Re: aes in evp
On Wed, Mar 05, 2008, John Parker wrote: The ciphers are all found in evp.h, EVP_aes_128_cbc, for example. Is there a reason why this is undocumented? Only that no one has so far got round to documenting them. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: EVP_CIPHER_CTX_init question
On Wed, Mar 05, 2008, John Parker wrote: Is it appropriate to call the sequence EVP_CipherInit_ex() EVP_CipherUpdate_ex() EVP_CipherFinal_ex() *multiple* times between init and cleanup? Yes it is appropriate, in fact that is the most efficient way of doing things. By doing that certain structures can be reused rather than allocated and freed up each time. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Using OpenSSL cryptographic functions in a multi-threaded application
Bobby Krupczak wrote: Hi! We are using only the OpenSSL cryptographic functionality, the EVP and HMAC functions, in a multi-threaded application. Do we need to do anything to ensure thread safety ? The documentation mentions CRYPTO_set_locking_callback() and CRYPTO_set_id_callback() but we are not calling these functions nor have we put critical sections in our own code before calling the cryptographic functions. We are experiencing some crashes and attempting to track them down and thought our use of OpenSSL may be faulty. Yes you need to do a few things. The ORA Network Security with OpenSSL documents the few stubs you need to in order for openssl to work with pthreads as well as windows threads. You can even download the example code from the net. What is the link for the above ? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Re: Using OpenSSL cryptographic functions in a multi-threaded application
The ORA Network Security with OpenSSL documents the few stubs you need to in order for openssl to work with pthreads as well as windows threads. You can even download the example code from the net. What is the link for the above ? http://www.oreilly.com/catalog/openssl/ Mark. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Using OpenSSL cryptographic functions in a multi-threaded application
--On Thursday, March 06, 2008 07:26:11 AM -0500 Edward Diener [EMAIL PROTECTED] wrote: What is the link for the above ? http://www.opensslbook.com/ Greetings, Jens pgp0Jj3wYmEkw.pgp Description: PGP signature
Re: Re: Using OpenSSL cryptographic functions in a multi-threaded application
Hi! The ORA Network Security with OpenSSL documents the few stubs you need to in order for openssl to work with pthreads as well as windows threads. You can even download the example code from the net. What is the link for the above ? http://www.oreilly.com/catalog/openssl/ Yes, sorry I neglected to post the URL. The book's website is: http://www.opensslbook.com The example code also includes code for generating your own keys, and certs in C so you can imbed it in your own programs. (This question comes up periodically on the mailing list) The book is definitely worth owning. Bobby __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
(solved) valgrind complaints about my network data receive
Hi!
I posted last week about valgrind and excessive complaints about the
network data that my application receives.
Many thanks to those who posted suggestions. In particular, Christoph
Bartoschek nailed it.
My problem was caused by a combination of uninitialized data in
libcrypto. Previous posts had suggested to re-compile openssl with
-DPURIFY which helped a bit. Christoph also suggested some code mods
to initialize some data in libcrypto/libssl. They were:
1) In bn_rand.c add at line 141: memset(buf, 0, bytes); =20
buf = (unsigned char *)OPENSSL_malloc(bytes);
if (buf == NULL)
{
BNerr(BN_F_BNRAND,ERR_R_MALLOC_FAILURE);
goto err;
}
memset(buf, 0, bytes);
2) bn_mont.c: Initialize tmod variable declared at line 392
memset(tmod, 0, sizeof(tmod));
Basically, what I think was happening was that the uninitialized data
was essentially polluting (as far as valgrind is concerned) the data I
received because it was derived from or calculated from the various
uninitialized data down in the bowels of libssl/libcrypto.
Adding -DPURIFY and the above code mods nearly eliminated all of the
warnings.
I also temporarily removed the seeding of the PRNG from my app and
that completed the job of eliminating all unnecessary warnings. Now,
the valgrind warnings that do appear are deserved.
On the PRNG, when should one seed it? Before calling
SSL_library_init() or after? I notice that, in some of the example
programs floating around the net, the PRNG is never explicitly
seeded.
Thanks,
Bobby
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: Using OpenSSL cryptographic functions in a multi-threaded application
Bobby Krupczak wrote: Hi! The ORA Network Security with OpenSSL documents the few stubs you need to in order for openssl to work with pthreads as well as windows threads. You can even download the example code from the net. What is the link for the above ? http://www.oreilly.com/catalog/openssl/ Yes, sorry I neglected to post the URL. The book's website is: http://www.opensslbook.com The example code also includes code for generating your own keys, and certs in C so you can imbed it in your own programs. (This question comes up periodically on the mailing list) The book is definitely worth owning. The book may be worth owning but we need an immediate solution. I did find the code in crypto/threads/mttest.c and do understand it, so I know what needs to be done. Our situation is that we are using OpenSSL from a single Windows DLL in a multi-threaded Web Server application. The claim has been made by others in my programming group that our use of OpenSSL has been in place in a previous release of our product without noticable problems. We have not implemented the equivalent code similar to mttest.c to protect threads, nor have we put critical sections around our own use of OpenSSL in the single Windows DLL to make sure only one thread uses OpenSSL at a time. Our use of OpenSSL in our single DLL has been strictly in calls to EVP_ and HMAC_ functionality, but these calls can obviously be made by multiple threads of the web server application simultaneously. Have we just been lucky not to have experienced problems in the past, without thread protection, or is it possible that the calls to the cryptographic functions for EVP_ and HMAC_ actually do not need multi-threaded protection as outlined in mttest.c ? Our own DLL which uses OpenSSL has itself no global data structures which need protection. BTW I am entirely in favor of providing the multi-threaded protection outlined in mttest.c above, but I have to convince others that it is absolutely needed else the inertia of others will just turn away from this problem. So if you, as an OpenSSL expert, tell me that our use of EVP_ and HMAC_ cryptographic functions needs multi-threaded protection, else crashes could occur, I can pass this on to the other people involved, since I can not enforce decisions although I am a C++ programming expert. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Building OpenSSL with GMP;ECDSA optimization
Hi, I am using OpenSSL 0.9.8g and i want increase the performance of ECDSA signing and verification on freescale 5200b using QNX.For this i am trying to compile OpenSSL with GMP for my target platform.My question are: 1. will this enhance the the performance of ECDSA signing and verification. 2. Did it need any function call change in ECDSA lib. 3. Did anybody has idea how to build openSSL with GMP for freescale 5200b using QNX and use it. 4. Is there any other way to reduce ECDSA signing and verification time on my target, its coming quite large than on windows plateform. 5. How can i optimize ECDSA for my target board. Thanks Regards, Singh
Re: Using OpenSSL cryptographic functions in a multi-threaded application
I do not know if it does or not. But, as an experienced programmer, I can guarantee that even if it does not today, one day someone will do something that will cause it to need it and you will start to get failures that will take weeks to track down. Why can't people just do things right the first time? Oh yeah, management. :P On Thu, Mar 6, 2008 at 8:51 AM, Edward Diener [EMAIL PROTECTED] wrote: Bobby Krupczak wrote: Hi! The ORA Network Security with OpenSSL documents the few stubs you need to in order for openssl to work with pthreads as well as windows threads. You can even download the example code from the net. What is the link for the above ? http://www.oreilly.com/catalog/openssl/ Yes, sorry I neglected to post the URL. The book's website is: http://www.opensslbook.com The example code also includes code for generating your own keys, and certs in C so you can imbed it in your own programs. (This question comes up periodically on the mailing list) The book is definitely worth owning. The book may be worth owning but we need an immediate solution. I did find the code in crypto/threads/mttest.c and do understand it, so I know what needs to be done. Our situation is that we are using OpenSSL from a single Windows DLL in a multi-threaded Web Server application. The claim has been made by others in my programming group that our use of OpenSSL has been in place in a previous release of our product without noticable problems. We have not implemented the equivalent code similar to mttest.c to protect threads, nor have we put critical sections around our own use of OpenSSL in the single Windows DLL to make sure only one thread uses OpenSSL at a time. Our use of OpenSSL in our single DLL has been strictly in calls to EVP_ and HMAC_ functionality, but these calls can obviously be made by multiple threads of the web server application simultaneously. Have we just been lucky not to have experienced problems in the past, without thread protection, or is it possible that the calls to the cryptographic functions for EVP_ and HMAC_ actually do not need multi-threaded protection as outlined in mttest.c ? Our own DLL which uses OpenSSL has itself no global data structures which need protection. BTW I am entirely in favor of providing the multi-threaded protection outlined in mttest.c above, but I have to convince others that it is absolutely needed else the inertia of others will just turn away from this problem. So if you, as an OpenSSL expert, tell me that our use of EVP_ and HMAC_ cryptographic functions needs multi-threaded protection, else crashes could occur, I can pass this on to the other people involved, since I can not enforce decisions although I am a C++ programming expert. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- == John T. Cox e-mail [EMAIL PROTECTED] www http://members.iglou.com/vampire ==
PKCS#1 and PKCS#7
We have singed a digest with RSA_sing and we have an PKCS#1. We need to transform from the PKCS#1 to a PKCS#7. ¿Do you know how to transform the PKCS#1 to a PKCS#7? Thank you. Fernando.
PKEYUTL application and ECDSA problem
Hi all: I am trying to sign files with my own program and have followed almost the same steps as the pkeyutl application included in the OpenSSL distribution. When I try to sign 'large' files, the pkeyutl tool is not able to sign it producing a zero size output signature. I have debugged the application and it comes that the input buffer is never hashed. Thus, the ecda_do_sign function in ecs_ossl.c always returns ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); when the input buffer is longer than the expected digest size. I don't know if it's already being solved but I thought about changing the way pkeyutl signs to: EVP_SignInit EVP_SignUpdate EVP_SignFinal scheme instead of the existing EVP_PKEY_sign call. Best regards, Daniel
Re: PKEYUTL application and ECDSA problem
On Thu, Mar 06, 2008, Alvarez, Daniel wrote: Hi all: I am trying to sign files with my own program and have followed almost the same steps as the pkeyutl application included in the OpenSSL distribution. When I try to sign 'large' files, the pkeyutl tool is not able to sign it producing a zero size output signature. I have debugged the application and it comes that the input buffer is never hashed. Thus, the ecda_do_sign function in ecs_ossl.c always returns ECDSAerr(ECDSA_F_ECDSA_DO_SIGN, ECDSA_R_DATA_TOO_LARGE_FOR_KEY_SIZE); when the input buffer is longer than the expected digest size. I don't know if it's already being solved but I thought about changing the way pkeyutl signs to: EVP_SignInit EVP_SignUpdate EVP_SignFinal scheme instead of the existing EVP_PKEY_sign call. The pkeutil program is meant to do that and provide a command line utility to allow pre-digested data to be input. If you want to digest and sign (the usual scheme for bulk data) use the dgst utility instead. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: testing upgrade from 0.9.7e to 0.9.8g
On Thu, Mar 06, 2008 at 01:15:03PM -0600, [EMAIL PROTECTED] wrote: So we're testing out an upgrade from OpenSSL 0.9.7e to 0.9.8g, and we're mostly using the SSL network connection functionality, not the crypto lib. I am supposed to help with a test plan to make sure our stuff works properly, but I'm not sure what to test. I imagine that it has to be backward compatible, since everyone using HTTPS has to be, but am not sure. Other than reading the NEWS page for changes, can anyone think of something I should do or something specific I should test? I wasn't that familiar with OpenSSL but I'm in charge of our crypto code now, so I have to become so quite quickly. :-) The two releases are binary and protocol compatible. You don't need to recompile your applications, just deploy the new shared library and header files (for building new applications). -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
interop between OpenSSL PKCS#7 (v1.5) and BC (CMS)
So I've got to interchange data with a Java-based environment. I believe their choice of libraries is with Bouncy Castle, which IIUC implements a newer version of PKCS#7 called CMS. We only have OpenSSL, which uses PKCS#7 v1.5.. Does anyone have experience with these kinds of situations? It has been very time-consuming, and the parsing issues are a real PITA. Right now we've got BC to read signed v1.5 objects but it barfs on encrypted objects with a padding error. -- https://www.subspacefield.org/~travis/ I need a better strategy for being less analytical. For a good time on my email blacklist, email [EMAIL PROTECTED] pgpoku8IXJD9f.pgp Description: PGP signature
testing upgrade from 0.9.7e to 0.9.8g
So we're testing out an upgrade from OpenSSL 0.9.7e to 0.9.8g, and we're mostly using the SSL network connection functionality, not the crypto lib. I am supposed to help with a test plan to make sure our stuff works properly, but I'm not sure what to test. I imagine that it has to be backward compatible, since everyone using HTTPS has to be, but am not sure. Other than reading the NEWS page for changes, can anyone think of something I should do or something specific I should test? I wasn't that familiar with OpenSSL but I'm in charge of our crypto code now, so I have to become so quite quickly. :-) Thanks, Travis -- https://www.subspacefield.org/~travis/ I need a better strategy for being less analytical. For a good time on my email blacklist, email [EMAIL PROTECTED] pgphxKgNrZSIu.pgp Description: PGP signature
Re: testing upgrade from 0.9.7e to 0.9.8g
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Victor Duchovni schrieb: | On Thu, Mar 06, 2008 at 01:15:03PM -0600, [EMAIL PROTECTED] wrote: | | So we're testing out an upgrade from OpenSSL 0.9.7e to 0.9.8g, | and we're mostly using the SSL network connection functionality, | not the crypto lib. | | I am supposed to help with a test plan to make sure our stuff works | properly, but I'm not sure what to test. I imagine that it has to be | backward compatible, since everyone using HTTPS has to be, but am not | sure. | | Other than reading the NEWS page for changes, can anyone think of | something I should do or something specific I should test? | | I wasn't that familiar with OpenSSL but I'm in charge of our crypto | code now, so I have to become so quite quickly. :-) | | The two releases are binary and protocol compatible. You don't need to | recompile your applications, just deploy the new shared library and | header files (for building new applications). | 0.9.7e and 0.9.8g are binary compatible ? Who told you that ? All code build for 0.9.7* has to be recompiled for use with 0.9.8*. Besides certificate verification and session reconnect I don't know any details what you have to retest. Goetz - -- DMCA: The greed of the few outweights the freedom of the many -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH0Gln2iGqZUF3qPYRAutlAJ9CmsVIKB2ZcbaIdRHxtO9Vn1VHJACfdRMx olZ2PA/q1zompRUx5jAR20g= =G45N -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: testing upgrade from 0.9.7e to 0.9.8g
On Thu, Mar 06, 2008 at 11:00:07PM +0100, Goetz Babin-Ebell wrote: | I am supposed to help with a test plan to make sure our stuff works | properly, but I'm not sure what to test. I imagine that it has to be | backward compatible, since everyone using HTTPS has to be, but am not | sure. | | Other than reading the NEWS page for changes, can anyone think of | something I should do or something specific I should test? | | I wasn't that familiar with OpenSSL but I'm in charge of our crypto | code now, so I have to become so quite quickly. :-) | | The two releases are binary and protocol compatible. You don't need to | recompile your applications, just deploy the new shared library and | header files (for building new applications). | 0.9.7e and 0.9.8g are binary compatible ? Who told you that ? Oops, sorry, eyeball error, I read 0.9.8e. Never mind. They are merely protocol compatible, providing the 0.9.8 side does not disable all 0.9.7 ciphers. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Interface selection BIO_do_connect
With openSSL, what is the usual way to select a network interface on a multihomed device? I know that with a regular socket I could use ioctl SIOCSIFNAME. But I don't see a way to do that for a client SSL connection. BIO* conn = BIO_new_connect(addr); BIO_do_connect(conn); // == socket gets created connected; // interface selection is not under program control ssl = SSL_new(ctx); SSL_set_bio(ssl, conn, conn); err = SSL_connect(ssl); I hope I don't have to write my own BIO. Any ideas? -- Paul Wisner Research Staff, Nokia Research Center, Cambridge, Massachusetts, USA Nokia University Relations Representative, Eastern USA Research Affiliate, MIT Computer Science and Artificial Intelligence Laboratory http://research.nokia.com/people/paul_wisner -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of ext Goetz Babin-Ebell Sent: Thursday, March 06, 2008 5:00 PM To: openssl-users@openssl.org Subject: Re: testing upgrade from 0.9.7e to 0.9.8g -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Victor Duchovni schrieb: | On Thu, Mar 06, 2008 at 01:15:03PM -0600, [EMAIL PROTECTED] wrote: | | So we're testing out an upgrade from OpenSSL 0.9.7e to 0.9.8g, and | we're mostly using the SSL network connection functionality, not the | crypto lib. | | I am supposed to help with a test plan to make sure our stuff works | properly, but I'm not sure what to test. I imagine that it has to be | backward compatible, since everyone using HTTPS has to be, but am not | sure. | | Other than reading the NEWS page for changes, can anyone think of | something I should do or something specific I should test? | | I wasn't that familiar with OpenSSL but I'm in charge of our crypto | code now, so I have to become so quite quickly. :-) | | The two releases are binary and protocol compatible. You don't need to | recompile your applications, just deploy the new shared library and | header files (for building new applications). | 0.9.7e and 0.9.8g are binary compatible ? Who told you that ? All code build for 0.9.7* has to be recompiled for use with 0.9.8*. Besides certificate verification and session reconnect I don't know any details what you have to retest. Goetz - -- DMCA: The greed of the few outweights the freedom of the many -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH0Gln2iGqZUF3qPYRAutlAJ9CmsVIKB2ZcbaIdRHxtO9Vn1VHJACfdRMx olZ2PA/q1zompRUx5jAR20g= =G45N -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: testing upgrade from 0.9.7e to 0.9.8g
Besides certificate verification and session reconnect I don't know any details what you have to retest. You imply that the mechanism of X509-based certificate verification has been embedded in openssh mainstream, right? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Interface selection BIO_do_connect
[EMAIL PROTECTED] wrote: With openSSL, what is the usual way to select a network interface on a multihomed device? I know that with a regular socket I could use ioctl SIOCSIFNAME. But I don't see a way to do that for a client SSL connection. BIO* conn = BIO_new_connect(addr); BIO_do_connect(conn); // == socket gets created connected; // interface selection is not under program control ssl = SSL_new(ctx); SSL_set_bio(ssl, conn, conn); err = SSL_connect(ssl); I hope I don't have to write my own BIO. Any ideas? Why don't you use the regular socket creation method (using ioctl) that you have combined with BIO_new_socket()? Of course then you'd have do the connection part manually; but you don't have write a new BIO! -jb -- I used to think I was indecisive, but now I'm not so sure. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: testing upgrade from 0.9.7e to 0.9.8g
I am supposed to help with a test plan to make sure our stuff works properly, but I'm not sure what to test. I imagine that it has to be backward compatible, since everyone using HTTPS has to be, but am not sure. Other than reading the NEWS page for changes, can anyone think of something I should do or something specific I should test? I'd focus on testing your application to be sure it does what you want it to do. I'd start by designing a series of tests designed to stress your application, and in turn, openssl. If that means setting up a duplicate, but test environment, I would. You can test openssl all day long and not see what you need to see, namely the functions you use doing what you want them to do. Larry __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
