Hi!
> The reason is that so far it was
> reserved for occasion like this, i.e. when somebody requests it and puts
> effort into testing it in real-life application:-) Can we do that?
I did it.
Added to crypto/cryptlib.c:
# ifndef OPENSSL_DISABLE_ATOMIC_ADD_INTERNAL
int OPENSSL_atomic_add(int
On 12 October 2015 at 12:08, Matt Caswell via RT wrote:
> Are you using your new GOST
> engine or the one currently in master?
>
Sorry to come in in the middle, but where to get that new GOST engine, that
is not on master now?
Is it on some other branch?
On 12 October 2015 at 12:08, Matt Caswell via RT wrote:
> Are you using your new GOST
> engine or the one currently in master?
>
Sorry to come in in the middle, but where to get that new GOST engine, that
is not on master now?
Is it on some other branch?
This is something I would like to be contributed to OpenSSL.
Sure, I'm talking about new engine and new files.
And I agree that using the same license as OpenSSL itself would be the best
solution.
But, if for some reasons licensing of it will be possible under Apache v2
only - what issues could
Hello,
Let's imagine someone develop extension module to OpenSSL, and release it
under Apache v2 license.
Do you see any possible issues with using this extension module as a part
of OpenSSL?
___
openssl-dev mailing list
openssl-dev@openssl.org
Hello,
As noted here:
https://groups.google.com/forum/#!topic/mailing.openssl.dev/Ng3xI7-xZ0E
all version of OpenSSL produce scary warning in nginx logs on every
connect, if GOST TLS used:
[alert] 25532#0: *28 ignoring stale global SSL error (SSL:
error:140DD112:SSL
Patch visible.
Thanks for contribution.
As to actual content - it is up to OpenSSL team.
But as to the style: comments of // type is not in OpenSSL code conventions.
If you redo them to /**/ way - it could speed-up processing.
On 13 November 2014 20:54, Alok Menghrajani via RT r...@openssl.org
Strange, but now on the same machine everything works fine.
Seems it was fluctuations of world ether...
On 21 September 2014 15:08, Andrey Kulikov via RT r...@openssl.org wrote:
# uname -a
Linux deb7 3.2.0-4-amd64 #1 SMP Debian 3.2.60-1+deb7u3 x86_64 GNU/Linux
# gcc --version
gcc-4.7.real
Strange, but now on the same machine everything works fine.
Seems it was fluctuations of world ether...
On 21 September 2014 15:08, Andrey Kulikov via RT r...@openssl.org wrote:
# uname -a
Linux deb7 3.2.0-4-amd64 #1 SMP Debian 3.2.60-1+deb7u3 x86_64 GNU/Linux
# gcc --version
gcc-4.7.real
# uname -a
Linux deb7 3.2.0-4-amd64 #1 SMP Debian 3.2.60-1+deb7u3 x86_64 GNU/Linux
# gcc --version
gcc-4.7.real (Debian 4.7.2-5) 4.7.2
./config make make test
fails with following:
The following command should have some OK's and some failures
There are definitly a few expired certificates
Indeed,
Improved version of the patch are in:
[openssl.org #2937] Handshake performance degradation in 1.0.1 and up.
On 9 September 2014 21:16, Rich Salz via RT r...@openssl.org wrote:
From an internal review of the patch:
Contexts are meant to be reused and (for example) reusing the same
Indeed,
Improved version of the patch are in:
[openssl.org #2937] Handshake performance degradation in 1.0.1 and up.
On 9 September 2014 21:16, Rich Salz via RT r...@openssl.org wrote:
From an internal review of the patch:
Contexts are meant to be reused and (for example) reusing the same
The last patents for IDEA expired in 2012. Now it's free to use.
On 3 July 2014 21:24, Rich Salz via RT r...@openssl.org wrote:
As the changelog says for 0.9.8,
(IDEA remains enabled despite being patented. This is because IDEA
is frequently required for interoperability, and there is no
when I compile using the -DTEMP_GOST_TLS flag
What the reason to do it?
GOST TLS (at least that one what works) do not require this to be defined.
Дмитрий, а есть ли у вас планы по внедрению TLS, основанного на новых
ГОСТах, в OpenSSL ?
Сам собирался занятся этим в начале лета, после отпуска.
С вашей помощью, теперь, это совсем тривиально должно получиться.
Можно скооперироваться как-нибудь.
Если вы, конечно, всё сами не сделаете до этого.
Dmitriy,
Thanks for noticing!
I do not see it either - correcting myself. :-)
You are right - according to
http://tools.ietf.org/html/draft-chudov-cryptopro-cptls-04
CryptoProParamSetA is required in GOST TLS.
But only for content encryption.
Premaster secret encryption could use any other
Currently ccgost engine use configured params (s-boxes) when it works in
CFB mode only.
For CNT and IMITO parameters are hardcoded to Gost28147_CryptoProParamSetA
Supplied patch allow ccgost engine to really use parameters, specified
either in config file, or via engine API.
When nothing is
Hello Dmitry,
Thanks a lot for your commitment!
It would be good idea to add test cases for new functionality as well.
On 14 April 2014 23:52, Dmitry Olshansky via RT r...@openssl.org wrote:
It's been a bit over 2 years since the new Russian cryptography standard
is out.
RFCs 6986 and
Well...
With this check 'make test' fails with:
CMS = PKCS#7 compatibility tests
signed content DER format, RSA key: generation error
make[1]: *** [test_cms] Error 1
Can't reproduce that here. Anyone else seeing this?
I saw it on Debian 7 x64, gcc 4.7.2
But anyway, as *pcerts
What platform you are using, and what is the config parameters?
Can happens due to accidental editing of source file?
In 1.0.1g duplicated check for (!pcerts) where removed.
Had an impression that second appearance was check for (!*pcerts) (as in
all other functions).
Return it back.
Patch applied.
0001-Check-pcerts-for-NULL.patch
Description: Binary data
Well...
With this check 'make test' fails with:
CMS = PKCS#7 compatibility tests
signed content DER format, RSA key: generation error
make[1]: *** [test_cms] Error 1
On 14 April 2014 00:16, Andrey Kulikov amde...@gmail.com wrote:
In 1.0.1g duplicated check for (!pcerts) where removed.
Had
Got the same error on Linux, both x86 and x64, when tried to add following
lines to ./ssl/t1_enc.c@tls1_change_cipher_state:
ssl3_cleanup_key_block(s);
OPENSSL_cleanse(s-s3-read_mac_secret,
sizeof(s-s3-read_mac_secret));
OPENSSL_cleanse(s-s3-write_mac_secret,
EVP_MD_CTX_copy() also can fail due to external engine usage (including HW
engine).
In this case underlying work can be more complicated that memory allocation.
Descriptors shortage, amount of simultaneous contexts constraints, etc. Or
just bugs in engine code.
On 27 December 2013 21:39,
Dear Manuel,
Exciting news!
While your paper still unpublished, could you please advice, it there
anything even nearly similar possible for curves over primary fields?
(e.g. curves secp* )
Best regards,
Andrey
On 28 August 2013 09:06, Manuel Bluhm via RT r...@openssl.org wrote:
Hello all,
Please find attached patch, introducing two new options for s_server:
one specify maximum number of connections s_server will accept. It will
exit clearly after completing last connection
the other tells s_server to show each completed connection duration and
data transfer rate.
These options
On 11 December 2012 04:00, Stephen Henson via RT r...@openssl.org wrote:
I also notice that even the original HMAC version initialises two HMAC
contexts with the same key. That could be improved by initialising one
and copying the context across.
This kind of optimization can be also
Please find attached two patches, together implementing proper HMAC context
re-initialization instead of full re-creation.
In comparison to openssl-1.0.1c it gives ~10% handshake performance
improvements when some engine-specific MAC are used.
In order to apply patches use command
patch -p1 -i
I'm affraid flamegraphs for two different servers with two different
OpenSSL libraries without information about type of load it was collected
with and without any information other than smth. started spending much
more time than it was can not give much information about root cause for
the issue.
- for(n=0 ; n multi ; ++n)
+ for(n=0 ; n = multi ; ++n)
Isn't
|[0..n)| = n
and
|[0..n]| = n +1
?
I.e this patch will do one more iteration than expected?
Assume multi = 1, for example.
In my case, handshake rate drops down to 5-6% on the same hardware in 1.0.1c
in comparison to 1.0.0i.
I was wrong. Handshake performance degradation is about 10%.
First guilty function is EVP_DigestSignFinal what is perform copying of
supplied context.
When I replaces in tls1_P_hash()
In comparison to 1.0.0, in 1.0.1 the implementation of PRF have been
changed.
In order to supporf TLS 1.1/1.2 features, in file ssl/t1_enc.c, in function
tls_P_hash() calls to HMAC_Init/HMAC_Update/HMAC_Final where replaced by
EVP_DigestSignInit/EVP_DigestSignUpdate/EVP_DigestSignFinal.
As a
issues in supplied patch - please let me know.
Best wishes,
Andrey Kulikov.
Hello,In v1.0.1 tls_P_hash() has been changed in comparison to early OpenSSL versions.Used hash objects is re-initializing during P_hash calculation.It looks harmless, but only until we come to hash objects, holding
Just noticing the wrong goto label in case of EVP_PKEY_CTX_ctrl() failue.
Please find attached corrected patch (gost_server_to_check_ukm_v2.patch)
On 17 April 2011 17:54, Andrey Kulikov amde...@gmail.com wrote:
According to this document:
http://tools.ietf.org/html/draft-chudov-cryptopro
Hi Fedor,
Thanks for valuable contribution!
About your second patch: could you please advice, what the intended way
to use BIO_TYPE_NO_EX_DATA in real-life applications?
For example TSL-server. Do you have any numbers on performance gain when
using this approach?
Hi,
OpenSSL enables zlib by default.
Could you please advice for what version and platform this is true?
openssl-1.0.1c for linux-elf
has no-zlib configured by default.
By convention the key size for ECC is given as the number of bits in the
order.
E.g. see table 3 in SEC 1.
Could you please provide a reference to document, defining this convention?
Unfortunatelly table 3 in section B.2.1 of SEC 1 (both v1 and v2) shows
only comparison of security level of
For ECC the key size is stated to be size of n in bits (where n is the
order).
'n' is an order of base point 'G' on EC - i.e. size of private key (what
should be in range [1; n-1]), not public.
Thus, I understand that it is a size of EC private key 'd', what shown in
table 3 in SEC 1.
Talking about the bit-length of the public key data is not particularly
helpful because it depends on whether it is in compressed format or not.
Sorry, but size of public key does not depends on size of it's
representation.
It can be compressed, Base64 encoded, etc., but it does not change size
As I said before it is convention when talking about a _key size_ to mean
the
number of bits in the order (i.e. the size of the private key).
If we talking about just 'key size', then yes, we assume private key size.
But I've never heard of convention to assume that for ECC public key size
is
Hello,
Let's generate certificate with ECDSA key over 256 bit field:
openssl ecparam -out key.pem -name prime256v1 -genkey
openssl req -newkey ec:key.pem -x509 -nodes -days 365 -keyout pkey.pem -out
cert.pem
Then part of output of
openssl x509 -text -in cert.pem
will be:
Subject
Using SSL_MODE_RELEASE_BUFFERS option can drop memory footprint from 50K to
around 5K per connection.
It is useful when we'll have big number of connections.
Also it may prevent excessive swapping.
On 7 April 2012 08:22, eric wang eric_x_w...@yahoo.com wrote:
Dear OpenSSL developers
We got a
On 16 December 2011 02:47, Andy Polyakov via RT r...@openssl.org wrote:
Attached patch fix the problem on cygwin.
Does it mean that you can in fact confirm that modified speed.c runs
without hanging?
Yes, modified speed.c, being compiled in the same Cygwin environment
as before, runs without
VisualStudio 2010
perl Configure VC-WIN32
ms\do_ms.bat
nmake -f ms\nt.mak
..
ml /nologo /Cp /coff /c /Cx /Zi /Fotmp32\vpaes-x86.obj
tmp32\vpaes-x86.asm
Assembling: tmp32\vpaes-x86.asm
tmp32\vpaes-x86.asm(491) : error A2070:invalid instruction operands
tmp32\vpaes-x86.asm(527) :
The same for SNAP-20111213
On 14 December 2011 19:54, Andrey Kulikov via RT r...@openssl.org wrote:
ml /nologo /Cp /coff /c /Cx /Zi /Fotmp32\vpaes-x86.obj
tmp32\vpaes-x86.asm
Assembling: tmp32\vpaes-x86.asm
tmp32\vpaes-x86.asm(491) : error A2070:invalid instruction operands
tmp32
.
As in addition, even if speed' do not hangs up, each group of block
calkulation MAY take significantly more than 3 sec...
On 14 December 2011 01:45, Andrey Kulikov via RT r...@openssl.org wrote:
Tested on two computers.
Both native (i.e. non-VM) Windows7 x64 Professional (without SP1).
One has E8600 CPU
downloaded 8G file via s_server from 1.0.1 snapshot 20111213 - works fine.
Using RC4-SHA chipthersuite.
__
OpenSSL Project http://www.openssl.org
Development Mailing List
Checked with 1.0.0e - the same problem.
speed hangs up with md4 md5 mdc2 and sha1, but works well with sha256
sha512 and whirlpool.
I downloaded 8G file via s_server from 1.0.1 snapshot 20111213 - works fine.
(using RC4-SHA chiphersuite)
Seems problem in speed' itself, or, as Andy mentioned -
Compiler might be
complaining about some small things, use your judgment to ignore
warnings or to make it compile.
It does complain! :-)
Attached patch fix the problem on cygwin.
Back-ported to 1.0.0e was not break native Win32 (32 bit, VS10) compilation.
spped_cygwin.patch
Description:
Verify http://cvs.openssl.org/chngview?cn=21845.
This patch helps!
Thanks a lot!
ml
Microsoft (R) Macro Assembler Version 10.00.30319.01
Copyright (C) Microsoft Corporation. All rights reserved.
Microsoft Assembler gets *very* limited testing and the official
standpoint is to favor nasm.
It does complain! :-)
Attached patch fix the problem on cygwin.
Does it mean that you can in fact confirm that modified speed.c runs
without hanging?
Yes, modified speed.c, being compiled in the same Cygwin environment
as before, runs without hanging for all hashes.
Interesting, why we do
Tested on two computers.
Both native (i.e. non-VM) Windows7 x64 Professional (without SP1).
One has E8600 CPU, the other is laptop with i5 mobile CPU.
Both has 8G RAM.
Both working stable for a monthes.
No abnormalities, no BSODs.
gcc version 3.4.4 (cygming special, gdc 0.12, using dmd 0.125)
OpenSSL 1.0.1 snaphot 20111211, compiled on Cygwin, no special config options.
gcc version 3.4.4 (cygming special, gdc 0.12, using dmd 0.125)
CPU Code2 Duo E8600
make tests shows:
../util/shlib_wrap.sh ./shatest
test 1 ok
test 2 ok
test 3 ok
../util/shlib_wrap.sh ./sha1test
test 1 ok
test 2 ok
The same behaviour is for other hashes: md4 md5 mdc2 and sha.
But not for sha256, sha512 and whirlpool - everything is ok with these hashes:
$ ./apps/openssl speed sha512 sha256 whirlpool
OpenSSL 1.0.1-dev xx XXX
built on: Tue Dec 13 08:14:31 RST 2011
options:bn(64,32) rc4(8x,mmx)
Can you reproduce it under cygwin gdb? I.e. 'gdb apps/openssl' and then
at gdb prompt 'run speed sha1'. If yes, ctrl-C and 'info threads'. Then
'cont', ctrl-C and 'info threads' few more times. Look at thread #1 at
all occasions. Where is it caught? Does program counter varies? If it's
Where is it caught?
Addentum: programm caught in different functions: I saw
OPENSSL_Cleanse(), EVP_DigestUpdate(), sha1_something and others.
I provided 'thread apply 1 info reg' only if it get caugth in
sha1_block_data_order_ssse3 ().
openssl was compiled with ./config -g
(gdb) info
Hello Michael,
I have tested youe patch.
It is working stable at least with ccgost engine (and without any
engine too, of cource).
Thanks for contribution!
Could you please describe, what was your test environmnet and test methodology?
How did you measure that doubling read/write speed? What
3) An accellerator device directly supports TLS/SSL record
encryption/decryption and the handshake operation itself.
We do many bus transactions to the accellerator (and
possibly system calls into the OS kernel) where we
could do one, doing every single basic cryptographic
operation
Hello,
Thanks for interesting contribution!
Unfortunately when I apply the patch s_server failed with SEGFAULT,
when using ccgost engine (and possibly others) here:
EVP_DigestSignFinal
if (sctx)
r = md_ctx_ptr-pctx-pmeth-signctx(md_ctx_ptr-pctx,
First of all - it is not a Microsoft bug.
This is bug in some products, who act as a TLS clients.
Second: what should I describe to customers? :-)
Their programms works with other server, by not with mine.
Is the question still valid?
:-)
On 1 July 2011 12:20, Ben Laurie via RT r...@openssl.org
Hello,
There is an option available:
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
Descroption laconicaly states:
When performing renegotiation as a server, always start a new session
(i.e., session resumption requests are only accepted in the initial
handshake). This option is not needed for
.
Would be really appreciated for any comments.
Best wishes,
Andrey
On 18 June 2011 15:58, Andrey Kulikov amde...@gmail.com wrote:
Hello,
There is an option available:
SSL_OP_NO_SESSION_RESUMPTION_ON_RENEGOTIATION
Descroption laconicaly states:
When performing renegotiation as a server
Hello,
I'm sure you'll get help faster, if you describe:
1. What are you doing exactly.
2. What do you see.
3. What do you expect to see.
This is absolutelly necessary steps, as all telepathist is on vacation now.
On 22 April 2011 15:50, N. J. nadh...@yahoo.com wrote:
Hi again,
I am not
Tim,
Seems that you miss to attach a file with actual patch...
On 12 April 2011 11:13, Tim Jackson via RT r...@openssl.org wrote:
When turning off various ciphers, OpenSSL doesn't always compile. The
attached patches fix various issues with OpenSSL when ciphers (particularly
RSA or DSA) are
I prefer more generic method similar to ENGINE_load_ssl_client_cert, i.e. I
need EVP keys,
corresponding certificates and the certificate chain.
Additional methods has server in it's names for the same reason why
ENGINE_load_ssl_client_cert has client in it.
ENGINE_load_server_certificate()
Hello,
Please find file attached: server_cert_from_engine4.patch
This is a patch to allow loading server SSL certificate by ENGINE.
Currently OpenSSL allows loading certificate only from a file.
Loading by specific engine is required for hardware-based engines, which
used their own certificate
Hello,
Now OpenSSL generates master secret and read/write keys inside the library,
left only premaster secret decryption to the engine.
In case of hardware-based TLS engine it could be not an option, as there may
be no possibility to set read/write keys from outside (or it may be
restricted
This explanation may help you to add new algorithms to OpenSSL:
http://www.mail-archive.com/openssl-users@openssl.org/msg59630.html
On 18 January 2011 08:59, M. V. bored_to_deat...@yahoo.com wrote:
hi,
for a project, i have to add my own encryption algorithm to racoon (part of
ipsec-tools)
Hello,
I'm exploring how to implement custom engine, and can't undestand the
purpose of EVP_PKEY_derive() function.
It is possible to set pointer to it's implementation using
EVP_PKEY_meth_set_derive() call.
But it used only in *pkeyutl* command.
It is not used in SSL handshake.
The only engine
On 4 January 2011 16:54, Dr. Stephen Henson st...@openssl.org wrote:
I can't see how that would happen:
I find a way to reproduce it: just call ENGINE_load_builtin_engines() twice.
Or call ENGINE_load_builtin_engines() after OPENSSL_config() which calls it
too.
It happens because internal
If we take a look at any ENGINE_load_XXX function, we find that they all has
similar structure:
ENGINE *toadd = engine_XXX();
if(!toadd) return;
ENGINE_add(toadd);
ENGINE_free(toadd);
ERR_clear_error();
My question is: why we need call ENGINE_free(toadd) ??
Somewhere inside
Update: adding
ENGINE_init(e)
after
e = ENGINE_by_id(XXX);
doesn't make any difference, as in my case functional reference count is
8(???) at the moment of ENGINE_init(e) call, so engine is not
re-initialised. :(
On 4 January 2011 04:12, Andrey Kulikov amde...@gmail.com wrote:
If we take
January 2011 06:23, Dr. Stephen Henson st...@openssl.org wrote:
On Tue, Jan 04, 2011, Andrey Kulikov wrote:
If we take a look at any ENGINE_load_XXX function, we find that they all
has
similar structure:
ENGINE *toadd = engine_XXX();
if(!toadd) return;
ENGINE_add(toadd
I had the same behaviour (different results in debug/not debug).
In my case answer was obvious: in debug environment I had different value
for OPENSSL_CONF env. variable, and that why in debug nothing works.
On 22 December 2010 16:58, Benjamin benja...@gentilkiwi.net wrote:
Hello,
Maybe a
On 16 December 2010 16:31, Mark Andrews via RT r...@openssl.org wrote:
encountered a NULL pointer dereference in the gost code
due to a undetected EVP_PKEY_assign() failure in pkey_gost01_paramgen().
Thnaks for report!
Could you please share a secret knowelege: why EVP_PKEY_assign() fails
in
Hello,
I've got a problem with calculating gost-mac using Openssl 1.0.0a
May be problem with cmd options, but I was unable to find out how to get it work
Trying to generate gost-mac.
Example from documentation (engines/ccgost/README.gost)
Calculation of GOST 28147 MAC
As a quick hack I added to root Makefile following lines:
==
debug: CFLAG+= -ggdb3 -O0 -DDEBUG
debug: all
==
just before
all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
Then
# make clean
# make debug
After that NetBeans can walk through source using gdb.
Linux i368.
It
On 12 November 2010 19:26, Valery Blazhnov vblazh...@lissi.ru wrote:
This command works with ccgost engine:
openssl dgst -mac gost-mac -binary -macopt
hexkey:3132333435363738393031323334353637383930313233343536373839303132 -out
mac.bin data.bin
What openssl version do you use?
I use 1.0.0a,
On 12 November 2010 15:20, Dr. Stephen Henson st...@openssl.org wrote:
On Fri, Nov 12, 2010, Andrey Kulikov wrote:
Hello,
I'm trying to make s_server and s_client work with GOST encryption
using ccgost engine and certificates with GOST algos.
But it unable to work, complaining to bad mac
Sorry, previous email is about 1.0.1 latest snapshot.
I just checked with 1.0.1
ftp://ftp.openssl.org/snapshot/openssl-1.0.0-stable-SNAP-20101112.tar.gz
Results exactly the same.
If you'll need any details - please let me know.
Andrey
On 13 November 2010 00:43, Andrey Kulikov amde...@gmail.com
Hello,
On 13 November 2010 03:33, Dr. Stephen Henson st...@openssl.org wrote:
I've just tried 1.0.1 and it does have a problem with GOST and TLS v1.1 which
is the default for OpenSSL 1.0.1. If you include -no_tls1_1 in the command
line it should work or if you try a recent 1.0.0 snapshot
Hello,
I'm trying to make s_server and s_client work with GOST encryption
using ccgost engine and certificates with GOST algos.
But it unable to work, complaining to bad mac computing.
(If I use RSA-based certificates, everything works just fine.)
Openssl 1.0.0a, Linux i386
I have ccgost
Thanks for pointing to this feature!
In context of original question
./Configure debug-rse
looks better than others, as it add -ggdb3 switch, while just -g
(like in all others debugging targets) was not work well (for me).
On 10 November 2010 16:33, Martin Kaiser li...@kaiser.cx wrote:
Hello,
Hello,
I've got a problem with calculating gost-mac using Openssl 1.0.0a
May be problem with cmd options, but I was unable to find out how to get it work
Trying to generate gost-mac.
Example from documentation (engines/ccgost/README.gost)
Calculation of GOST 28147 MAC
As a quick hack I added to root Makefile following lines:
==
debug: CFLAG+= -ggdb3 -O0 -DDEBUG
debug: all
==
just before
all: Makefile build_all openssl.pc libssl.pc libcrypto.pc
Then
# make clean
# make debug
After that NetBeans can walk through source using gdb.
Linux i368.
It
85 matches
Mail list logo