Re: Is CRL verification automatic in openSSL?
Hi, On further investigation, we have found that the addition of the following piece of code enables the CRL checking. X509_STORE *store = getStore(); // Enable CRL checking X509_VERIFY_PARAM *param = X509_VERIFY_PARAM_new(); X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK); X509_STORE_set1_param(store, param); X509_VERIFY_PARAM_free(param); And it is also clear that we need to use SSL_CTX_load_verify_locations() is required to be used to load CA certificate + CRL concatenated into a PEM file.(Alternatively CAPath also, but we did not try that yet). I guess my problems are solved for now. If you guys have any comments on this, please let me know. Otherwise you can ignore the previous email. Regds, Ashok On Wed, Mar 28, 2012 at 10:08 PM, Ashok C ash@gmail.com wrote: Hi, I am implementing CRL feature for my application and was doing a proof of concept using openSSL. Here is what I did: 1. I used openssl commands to generate a v3 root CA certificate and also the corresponding server certificate. 2. Now i revoked the server certificate using openssl commands. 3. First I tested this with the openSSL s_client and s_server. I understood from googling, that I need to use the -crl-check option in the s_client side to do the CRL validation and as instructed in the reference manual, I concatenated my CA certificate as well as the CRL into a single PEM file and passed it to openssl client in the -CAFile field. 4. Things went as expected and I got the error code for CRL validation failure. 5. Next step, I wanted to do the same for my sample SSL client and server. 6. Here, from my client side, I loaded the concatenated cert + crl into combined.pem and loaded it using 7. SSL_CTX_load_verify_locations(ctx,combined.pem,NULL). While doing the SSL connection, I found that the CRL _was not_ checked. (I understand now that this is NOT the API to set the CRL into verification paths) 8. Later, from further reading I understood that CRL check is not done by default and I need to add the CRL to the verification paths using X509 level APIs. ( http://stackoverflow.com/questions/4389954/does-openssl-automatically-handle-crls-certificate-revocation-lists-now ) X509_STORE *store = getStore(); // Enable CRL checking X509_VERIFY_PARAM *param = X509_VERIFY_PARAM_new(); X509_VERIFY_PARAM_set_flags(param, X509_V_FLAG_CRL_CHECK); X509_STORE_set1_param(store, param); X509_VERIFY_PARAM_free(param); I am going to try this out now, but before that , wanted to check with the community: - If the way I am proceeding is correct? - Are there any other simpler ways to do this? - What would be best approach to follow for CRL checking enabling? - Are there any SSL_CTX level APIs for this now? I am using openssl version openssl-0.9.8r(Also wanted to know if this behaviour has changed in higher versions of openssl) Thanks in advance! Regds, Ashok
Re: How to do encryption using AES in Openssl
On Thu, Mar 29, 2012, Prashanth kumar N wrote: Thanks Marek. I will try the attached code in the attached files. In many of the examples i have come across, i see IV is always being. Is it not possible to use this API by setting IV to NULL? (As i understand for CBC IV is a must) . In AES_Encrypt(), we don't use IV. Does this mean this does stream ciphering (byte by byte)? The IV should be random and must be set to the same value on encrypt and decrypt. The information isn't security sensitive and can be sent in plain text. If you use AES_encrypt you're effectively using ECB mode. Does any one know if Openssl supports AES-XTS? Reason is we are exploring to see if we can employ this. When i Googled, i did see some change request log which said AES-XTS has been added to Openssl in v1.1.0 which i am not able to find for download... Any idea on this? XTS mode is very new and only supported in OpenSSL 1.0.1 and later. You use EVP_CIPHER functions EVP_aes_128_xts() and EVP_aes_256_xts(). Note that the key length is double that for nomal AES. You can get the key length of any cipher (provided you use EVP) using EVP_CIPHER_key_length(). Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to do encryption using AES in Openssl
On 3/29/2012 1:40 AM, Prashanth kumar N wrote: Thanks Ken for pointing out the mistake... after changing to AES_Decrypt(), it worked but i still see issue when i print the decrypted output as it has extra non-ascii characters in it. That's what happens in C if you try to printf an array that's not NUL terminated. The printf just keeps going, right past the end of the buffer, until it either hits a \0 or segfaults. You encrypted 16 bytes, not nul terminated, decrypted to the same 16 bytes, then pretended that it was nul terminated and tried to printf. Below is the input unsigned char text[]=test12345678abc2; After decryption, i get the following string: Decrypted o/p: test12345678abc2Ȳu�z�B�����A��S�� Few questions... 1. If we use AES, will decrypted files have same number of bytes as encrypted file? (I assume it should be same) It depends on the mode and padding scheme. Some (CTR, OFB) don't pad, some (CFC) do pad. If you're just playing, fine. But if this is a real product you're designing, you shouldn't be asking this question. It's time to hire a crypto expert. Otherwise, your product will be insecure. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to do encryption using AES in Openssl
Stephen, Does it mean we can't use AES without IV ? As per XTS support in Openssl, i find the following function but don't see any implementation for the same AES_xts_encrypt(). I found the below link form which what i understand is new file called e_aes_xts.c should be present... am i missing something? lpermalink.gmane.org/gmane.comp.encryption.openssl.devel/18755 On Thu, Mar 29, 2012 at 4:07 PM, Dr. Stephen Henson st...@openssl.orgwrote: On Thu, Mar 29, 2012, Prashanth kumar N wrote: Thanks Marek. I will try the attached code in the attached files. In many of the examples i have come across, i see IV is always being. Is it not possible to use this API by setting IV to NULL? (As i understand for CBC IV is a must) . In AES_Encrypt(), we don't use IV. Does this mean this does stream ciphering (byte by byte)? The IV should be random and must be set to the same value on encrypt and decrypt. The information isn't security sensitive and can be sent in plain text. If you use AES_encrypt you're effectively using ECB mode. Does any one know if Openssl supports AES-XTS? Reason is we are exploring to see if we can employ this. When i Googled, i did see some change request log which said AES-XTS has been added to Openssl in v1.1.0 which i am not able to find for download... Any idea on this? XTS mode is very new and only supported in OpenSSL 1.0.1 and later. You use EVP_CIPHER functions EVP_aes_128_xts() and EVP_aes_256_xts(). Note that the key length is double that for nomal AES. You can get the key length of any cipher (provided you use EVP) using EVP_CIPHER_key_length(). Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to do encryption using AES in Openssl
Bit confusing... are you saying that i need to add NULL termination at the end of encrypted data? Isn't this wrong? I assume i shouldn't be NULL terminating the input string which needs to be encrypted. On Thu, Mar 29, 2012 at 7:10 PM, Ken Goldman kgold...@us.ibm.com wrote: On 3/29/2012 1:40 AM, Prashanth kumar N wrote: Thanks Ken for pointing out the mistake... after changing to AES_Decrypt(), it worked but i still see issue when i print the decrypted output as it has extra non-ascii characters in it. That's what happens in C if you try to printf an array that's not NUL terminated. The printf just keeps going, right past the end of the buffer, until it either hits a \0 or segfaults. You encrypted 16 bytes, not nul terminated, decrypted to the same 16 bytes, then pretended that it was nul terminated and tried to printf. Below is the input unsigned char text[]=test12345678abc2; After decryption, i get the following string: Decrypted o/p: test12345678abc2Ȳu�z�B��� ��A��S�� Few questions... 1. If we use AES, will decrypted files have same number of bytes as encrypted file? (I assume it should be same) It depends on the mode and padding scheme. Some (CTR, OFB) don't pad, some (CFC) do pad. If you're just playing, fine. But if this is a real product you're designing, you shouldn't be asking this question. It's time to hire a crypto expert. Otherwise, your product will be insecure. My requirement is mainly to support AES XTS but the reason for asking the above question was to understand if their is addition of extra bytes to encrypted data as it might consume more space when written to a drive... does my question make sense? __**__**__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to do encryption using AES in Openssl
Hello, If your data to encrypt is not exactly 16 bytes (AES block length), you should add block padding before encryption and remove padding after decryption. In your case you have string virident (8bytes), you should add 16-8=8 bytes of padding before encryption (fill last 8 bytes with value 8). After decryption remove last 8 bytes (filed with value 8). For printf() you may fill this last 8 bytes to 0. Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 03/29/2012 04:02:17 PM: Prashanth kumar N prashanth.kuma...@gmail.com Sent by: owner-openssl-us...@openssl.org 03/29/2012 04:03 PM Please respond to openssl-users@openssl.org To openssl-users@openssl.org cc Subject Re: How to do encryption using AES in Openssl Bit confusing... are you saying that i need to add NULL termination at the end of encrypted data? Isn't this wrong? I assume i shouldn't be NULL terminating the input string which needs to be encrypted. On Thu, Mar 29, 2012 at 7:10 PM, Ken Goldman kgold...@us.ibm.com wrote: On 3/29/2012 1:40 AM, Prashanth kumar N wrote: Thanks Ken for pointing out the mistake... after changing to AES_Decrypt(), it worked but i still see issue when i print the decrypted output as it has extra non-ascii characters in it. That's what happens in C if you try to printf an array that's not NUL terminated. The printf just keeps going, right past the end of the buffer, until it either hits a \0 or segfaults. You encrypted 16 bytes, not nul terminated, decrypted to the same 16 bytes, then pretended that it was nul terminated and tried to printf. Below is the input unsigned char text[]=test12345678abc2; After decryption, i get the following string: Decrypted o/p: test12345678abc2Ȳu�z�B��� ��A��S�� Few questions... 1. If we use AES, will decrypted files have same number of bytes as encrypted file? (I assume it should be same) It depends on the mode and padding scheme. Some (CTR, OFB) don't pad, some (CFC) do pad. If you're just playing, fine. But if this is a real product you're designing, you shouldn't be asking this question. It's time to hire a crypto expert. Otherwise, your product will be insecure. My requirement is mainly to support AES XTS but the reason for asking the above question was to understand if their is addition of extra bytes to encrypted data as it might consume more space when written to a drive... does my question make sense? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to do encryption using AES in Openssl
Thanks Marek. If i select CBC mode encryption and i have data which is not aligned to block, i assume padding will be taken by the API's itself. -Prashanth On Thu, Mar 29, 2012 at 7:50 PM, marek.marc...@malkom.pl wrote: Hello, If your data to encrypt is not exactly 16 bytes (AES block length), you should add block padding before encryption and remove padding after decryption. In your case you have string virident (8bytes), you should add 16-8=8 bytes of padding before encryption (fill last 8 bytes with value 8). After decryption remove last 8 bytes (filed with value 8). For printf() you may fill this last 8 bytes to 0. Best regards, -- Marek Marcola marek.marc...@malkom.pl owner-openssl-us...@openssl.org wrote on 03/29/2012 04:02:17 PM: Prashanth kumar N prashanth.kuma...@gmail.com Sent by: owner-openssl-us...@openssl.org 03/29/2012 04:03 PM Please respond to openssl-users@openssl.org To openssl-users@openssl.org cc Subject Re: How to do encryption using AES in Openssl Bit confusing... are you saying that i need to add NULL termination at the end of encrypted data? Isn't this wrong? I assume i shouldn't be NULL terminating the input string which needs to be encrypted. On Thu, Mar 29, 2012 at 7:10 PM, Ken Goldman kgold...@us.ibm.com wrote: On 3/29/2012 1:40 AM, Prashanth kumar N wrote: Thanks Ken for pointing out the mistake... after changing to AES_Decrypt(), it worked but i still see issue when i print the decrypted output as it has extra non-ascii characters in it. That's what happens in C if you try to printf an array that's not NUL terminated. The printf just keeps going, right past the end of the buffer, until it either hits a \0 or segfaults. You encrypted 16 bytes, not nul terminated, decrypted to the same 16 bytes, then pretended that it was nul terminated and tried to printf. Below is the input unsigned char text[]=test12345678abc2; After decryption, i get the following string: Decrypted o/p: test12345678abc2Ȳu�z�B��� ��A��S�� Few questions... 1. If we use AES, will decrypted files have same number of bytes as encrypted file? (I assume it should be same) It depends on the mode and padding scheme. Some (CTR, OFB) don't pad, some (CFC) do pad. If you're just playing, fine. But if this is a real product you're designing, you shouldn't be asking this question. It's time to hire a crypto expert. Otherwise, your product will be insecure. My requirement is mainly to support AES XTS but the reason for asking the above question was to understand if their is addition of extra bytes to encrypted data as it might consume more space when written to a drive... does my question make sense? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to do encryption using AES in Openssl
On Thu, Mar 29, 2012, Prashanth kumar N wrote: Thanks Marek. If i select CBC mode encryption and i have data which is not aligned to block, i assume padding will be taken by the API's itself. Only if you use EVP. For low level APIs you have to manually add and remove padding. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: How to do encryption using AES in Openssl
From: owner-openssl-us...@openssl.org On Behalf Of Prashanth kumar N Sent: Thursday, 29 March, 2012 10:02 Bit confusing... are you saying that i need to add NULL termination at the end of encrypted data? Isn't this wrong? I assume i shouldn't be NULL terminating the input string which needs to be encrypted. That's not what he said. See below. On Thu, Mar 29, 2012 at 7:10 PM, Ken Goldman kgold...@us.ibm.com wrote: On 3/29/2012 1:40 AM, Prashanth kumar N wrote: Thanks Ken for pointing out the mistake... after changing to AES_Decrypt(), it worked but i still see issue when i print the decrypted output as it has extra non-ascii characters in it. That's what happens in C if you try to printf an array that's not NUL terminated. The printf just keeps going, right past the end of the buffer, until it either hits a \0 or segfaults. You encrypted 16 bytes, not nul terminated, decrypted to the same 16 bytes, then pretended that it was nul terminated and tried to printf. This is partly wrong. The input actually was nul-terminated, because unsigned char text[]=test12345678abc2; allocates 17 bytes. If you had used printf %s on that input, it would have worked. But the termination wasn't needed for AES_Encrypt which takes exactly 16 bytes (one block) and ignores any more. In general crypto routines like OpenSSL work on arbitrary bytes with explicit lengths or fixed length like here, not using nul-termination. *Sometimes* plaintext is actually human-readable or otherwise printable characters, but sometimes it isn't, and (modern) ciphertext never is. Similarly AES_Encrypt gives and AES_Decrypt takes exactly 16 bytes, as you did correctly, and AES_Decrypt gives exactly 16 bytes. So far so good. But those 16 bytes don't include a nul-terminator, and aren't followed by one in the same array, so when you use printf %s which *requires* a nul-terminated string, it screws up. Similarly if you used other C string functions like strcpy() strlen(). There are ways in C to handle character arrays that aren't nul-terminated. In this case you could use: printf (Decrypted: %.16s\n, decrypted); which prints until nul OR 16 chars whichever is hit first. But usually in C it's easiest to follow the beaten path and use nul-termination. To do that you need to decrypt into an array of *17* unsigned chars and set decrypted[16] = 0. Or if you prefer, decrypt into an array of 16 bytes, then memcpy() that to an array of 17 bytes where you add the nul-terminator. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org