The source for incremental_send isn't in the book anywhere
that I've seen.
Well then that explains the problem. You are calling a function that does
not exist.
I'm using the first edition (June 2002).
My code does call incremental_send,
and the code I'm trying to compile is the example
Hi All;
Thanks to you for your suggestions. I followed your suggestion
and removed ssl/ssl_task.c and compiled it but I got one
problem which is as follows:
crypto\sha\sha1s.cpp, line 72: cc0020: error: identifier GetTSC is
undefined
GetTSC(s1);
You have no TSC, so this
Can you share the code that you found, a link to it, or at
least a hint as to which search engine you found it on?
http://www.cs.odu.edu/~cs772/sourcecode/NSwO/compiled/encdec.c
There you go.
I'm curious -- do you understand what the code you are compiling is supposed
to actually *do*?
I made a program that connects to a stunnel server.
I am able to connect to the server, read, write, with no problems.
Good.
The problem is that if I close the stunnel, I can handle the error
correctly if I make an SSL_read, but not if I make an SSL_write.
The SSL_write returns a positive
Hi David,
Yes indeed I do. I have seen that link before,
but it doesn't contain the contents of incremental_send
(this data is left hanging in limbo with nothing to do).
That is the contents of incremental_send.
My goal is to integrate this into a sockets application
I'm using where
If I close stunnel, the next SSL_write will return a positive value,
as if everything is ok, the second causes sudden application termination.
Make a build with debugging symbols, get a core dump, and analyze it with
'gdb' or similar. Alternatively, post the smallest complete, compilable
ret = SSL_write( m_ssl, buf, buf_lef );
which returns -1, as you'd expect. But (and here's the odd part) when I
call:
SSL_get_error( m_ssl, ret )
it returns SSL_ERROR_WANT_READ, not SSL_ERROR_WANT_WRITE. How can this
be!? The OpenSSL library is setup in client mode, so shouldn't
I found out that if I keep calling SSL_write, if the connection
is closed remotely (killing stunnel), my application hangs.
I thought your problem was crashing. Now I see that it's hanging. These are
two totally different problems.
I made some tests, and saw that the error happens only if I
Sorry for my bad english, it crashes, it doesn't hang.
Then compile with '-g' and run 'gdb' on the core dump. Post the output of
the 'where' command.
DS
__
OpenSSL Project
Program received signal SIGPIPE, Broken pipe.
You need to either catch or ignore SIGPIPE.
There is also the output of the program. I think the focus should
not be on the call the caused the crash, but on the call before,
which returned 7 even if the connection was closed.
There's nothing
Joel Christner wrote:
dataRead=recvfrom(connfd,readBuffer,sizeof(readBuffer),0,NULL,NULL);
for (i=0;istrlen(readBuffer);i++) {
Umm, you just stored the number of bytes read in 'dataRead'. Why are you
passing 'readBuffer' to strlen? The 'readBuffer' contains the array of bytes
read from the
Please give me some feedback.
Why don't you just call RAND_add? This seems like a complicated way to
accomplish nothing.
DS
__
OpenSSL Project http://www.openssl.org
User Support Mailing List
When I connect to our printer server, the certificate is never verified
correctly. When I specify the CA certificate file manually on the command
line, it works though. The root certificate in question is installed, and
^
I have a SSL client and a server application.The client connects to a
SSL server in a TCP socket persistence mode, i.e, it does a data
exchange with the server through a SSL connection , tears down the SSL
connection but again sends out a client_hello in the same TCP socket
connection it had
But, the application code tries to clear out/shutdown existing
SSL session with orderly bi-directional alerts. Once shutdown it
creates a new SSL object 'ssl' [ssl = SSL_new (ctx)]
for the next session in persistent connection..
This is nearly impossible to do. It's possible that you did it
This is nearly impossible to do. It's possible that you did it correctly,
but very unlikely. The basic problem is this -- when you call 'read' to
get
the last message of the first session, how do you make sure you also
don't
get all or part of the first message of the second session?
I do
..I mentioned overhead not in terms of data bytes, but the time.
Considering that in the system each session should not last not
more than 3-4 seconds, and client wanting to make multiple SSL
session with server, persistence can offer performance improvement.
You're just making that up,
I'm encrypt a file using RSA_private_encrypt, this work fine.
Actually, you've *signed* the file, not encrypted it. And you've done so
incredibly badly at that.
DS
__
OpenSSL Project
My application calls some library functions, which uses
OpenSSL. When my appliction runs, I believe OpenSSL emitted
some messages described below.
Nope. Your application emitted them. OpenSSL detected them and reported
them, you chose to print them out.
Does anyone know what caused those
when i compile the program p192.c i get following error
[EMAIL PROTECTED] ~]# gcc p192.c
This is not the command to compile. This is the command to compile and link.
gcc -c p192.c is the command to compile, and you will likely get no
errors.
/tmp/ccicrxZV.o: In function `main':
We are using OPEN SSL library in our client server application. We are
using SSL_WRITE and SSL_READ api used to read and
write operations between them. Connection is broken When server sends very
large message (more than 56K) using SSL_WRITE api.
That's probably due to a bug in your code.
26.02.08, 23:23, [EMAIL PROTECTED]:
Hello,
I have to connect to my OpenSSL server through proxy server.
How can I
establish this connection?
Establish tcp connection through proxy (connect, socks5, transparent,
reverse or any other)
and next run SSL on this tcp connection.
Best
Consider:
char buf[1024];
int i, j;
buf[1024]=0; // to make sure we don't run off the end
Does not C number the indices: 0..1023?
Yeah, that's what I get for hastily constructing an example.
DS
__
OpenSSL
Let's start with the obvious, just to make 100% sure we're really having an
issue here.
Here is one code example where I'm reading a 10-byte block of data
(always 10-bytes, not less):
bufptr = (u_char *)wh;
for (nread = 0; nread sizeof(wh); nread += ret) {
ret =
Thanks Marek!
One last question, can an algorithm or cipher suite be enabled or
disabled on OpenSSL by an user (I mean, without needing to
recompile and redistribute OpenSSL binaries)?
You can definitively disable an algorithm by not including it in the
libraries. Most programs that use
Doesn't what you suggest create a headache? Every time I want to
decrypt an
old message I sent or I received, or a file, I will need to
change the mail
client configuration and point it to another private key.
One would hope your mail client will allow you to keep any number of key
Arguably, you shouldn't do it even once, because it's extremely easy
to fall into the pattern of one key and one key only in the systems
design or implementation. I can't remember who coined the phrase, but
it's not good crypto hygeine.
I have argued many times that not including the
I have argued many times that not including the creation date
in every private key data format was a *huge* mistake.
Furthermore --
How do you know what time it is? How do I know you know what time
it is? Do I trust you to put the correct time, or even a monotically
increasing
David's apparent statement is the person trusting the time is the
person generating the key.
Michael's apparent idea is if you're generating it and including it
in the key format, then you're making an assertion which must
trustable by people other than the person generating the key.
Michael Sierchio wrote:
Anyway, in the case of RSA keypairs we don't manufacture them, we
discover them. They're already there, we just search for our p's and q's
in the appropriate range and rely on chance starting conditions to find
some not in use. I suggested, but not entirely in jest,
Steffen Dettmer wrote:
You may argue, and get me to agree, that cert
reissue/resigning with the same SubjectPubkeyData is a bad
idea. Make 'em generate keypairs. Keep a list forever of
pubkeys seen in certs and reject any that appear in CSRs.
(CSR? Is this like a CRL or something
The vague idea I've gotten so far is that I need to somehow
transfer the SSL_SESSION to the new process. Examining the
output of SSL_SESSION_print_fp() I see that the session ID
and master key change every time SSL is initialized, so
simply reinitializing the SSL library in the new process
Wow, is it possible one can't get help on this simple question??
It's entirely possible that the person who had the answer to your question
saw it and had no idea they knew the answer. Your question contains *no*
details. It would require someone to go hunting to figure out what your
Michael Sierchio:
If it's your policy not to reuse keys, or allow their use beyond
the lifespan of the certificate, then the enforcement mechanism
for this MUST be in the CA.
I completely disagree. If this were true, CA's would generate the private key
as part of the certificate issuing
David Schwartz wrote:
Michael Sierchio:
If it's your policy not to reuse keys, or allow their use beyond
the lifespan of the certificate, then the enforcement mechanism
for this MUST be in the CA.
I completely disagree. If this were true, CA's would generate
the private key
Michael Sierchio wrote:
I'm not suggesting that this isn't useful, just that it is not
a defect that it isn't part of the key format itself.
That may or may not be true, but none of your arguments support this point.
I'm learning towards a belief that it is a defect, but I am not thoroughly
Hi,
I have setup an SSL server that works fine up to
400 connected clients.
When I try to have more then 400 clients, then my server hangs in the
SSL_accept call This happens very randomly, sometimes beyond 1000
connected clients...
The server is dead once this happen and no other
Hi David,
My code looks like this:
1 while(1)
2 {
3r = SSL_accept(m_ssl);
4if (r 0)
5{
6 break;
7}
8r = ssl_retry(r);
9if ( r = 0)
10 {
11
Well, that is not true and I am sorry I did not give
you the full code as it is quite complicated but the
snipet you see above is called after a new connection
is already accepted. So I have an outer loop that does
a select and once a new connection is detected and accepted
without
To Md Lazreg:
I think I found it.
ready_sockets = ::select(m_max_socket + 1, rfds, 0, 0,tv);
if (ready_sockets 0)
{
if (FD_ISSET(s-get_sock(),p-get_rfds()))
{
new_s-set_non_blocking(true); /* GAK */
if (s-accept(new_s))
{ /*
Maybe I need some more coffee before I google...
I just upgraded to openssl-0.9.8g, but when I type openssl version it
still shows me the old one.
That just means that you are running the executable from the old version.
Am I missing some steps here and is there a web page where I can
Our program that use openssl can't work normally with
'https' protocol. Then we use ethereal to sniff data on
the port 443 and find that client doens't send client hello
message to server after it finish tcp handshake. Does anyone
known about this? BTW: the openssl lib is fine under another
On Tue, Apr 1, 2008 at 11:56 PM, raj H [EMAIL PROTECTED] wrote:
Anybody any comments?
It's really hard to help you because your question is so vague. What
platform are you using? What performance are you seeing? What performance
did you expect? Is the problem with session setup rate or
Can some one point me to instructions on how to create a shared object
that contains the fipscanister.o and passes the FIPS_mode_set() test
I can create executables using the ldfips script that pass the test but
when I attempt to create a fips compliant shared library (the FIPS User
Guide
smime.p7m
Description: S/MIME encrypted message
Thanks Kyle,
Here is my situation:
I have a server which can sign certificates over tls(implemented in
both client and peer).
I generate a public/private key pair for each peer now.
I need a way so Peer A Trusts Peer B because.
So, I am trying to figure out the best way to do this,
Right, Gotcha!
There is one flaw in this design however.
Peers:
A, B, E
By this scenario all three peers would be able to communicate, not
just A and B, but also E.
Do you want the server to have to approve A to talk specifically to B? Or do
you just want A and B to be able to identify
Kyle Hamilton wrote:
You can have B contact the server and obtain a signed authorization
certificate for its key that uses custom extensions to specify 'is
authorized to connect to A' for a given timeframe, and have that be
the certificate that B presents when connecting to A. Then, A looks
The documentation's poor at best, and I don't completely get the
general concepts. From reading examples I figure that only the
BIO_f_ssl does encryption-decryption when written into? so what should
I do if I want to provide an api that has functions b_encrypt and
encrypt_flush?
I think you
Thank's for the answer, but i still got a little problem,
when i run this code :
EVP_PKEY *key2 = X509_get_pubkey(certif.getX509Certificate());
cout BN_bn2hex(key2-pkey.rsa-n);
I miss the first 00 of the public key...
How can i get them ?
The leading '00' is part of the DER encoding of
One more question: I'm working on an ansynchronous framework, and
there's a poll method that gets called in each iteration. In our
sockets, this method's supposed to do whatever needs doing, and return
how many bytes are waiting to be read from the socket, so the return
value should be the
I have an application that is dynamically linked with openssl.
I'd like to load system installed openssl at runtime.
1) I'd like to use the system installed openssl rather than one I know is
secure.
My application can only be as secure as the openssl loaded into
the process. What steps
Thanks for your response. Shipping my own version of openssl is ruled
out. So I have to trust the system installed one. Think at least on some
Unix systems, LD_LIBRARY_PATH is searched first.
Right, this is beause:
1) A library cannot do any harm the user could not do directly. So there's
no
You have lots of good points. Thank you again.
You're welcome.
I work for AOL, developing cross platform SDK for instant messaging that
supports plugins. Plugins can be malicious. And AOL is responsible for
protecting users' identity and privacy. Considering our user base, a
trojan is more
Hi! I have some transport which based on winsock. Client(FTPS)
send to me some data over SSL, and i receive it with (for example):
...
if (WSARecv(AcceptSocket, DataBuf, 1, RecvBytes, Flags,
AcceptOverlapped, NULL) == SOCKET_ERROR){
if (WSAGetLastError() != WSA_IO_PENDING)
i mean is there any equivalent function for
SSL_CTX_use_certificate_chain_file which takes certificate buffer
instead of certificate file name.
Just look at the source code to SSL_CTX_use_certificate_chain_file. As I
recall (it has been awhile) you will find code in there that address the
The application I am developing requires HTTP over SSL connection
and hence I am using OpenSSL for SSL support . But Using OpenSSL
with all the cryptographic libraries included increases the size of
my app heavily . To deal with that , I want to build a OpenSSL
library with NULL encryption (
Prabhu S wrote:
if(l_ssl_err_code == SSL_ERROR_WANT_READ || l_ssl_err_code ==
SSL_ERROR_WANT_WRITE)
{
l_fds=select(sd+1, filedes_set,NULL,NULL,
l_connect_timeout);
Why are you 'select'ing for readability even if the library returns
Thanks for the quick reply from your side . I understand and respect
your opinion regarding OpenSSL usage .But I need to strip the Openssl
library to the bare minimum for my own use with the app as I wil be
using my own crypto library .
So is your question really how can I plug my own
I'm trying to build OpenSSL with least support for crypto
algorithms expt the cases where they are really needed for it to work .
My sole purpose of all this is to reduce the memory footprint of the
application that uses OpenSSL.. All I want is the procedure to do
so on a WIN32 platform ??
To do that properly you do need to at least parse some of the
ASN1 data. There
is some header information at the start which contains the
SEQUENCE tag+length
bytes.
The actual bit you will hash is in the middle of the data. One SEQUENCE
header is deleted from the start and some data from
Well the first embedded SEQUENCE is the tbsCertificate data. You
need to hash
all of that including the SEQUENCE tag+length bytes.
This is correct. My previous statement that you don't include the tag and
length bytes was incorrect. Sorry.
DS
Harakiri wrote:
i've not digged through the whole openssl source yet - but it
seems to me that the recent Debian
Issue with the ssleay_rand_add method here
http://svn.debian.org/viewsvn/pkg-openssl/openssl/trunk/rand/md_ra
nd.c?rev=141view=diffr1=141r2=140p1=openssl/trunk/rand/md_rand
Finally - how real is this concern? What is the probability that say a
2048bit generated key could fall into the 32,767 keys in the metasploit
SSH example on unaffected systems?
Best Regards,
Deane
If you think about it, it doesn't make sense. Suppose I include a randomish
string in my
David Schwartz wrote:
... Suppose I include a randomish
string in my message 46e8bd8ceae57f8b7af66536e7859bad. Any
attacker might
see this message -- it's public. So he can certainly try that
string as your
password. So will you now run off and add it to a blacklist, since it's
On Wed, May 28, 2008 at 03:38:47PM -0700, David Schwartz wrote:
In principle, specifically avoiding these keys weakens the
algorithm by reducing the keyspace.
Only against random attacks of course, if all attackers first check these
keys, then removing them strengthens the algorithm
David Schwartz wrote:
Every known key, provided there are not too many known keys, is weak.
Once again, you have a very idiosyncratic lexicon of cryptographic
terms. How about if we use these words the way cryptographers do?
A weak key is one that causes a cipher to leak private
Travis wrote:
Agreed.
Let's assume that users tend to pick the password password when
given a choice.
Now adversaries try the most common password, namely password, first.
Security conscious admins ban the word password as a password.
Yes, this does reduce the keyspace a tiny bit.
Do
The problem is that SSL_write() sometimes returns SSL_ERROR_SSL with
errno equal to EAGAIN. Calling SSL_write() again seems to solve the
problem. I have the impression that SSL_write() should return
SSL_ERROR_WANT_WRITE in this situation.
* the underlying socket is blocking
It sounds like
I'm seeing weird OpenSSL behaviour and I suspect it's a bug in
the library.
It sounds like a typical protocol error.
The problem is that SSL_write() sometimes returns SSL_ERROR_SSL with
errno equal to EAGAIN.
This is your problem. You are confusing yourself by checking 'errno'.
SSL_write
Changing this is would involve including independent date
routines which don't
have this restriction. I did start on this some time ago but other higher
priority tasks (e.g. paid ones!) took over.
I've got 64-bit date/time routines that are good out to 2270 that work fine
on 32-bit
On Thu, Jun 05, 2008, David Schwartz wrote:
1) All routines are based on a uint64_t to hold the seconds
since the epoch.
So you can still easily convert to/from time_t for in-range values.
Well there has been a problem on some platforms in the past which
don't have a
64 bit integer
What is the acceptable lower limit for the number of bytes for
RAND_load_file()?
Nobody can tell you what your requirements are. Some people will consider it
acceptable just to read 1KB from /dev/urandom. This is only a problem if the
entropy pool was never seeded, which is always at least
This code just goes into a loop and keeps writing the first piece
of info it reads. What am I doing wrong here?
while (nread = BIO_gets(out, buf, sizeof(buf) ) )
{
err = BIO_write(out,buf,nread );
}
That's precisely what it's coded to do. Get a byte, then write that byte
out, then
I am wrapping an ssl socket using c++ and use a third party library
steam implementation. the library I use requires an implementation of a
copy constructor. I managed to dup and initialize a simple BIO and then
free it as required, but when it comes to SSL struct, thing don't seem
to work
While observing some packet dump, I noticed that while sending
the same application data over twice, different packet dumps
were obtained in both cases.
Good.
This was done in the same SSL session, so the connection keys
being used are all the same. Is this expected behavior or am I
Hi,
I've this command:
/usr/bin/xmlsec1 sign --privkey-pem DSAPrivateKey.pem
--pubkey-der DSAPublicKey.key --output out.xml.out in.xml
I'm not allowed to use xmlsec on my server, and i need to sign this xml
with only openssl. Is this possible?
I'm not an expert on this by any means,
for (nread = 0; nread sizeof(buf); nread += err)
{
err = SSL_read(client_conn, buf + nread,
sizeof(buf) - nread);
if (err = 0)
break;
}
Umm, this doesn't look like an HTTP
So i want to know how will my client authenticate the server
since i don't have the server's root certificate?
Thanks in Advance..
Regards
Alok Bhatnagar
That is completely application-dependent. The answer will depend on what
makes the legitimate server different from an imposter.
Your
I have an desktop/server agent that listen for TCP connections to
process some information. And now i´m trying to implement privacy
and authentication to this application, to unsure that only my
trusted application interact with these TCP agents.
Another problem is that I'm not sure if It
If I send the message Hello World from my server to client
and I capture the aforementioned packet, lets say, I treat it
as two separate records and decrypt each record. I now have
two decrypted records. Should I merge these now? If that were
the case, are you implying that my inital message
hi again,
i created a publickey.pem with command:
openssl rsa -in myprivate.pem -pubout -out publickey.pem
then in C i try to read this public key with:
RSA *pubkey = PEM_read_RSAPublicKey(fp, NULL, NULL, NULL)
where fp is the opened publickey.pem file.
but it's return this error:
I'm not sure, that this code is correct?
It has some minor issues but appears basically correct.
EVP_EncryptInit_ex(ctx,EVP_aes_256_cbc(),NULL,key,iv);
EVP_EncryptUpdate(ctx,outbuf,outlen,text,strlen(text));
Thus, I conclude that there is some format in place, respectively
how do I know where a bignum starts and where it ends?
The format is ANSI X.690, also knows as BER or DER, somtimes (slightly
erroneously) referred to as ASN.1.
I tried to find a clue by browsing the sources, but I gave up
Hi All,
I tried to found out a interface which can be used to set the
SSL record size as a specified number, but I failed.
e.g. I hope the TLS record size shall be equal to 512 bytes,
how should i do?
The SSL record size will vary with each record depending on what it
contains. If your
Hi All,
How many concurrent user will be provided by the OPENSSL solution?
We plan an SSL VPN solution with up to 3000 concurrent users.
Kind Regards
Kurt Laux
Schweickert Netzwerktechnik GmbH
Dietmar-Hopp-Allee 19
D-69190 Walldorf
Germany
We've tested to 16,000 concurrent SSL
I attempt to decrypt a 256 bytes of data with an RSA public key. The
openssl error I'm getting is
error:0406706C:lib(4):func(103):reason(108), which from what I read on
the internet means data greater than mod len. The openssl API I'm
using to decrypt the data is RSA_public_decrypt().
I have had a look around and it appears that the serial number
for the
last certificate created was FF (hex), indicating 256
certificates have
so far been created. The next number in the serial file is 0100,
which
would seem the
Hi,
I generated a x509 certificate. When I try to read the private key with
PEM_read_PrivateKey I always get NULL as return value and when calling
perror I get an Illegal seek.
Here is my code:
FILE *pemKeyFile;
EVP_PKEY *privKey;
pemKeyFile = fopen
Hi,
You should you generate an X509 certificate and then try to read the
private key with PEM_read_PrivateKey. What does the key that you are
trying to load look like? Could it be that you are reading in the
certificate in place of the key?
Also, I don't know much about perror,
hi all,
We are using openssl 0.9.8g with our product and everything
worked fine till now. We are now trying to check memory leak
in our code using Purify. But unfortunately our executable core
dumped soon after it called PKCS12_parse(). I have attached the
entire purify log file. please let
Fred Picher:
For export regulations compliance I must dumb down OpenSSL to use
only DES. And that's only DES, no 3DES ! So I got it down to:
Are you sure you aren't trying to comply with ancient regulations that no
longer apply? It's been years since anyone I know of has had to dumb their
Silviu Vlascaenu wrote:
I am developing an application which also has some CA functions.
The application knows the public key, KpC, of a client which has
a priori proven to this app the possession of KpC through an
out-of-band mean. Therefore, when the application calls the CA
functionality
Silviu Vlasceanu wrote:
To reformulate,
Is there a way to generate a certificate without a proof of possession?
Thanks.
Absolutely. Just stuff all the fields that you want into the certificate and
sign it. Simply take the fields from wherever you have them rather than from
the CSR.
You
The only thing that I need is to certify the public key of
the client by the server, therefore the common name and
related infos are not used and have no meaning in this
context. Moreover, the certification chain is local/private,
so it does not involve interactions with external (public)
Hi,
We're thinking of using openssl in our company but wondering
about the version number.
Why the latest version is still 0.9.x, why it hasn't bumped up
to 1.x in last 8 years. Generally 1.x defines a stable version.
Any insight would be helpful in making a decision.
Thanks,
Rach
thanks for the fast replies! When you want to make your own non-EV CA
recognized by the browser, it's easy, you just have to import your CA
as trusted root, then it works. Isn't there a similar way for EV CAs,
like producing your EV CA and simply adding it to the trusted root of
the browser?
Jinsong Du wrote:
I have a simple server using blocked socket and OpenSSL, its only
function is for user registering an account. When an user connect to
this server, it spawns a child process to handle the request. I found
sometime child processes got stuck.
The problem here is that
Thanks, Kyle for the reply.
Does anyone have a definitive answer for this one? It could be a
massive
amount of work for me to rewrite the code if I have to switch to using
a single thread for read/write operations.
Just to clarify, you can use two threads. You can use one for read and one
Hello everyone, here's what's driving me nuts.
I'm sure i'm missing something simple, but why isn't the
encrypted message coming out of
BIO_get_mem_data(out, enc_msg); Null terminated ?
Mike Luich
Why should it be? It's not a string, it's a block of arbitrary data.
Besides, what would
1 - 100 of 1078 matches
Mail list logo