Re: Problem changing key/iv on a CIPHER bio
This isn't something I've had to do personally however... It's not something I've wanted to do... Popping and pushing the BIO should work provided you get it right. For this to work properly of course you need change keys and IVs only after a multiple of the block length has been sent, otherwise data will be lost and possibly internal buffering could spoil you whole day due to synchronisation errors. Yes, everything up to that point was sent in full block increments. In fact synchronisation may well be a problem because when using padding the EVP routines need to buffer a whole block on decrypt so that the block padding check works. So when you read data from the end BIO in the chain it will typically have internally buffered the next block using the current key/IV. I've done my best to be sure that there's nothing sent or left over to be buffered. And if I remove and destroy that bio, I'd hope that it takes any buffered data with it. In OpenSSL 0.9.7X you can disable padding using the EVP API, that is the preferred method because the internal buffering no longer occurs. You need to retrieve the EVP_CIPHER_CTX structure from the BIO to do that, see the 0.9.7 manual pages for precise details. Hmmn. Not a bad plan - I'll check into that. -- Brian Hatch You don't frighten easily. Systems and I work for Ambassador Security Engineer Mollari. After a while http://www.ifokr.org/bri/ nothing bothers you. Every message PGP signed pgp0.pgp Description: PGP signature
Problem changing key/iv on a CIPHER bio
I want to be able to change the key and iv on a connection that is already established. Currently I just have a simple socket BIO and cipher BIO chained together. (Cipher is EVP_bf_cbc() currently.) The connection should look like this: 1) client connects to server 2) set both client and server to use key/iv foo/bar 3) send some data 4) set both client and server to use new key/iv one/two 5) send more data #1 through #3 are working fine, I can easily verify that the data sent is what I recieve. It's #4 and #5 that seem to be failing. Doing doing operation #4 above is clearly what I need to fix. I've tried: * calling BIO_set_cipher on the cipher BIO directly. * removing the cipher BIO and adding a new one with the correct key/iv to the socket BIO. * calling BIO_flush on the chain before using any of the previous two changes, discarding any padding bytes from the BIO_flush. I'm doing the same thing on both ends, of course - it would never work to change the key on client and not server and expect things to work. This is unidirectional data flow -- the server never sends any data to the client. Any quick ideas where my brain or code is failing me? -- Brian Hatch LLooccall EEcchhoo iiss Systems anduunnddeeaatteedd. Security Engineer http://www.ifokr.org/bri/ Every message PGP signed pgp0.pgp Description: PGP signature
Re: Problem changing key/iv on a CIPHER bio
On Thu, Mar 13, 2003, Brian Hatch wrote: I want to be able to change the key and iv on a connection that is already established. Currently I just have a simple socket BIO and cipher BIO chained together. (Cipher is EVP_bf_cbc() currently.) The connection should look like this: 1) client connects to server 2) set both client and server to use key/iv foo/bar 3) send some data 4) set both client and server to use new key/iv one/two 5) send more data #1 through #3 are working fine, I can easily verify that the data sent is what I recieve. It's #4 and #5 that seem to be failing. Doing doing operation #4 above is clearly what I need to fix. I've tried: * calling BIO_set_cipher on the cipher BIO directly. * removing the cipher BIO and adding a new one with the correct key/iv to the socket BIO. * calling BIO_flush on the chain before using any of the previous two changes, discarding any padding bytes from the BIO_flush. I'm doing the same thing on both ends, of course - it would never work to change the key on client and not server and expect things to work. This is unidirectional data flow -- the server never sends any data to the client. Any quick ideas where my brain or code is failing me? This isn't something I've had to do personally however... Popping and pushing the BIO should work provided you get it right. For this to work properly of course you need change keys and IVs only after a multiple of the block length has been sent, otherwise data will be lost and possibly internal buffering could spoil you whole day due to synchronisation errors. In fact synchronisation may well be a problem because when using padding the EVP routines need to buffer a whole block on decrypt so that the block padding check works. So when you read data from the end BIO in the chain it will typically have internally buffered the next block using the current key/IV. In OpenSSL 0.9.7X you can disable padding using the EVP API, that is the preferred method because the internal buffering no longer occurs. You need to retrieve the EVP_CIPHER_CTX structure from the BIO to do that, see the 0.9.7 manual pages for precise details. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
