commands line (
openssl
dhparam... )
struct
{
BIGNUM *p; // prime number (shared)
BIGNUM *g; // generator of Z_p (shared)
BIGNUM *priv_key; // private DH value x
BIGNUM *pub_key; // public DH value g^x
// ...
};
DH
Priv_key and pub_key are generated later with DH_generate_key(dh).
I would like verify if DH_generate_key( ) has generated the priv_key (
an
human proof, example by using DHparams_print_fp(fp, dh ); ) I used
this
function but it did not print private key into file pointed by fp.
Thanks for your help.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
accept:Too many open files
Hi,
I'm struggling to write a simple forking server. What I have works but
eventually crashes with the following messages:
Error in connection
9130:error:02008018:system library:accept:Too many open files:b_sock.c:735:
9130:error:20065064:BIO routines:BIO_accept:accept error:b_sock.c:736:
Here is an abridged code snippet:
8--
sbio = BIO_push(bbio, sbio);
acpt=BIO_new_accept(4433);
BIO_set_accept_bios(acpt,sbio);
/* Setup accept BIO */
if(BIO_do_accept(acpt) = 0) {
return 0;
}
/* Now wait for incoming connection */
while(1) {
if(BIO_do_accept(acpt) = 0) {
return 0;
}
sbio = BIO_pop(acpt);
pid = fork ();
if (pid == 0) { // child process (works fine)
if(BIO_do_handshake(sbio) = 0) {
return 0;
}
BIO_puts(sbio, Hello\r\n);
BIO_flush(sbio);
BIO_free_all(sbio);
exit (0);
} else {// parent process (eventually crashes after
many connections)
// - What must I do here, if anything to
free memory, etc ?
}
}
BIO_free_all(acpt);
8--
I have a simple client to connect to it, but if I connect enough times,
the server code (above) eventually crashes with the errors shown above.
I think that the problem is that after it forks, the parent process
should release some resource, but I don't understand the BIO_* interface
well enough to know what to do.
I would really appreciate any help, as I'm totally stuck here.
Many thanks,
Thomas
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: How to verify that DH private and public key have been generated ?
When I try to computed shared key with DH_compute_key, I have got error :
error:05066064:Diffie-Hellman routines:COMPUTE_KEY:no private value.
Could you tell me what should I do to fix this problem ?
( I 'll try EVP_PKEY later ).
Thanks.
2011/3/24 ikuzar razuk...@gmail.com
I have to use DH structure ( I have no choice ). So I 'll try
EVP_PKEY_new() as Dr. Henson said.
However I 'd like to learn and understand how to verify if DH_generate_key(
) has really set pbkey and pvkey.
ikuzar.
2011/3/24 Mike Mohr akih...@gmail.com
ikuzar,
I'm sorry to be blunt, but if you don't understand what I'm saying
then you shouldn't be writing code that deals with low-level
cryptographic objects/primitives. See the recent revelations from
Sony and Nokia for why: even multinational corporations with hundreds
of specialist developers can all too easily ship epic failboat code.
As Dr. Henson has already pointed out you should use the subroutines
that OpenSSL provides to you.
On Wed, Mar 23, 2011 at 4:50 PM, ikuzar razuk...@gmail.com wrote:
I do not understand what you mean.
1) I tried to print data's size returned by i2d_DHparams(const_dh,
dhbuf); without computing private nor public key. I have got 138
bytes.
Then I remade the same operation but I had computed private and public
key
using DH_generate_key(dh);
and I have still got 138 bytes ...it seems to be odd for me, because I
think
dh's size must be greater after computing keys.
2) I tried the following check before and after computing keys :
if (dh-priv_key == NULL)
printf(\n1)dh-priv_key is NULL\n);
else
printf(\n1)dh-priv_key is not NULL\n);
Before computing key, I have got priv_key is NULL. After computing,
priv_key
is not NULL
I 'm wondering what happens... could you tell me more about bit counting
? I
do not understand The private and public keys should be similar in size
to
p.
Thanks for your help.
2011/3/23 Mike Mohr akih...@gmail.com
Try checking the bit count of the structure members. The private and
public keys should be similar in size to p.
On Mar 23, 2011 10:27 AM, ikuzar razuk...@gmail.com wrote:
Hello,
I 'd like to know how to verify that DH private and public key have
been
generated ?
In my DH struct, p and g had been generated with commands line (
openssl
dhparam... )
struct
{
BIGNUM *p; // prime number (shared)
BIGNUM *g; // generator of Z_p (shared)
BIGNUM *priv_key; // private DH value x
BIGNUM *pub_key; // public DH value g^x
// ...
};
DH
Priv_key and pub_key are generated later with DH_generate_key(dh).
I would like verify if DH_generate_key( ) has generated the priv_key
(
an
human proof, example by using DHparams_print_fp(fp, dh ); ) I used
this
function but it did not print private key into file pointed by fp.
Thanks for your help.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
RE: Windows CE and FIPS
Dr. Stephen Henson wrote: On Wed, Mar 23, 2011, Greaves, Ed (GE Healthcare) wrote: On Wed, Mar 23, 2011, Greaves, Ed (GE Healthcare) wrote: Any plans for the OpenSSL FIPS module to support Windows CE? What is the issue preventing this? Well it can't be added to the existing module due to the rule change at the start of 2011. A new validation is underay but so far no sponsor has expressed an interest in Windows CE. For more details see: http://www.openssl.org/docs/fips/fipsvalidation.html Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Thanks, this is helpful. Is the plan still to support only Linux on ARM? Ah I see that needs updating. Linux on ARM was he initial platform. The additional platforms mentioned in the Sponsors list are also included. So far no one has sponsored Windows CE. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org So no support is currently planned for Linux x86 (32-bit)? That seems like a gaping exclusion. -Ryan __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Windows CE and FIPS
ryan.sm...@gdc4s.com wrote: ... So no support is currently planned for Linux x86 (32-bit)? That seems like a gaping exclusion. Yes, it is. Among others... -Steve M. -- Steve Marquess The OpenSSL Software Foundation, Inc. 1829 Mount Ephraim Road Adamstown, MD 21710 USA +1 877-673-6775 marqu...@opensslfoundation.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Client certificate chains
From: owner-openssl-us...@openssl.org On Behalf Of plot.lost Sent: Tuesday, 22 March, 2011 02:12 On 22/03/2011 09:24, Crypto Sal wrote: Me thinks they don't understand Client Authentication/Digital Certificates. The server doesn't typically need to verify up to the root, they provide a list of acceptable client CA names during the handshake. Yes and no. The server MAY specify desired client CAs in CertRequest, but OpenSSL client ignores this and uses whatever is configured as own key+cert. OpenSSL *server* can easily be misconfigured to solicit client certs that it doesn't trust and vice versa. And what any verifier does is its own choice. OpenSSL as verifier does always verify up to root, even if an intermediate CA cert is in the truststore; there have been several discussions in the past few months (here or -dev, I forget) about whether this is good. I'm using a CAfile that has all of the certificates in - as far as I am aware that makes openssl trust these certificates. CAfile is for you=client trusting the server, which is completely separate from the server trusting you. Do you have them in reverse hierarchy when using '-CAfile' ?(Intermediate(s) to Root) I have seem some systems/programs flip out because certificates were out of order. Yes, they are in the usual order, with root as the final cert. -CAfile/load_verify_locations order doesn't matter. use_certificate_chain_file, for the certs you=client send to the server, order does or at least may matter. Those running the server are the ones that signed the client certificate and provided the CA and Root certificates that are in use. Okay, then they really should be trusting themselves! == Info: SSLv3, TLS handshake, Server finished (14): = Recv SSL data, 4 bytes (0x4) : 0e 00 00 00 == Info: SSLv3, TLS handshake, Client key exchange (16): = Send SSL data, 102 bytes (0x66) : 10 00 00 62 00 60 45 1d e4 bd 03 4e bb 10 f1 04 ...b.`EN 0010: 72 4f 1f 2d 0e ea 7d d4 37 ee 4b a0 3f 27 33 26 rO.-..}.7.K.?'3 0020: 33 10 06 82 4b 66 c0 ca aa 14 68 6a f8 00 0d 89 3...Kfhj 0030: 17 92 4e ed 84 eb 82 52 e8 59 39 fe 81 4b 7c 10 ..NR.Y9..K|. 0040: e7 db 6e 54 2c 4e de 34 ff 8f 11 8e 5d 3e 5d e3 ..nT,N.4]]. 0050: 41 09 b4 06 36 78 cd 4b 33 c2 ce e4 06 a4 19 97 A...6x.K3... 0060: 5d bf 88 69 02 c8 ]..i.. == Info: SSLv3, TLS change cipher, Client hello (1): = Send SSL data, 1 bytes (0x1) : 01 . == Info: SSLv3, TLS handshake, Finished (20): = Send SSL data, 16 bytes (0x10) : 14 00 00 0c 94 4e 6d 82 d8 f2 8b a0 0f 30 61 b3 .Nm..0a. == Info: SSLv3, TLS alert, Server hello (2): = Recv SSL data, 2 bytes (0x2) : 02 50 .P == Info: error:14094438:SSL routines:SSL3_READ_BYTES:tlsv1 alert internal error == Info: Closing connection #0 I don't think they list any specific ca as part of the client cert requests, I think they rely on the client providing a full certificate As I said before, they *must* be configured with at least the root(s). They *cannot* trust (and must ignore) any root the client supplies. You must always supply your user cert, and prove its key. Whether you need to supply any intermediate certs (between you and root) varies. chain and they then validate that using some other method. It seems that for some reason openssl is not sending any certificate to them. Yes, you=client is definitely not sending the Cert (and CertVerify). Are you sure the server is sending the CertRequest? It should be just BEFORE the server finished (handshake 20 is really server_done). If the server doesn't send CertRequest, OpenSSL client mustn't and doesn't send any cert, and DOESN'T treat this as an error. Ooh, one thing I forgot before: does the TYPE of your key (in privatekey file and your cert) -- RSA, DSA/DH, ECDSA/DH -- match the negotiated ciphersuite? If not, OpenSSL musn't and won't use the cert for client auth. (And if the server demands client auth, it will reject, although as I have said before, internal error is a poor way for it to do so.) If the server is configured to agree to many (or all?) ciphers (and servers often are) you may need to _set_cipher_list to a more restricted set, or at least an ordering which puts your preference first. This seems to be something specific to TLS1.1 - see: http://lists.foaf-project.org/pipermail/foaf-protocols/2009-Fe bruary/000264.html Not really. This is only if you *don't* have a requested cert, and IIRC the change is to send a Cert message with no cert (zero-length sequence) as opposed to no Cert message at all. The semantics, and the resulting trust decision, is the same. __ OpenSSL Project
RE: Windows CE and FIPS
From: ryan.sm...@gdc4s.com Dr. Stephen Henson wrote: On Wed, Mar 23, 2011, Greaves, Ed (GE Healthcare) wrote: On Wed, Mar 23, 2011, Greaves, Ed (GE Healthcare) wrote: Any plans for the OpenSSL FIPS module to support Windows CE? What is the issue preventing this? Well it can't be added to the existing module due to the rule change at the start of 2011. A new validation is underay but so far no sponsor has expressed an interest in Windows CE. For more details see: http://www.openssl.org/docs/fips/fipsvalidation.html Thanks, this is helpful. Is the plan still to support only Linux on ARM? Ah I see that needs updating. Linux on ARM was he initial platform. The additional platforms mentioned in the Sponsors list are also included. So far no one has sponsored Windows CE. So no support is currently planned for Linux x86 (32-bit)? That seems like a gaping exclusion. You'd think so, but if no-one is interested enough to stump up the money to make it happen then perhaps it isn't.__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
What Random Number Generator OpenSSL uses on Windows Platform?
What Random Number Generator(RNG) OpenSSL uses on Windows Platform? And if it is own, how does it work? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
(DH) how to send dh-pub_key to peer
Hello, I 'd like to know how to send dh-pub_key to peer ? I know that to send const DH* const_dh, I have to convert it into pem format like this i2d_DHparams(const_dh, dhbuf);, then I send dhbuf. But to send only dh-pub_key, I did not find any function to convert it into PEM ... Thanks for your help.
Re: (DH) how to send dh-pub_key to peer
ikuzar, You cannot send the public key to a peer as-is. The DH structure contains bignums which must be serialized prior to transmission. Do you understand that DH is subject to a MITM attack unless the messages are signed or encrypted somehow? If you insist on using the low-level objects, I'd suggest you read the following book first: http://www.amazon.com/Information-Security-Principles-Mark-Stamp/dp/0471738484 On Thu, Mar 24, 2011 at 5:35 PM, ikuzar razuk...@gmail.com wrote: Hello, I 'd like to know how to send dh-pub_key to peer ? I know that to send const DH* const_dh, I have to convert it into pem format like this i2d_DHparams(const_dh, dhbuf);, then I send dhbuf. But to send only dh-pub_key, I did not find any function to convert it into PEM ... Thanks for your help. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
