fips issue with PEM_write_bio_RSAPrivateKey
Hi, When fips mode enabled I am running into issue with this call in my code 1) Issue:- - PEM_write_bio_RSAPrivateKey(priv_bp, key, EVP_des_ede3_cbc(), NULL, NULL, some_cb, NULL) When I checked the code which in turns points to int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, char *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *callback, void *u) The source where I extracted from is cvs -d [EMAIL PROTECTED]:/openssl-cvs co -r OpenSSL-fips-0_9_8-stable openssl 2) In this implementation internally its using EVP_md5() which is not supported by FIPS. So is there a patch for this one..? or a different API which I could us, which is FIPS compliant. Thanks, Justin
Re: Fatal core dump on using Purify instrumented binary on Solaris.
Thanks a lot David for the detailed explanation. I am analyzing our code
now. our functions is shown below. pls check if you can quickly find any
mistake there.
int testParseKeystore
(
const char *keyStoreFilePath,
const char *password,
EVP_PKEY **priKey,
X509 **cert,
STACK_OF(X509) **ca
)
{
FILE *fp = NULL;
PKCS12 *p12 = NULL;
OpenSSL_add_all_algorithms();
loadOpenSSLCryptoErrorStrings();
/* first read the keystore. */
if ((fp = fopen(keyStoreFilePath, rb)) == NULL)
{
printf(Failed to open key store file : %s.\n, keyStoreFilePath);
return -1;
}
p12 = d2i_PKCS12_fp(fp, NULL);
fclose(fp);
if (p12 == NULL)
{
printf(Failed to get certificate file from location: %s \n
Error:%s\n,
keyStoreFilePath, ERR_error_string(ERR_get_error(),
NULL));
return -1;
}
/* get the private key and the certificate */
if (!PKCS12_parse(p12, password, priKey, cert, ca))
{
printf(Failed parsing key store file from location: %s \n
Error:%s\n,
keyStoreFilePath, ERR_error_string(ERR_get_error(),
NULL));
return -1;
}
if (priKey != NULL *priKey == NULL)
{
printf(Failed to extract private key from keystore location: %s \n
Error:%s\n,
keyStoreFilePath, ERR_error_string(ERR_get_error(),
NULL));
return -1;
}
if (cert != NULL *cert == NULL)
{
printf(Failed to extract certificate from keystore: %s \n
Error:%s\n,
keyStoreFilePath, ERR_error_string(ERR_get_error(),
NULL));
return -1;
}
PKCS12_free(p12);
return 0;
}
On a same note will functions like CRYPTO_malloc_init() and
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON) help me in any way to analyse the
issue?
-Thanks and Regards,
-Sanjith.
On Wed, Aug 13, 2008 at 4:38 AM, David Schwartz [EMAIL PROTECTED]wrote:
hi all,
We are using openssl 0.9.8g with our product and everything
worked fine till now. We are now trying to check memory leak
in our code using Purify. But unfortunately our executable core
dumped soon after it called PKCS12_parse(). I have attached the
entire purify log file. please let me know what am missing here.
-Thanks and Regards,
-Sanjith.
It looks like purify found a bug in your code. You need to debug it. The
log
says:
MSE: Memory segment error:
DES_ofb64_encrypt [libcrypto.a]
des_ede_cbc_cipher [e_des3.c]
EVP_EncryptUpdate [libcrypto.a]
EVP_CipherUpdate [libcrypto.a]
PKCS12_pbe_crypt [libcrypto.a]
PKCS12_item_decrypt_d2i [libcrypto.a]
parse_bag [p12_kiss.c]
parse_bags [p12_kiss.c]
PKCS12_parse [libcrypto.a]
testParseKeystore [zuopenssl.c:265]
testGetLocalHostPrivateKeyFromKeystore [zuopenssl.c:398]
So your code called PKCS12_parse which eventually called a DES function
with
a bad pointer. Most likely, this is because there is someting wrong with
the
PKCS12 structure you passed to PKCS12_parse, but there's no way for us to
tell.
At least, that would be the most obvious explanation. It could always be
something weirder. We can't debug the code in zuopenssl.c without being
able
to see it.
You have gotten the first piece of evidence that there is something wrong
with your code. So start debugging it.
There are a large family of bugs that are almost always harmless in release
builds but fatal in some kinds of debug builds. For example, if you
allocate
121 bytes of memory but write 122 bytes, a release build will almost always
wind up actually allocating at least 122 bytes, so the overwrite will be
harmless. A debug build tries to consider any write to memory that was
never
allocated fatal -- since it's never something you're supposed to do.
You have likely encountered a bug in that family of bugs. Almost always
harmless in release, possibly fatal in special debug builds. Find it, and
fix it. If it's of the always harmless variety, then your code will just
be nicer. If it's of the almost always harmless variety, then finding and
fixing it may well prevent rare, hard-to-debug crashes in your release
code.
It could also turn out to be a bug in OpenSSL. If you suspect this, try to
provide a compact example program that replicates this problem, and post it
to the list. (Or debug it yourself if you can.) But start out checking the
code right before the call to PKCS12_parse. There's at least a 80% chance
that's where the problem is.
DS
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: openssl 0.8.9h sha256
Rafiqul Ahsan escribió:
Found a previous postings like this where Alan Dekok answered that
FreeRadius use SSL from openssl, and if SSL supports any advanced
algorithm FreeRadius should support it (I actually added a patch to
FreeRadius to make sure this supports all digests). I am currently
trying to find out whether I have linked the right openssl libraries
when building the FreeRadius. I am unable to find out whether
FreeRadius is being built with Solaris prebuilt openssl version 0.9.7d
at /usr/sfw, or my newly installed openssl version 0.9.8h at
/usr/local (with library /usr/local/ssl/lib). I have however few
questions , and I would appreciate your reply:
1. How to create CAcert.pem (root certs), server.pem (device certs),
and server_pvt_key.pem (private key file) for server, and same for
client to test TTLS, and TLS. It could be self signed.
2. Also how to create certs using different algorithm (sha1, sha2,
sha256 etc.) ?
I need to create certs to test EAP-TLS/TTLS using WiMAX AP.
Thanks, and appreciate your help.
On 8/12/08, Sergio [EMAIL PROTECTED] wrote:
Rafiqul Ahsan escribió:
I see an error like below when trying to use EAP_TLS/TTLS
authentication with Certs that has Signature Algorithm:
sha256WithRSAEncryption . Can anybody tell me why SSL does not like
the TLS session ?
I would appreciate your help. here is the radiusd -X log:
++[suffix] returns noop
rlm_eap: EAP packet type response id 142 length 13
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type EAP
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
rlm_eap_tls: TLS 1.0 Alert [length 0002], fatal decrypt_error
TLS Alert read:fatal:decrypt error
TLS_accept:failed in SSLv3 read client certificate A
rlm_eap: SSL error error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert
decry
pt error
rlm_eap_tls: SSL_read failed inside of TLS (-1), TLS session fails.
eaptls_process returned 13
rlm_eap: Freeing handler
++[eap] returns reject
auth: Failed to validate the user.
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} - anonymous_identity
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Sending Access-Reject of id 142 to 10.19.198.231 port 19801
Hi,
recently i tried to use certs with SHA-2 sign and got the same error.
Probaly freeradius doesn't support (also) this size of sign. You can ask
about this into freeradius mailing list. Try to put a cert with SHA-1
algorithm and you will see it working.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
I'm not an expert but, not all SSL functions are used by freeradius, por
example ocsp functions. You can see raddb/certs/Makefile and
raddb/certs/README to follow the commands which creates test
certificates. Surely with another openssl options you can use several
algorithms but, there is one important point with test certs that
freeradius generates. Client certificates are signed by server private
key, so you should put the correct permissions into your openssl
configuration for server certs creation or sign client cert with ca
private key. I taken the second decision because it's more clear for me,
and because the functionality is EXACTLY the same. For the other side, i
don't know anything about WiMAX, but i suposse that credentials are the
same. Hope this helps
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: LIBEAY32.dll: Unhandeled exception in iexplorer.exe 0xC0000005: Access violation
Most likely, it probably has something to do with http://www.openssl.org/support/faq.html#PROG2 , probably a lack of CRYPTO_malloc_init(). -Kyle H On Tue, Aug 12, 2008 at 12:17 PM, Chris Hatko [EMAIL PROTECTED] wrote: I've got a ActiveX control which uses several different dll's (LIBEAY32.dll being one). When I shut down iexplorer, my control is deleted as expected but I get a crash when _DllMainCRTStartup tries to DLL_THREAD_DETACH on the LIBEAY32.dll I get the following crash: Unhandeled exception in iexplorer.exe 0xC005: Access violation... Any idea whats going on? Or what else I can do to debug (please see below)? LIBEAY32.DLL version: 0.9.8.8 namke version: 7.10.3077 Windows: Xp 2002 SP2 Compiled using the folllowing: CFLAG= /MD /Ox /O2 /Ob2 /W3 /WX /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DAES_ASM -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DMD5_ASM -DSHA1_ASM -DRMD160_ASM -DOPENSSL_USE_APPLINK -I. /Fdout32dll -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_TLSEXT -DOPENSSL_NO_CMS -DOPENSSL_NO_KRB5 -DOPENSSL_NO_DYNAMIC_ENGINE Stack trace: (nothing visible) 109549e0() libeay32.dll!0381e6e2() ntdll.dll!7c919a9c() ntdll.dll!7c919b3f() ntdll.dll!7c919aeb() ole32.dll!774fea59() ole32.dll!774fe9b4() ntdll.dll!7c919aeb() ntdll.dll!7c919ba0() kernel32.dll!7c80adde() ntdll.dll!7c90e027() ntdll.dll!7c91392e() libexpat.dll!039b7c65() libexpat.dll!039b7ce8() libexpat.dll!039b5cd2() libeay32.dll!0381e68a() libeay32.dll!037e1893() libeay32.dll!038718bb() ntdll.dll!7c9011a7() ntdll.dll!7c919213() kernel32.dll!7c80c096() ole32.dll!774fea59() mshtml.dll!7dcc9bb8() kernel32.dll!7c80b689() ole32.dll!774fea59() Crash occurs after instruction: mov ecx,dword ptr ds:[38CFCBCh] Registeres(useful?): EAX = 109549E0 EBX = ECX = 80284006 EDX = 7C90EB94 ESI = 0003 EDI = EIP = 109549E0 ESP = 022DFD14 EBP = 022DFEE4 EFL = 0202 Thanks Chris -- Chris Hatko Email: [EMAIL PROTECTED] iMsg: [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: fips issue with PEM_write_bio_RSAPrivateKey
On Tue, Aug 12, 2008, Justin A wrote: Hi, When fips mode enabled I am running into issue with this call in my code 1) Issue:- - PEM_write_bio_RSAPrivateKey(priv_bp, key, EVP_des_ede3_cbc(), NULL, NULL, some_cb, NULL) When I checked the code which in turns points to int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, char *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *callback, void *u) The source where I extracted from is cvs -d [EMAIL PROTECTED]:/openssl-cvs co -r OpenSSL-fips-0_9_8-stable openssl 2) In this implementation internally its using EVP_md5() which is not supported by FIPS. So is there a patch for this one..? or a different API which I could us, which is FIPS compliant. OpenSSL 0.9.8 does not support FIPS mode. The validated 0.9.7 source and the (hopefully) soon to be validate 0.9.8-fips source in FIPS mode redirects such calls automatically to PEM_write_bio_PKCS8PrivateKey() which uses SHA1 for key derivation. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: X509_CRL_dup() problem ?
On Mon, Aug 11, 2008, delcour.pierre wrote: Hello everyone, I try to add a certificate in a CRL. To do that, i use a X509* cert, a X509_CRL* crl with this algorithm : X509_REVOKED *r = NULL; r = X509_REVOKED_new(); r-serialNumber = X509_get_serialNumber(cert); if(!crl-crl-revoked) ci-revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp); if(!sk_X509_REVOKED_push(ci-revoked, r)) return false; ASN1_UTCTIME_set(r-revocationDate,time(NULL)); ASN1_UTCTIME_set(crl-crl-lastUpdate,time(NULL)); sk_X509_REVOKED_num( crl-crl-revoked ); // here i see a X value After the previous code, i duplicate the X509_CRL : X509_CRL* xrl = X509_CRL_dup( crl ); sk_X509_REVOKED_num( crl-crl-revoked ); // here i see the same X value as above sk_X509_REVOKED_num( xrl-crl-revoked ); // here i see a X-1 value. After the duplication, the added certificate has disappear ! What do i miss to do ? Well that CRL will be useless because its signatrue is wrong. If you call X509_CRL_sign() to modify the signature it should work. The reason you get that issue is that an X509_CRL contains a cache of the encoding of the signed portion to speed up signature calculation. If you really want to have a CRL with an invalid signature you can manually mark the cached version as invalid with: x-crl-enc.modified = 1; Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: openssl 0.8.9h sha256
Thanks, I will try to figure out as you suggested.
Rafi
On 8/13/08, Sergio [EMAIL PROTECTED] wrote:
Rafiqul Ahsan escribió:
Found a previous postings like this where Alan Dekok answered that
FreeRadius use SSL from openssl, and if SSL supports any advanced
algorithm FreeRadius should support it (I actually added a patch to
FreeRadius to make sure this supports all digests). I am currently
trying to find out whether I have linked the right openssl libraries
when building the FreeRadius. I am unable to find out whether
FreeRadius is being built with Solaris prebuilt openssl version 0.9.7d
at /usr/sfw, or my newly installed openssl version 0.9.8h at
/usr/local (with library /usr/local/ssl/lib). I have however few
questions , and I would appreciate your reply:
1. How to create CAcert.pem (root certs), server.pem (device certs),
and server_pvt_key.pem (private key file) for server, and same for
client to test TTLS, and TLS. It could be self signed.
2. Also how to create certs using different algorithm (sha1, sha2,
sha256 etc.) ?
I need to create certs to test EAP-TLS/TTLS using WiMAX AP.
Thanks, and appreciate your help.
On 8/12/08, Sergio [EMAIL PROTECTED] wrote:
Rafiqul Ahsan escribió:
I see an error like below when trying to use EAP_TLS/TTLS
authentication with Certs that has Signature Algorithm:
sha256WithRSAEncryption . Can anybody tell me why SSL does not like
the TLS session ?
I would appreciate your help. here is the radiusd -X log:
++[suffix] returns noop
rlm_eap: EAP packet type response id 142 length 13
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type EAP
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
rlm_eap_tls: TLS 1.0 Alert [length 0002], fatal decrypt_error
TLS Alert read:fatal:decrypt error
TLS_accept:failed in SSLv3 read client certificate A
rlm_eap: SSL error error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1
alert
decry
pt error
rlm_eap_tls: SSL_read failed inside of TLS (-1), TLS session fails.
eaptls_process returned 13
rlm_eap: Freeing handler
++[eap] returns reject
auth: Failed to validate the user.
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} - anonymous_identity
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Sending Access-Reject of id 142 to 10.19.198.231 port 19801
Hi,
recently i tried to use certs with SHA-2 sign and got the same error.
Probaly freeradius doesn't support (also) this size of sign. You can ask
about this into freeradius mailing list. Try to put a cert with SHA-1
algorithm and you will see it working.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
I'm not an expert but, not all SSL functions are used by freeradius, por
example ocsp functions. You can see raddb/certs/Makefile and
raddb/certs/README to follow the commands which creates test certificates.
Surely with another openssl options you can use several algorithms but,
there is one important point with test certs that freeradius generates.
Client certificates are signed by server private key, so you should put the
correct permissions into your openssl configuration for server certs
creation or sign client cert with ca private key. I taken the second
decision because it's more clear for me, and because the functionality is
EXACTLY the same. For the other side, i don't know anything about WiMAX, but
i suposse that credentials are the same. Hope this helps
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
--
Rafiqul Ahsan
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: X509_CRL_dup() problem ?
Dr. Stephen Henson wrote: On Mon, Aug 11, 2008, delcour.pierre wrote: Hello everyone, I try to add a certificate in a CRL. To do that, i use a X509* cert, a X509_CRL* crl with this algorithm : X509_REVOKED *r = NULL; r = X509_REVOKED_new(); r-serialNumber = X509_get_serialNumber(cert); if(!crl-crl-revoked) ci-revoked = sk_X509_REVOKED_new(X509_REVOKED_cmp); if(!sk_X509_REVOKED_push(ci-revoked, r)) return false; ASN1_UTCTIME_set(r-revocationDate,time(NULL)); ASN1_UTCTIME_set(crl-crl-lastUpdate,time(NULL)); sk_X509_REVOKED_num( crl-crl-revoked ); // here i see a X value After the previous code, i duplicate the X509_CRL : X509_CRL* xrl = X509_CRL_dup( crl ); sk_X509_REVOKED_num( crl-crl-revoked ); // here i see the same X value as above sk_X509_REVOKED_num( xrl-crl-revoked ); // here i see a X-1 value. After the duplication, the added certificate has disappear ! What do i miss to do ? Well that CRL will be useless because its signatrue is wrong. If you call X509_CRL_sign() to modify the signature it should work. The reason you get that issue is that an X509_CRL contains a cache of the encoding of the signed portion to speed up signature calculation. If you really want to have a CRL with an invalid signature you can manually mark the cached version as invalid with: x-crl-enc.modified = 1; Hi, Thank you very much, with the invalid cached version it's working : Have a nice day, pierre. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PEM_read PrivateKey gives illegal seek
Hi Tim, after understanding what happens I found and understand FAQ. But if it is part of the FAQ why not putting a hint on the relevant man pages, Maybe after doing this this item is no FAQ any more ;). Ciao Matthias Matthias Barmeier wrote: Hi, ok, sorry for not understanding what happens. The call OpenSSL_add_all_algorithms() was missing. After adding it everything seems to work perfect. Shouldn't this be mentioned on the man page of the PEM functions ? It is not PEM specific - it applies to anything trying to use an algorithm which hasn't been registered. The FAQ does indeed contain information about this: http://www.openssl.org/support/faq.html#PROG8 8. Why do I get errors about unknown algorithms? The cause is forgetting to load OpenSSL's table of algorithms with OpenSSL_add_all_algorithms(). See the manual page for more information. This can cause several problems such as being unable to read in an encrypted PEM file, unable to decrypt a PKCS#12 file or signature failure when verifying certificates. Tim. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: openssl 0.8.9h sha256
Dear All,
I tried to connect to stream server through using https (using open
ssl).But I got response from server nothing means only zero content length
of data and headers.
Let me know why server was not sending data. Is any problem related to ssl
due to delay time out happen towards server side or it is due any other
reason.
Please reply me.
Thank you.
Regards,
--Ajeet Kumar Singh
Sarve Bhavantu Sukhina ,Sarve Santu NiramayaSarve Bhadrani Pashyantu , Maa
Kaschit Dukha Bhagh Bhavet
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Rafiqul Ahsan
Sent: Wednesday, August 13, 2008 7:19 PM
To: openssl-users@openssl.org
Subject: Re: openssl 0.8.9h sha256
Thanks, I will try to figure out as you suggested.
Rafi
On 8/13/08, Sergio [EMAIL PROTECTED] wrote:
Rafiqul Ahsan escribió:
Found a previous postings like this where Alan Dekok answered that
FreeRadius use SSL from openssl, and if SSL supports any advanced
algorithm FreeRadius should support it (I actually added a patch to
FreeRadius to make sure this supports all digests). I am currently
trying to find out whether I have linked the right openssl libraries
when building the FreeRadius. I am unable to find out whether
FreeRadius is being built with Solaris prebuilt openssl version 0.9.7d
at /usr/sfw, or my newly installed openssl version 0.9.8h at
/usr/local (with library /usr/local/ssl/lib). I have however few
questions , and I would appreciate your reply:
1. How to create CAcert.pem (root certs), server.pem (device certs),
and server_pvt_key.pem (private key file) for server, and same for
client to test TTLS, and TLS. It could be self signed.
2. Also how to create certs using different algorithm (sha1, sha2,
sha256 etc.) ?
I need to create certs to test EAP-TLS/TTLS using WiMAX AP.
Thanks, and appreciate your help.
On 8/12/08, Sergio [EMAIL PROTECTED] wrote:
Rafiqul Ahsan escribió:
I see an error like below when trying to use EAP_TLS/TTLS
authentication with Certs that has Signature Algorithm:
sha256WithRSAEncryption . Can anybody tell me why SSL does not like
the TLS session ?
I would appreciate your help. here is the radiusd -X log:
++[suffix] returns noop
rlm_eap: EAP packet type response id 142 length 13
rlm_eap: Continuing tunnel setup.
++[eap] returns ok
rad_check_password: Found Auth-Type EAP
auth: type EAP
+- entering group authenticate
rlm_eap: Request found, released from the list
rlm_eap: EAP/ttls
rlm_eap: processing type ttls
rlm_eap_ttls: Authenticate
rlm_eap_tls: processing TLS
eaptls_verify returned 7
rlm_eap_tls: Done initial handshake
rlm_eap_tls: TLS 1.0 Alert [length 0002], fatal decrypt_error
TLS Alert read:fatal:decrypt error
TLS_accept:failed in SSLv3 read client certificate A
rlm_eap: SSL error error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1
alert
decry
pt error
rlm_eap_tls: SSL_read failed inside of TLS (-1), TLS session fails.
eaptls_process returned 13
rlm_eap: Freeing handler
++[eap] returns reject
auth: Failed to validate the user.
Found Post-Auth-Type Reject
+- entering group REJECT
expand: %{User-Name} - anonymous_identity
attr_filter: Matched entry DEFAULT at line 11
++[attr_filter.access_reject] returns updated
Sending Access-Reject of id 142 to 10.19.198.231 port 19801
Hi,
recently i tried to use certs with SHA-2 sign and got the same error.
Probaly freeradius doesn't support (also) this size of sign. You can
ask
about this into freeradius mailing list. Try to put a cert with SHA-1
algorithm and you will see it working.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
I'm not an expert but, not all SSL functions are used by freeradius, por
example ocsp functions. You can see raddb/certs/Makefile and
raddb/certs/README to follow the commands which creates test certificates.
Surely with another openssl options you can use several algorithms but,
there is one important point with test certs that freeradius generates.
Client certificates are signed by server private key, so you should put
the
correct permissions into your openssl configuration for server certs
creation or sign client cert with ca private key. I taken the second
decision because it's more clear for me, and because the functionality is
EXACTLY the same. For the other side, i don't know anything about WiMAX,
but
i suposse that credentials are the same. Hope this helps
__
OpenSSL Project
DES-only OpenSSL version
Hello, For export regulations compliance I must dumb down OpenSSL to use only DES. And that's only DES, no 3DES ! So I got it down to: openssl ciphers -v EDH-DSS-DES-CBC3-SHA SSLv3 Kx=DH Au=DSS Enc=3DES(168) Mac=SHA1 EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH Au=DSS Enc=DES(56) Mac=SHA1 EXP-EDH-DSS-DES-CBC-SHA SSLv3 Kx=DH(512) Au=DSS Enc=DES(40) Mac=SHA1 export By using: ../Configure no-shared --prefix=/usr --openssldir=/usr/lib/ssl no-idea no-mdc2 no-rc5 no-aes no-rsa no-dss no-rc4 no-rc2 Now, is there a simple way to 'comment out' (or any other method) the 3DES functionality from the ../crypto/des/ files ? Is there a define covering that somehow ? Any hints/suggestions/comments welcomed. Cheers. __ Yahoo! Canada Toolbar: Search from anywhere on the web, and bookmark your favourite sites. Download it now at http://ca.toolbar.yahoo.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: fips issue with PEM_write_bio_RSAPrivateKey
Thanks for the reply. Appreciated. Have couple of question which are bothering me. These are the steps I followed to build the fips . The place where I download ftp://ftp.openssl.org/snapshot/ 1) Download openssl-fips-test-1.2.0.tar.gz , build it with ./config fips option to generate fipsld, fipscanister,..etc and downloaded the latest openssl-0.9.8-fips-test-SNAP-20080813.tar.gz to build the fips capable openssl libcrypto and libssl . Are these steps right ..? which I followed through the README. 2) I tried checking the PEM_ASN1_write_bio and even the PEM_read_bio which also uses EVP_md5() internally in 0.9.7. In which of the 0.9.7 fips capable distribution did you mention that it uses EVP_sha1() internally..I could not find it, can you please point me to that? Is there a test website where I can download bits for 0.9.8 which as EVP_sha1() implemented..? 3) Lastly all the PEM_write_bio_* routines points to this function PEM_ASN1_write_bio which uses md5() internally. Will this change to sha1() in the coming releases of 0.9.8..? to supports fips..? Thanks, Justin --- On Wed, 8/13/08, Dr. Stephen Henson [EMAIL PROTECTED] wrote: From: Dr. Stephen Henson [EMAIL PROTECTED] Subject: Re: fips issue with PEM_write_bio_RSAPrivateKey To: openssl-users@openssl.org Date: Wednesday, August 13, 2008, 3:28 AM On Tue, Aug 12, 2008, Justin A wrote: Hi, When fips mode enabled I am running into issue with this call in my code 1) Issue:- - PEM_write_bio_RSAPrivateKey(priv_bp, key, EVP_des_ede3_cbc(), NULL, NULL, some_cb, NULL) When I checked the code which in turns points to int PEM_ASN1_write_bio(i2d_of_void *i2d, const char *name, BIO *bp, char *x, const EVP_CIPHER *enc, unsigned char *kstr, int klen, pem_password_cb *callback, void *u) The source where I extracted from is cvs -d [EMAIL PROTECTED]:/openssl-cvs co -r OpenSSL-fips-0_9_8-stable openssl 2) In this implementation internally its using EVP_md5() which is not supported by FIPS. So is there a patch for this one..? or a different API which I could us, which is FIPS compliant. OpenSSL 0.9.8 does not support FIPS mode. The validated 0.9.7 source and the (hopefully) soon to be validate 0.9.8-fips source in FIPS mode redirects such calls automatically to PEM_write_bio_PKCS8PrivateKey() which uses SHA1 for key derivation. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: DES-only OpenSSL version
Fred Picher: For export regulations compliance I must dumb down OpenSSL to use only DES. And that's only DES, no 3DES ! So I got it down to: Are you sure you aren't trying to comply with ancient regulations that no longer apply? It's been years since anyone I know of has had to dumb their products down that far. The United States has largely accepted that if US firms can't export strong crypto, the 'bad guys' will just use crypto from other nations or open source products. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: fips issue with PEM_write_bio_RSAPrivateKey
On Wed, Aug 13, 2008, Justin A wrote: Thanks for the reply. Appreciated. Have couple of question which are bothering me. These are the steps I followed to build the fips . The place where I download ftp://ftp.openssl.org/snapshot/ 1) Download openssl-fips-test-1.2.0.tar.gz , build it with ./config fips option to generate fipsld, fipscanister,..etc and downloaded the latest openssl-0.9.8-fips-test-SNAP-20080813.tar.gz to build the fips capable openssl libcrypto and libssl . Are these steps right ..? which I followed through the README. 2) I tried checking the PEM_ASN1_write_bio and even the PEM_read_bio which also uses EVP_md5() internally in 0.9.7. In which of the 0.9.7 fips capable distribution did you mention that it uses EVP_sha1() internally..I could not find it, can you please point me to that? Is there a test website where I can download bits for 0.9.8 which as EVP_sha1() implemented..? 3) Lastly all the PEM_write_bio_* routines points to this function PEM_ASN1_write_bio which uses md5() internally. Will this change to sha1() in the coming releases of 0.9.8..? to supports fips..? The PEM_ASN1_write_bio() function is only really used with encryption and private keys. So you need to check out PEM_write_bio_PrivateKey() et al. The MD5 PEM based encryption is non standard and unique to OpenSSL. It has been there since the SSLeay days. It is retained for compatibility. Instead of making up another non standard version for FIPS mode the standardised PKCS#8 format is used instead. In some future version of OpenSSL PKCS#8 will be the default private key format. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
