[openssl.org #2967] Minor Bug - Options Missing from Application Usage
The new -CRL, -crl_download and -CRLform options are missing from the usage in s_client and s_server (I have not checked for the absence of non-crl related options from the usage) -- Nick Lewis nick.le...@usa.g4s.com +44 1684 277137 www.g4stechnology.com New Challenge House, International Drive, Tewkesbury, Gloucestershire, GL20 8UQ, UK Please consider the environment before printing this email The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2959] Trivial Bug - Typo in apps/apps.h
- #define FORMAT_HTTP13 /* Dowload using HTTP */ + #define FORMAT_HTTP13 /* Download using HTTP */ -- Nick Lewis nick.le...@usa.g4s.com +44 1684 277137 www.g4stechnology.com New Challenge House, International Drive, Tewkesbury, Gloucestershire, GL20 8UQ, UK Please consider the environment before printing this email The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2618] PATCH - Wrong exit code for pkeyutl -verify
When the pkeyutl application is using the -verify option it always exits with a value indicating an error even when verifying successfully. Please find below a patch that addresses this issue. It also modifies a message that is confusing when dealing with private keys. (The line numbers for this patch may vary due to another patch on this file.) Best Regards Nick diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 7eb3f5c..6894e25 100755 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -62,6 +62,10 @@ #include openssl/pem.h #include openssl/evp.h +#define RET_OK 0 +#define RET_ERROR 1 +#define RET_REJECTED 2 + #define KEY_PRIVKEY1 #define KEY_PUBKEY 2 #define KEY_CERT 3 @@ -102,7 +107,7 @@ int MAIN(int argc, char **argv) size_t buf_outlen; int buf_inlen = 0, siglen = -1; - int ret = 1, rv = -1; + int ret = RET_ERROR, rv = -1; argc--; argv++; @@ -332,9 +330,15 @@ int MAIN(int argc, char **argv) rv = EVP_PKEY_verify(ctx, sig, (size_t)siglen, buf_in, (size_t)buf_inlen); if (rv == 0) + { BIO_puts(out, Signature Verification Failure\n); + ret = RET_REJECTED; + } else if (rv == 1) + { BIO_puts(out, Signature Verified Successfully\n); + ret = RET_OK; + } if (rv = 0) goto end; } @@ -356,11 +360,11 @@ int MAIN(int argc, char **argv) if(rv = 0) { - BIO_printf(bio_err, Public Key operation error\n); + BIO_printf(bio_err, Public Key Utility - operation error\n); ERR_print_errors(bio_err); goto end; } - ret = 0; + ret = RET_OK; if(asn1parse) { if(!ASN1_parse_dump(out, buf_out, buf_outlen, 1, -1)) -- The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2617] pkeyutl fails depending on order of options - PATCH
The openssl application pkeyutl fails if the keytypes -certin and -pubin are placed in the options list after the -inkey option. The error message does not indicate the correct reason for the error. The -pkeyopt and -peerkey options also have similar restrictions but the conditions are checked for and the error messages do correctly indicate the cause. Please find below a patch that removes all restrictions on the order of the options in pkeyutl Best Regards Nick -- diff --git a/apps/pkeyutl.c b/apps/pkeyutl.c index 7eb3f5c..b511ca0 100755 --- a/apps/pkeyutl.c +++ b/apps/pkeyutl.c @@ -97,6 +97,7 @@ int MAIN(int argc, char **argv) EVP_PKEY_CTX *ctx = NULL; char *passargin = NULL; int keysize = -1; + char *inkey = NULL, *peerkey = NULL, *pkeyopt = NULL; unsigned char *buf_in = NULL, *buf_out = NULL, *sig = NULL; size_t buf_outlen; @@ -135,26 +136,13 @@ int MAIN(int argc, char **argv) { if (--argc 1) badarg = 1; - else - { - ctx = init_ctx(keysize, - *(++argv), keyform, key_type, - passargin, pkey_op, e); - if (!ctx) - { - BIO_puts(bio_err, - Error initializing context\n); - ERR_print_errors(bio_err); - badarg = 1; - } - } + else inkey= *(++argv); } else if (!strcmp(*argv,-peerkey)) { if (--argc 1) badarg = 1; - else if (!setup_peer(bio_err, ctx, peerform, *(++argv))) - badarg = 1; + else peerkey= *(++argv); } else if (!strcmp(*argv,-passin)) { @@ -206,18 +194,7 @@ int MAIN(int argc, char **argv) { if (--argc 1) badarg = 1; - else if (!ctx) - { - BIO_puts(bio_err, - -pkeyopt command before -inkey\n); - badarg = 1; - } - else if (pkey_ctrl_string(ctx, *(++argv)) = 0) - { - BIO_puts(bio_err, parameter setting error\n); - ERR_print_errors(bio_err); - goto end; - } + else pkeyopt= *(++argv); } else badarg = 1; if(badarg) @@ -229,12 +206,29 @@ int MAIN(int argc, char **argv) argv++; } - if (!ctx) + if (inkey) { - usage(); - goto end; + ctx = init_ctx(keysize, inkey, keyform, key_type, passargin, pkey_op, e); + if (!ctx) + { + BIO_puts(bio_err,Error initializing context\n); + ERR_print_errors(bio_err); + goto end; + } } + if (pkeyopt) + if (pkey_ctrl_string(ctx, pkeyopt) = 0) + { + BIO_puts(bio_err, Error setting pkeyopt parameters\n); + ERR_print_errors(bio_err); + goto end; + } + + if (peerkey) + if (!setup_peer(bio_err, ctx, peerform, peerkey)) + goto end; + if (sigfile (pkey_op != EVP_PKEY_OP_VERIFY)) { BIO_puts(bio_err, Signature file specified for non verify\n); The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept
RE: [openssl.org #2594] Problem with X509 path loop detection - PATCH
With update version i confirm that regression test of a software now pass with OpenSSL HEAD version. I still have problem with HEAD regarding check if is for self signed. This case is not in openssl regression tests ans cannot be reproduced with openssl command line. Case is when callback function return true(ok) for when error is X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT for certificate that is not is trusted store. Later in code function check_trust() will return X509_TRUST_UNTRUSTED and check with comment /* If not explicitly trusted then indicate error */ will call again callback function with different error code. This functionality is not same as 1.0.0x. Roumen Roumen I am not sure that I fully understand what should change in X509_verify_cert(). Should the X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT error instead be simply a X509_TRUST_UNTRUSTED error to force early failure? Alternatively should the check_trust() step be skipped for the special case of an X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT error. May I please ask you to lead me step by step through the correct operation in 1.0.0x and the incorrect operation in HEAD Best Regards Nick The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2612] Segfault protection in X509v3 extension API - PATCH
Please find attached below a patch that provides protection against segmentation faults in the X509v3 extension API Best Regards Nick diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c index 3146218..9e474c8 100755 --- a/crypto/x509v3/v3_prn.c +++ b/crypto/x509v3/v3_prn.c @@ -118,7 +118,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde return unknown_ext_print(out, ext, flag, indent, 0); p = ext-value-data; if(method-it) ext_str = ASN1_item_d2i(NULL, p, ext-value-length, ASN1_ITEM_ptr(method-it)); - else ext_str = method-d2i(NULL, p, ext-value-length); + else if(method-d2i) ext_str = method-d2i(NULL, p, ext-value-length); if(!ext_str) return unknown_ext_print(out, ext, flag, indent, 1); The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
RE: [openssl.org #2612] AutoReply: Segfault protection in X509v3 extension API - PATCH
Please find attached below a revised patch that provides further protection against segmentation faults in the X509v3 extension API Best Regards Nick diff --git a/crypto/x509v3/v3_prn.c b/crypto/x509v3/v3_prn.c index 3146218..094861e 100755 --- a/crypto/x509v3/v3_prn.c +++ b/crypto/x509v3/v3_prn.c @@ -118,7 +118,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde return unknown_ext_print(out, ext, flag, indent, 0); p = ext-value-data; if(method-it) ext_str = ASN1_item_d2i(NULL, p, ext-value-length, ASN1_ITEM_ptr(method-it)); - else ext_str = method-d2i(NULL, p, ext-value-length); + else if(method-d2i) ext_str = method-d2i(NULL, p, ext-value-length); if(!ext_str) return unknown_ext_print(out, ext, flag, indent, 1); @@ -158,7 +158,7 @@ int X509V3_EXT_print(BIO *out, X509_EXTENSION *ext, unsigned long flag, int inde sk_CONF_VALUE_pop_free(nval, X509V3_conf_free); if(value) OPENSSL_free(value); if(method-it) ASN1_item_free(ext_str, ASN1_ITEM_ptr(method-it)); - else method-ext_free(ext_str); + else if (method-ext_free) method-ext_free(ext_str); return ok; } The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2605] Directly Create Public Key File from Cert - PATCH
Please find below a patch that permits a public key file to be produced directly from a certificate without piping from stdout. The patch also mops up a couple of bugs in which 'out' is not defined when needed Nick --- diff --git a/apps/x509.c b/apps/x509.c index e402f6a..07e8808 100755 --- a/apps/x509.c +++ b/apps/x509.c @@ -668,7 +668,7 @@ bad: if (xca == NULL) goto end; } - if (!noout || text || next_serial) + if (!noout || text || next_serial || pubkey || ocspid || checkend) { OBJ_create(2.9.3, SET.ex3,SET x509v3 extension 3); @@ -851,7 +851,7 @@ bad: ERR_print_errors(bio_err); goto end; } - PEM_write_bio_PUBKEY(STDout, pkey); + PEM_write_bio_PUBKEY(out, pkey); EVP_PKEY_free(pkey); } else The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2599] Support for SHA256 and other MDs in X509 SubjectKeyIdentifier - PATCH
Please find below a patch to add SHA256 and other types of message digest support to the SubjectKeyidentifier. This functionality is accessed from the config file by adding an MD name after a semi-colon e.g. subjectKeyIdentifier=hash;sha256 Best Regards Nick diff --git a/crypto/x509v3/v3_skey.c b/crypto/x509v3/v3_skey.c index 0a984fb..c293836 100644 --- a/crypto/x509v3/v3_skey.c +++ b/crypto/x509v3/v3_skey.c @@ -105,8 +105,21 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, ASN1_BIT_STRING *pk; unsigned char pkey_dig[EVP_MAX_MD_SIZE]; unsigned int diglen; - - if(strcmp(str, hash)) return s2i_ASN1_OCTET_STRING(method, ctx, str); + const EVP_MD *md = EVP_sha1(); + + if(!strncmp(str, hex;, 4)) + return s2i_ASN1_OCTET_STRING(method, ctx, str+4); + if(!strncmp(str, hash;, 5)) + { + md = EVP_get_digestbyname(str+5); + if (!md) + { + X509V3err(X509V3_F_S2I_SKEY_ID,X509V3_R_UNSUPPORTED_TYPE); + return NULL; + } + } + else if(strcmp(str, hash)) + return s2i_ASN1_OCTET_STRING(method, ctx, str); if(!(oct = M_ASN1_OCTET_STRING_new())) { X509V3err(X509V3_F_S2I_SKEY_ID,ERR_R_MALLOC_FAILURE); @@ -129,7 +142,7 @@ static ASN1_OCTET_STRING *s2i_skey_id(X509V3_EXT_METHOD *method, goto err; } - if (!EVP_Digest(pk-data, pk-length, pkey_dig, diglen, EVP_sha1(), NULL)) + if (!EVP_Digest(pk-data, pk-length, pkey_dig, diglen, md, NULL)) goto err; if(!M_ASN1_OCTET_STRING_set(oct, pkey_dig, diglen)) { The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2601] Support for use of sha256 for certificate comparisons - PATCH
Please find attached below a patch that adds support for the use of sha256 in certificate comparisons. It also addresses a problem in which sha1 comparison was attempted as long as OPENSSL_NO_SHA was absent even when OPENSSL_NO_SHA1 was defined Best Regards Nick diff --git a/crypto/x509/x509.h b/crypto/x509/x509.h index 092dd74..3e0154b 100755 --- a/crypto/x509/x509.h +++ b/crypto/x509/x509.h @@ -303,7 +303,13 @@ struct x509_st struct ASIdentifiers_st *rfc3779_asid; #endif #ifndef OPENSSL_NO_SHA - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; +#ifndef OPENSSL_NO_SHA256 + unsigned char cmp_hash[SHA256_DIGEST_LENGTH]; +#else +#ifndef OPENSSL_NO_SHA1 + unsigned char cmp_hash[SHA_DIGEST_LENGTH]; +#endif +#endif #endif X509_CERT_AUX *aux; } /* X509 */; @@ -476,7 +482,13 @@ struct X509_crl_st ASN1_INTEGER *crl_number; ASN1_INTEGER *base_crl_number; #ifndef OPENSSL_NO_SHA - unsigned char sha1_hash[SHA_DIGEST_LENGTH]; +#ifndef OPENSSL_NO_SHA256 + unsigned char cmp_hash[SHA256_DIGEST_LENGTH]; +#else +#ifndef OPENSSL_NO_SHA1 + unsigned char cmp_hash[SHA_DIGEST_LENGTH]; +#endif +#endif #endif STACK_OF(GENERAL_NAMES) *issuers; const X509_CRL_METHOD *meth; diff --git a/crypto/x509/x509_cmp.c b/crypto/x509/x509_cmp.c index 80ebcd3..e1d5c95 100755 --- a/crypto/x509/x509_cmp.c +++ b/crypto/x509/x509_cmp.c @@ -120,10 +120,14 @@ int X509_CRL_cmp(const X509_CRL *a, const X509_CRL *b) return(X509_NAME_cmp(a-crl-issuer,b-crl-issuer)); } -#ifndef OPENSSL_NO_SHA +#if !defined(OPENSSL_NO_SHA) (!defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_SHA256)) int X509_CRL_match(const X509_CRL *a, const X509_CRL *b) { - return memcmp(a-sha1_hash, b-sha1_hash, 20); +#ifndef OPENSSL_NO_SHA256 + return memcmp(a-cmp_hash, b-cmp_hash, SHA256_DIGEST_LENGTH); +#else +return memcmp(a-cmp_hash, b-cmp_hash, SHA_DIGEST_LENGTH); +#endif } #endif @@ -166,7 +170,7 @@ unsigned long X509_subject_name_hash_old(X509 *x) } #endif -#ifndef OPENSSL_NO_SHA +#if !defined(OPENSSL_NO_SHA) (!defined(OPENSSL_NO_SHA1) || !defined(OPENSSL_NO_SHA256)) /* Compare two certificates: they must be identical for * this to work. NB: Although cmp operations are generally * prototyped to take const arguments (eg. for use in @@ -181,8 +185,11 @@ int X509_cmp(const X509 *a, const X509 *b) /* ensure hash is valid */ X509_check_purpose((X509 *)a, -1, 0); X509_check_purpose((X509 *)b, -1, 0); - - return memcmp(a-sha1_hash, b-sha1_hash, SHA_DIGEST_LENGTH); +#ifndef OPENSSL_NO_SHA256 +return memcmp(a-cmp_hash, b-cmp_hash, SHA256_DIGEST_LENGTH); +#else + return memcmp(a-cmp_hash, b-cmp_hash, SHA_DIGEST_LENGTH); +#endif } #endif diff --git a/crypto/ts/ts.h b/crypto/ts/ts.h index 190e8a1..f8b23c2 100755 --- a/crypto/ts/ts.h +++ b/crypto/ts/ts.h @@ -263,7 +263,7 @@ ESSCertID ::= SEQUENCE { typedef struct ESS_cert_id { - ASN1_OCTET_STRING *hash;/* Always SHA-1 digest. */ + ASN1_OCTET_STRING *hash; ESS_ISSUER_SERIAL *issuer_serial; } ESS_CERT_ID; diff --git a/crypto/ts/ts_rsp_sign.c b/crypto/ts/ts_rsp_sign.c index b0f023c..5458a7c 100755 --- a/crypto/ts/ts_rsp_sign.c +++ b/crypto/ts/ts_rsp_sign.c @@ -854,12 +854,12 @@ static ESS_CERT_ID *ESS_CERT_ID_new_init(X509 *cert, int issuer_needed) ESS_CERT_ID *cid = NULL; GENERAL_NAME *name = NULL; - /* Recompute SHA1 hash of certificate if necessary (side effect). */ + /* Recompute hash of certificate if necessary (side effect). */ X509_check_purpose(cert, -1, 0); if (!(cid = ESS_CERT_ID_new())) goto err; - if (!ASN1_OCTET_STRING_set(cid-hash, cert-sha1_hash, - sizeof(cert-sha1_hash))) + if (!ASN1_OCTET_STRING_set(cid-hash, cert-cmp_hash, + sizeof(cert-cmp_hash))) goto err; /* Setting the issuer/serial if requested. */ diff --git a/crypto/ts/ts_rsp_verify.c b/crypto/ts/ts_rsp_verify.c index afe16af..ec3 100755 --- a/crypto/ts/ts_rsp_verify.c +++ b/crypto/ts/ts_rsp_verify.c @@ -311,7 +311,7 @@ static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert) if (!cert_ids || !cert) return -1; - /* Recompute SHA1 hash of certificate if necessary (side effect). */ + /* Recompute hash of certificate if necessary (side effect). */ X509_check_purpose(cert, -1, 0); /* Look for cert in the cert_ids vector. */ @@ -319,10 +319,10 @@ static int TS_find_cert(STACK_OF(ESS_CERT_ID) *cert_ids, X509 *cert) { ESS_CERT_ID *cid = sk_ESS_CERT_ID_value(cert_ids, i); - /* Check the SHA-1 hash first. */ - if (cid-hash-length == sizeof(cert-sha1_hash) -!memcmp(cid-hash-data, cert-sha1_hash, -
RE: [openssl.org #2594] Problem with X509 path loop detection - PATCH
Roumen Thank you for looking at the patch and reporting the problem with it. I apologise that I did not test it properly. The path loop test in the patch should of course be first whether the issuer is in the chain and only if it is then whether it is lower than the cert x i.e. + if (issuer_num (issuer_num x_num)) Please find a corrected version below Best Regards Nick - diff --git a/crypto/x509/x509_vfy.c b/crypto/x509/x509_vfy.c index 64df4d3..7bbe43b 100755 --- a/crypto/x509/x509_vfy.c +++ b/crypto/x509/x509_vfy.c @@ -443,15 +443,18 @@ static int check_issued(X509_STORE_CTX *ctx, X509 *x, X509 *issuer) { int i; X509 *ch; + int issuer_num = 0; + int x_num = 0; for (i = 0; i sk_X509_num(ctx-chain); i++) { ch = sk_X509_value(ctx-chain, i); if (ch == issuer || !X509_cmp(ch, issuer)) - { - ret = X509_V_ERR_PATH_LOOP; - break; - } + issuer_num = issuer_num ? issuer_num : i+1; +if (ch == x || !X509_cmp(ch, x)) + x_num = i+1; } + if (issuer_num (issuer_num x_num)) +ret = X509_V_ERR_PATH_LOOP; } The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
[openssl.org #2592] req -newkey rsa does not use key length specified in cnf file PATCH
When the req -newkey option value is of the form rsa rather than rsa:keylen the key length of the new rsa key should be taken from the config file. However req does not generate an rsa key of the correct length (despite displaying the message Generating a keylen bit RSA private key that misleadingly does include the correct key length). A patch against 20110815 that resolves this bug is enclosed below. It forces set_keygen_ctx() to be run again to set EVP_PKEY_CTX_set_rsa_keygen_bits with the value from the config file. It has been tested with default_bits=2048. It has also been confirmed that the patch does not introduce any problems with -newkey ec:paramfile Nick diff --git a/apps/req.c b/apps/req.c index 8552658..f512b0e 100755 --- a/apps/req.c +++ b/apps/req.c @@ -654,6 +654,7 @@ bad: if (newkey = 0) { + genctx=NULL; if (!NCONF_get_number(req_conf,SECTION,BITS, newkey)) newkey=DEFAULT_KEY_LENGTH; } The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. When the req -newkey option value is of the form rsa rather than rsa:keylen the key length of the new rsa key should be taken from the config file. However req does not generate an rsa key of the correct length (despite displaying the message Generating a keylen bit RSA private key that misleadingly does include the correct key length). A patch against 20110815 that resolves this bug is enclosed below. It forces set_keygen_ctx() to be run again to set EVP_PKEY_CTX_set_rsa_keygen_bits with the value from the config file. It has been tested with default_bits=2048. It has also been confirmed that the patch does not introduce any problems with -newkey ec:paramfile Nick diff --git a/apps/req.c b/apps/req.c index 8552658..f512b0e 100755 --- a/apps/req.c b/apps/req.c @@ -654,6 654,7 @@ bad: if (newkey = 0) { genctx=NULL; if (!NCONF_get_number(req_conf,SECTION,BITS, newkey)) newkey=DEFAULT_KEY_LENGTH; } The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs.
[openssl.org #2584] ssltest -test_cipherlist bug incorrectly skipping ciphers
The do_test_cipherlist(void) function in ssltest.c skips some cipher checks in all methods after the SSLv2_method due to missing resets of the i counter. Please find a patch below that resolves this bug and also adds support for TLSv1_1_method and TLSv1_2_method Best Regards Nick diff --git a/ssl/ssltest.c b/ssl/ssltest.c index cebd4e7..84b4838 100755 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -432,6 +432,12 @@ static void sv_usage(void) #ifndef OPENSSL_NO_TLS1 fprintf(stderr, -tls1 - use TLSv1\n); #endif +#ifndef OPENSSL_NO_TLS1 + fprintf(stderr, -tls1_1 - use TLSv1.1\n); +#endif +#ifndef OPENSSL_NO_TLS1_2 + fprintf(stderr, -tls1_2 - use TLSv1.2\n); +#endif fprintf(stderr, -CApath arg - PEM format directory of CA's\n); fprintf(stderr, -CAfile arg - PEM format file of CA's\n); fprintf(stderr, -cert arg - Server certificate file\n); @@ -590,7 +596,7 @@ int main(int argc, char *argv[]) int badop=0; int bio_pair=0; int force=0; - int tls1=0,ssl2=0,ssl3=0,ret=1; + int tls1_2=0,tls1_1=0,tls1=0,ssl2=0,ssl3=0,ret=1; int client_auth=0; int server_auth=0,i; struct app_verify_arg app_verify_arg = @@ -744,12 +750,26 @@ int main(int argc, char *argv[]) tls1=1; } #endif +#ifndef OPENSSL_NO_SSL2 else if(strcmp(*argv,-ssl2) == 0) ssl2=1; +#endif +#ifndef OPENSSL_NO_TLS1 else if(strcmp(*argv,-tls1) == 0) tls1=1; +#endif +#ifndef OPENSSL_NO_TLS1_1 + else if(strcmp(*argv,-tls1_1) == 0) + tls1_1=1; +#endif +#ifndef OPENSSL_NO_TLS1_2 + else if(strcmp(*argv,-tls1_2) == 0) + tls1_2=1; +#endif +#ifndef OPENSSL_NO_SSL3 else if(strcmp(*argv,-ssl3) == 0) ssl3=1; +#endif else if(strncmp(*argv,-num,4) == 0) { if (--argc 1) goto bad; @@ -969,23 +989,36 @@ bad: } #endif -#if !defined(OPENSSL_NO_SSL2) !defined(OPENSSL_NO_SSL3) + if (ssl2) meth=SSLv2_method(); else if (tls1) meth=TLSv1_method(); else + if (tls1_1) + meth=TLSv1_1_method(); + else + if (tls1_2) + meth=TLSv1_2_method(); + else if (ssl3) meth=SSLv3_method(); else +#if !defined(OPENSSL_NO_SSL2) !defined(OPENSSL_NO_SSL3) meth=SSLv23_method(); #else -#ifdef OPENSSL_NO_SSL2 - meth=SSLv3_method(); +#ifndef OPENSSL_NO_SSL3 + meth=SSLv3_method(); #else - meth=SSLv2_method(); +#ifndef OPENSSL_NO_SSL2 + meth=SSLv2_method(); +#endif #endif + { + fprintf(stderr,No SSL/TLS methods available\n); + goto end; + } #endif c_ctx=SSL_CTX_new(meth); @@ -2665,8 +2698,10 @@ static int do_test_cipherlist(void) #ifndef OPENSSL_NO_SSL2 fprintf(stderr, testing SSLv2 cipher list order: ); meth = SSLv2_method(); + i=0; while ((ci = meth-get_cipher(i++)) != NULL) { + fprintf(stderr,.); if (tci != NULL) if (ci-id = tci-id) { @@ -2675,14 +2710,16 @@ static int do_test_cipherlist(void) } tci = ci; } - fprintf(stderr, ok\n); + fprintf(stderr, ok\n); #endif #ifndef OPENSSL_NO_SSL3 fprintf(stderr, testing SSLv3 cipher list order: ); meth = SSLv3_method(); tci = NULL; + i=0; while ((ci = meth-get_cipher(i++)) != NULL) { + fprintf(stderr,.); if (tci != NULL)
RE: [openssl.org #2584] ssltest -test_cipherlist bug incorrectly skipping ciphers
Amended patch to avoid need for -f option with -tls1_1 and -tls1_2 options Best Regards Nick diff --git a/ssl/ssltest.c b/ssl/ssltest.c index cebd4e7..1978eeb 100755 --- a/ssl/ssltest.c +++ b/ssl/ssltest.c @@ -432,6 +432,12 @@ static void sv_usage(void) #ifndef OPENSSL_NO_TLS1 fprintf(stderr, -tls1 - use TLSv1\n); #endif +#ifndef OPENSSL_NO_TLS1 +fprintf(stderr, -tls1_1 - use TLSv1.1\n); +#endif +#ifndef OPENSSL_NO_TLS1_2 +fprintf(stderr, -tls1_2 - use TLSv1.2\n); +#endif fprintf(stderr, -CApath arg - PEM format directory of CA's\n); fprintf(stderr, -CAfile arg - PEM format file of CA's\n); fprintf(stderr, -cert arg - Server certificate file\n); @@ -590,7 +596,7 @@ int main(int argc, char *argv[]) int badop=0; int bio_pair=0; int force=0; -int tls1=0,ssl2=0,ssl3=0,ret=1; +int tls1_2=0,tls1_1=0,tls1=0,ssl2=0,ssl3=0,ret=1; int client_auth=0; int server_auth=0,i; struct app_verify_arg app_verify_arg = @@ -744,12 +750,26 @@ int main(int argc, char *argv[]) tls1=1; } #endif +#ifndef OPENSSL_NO_SSL2 else if(strcmp(*argv,-ssl2) == 0) ssl2=1; +#endif +#ifndef OPENSSL_NO_TLS1 else if(strcmp(*argv,-tls1) == 0) tls1=1; +#endif +#ifndef OPENSSL_NO_TLS1_1 + else if(strcmp(*argv,-tls1_1) == 0) + tls1_1=1; +#endif +#ifndef OPENSSL_NO_TLS1_2 + else if(strcmp(*argv,-tls1_2) == 0) + tls1_2=1; +#endif +#ifndef OPENSSL_NO_SSL3 else if(strcmp(*argv,-ssl3) == 0) ssl3=1; +#endif else if(strncmp(*argv,-num,4) == 0) { if (--argc 1) goto bad; @@ -891,7 +911,7 @@ bad: goto end; } -if (!ssl2 !ssl3 !tls1 number 1 !reuse !force) +if (!ssl2 !ssl3 !tls1 !tls1_1 !tls1_2 number 1 !reuse !force) { fprintf(stderr, This case cannot work. Use -f to perform the test anyway (and\n-d to see what happens), @@ -969,23 +989,36 @@ bad: } #endif -#if !defined(OPENSSL_NO_SSL2) !defined(OPENSSL_NO_SSL3) + if (ssl2) meth=SSLv2_method(); else if (tls1) meth=TLSv1_method(); else +if (tls1_1) + meth=TLSv1_1_method(); +else +if (tls1_2) + meth=TLSv1_2_method(); +else if (ssl3) meth=SSLv3_method(); else +#if !defined(OPENSSL_NO_SSL2) !defined(OPENSSL_NO_SSL3) meth=SSLv23_method(); #else -#ifdef OPENSSL_NO_SSL2 -meth=SSLv3_method(); +#ifndef OPENSSL_NO_SSL3 + meth=SSLv3_method(); #else -meth=SSLv2_method(); +#ifndef OPENSSL_NO_SSL2 + meth=SSLv2_method(); +#endif #endif + { + fprintf(stderr,No SSL/TLS methods available\n); + goto end; + } #endif c_ctx=SSL_CTX_new(meth); @@ -2665,8 +2698,10 @@ static int do_test_cipherlist(void) #ifndef OPENSSL_NO_SSL2 fprintf(stderr, testing SSLv2 cipher list order: ); meth = SSLv2_method(); +i=0; while ((ci = meth-get_cipher(i++)) != NULL) { + fprintf(stderr,.); if (tci != NULL) if (ci-id = tci-id) { @@ -2675,14 +2710,16 @@ static int do_test_cipherlist(void) } tci = ci; } -fprintf(stderr, ok\n); +fprintf(stderr, ok\n); #endif #ifndef OPENSSL_NO_SSL3 fprintf(stderr, testing SSLv3 cipher list order: ); meth = SSLv3_method(); tci = NULL; +i=0; while ((ci = meth-get_cipher(i++)) != NULL) { + fprintf(stderr,.); if (tci != NULL) if (ci-id = tci-id) { @@ -2691,14 +2728,52 @@ static int do_test_cipherlist(void) } tci = ci; } -fprintf(stderr, ok\n); +fprintf(stderr, ok\n); #endif #ifndef OPENSSL_NO_TLS1 fprintf(stderr, testing TLSv1 cipher list order: ); meth = TLSv1_method(); tci = NULL; +i=0; +while ((ci = meth-get_cipher(i++)) != NULL) + { + fprintf(stderr,.); + if (tci != NULL) + if (ci-id = tci-id) +{ +fprintf(stderr, failed %lx vs. %lx\n, ci-id, tci-id); +return 0; +} + tci = ci; + } +fprintf(stderr, ok\n); +#endif +#ifndef OPENSSL_NO_TLS1_1 +fprintf(stderr, testing TLSv1.1 cipher list order: ); +meth = TLSv1_1_method(); +tci = NULL; +i=0; +while ((ci = meth-get_cipher(i++)) != NULL) + { + fprintf(stderr,.); + if (tci != NULL) + if (ci-id = tci-id) +{ +fprintf(stderr, failed %lx vs. %lx\n, ci-id, tci-id); +return 0; +} + tci = ci;
[openssl.org #2579] Segfault for CMAC
With the 20110815 snapshot I am getting a SegFault when trying to use CMAC. The command I used is as follows: [root@localhost bin]# ./openssl dgst -mac cmac -macopt cipher:aes128 -macopt key:IZEASGTBPOIZEASG -c /lorum-ipsum.txt Segmentation fault Valgrind reports: ==27337== Invalid read of size 4 ==27337==at 0x812F374: EVP_MD_type (in /usr/local/ssl/bin/openssl) ==27337== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==27337== ==27337== Process terminating with default action of signal 11 (SIGSEGV) ==27337== Access not within mapped region at address 0x0 ==27337==at 0x812F374: EVP_MD_type (in /usr/local/ssl/bin/openssl) I am new to openssl so I may not be using it correctly but I would not expect a SegFault even under misuse so I think this may be a bug Best Regards Nick Nick Lewis nick.le...@usa.g4s.commailto:nick.le...@usa.g4s.com +44 1684 277137tel:+441684277137 www.g4stechnology.comhttp://www.g4stechnology.com/ Challenge House, International Drive, Tewkesbury, Gloucestershire, GL20 8UQ, UK P Please consider the environment before printing this email The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. With the 20110815 snapshot I am getting a SegFault when trying to use CMAC. The command I used is as follows: [root@localhost bin]# ./openssl dgst -mac cmac -macopt cipher:aes128 -macopt key:IZEASGTBPOIZEASG -c /lorum-ipsum.txt Segmentation fault Valgrind reports: ==27337== Invalid read of size 4 ==27337== at 0x812F374: EVP_MD_type (in /usr/local/ssl/bin/openssl) ==27337== Address 0x0 is not stack'd, malloc'd or (recently) free'd ==27337== ==27337== Process terminating with default action of signal 11 (SIGSEGV) ==27337== Access not within mapped region at address 0x0 ==27337== at 0x812F374: EVP_MD_type (in /usr/local/ssl/bin/openssl) I am new to openssl so I may not be using it correctly but I would not expect a SegFault even under misuse so I think this may be a bug Best Regards Nick Nick Lewis nick.le...@usa.g4s.com 44 1684 277137 www.g4stechnology.com Challenge House, International Drive, Tewkesbury, Gloucestershire, GL20 8UQ, UK P Please consider the environment before printing this email The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs.
RE: [openssl.org #2579] Segfault for CMAC
I think that the following patch on 20110815 should resolve the segfault and report the correct algorithm with cmac e.g. [root@localhost bin]# ./openssl dgst -mac cmac -macopt cipher:aes256 -macopt key:IZEASGTBPOIZEASGTBPOIZEASGTBPOIZ -c /lorum-ipsum.txt CMAC-AES-256-CBC(/lorum-ipsum.txt)= 3d:15:36:74:0b:75:eb:6e:ea:f4:9d:56:e5:08:30:c6 It has had cursory testing with both cmac (cipher:aes128/256) and hmac (sha256/384 instead of dgst) Best Regards Nick -- diff --git a/apps/dgst.c b/apps/dgst.c index 8a5609f..d7051f9 100755 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -107,6 +107,7 @@ int MAIN(int argc, char **argv) unsigned char *buf=NULL; int i,err=1; const EVP_MD *md=NULL,*m; + EVP_CIPHER *cipher=NULL; BIO *in=NULL,*inp; BIO *bmd=NULL; BIO *out = NULL; @@ -389,6 +390,7 @@ int MAIN(int argc, char **argv) ERR_print_errors(bio_err); goto mac_end; } + cipher = *(EVP_CIPHER**)EVP_PKEY_CTX_get_data(mac_ctx); } } if (EVP_PKEY_keygen(mac_ctx, sigkey) = 0) @@ -508,7 +510,7 @@ int MAIN(int argc, char **argv) } else { - const char *md_name = NULL, *sig_name = NULL; + const char *alg_name = NULL, *sig_name = NULL; if(!out_bin) { if (sigkey) @@ -519,7 +521,8 @@ int MAIN(int argc, char **argv) EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, sig_name, ameth); } - md_name = EVP_MD_name(md); + + alg_name = (cipher) ? EVP_CIPHER_name(cipher) : (md) ? EVP_MD_name(md) : None; } err = 0; for (i=0; iargc; i++) @@ -533,7 +536,7 @@ int MAIN(int argc, char **argv) } else r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf, - siglen,sig_name,md_name, argv[i],bmd); + siglen,sig_name,alg_name, argv[i],bmd); if(r) err=r; (void)BIO_reset(bmd); The details of this company are as follows: G4S Technology Limited, Registered Office: Challenge House, International Drive, Tewkesbury, Gloucestershire GL20 8UQ, Registered in England No. 2382338. This communication may contain information which is confidential, personal and/or privileged. It is for the exclusive use of the intended recipient(s). If you are not the intended recipient(s), please note that any distribution, forwarding, copying or use of this communication or the information in it is strictly prohibited. Any personal views expressed in this e-mail are those of the individual sender and the company does not endorse or accept responsibility for them. Prior to taking any action based upon this e-mail message, you should seek appropriate confirmation of its authenticity. This e-mail has been scanned for all viruses by MessageLabs. I think that the following patch on 20110815 should resolve the segfault and report the correct algorithm with cmac e.g. [root@localhost bin]# ./openssl dgst -mac cmac -macopt cipher:aes256 -macopt key:IZEASGTBPOIZEASGTBPOIZEASGTBPOIZ -c /lorum-ipsum.txt CMAC-AES-256-CBC(/lorum-ipsum.txt)= 3d:15:36:74:0b:75:eb:6e:ea:f4:9d:56:e5:08:30:c6 It has had cursory testing with both cmac (cipher:aes128/256) and hmac (sha256/384 instead of dgst) Best Regards Nick -- diff --git a/apps/dgst.c b/apps/dgst.c index 8a5609f..d7051f9 100755 --- a/apps/dgst.c b/apps/dgst.c @@ -107,6 107,7 @@ int MAIN(int argc, char **argv) unsigned char *buf=NULL; int i,err=1; const EVP_MD *md=NULL,*m; EVP_CIPHER *cipher=NULL; BIO *in=NULL,*inp; BIO *bmd=NULL; BIO *out = NULL; @@ -389,6 390,7 @@ int MAIN(int argc, char **argv) ERR_print_errors(bio_err); goto mac_end; } cipher = *(EVP_CIPHER**)EVP_PKEY_CTX_get_data(mac_ctx); } } if (EVP_PKEY_keygen(mac_ctx, sigkey) = 0) @@ -508,7 510,7 @@ int MAIN(int argc, char **argv) } else { - const char *md_name = NULL, *sig_name = NULL; const char *alg_name = NULL, *sig_name = NULL; if(!out_bin) { if (sigkey) @@ -519,7 521,8 @@ int MAIN(int argc, char **argv) EVP_PKEY_asn1_get0_info(NULL, NULL, NULL, NULL, sig_name, ameth); } - md_name = EVP_MD_name(md); alg_name = (cipher) ? EVP_CIPHER_name(cipher) : (md) ? EVP_MD_name(md) : None; } err = 0; for (i=0; iargc; i) @@ -533,7 536,7 @@ int MAIN(int argc, char **argv) } else r=do_fp(out,buf,inp,separator,out_bin,sigkey,sigbuf, - siglen,sig_name,md_name, argv[i],bmd);