tag:old.nabble.com,2006:forum-978
Nabble - OpenSSL
2009-11-09T01:00:01Z
The OpenSSL Project is a collaborative effort to develop a robust, commercial-grade, full-featured, and Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a full-strength general purpose cryptography library. OpenSSL home is <a href="http://www.openssl.org/" target="_top" rel="nofollow">here</a>.
tag:old.nabble.com,2006:post-26263524
Renegotiation behavior in 0.9.8l
2009-11-09T01:00:01Z
2009-11-09T01:00:01Z
Tomas Hoger-3
Hi!
<br><br>Can anyone please clarify what is the intended renegotiation behavior in
<br>openssl 0.9.8l and later? Judging from the cn18790, original intention
<br>was for the server to generate fatal alert and break connection when
<br>renegotiation Client Hello is received.
<br><br>Following cn18794 changed that however. After receiving Client Hello,
<br>server sends no reply to the client, calls SSL_clear and read-block in
<br>an attempt to read Hello. So both client and server are trying to read
<br>from the connection and neither detects the connection is not usable
<br>any more.
<br><br>Note: If you're curious, the same occurs when server sets
<br>SSL3_FLAGS_NO_RENEGOTIATE_CIPHERS flag when using 0.9.8k.
<br><br>Additionally, cn18804 completely reverts cn18790.
<br><br>So my questions are:
<br>- Is that intended behavior? Is server not sending alert on purpose?
<br>- Is SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION going to stay or
<br> disappear with the addition of reneg extension?
<br>- Will all renegotiations remain banned by default even in versions
<br> with reneg extension implemented?
<br>- In 0.9.8l, when server calls SSL_renegotiate / SSL_do_handshake, no
<br> Hello Request is sent. Will this behavior remain the same in future
<br> versions?
<br><br>Thanks for clarifications!
<br><br>th.
<br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>Development Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26263524&i=0" target="_top" rel="nofollow">openssl-dev@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26263524&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---Dev-f980.html" embed="fixTarget[980]" target="_top" >OpenSSL - Dev</a></p>
tag:old.nabble.com,2006:post-26262845
RE: Certificate - if "Extended Key Usage" is defined, openssl ignore "Key Usage"
2009-11-09T00:39:37Z
2009-11-09T00:39:37Z
Beneš Vladimír
Hello,
<br><br> we use PKCS#7 signature format; please see attachement of my initial mail (there are signing certificate, signature, signed data and issuer certificate) - <a href="http://marc.info/?l=openssl-users&m=125751029707705&w=1" target="_top" rel="nofollow">http://marc.info/?l=openssl-users&m=125751029707705&w=1</a> (attachment.zip).
<br> There are calling openssl for signature ano / or certificate verification by using meantioned files on this mail too.
<br><br> We use command line only for calling openssl, so we cann't directly control X509_STORE.
<br><br> I'am afraid we cann't call no modified openssl by command line for verification signature with purpose verification certificate if certificate includes both X509v3 Key Usage and X509v3 Extended Key Usage.
<br><br> There is "Digital Signature" value on X509v3 Key Usage so imho openssl wouldn't return error "unsupported certificate purpose" becouse this certificate can be used for digital signing.
<br> Imho issuer created this certificate correctly and this certificate can be used for digital signing.
<br><br> Thank you V. Benes
<br><br>-----Original Message-----
<br>From: <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262845&i=0" target="_top" rel="nofollow">owner-openssl-users@...</a> [mailto:<a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262845&i=1" target="_top" rel="nofollow">owner-openssl-users@...</a>] On Behalf Of Dr. Stephen Henson
<br>Sent: Friday, November 06, 2009 6:08 PM
<br>To: <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262845&i=2" target="_top" rel="nofollow">openssl-users@...</a>
<br>Subject: Re: Certificate - if "Extended Key Usage" is defined, openssl ignore "Key Usage"
<br><br>On Fri, Nov 06, 2009, Bene? Vladimr wrote:
<br><div class='shrinkable-quote'><br>> Hi,
<br>>
<br>> we have no influence to issuer. Issuer is a standard Certification
<br>> Authority on Czech Republic (<a href="http://www.ica.cz/gb/" target="_top" rel="nofollow">http://www.ica.cz/gb/</a>). Signature is
<br>> valid, certificate is valid too and can be used for create digital
<br>> signature.
<br>>
<br>> So our program now verifies signatures by example 2 and example 3
<br>> (instead example 1): extra signature without certificate test and
<br>> extra certificate test without purpose test. But it is not pure
<br>> solution becouse purpose of certifikace is not tested.
<br>>
<br>> Pure solution is by example 1 or example 2 + 4 (it's equal). But
<br>> openssl reports below mentioned problem.
<br>>
</div><br>You don't mention what kind of signature but I'd guess S/MIME using PKCS#7 or
<br>CMS. By default that is checked for the email purpose which is why you get the
<br>error. If you want an alternative purpose you can set that at the X509_STORE
<br>level or on the command line.
<br><br>Steve.
<br>--
<br>Dr Stephen N. Henson. OpenSSL project core developer.
<br>Commercial tech support now available see: <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262845&i=3" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262845&i=4" target="_top" rel="nofollow">majordomo@...</a>
<br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262845&i=5" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262845&i=6" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26262611
Re: Signature Verification
2009-11-09T00:15:46Z
2009-11-09T00:15:46Z
Jim Welch-3
Hi,
<br><br>Based on information and suggestions you have given me, I came at the
<br>problem from a different direction. Instead of trying to verify the
<br>signature, I tried using out private key to sign the original data. After a
<br>couple of hours, I suceeded in getting the same signature as was supplied in
<br>the signed message. I then used this information to verify the signature
<br>just created. Just a small amount of more work yielded a routine that
<br>worked in taking the signed file, parsing it and verifying the signature.
<br>Here's a copy of the final verification code. xmlDat is the original xml
<br>file string and sigDat is the signature received.
<br><br>// Read public key
<br><br> fp = fopen (filePubKey, "r");
<br> if (fp == NULL)
<br> {
<br> printf("Didn't work 1\n");
<br> return(1);
<br> }
<br> pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL);
<br> fclose (fp);
<br><br> if (pkey == NULL)
<br> {
<br> printf("Didn't work 2\n");
<br> return(2);
<br> }
<br><br> sigDatEnc = g_base64_decode( sigDat, &sigDatLen);
<br> EVP_VerifyInit(&md_ctx, EVP_sha512());
<br> EVP_VerifyUpdate(&md_ctx, xmlDat, strlen(xmlDat));
<br> err = EVP_VerifyFinal (&md_ctx, sigDatEnc, sigDatLen, pkey);
<br>// g_free(sigDatEnc);
<br> free(sigDatEnc); // looked up g_free and it seems to just do a
<br>free()
<br> EVP_PKEY_free (pkey);
<br><br> if (err != 1)
<br> {
<br> printf("Didn't Verify %d\n", err);
<br> return(2);
<br> }
<br> printf ("Signature Verified Ok.\n");
<br> return(0);
<br><br><br>Thanks for everything.
<br><br>Jim
<br><br>----- Original Message -----
<br>From: "Mounir IDRASSI" <<a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=0" target="_top" rel="nofollow">mounir.idrassi@...</a>>
<br>To: <<a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=1" target="_top" rel="nofollow">openssl-users@...</a>>
<br>Sent: Saturday, November 07, 2009 4:09 AM
<br>Subject: Re: Signature Verification
<br><br><div class='shrinkable-quote'><br>> Hi,
<br>>
<br>> In order to help you further, can you post :
<br>> - The data to be hashed which is the content of your variable xmlDat
<br>> - The signature to be verified which is the content of your variable
<br>> sigDat (maybe it's what you posted first)
<br>> - The public key that will be used for the verification
<br>> - The endianess of the the signature. It should be big endian as
<br>> expected by OpenSSL
<br>>
<br>> And just one last confirmation : In your first email, you posted some
<br>> BASE64 data that you say is the signature. This data is 512 bytes long. So
<br>> this would mean that the key used is a 4096 bit RSA key. Is this correct?
<br>>
<br>> Cheers,
<br>> --
<br>> Mounir IDRASSI
<br>> IDRIX
<br>> <a href="http://www.idrix.fr" target="_top" rel="nofollow">http://www.idrix.fr</a><br>>
<br>> Jim Welch wrote:
<br>>> Hello Again,
<br>>>
<br>>> The code is there to check for a non-null pkey. It wasn't copied to keep
<br>>> the original message shorter. I've now made sure that I've Base64'd the
<br>>> xml string and Base64'd the signature string. These are what I'm giving
<br>>> to the EVP_VerifyUpdate and EVP_VerifyFinal. Still not verifying.
<br>>>
<br>>> Thanks Again,
<br>>>
<br>>> Jim
<br>>> ----- Original Message ----- From: "Mounir IDRASSI"
<br>>> <<a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=2" target="_top" rel="nofollow">mounir.idrassi@...</a>>
<br>>> To: <<a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=3" target="_top" rel="nofollow">openssl-users@...</a>>
<br>>> Sent: Friday, November 06, 2009 5:11 PM
<br>>> Subject: Re: Signature Verification
<br>>>
<br>>>
<br>>>> Hi,
<br>>>>
<br>>>> You must also handle BASE64 decoding in EVP_VerifyUpdate not only
<br>>>> EVP_VerifyFinal. Those two functions must have as input the byte arrays
<br>>>> that represent the binary data and the binary signature respectively.
<br>>>> Concerning PEM_read_PUBKEY, if it returns a non NULL pointer then
<br>>>> everything is OK with the public key and you don't have to worry.
<br>>>>
<br>>>> Cheers,
<br>>>> --
<br>>>> Mounir IDRASSI
<br>>>> IDRIX
<br>>>> <a href="http://www.idrix.fr" target="_top" rel="nofollow">http://www.idrix.fr</a><br>>>>
<br>>>>
<br>>>> Jim Welch wrote:
<br>>>>> Hi,
<br>>>>>
<br>>>>> Thank you for the response. It was sha512 not 256. I changed it to
<br>>>>> EVP_sha512 in the code but it still won't verify. On the verify final,
<br>>>>> I've tried it both with and without a Base64 converted string (and
<br>>>>> corresponding length). I'm not sure from what I've read if the
<br>>>>> PEM_read_PUBKEY does a Base64 conversion on the Public Key or not and
<br>>>>> I'm not sure where to look in the pkey to find out.
<br>>>>>
<br>>>>> Jim
<br>>>>>
<br>>>>> ----- Original Message ----- From: "Mounir IDRASSI"
<br>>>>> <<a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=4" target="_top" rel="nofollow">mounir.idrassi@...</a>>
<br>>>>> To: <<a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=5" target="_top" rel="nofollow">openssl-users@...</a>>
<br>>>>> Sent: Friday, November 06, 2009 3:55 PM
<br>>>>> Subject: Re: Signature Verification
<br>>>>>
<br>>>>>
<br>>>>>> Hi,
<br>>>>>>
<br>>>>>> In your description you say that the signature was created with SHA256
<br>>>>>> but in your code you are using SHA-1 through EVP_sha1. Replace this
<br>>>>>> with EVP_sha256 to have a correct processing.
<br>>>>>> Also, your data seems to be BASE64 encoded and you are computing the
<br>>>>>> digest directly on the BASE64 string. You should convert this BASE64
<br>>>>>> string to the corresponding byte array and then compute the digest on
<br>>>>>> this byte array.
<br>>>>>>
<br>>>>>> I hope this will help.
<br>>>>>> Cheers,
<br>>>>>> --
<br>>>>>> Mounir IDRASSI
<br>>>>>> IDRIX
<br>>>>>> <a href="http://www.idrix.fr" target="_top" rel="nofollow">http://www.idrix.fr</a><br>>>>>>
<br>>>>>> Jim Welch wrote:
<br>>>>>>> Hello,
<br>>>>>>>
<br>>>>>>> I've been trying to verify the signature from the following xml data:
<br>>>>>>>
<br>>>>>>> <license_data><version>1.0</version><serial>EC1000-0900018</serial><mac>00:54:66:18:3A:40</mac><module
<br>>>>>>> code="impedance"><start>2000-01-01</start><end>2099-12-31</end></module><module
<br>>>>>>> code="multimeter"><start>2000-01-01</start><end>2099-12-31</end></module><module
<br>>>>>>> code="sulfation"><start>2000-01-01</start><end>2099-12-31</end></module><cookie>AA80A2A7119FD4F1C122080E1AD17490</cookie></license_data>
<br>>>>>>>
<br>>>>>>> using this signature:
<br>>>>>>>
<br>>>>>>> C4S953HqB8S/SZ8nOO5IgGA0Vm3BxHT8vByWJFG2gn/OrBKc45QvjEdX855bb9p8KdSa1YQt3nnv
<br>>>>>>> p6MCA+5YCDePEIuYpbTYzAIJ9p7zqpJsXzb8YlDpw4qpf0TSbCCEFZZReSRSAxlE2gH/SOvPAjRY
<br>>>>>>> ykvxbjrgMQ07Jf/ae4lX+CaBxA/Az8efhsBDyT6wCPECkj1SiufTtVA2MAt9Bf76Y1T5RnHph/kf
<br>>>>>>> Hj3/osgrMKKbIPhii2nPktMH223QfgmTOtHxw21ahi2vcSnADb9p1WIjDiq/gLk0uisT/p0g4MZb
<br>>>>>>> SKNOct3MRqgv64wtyUD+W/+8/yGQK+/IXNIhgKoKsvuwR242c7RpF+HdVZRrfeIQMnUAAo/7q+rS
<br>>>>>>> AzRJO7L7xoXYvFOmVxvjRZP8Rhw445N6bnLwLxANFNvyoo5ykGdocBUEBMD5sC3TipYUti39mso2
<br>>>>>>> dsqSMwtRhPDw9dzf6evwG3+Qo0ewLVap3pNu8XzBrXxCM6pv7IydmekiHvSF6OFrt/rPUA2pXyuU
<br>>>>>>> njhD/twe0+n5fLlSTZ6w/D898e/blvFUroQbmaI8Rr7AE9fZY0KJBuc73YgPTXOnm4Iqc/5vMwId
<br>>>>>>> j27g+JGWEzjyAtNIBo9Su0/9LE1IVPyZgAjquBEmKEAcQQjnW4D8kj2mllJLRwI00e1TAwE9Klo=
<br>>>>>>>
<br>>>>>>> These two strings above are being sent from a server as one file
<br>>>>>>> which I parse into the two separate strings making sure white space
<br>>>>>>> has been removed from the xml as that was how it was signed. The
<br>>>>>>> signature was created with RSA & SHA512.
<br>>>>>>>
<br>>>>>>> I'm using a C program to verify and have tried numerous attemps with
<br>>>>>>> no sucess. The openssl release is 0.9.8k. The vars sigDat and
<br>>>>>>> xmlDat are the respective strings. The code is as follows (some
<br>>>>>>> parts left out for simplicity):
<br>>>>>>>
<br>>>>>>> fp = fopen (filePubKey, "r");
<br>>>>>>>
<br>>>>>>> pkey = PEM_read_PUBKEY(fp, NULL, NULL, NULL);
<br>>>>>>>
<br>>>>>>> EVP_VerifyInit (&md_ctx, EVP_sha1());
<br>>>>>>>
<br>>>>>>> EVP_VerifyUpdate (&md_ctx, xmlDat, strlen(xmlDat));
<br>>>>>>>
<br>>>>>>> err = EVP_VerifyFinal (&md_ctx, sigDat, strlen(sigDat), pkey);
<br>>>>>>>
<br>>>>>>> EVP_PKEY_free (pkey);
<br>>>>>>>
<br>>>>>>> Any ideas as to what is wrong. Another part of the project here
<br>>>>>>> involves java and the programmer working on that says that he can
<br>>>>>>> verify the signature so I know that the data is correct.
<br>>>>>>>
<br>>>>>>> Thank You,
<br>>>>>>>
<br>>>>>>> Jim Welch
<br>>>>>>>
<br>>>>>>>
<br>>>>>>>
<br>>>>>>>
<br>>>>>>
<br>>>>>> ______________________________________________________________________
<br>>>>>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>>>>>> User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=6" target="_top" rel="nofollow">openssl-users@...</a>
<br>>>>>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=7" target="_top" rel="nofollow">majordomo@...</a>
<br>>>>>
<br>>>>> ______________________________________________________________________
<br>>>>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>>>>> User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=8" target="_top" rel="nofollow">openssl-users@...</a>
<br>>>>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=9" target="_top" rel="nofollow">majordomo@...</a>
<br>>>>
<br>>>> ______________________________________________________________________
<br>>>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>>>> User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=10" target="_top" rel="nofollow">openssl-users@...</a>
<br>>>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=11" target="_top" rel="nofollow">majordomo@...</a>
<br>>>
<br>>> ______________________________________________________________________
<br>>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>>> User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=12" target="_top" rel="nofollow">openssl-users@...</a>
<br>>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=13" target="_top" rel="nofollow">majordomo@...</a>
<br>>
<br>> ______________________________________________________________________
<br>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>> User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=14" target="_top" rel="nofollow">openssl-users@...</a>
<br>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=15" target="_top" rel="nofollow">majordomo@...</a>
</div><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=16" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262611&i=17" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26262261
Re: using Open SSL on MIPS platform
2009-11-08T23:33:03Z
2009-11-08T23:33:03Z
Akira Amore
Ah! That makes so much sense, I wonder why I did not think of it :-)
<br><br>thanks a lot for your help
<br>Akira
<br><br>John R Pierce wrote:
<div class='shrinkable-quote'><br>> Akira Amore wrote:
<br>>> Hi,
<br>>>
<br>>> I'm trying to build rdesktop on a Fedora Core 8 system using
<br>>> Tuxbuilder-1.0, targetted for a MIPS embedded system.
<br>>>
<br>>> The rdesktop build throws the following error:
<br>>>
<br>>> /usr/include/openssl/opensslconf.h:27:2: error: #error "This
<br>>> openssl-devel package does not work your architecture?"
<br>>>
<br>>> Here are the openssl packages installed on my system:
<br>>>
<br>>> openssl-0.9.8b-17.fc8
<br>>> openssl-devel-0.9.8b-17.fc8
<br>>>
<br>>> Can someone clue me in on how to proceed?
<br>>
<br>>
<br>> I'm not familiar with Tuxbuilder, but if you're cross-compiling,
<br>> targetting said embedded MIPS, you shouldn't be linking with the fc8
<br>> openssl versions, you would need to build openssl in your MIPS tree
<br>> suitable for your target platform.
<br>>
<br>>
<br>> ______________________________________________________________________
<br>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>> User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262261&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262261&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br>>
</div><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262261&i=2" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262261&i=3" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26261084
Re: [Q] How to encrypt using DES?
2009-11-08T19:06:33Z
2009-11-08T19:06:33Z
JongAm Park-4
<html><head></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space; ">Thank you for your reply.<div><br></div><div>Is there any tutorial or code samples?</div><div><br></div><div>Thank you.</div><div>JongAm Park</div><div><br><div><div>On Nov 8, 2009, at 3:42 PM, Dr. Stephen Henson wrote:</div><br class="Apple-interchange-newline"><blockquote type="cite"><span class="Apple-style-span" style="border-collapse: separate; font-family: Helvetica; font-size: medium; font-style: normal; font-variant: normal; font-weight: normal; letter-spacing: normal; line-height: normal; orphans: 2; text-indent: 0px; text-transform: none; white-space: normal; widows: 2; word-spacing: 0px; -webkit-border-horizontal-spacing: 0px; -webkit-border-vertical-spacing: 0px; -webkit-text-decorations-in-effect: none; -webkit-text-size-adjust: auto; -webkit-text-stroke-width: 0px; "><span class="Apple-style-span" style="font-family: monospace; ">EVP_EncryptInit_ex</span></span></blockquote></div><br></div></body></html><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26261070
Re: Revival of ERR_free_state_table / alt solution
2009-11-08T18:28:14Z
2009-11-08T18:28:14Z
Wim Lewis-3
<br>On Oct 7, 2009, at 8:19 AM, Thomas Harning Jr. wrote:
<div class='shrinkable-quote'><br>> I'm writing a browser and a library that use OpenSSL for cryptography
<br>> support. I want to best be able to fully cleanup state when my
<br>> plugin/library is unloaded, however it seems to me that it's not
<br>> possible to clear out all thread-associated error state since I'm not
<br>> managing the threads accessing my code.
<br>>
<br>> Example:
<br>> Thread A - loads plugin
<br>> Thread B - access plugin code (note: thread-safe)
<br>> plugin code raises OpenSSL error... cleans out error stack
<br>> after reporting
<br>> Thread A - unloads plugin, tries to cleanup OpenSSL
<br>>
<br>> Thread B's actual state is not freed since it is unknown to the plugin
<br>> code whether a given thread is "done" accessing code. In thread A
<br>> during shutdown, it only knows about thread A and the need to clean
<br>> it's state.
</div><br>I may be completely clueless here, but since no one else has replied:
<br>does ERR_remove_thread_state(NULL) (previously ERR_remove_state(0)) do
<br>what you need? You'd need to call it in thread B, and as a result
<br>you'd end up creating and destroying the thread state each time you
<br>get invoked, but...
<br><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26261070&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26261070&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26261079
Re: Memory leaks...
2009-11-08T18:04:20Z
2009-11-08T18:04:20Z
Wim Lewis-3
<br>On Nov 7, 2009, at 2:50 PM, barcaroller wrote:
<br>> I'm getting some memory leaks when I use OpenSSL. I was not able to
<br>> get rid
<br>> of these leaks, even when I use EVP_cleanup() and ERR_free_strings()
<br>> at the
<br>> end of my program.
<br>[....]
<br>>
<br>> ==27769== 24 bytes in 1 blocks are still reachable in loss record
<br>> 2 of 20
<br><br>I'm guessing these are all ENGINEs which were lazily created the first
<br>time they were needed. Notice that they're "still reachable", so
<br>they're not necessarily leaks in the usual sense. Have you tried
<br>calling ENGINE_cleanup()?
<br><br>The apps.h header in the openssl distribution has a macro which uses
<br>this sequence for shutdown:
<br><br> CONF_modules_unload(1);
<br> EVP_cleanup();
<br> ENGINE_cleanup();
<br> CRYPTO_cleanup_all_ex_data();
<br> ERR_remove_state(0);
<br> ERR_free_strings();
<br><br>Other cleanup methods include:
<br><br> OBJ_cleanup();
<br> COMP_zlib_cleanup();
<br> RAND_cleanup();
<br><br>....but I'm rather unclear on which need to be called.
<br><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26261079&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26261079&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26259306
Re: [Q] How to encrypt using DES?
2009-11-08T15:42:55Z
2009-11-08T15:42:55Z
Dr. Stephen Henson
On Sun, Nov 08, 2009, JongAm Park wrote:
<br><br>> Hello. May I ask how to encrypt a key in DES?
<br>>
<br>> According to its MAN page, it says to generate a DES_key_schedule first,
<br>> and do the actual encryption.
<br>>
<br><br>Actually I'd say you're beginning from the wrong place. The low level APIs
<br>like DES shouldn't really be used directly if at all possible. If you start
<br>with the higher level EVP_EncryptInit_ex() API you should find it easier: that
<br>is a common interface to all ciphers.
<br><br>Steve.
<br>--
<br>Dr Stephen N. Henson. OpenSSL project core developer.
<br>Commercial tech support now available see: <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26259306&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26259306&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26259295
about the security of a tipical client/server application.
2009-11-08T15:42:51Z
2009-11-08T15:42:51Z
Kirk81
Hello people,
<br><br>since all of you seem quite familiary with criptography and its tools I would like to ask u something.
<br><br>I'm implementing a server/client application: the client has to collect data and send them to the server in a frame format (unidirectional connection). In any frame, I added a <i>special field</i> for digital signature (I'm not considering a PKI). Actually, I'm using the RSA signature mechanism (<b>hash and sign</b> paradigm) with a RSA-512 bit key and the SHA-256. The reason is that I need some <i>speed</i> and I don't wanna add too many bytes in my frame (with this set-up i'm <i>only</i> adding 64 bytes).
<br>Supposing that I'm sending 1000 messages every day
<br><br>The frame also presents a <i>time field</i> which represents when the frame was formatted and a <i>sample count field</i> which is repeated any second: this should be avoid a replay-attack.
<br><br>The man-in-the-middle attack, the integry and the non-repudation mechanism should be countered by the digital signature.
<br><br>I'm pretty sure that the weakness of all the mechanism is the key-length and I'd like to avoid the brute force attack or the worst birthday attack...so here's my questions.
<br><br>1. For how many days can I use a 512-bit key? Should I worry first about the factorization problem or the fact that my adversary can recover the key from the messages I sent? Can someone explain them with any numerical examples?
<br><br>2. Are there other attacks (or troubles) I should consider?
<br><br>Thanks in advance,
<br><br>Kirk
<br><br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26259099
Re: using Open SSL on MIPS platform
2009-11-08T15:13:02Z
2009-11-08T15:13:02Z
John R Pierce
Akira Amore wrote:
<div class='shrinkable-quote'><br>> Hi,
<br>>
<br>> I'm trying to build rdesktop on a Fedora Core 8 system using
<br>> Tuxbuilder-1.0, targetted for a MIPS embedded system.
<br>>
<br>> The rdesktop build throws the following error:
<br>>
<br>> /usr/include/openssl/opensslconf.h:27:2: error: #error "This
<br>> openssl-devel package does not work your architecture?"
<br>>
<br>> Here are the openssl packages installed on my system:
<br>>
<br>> openssl-0.9.8b-17.fc8
<br>> openssl-devel-0.9.8b-17.fc8
<br>>
<br>> Can someone clue me in on how to proceed?
</div><br><br>I'm not familiar with Tuxbuilder, but if you're cross-compiling,
<br>targetting said embedded MIPS, you shouldn't be linking with the fc8
<br>openssl versions, you would need to build openssl in your MIPS tree
<br>suitable for your target platform.
<br><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26259099&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26259099&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26258972
[Q] How to encrypt using DES?
2009-11-08T15:00:45Z
2009-11-08T15:00:45Z
JongAm Park-4
Hello. May I ask how to encrypt a key in DES?
<br><br>According to its MAN page, it says to generate a DES_key_schedule
<br>first, and do the actual encryption.
<br><br>So, I called functions like this.
<br><br><br>DES_cblock aKey;
<br><br>DES_random_key( &aKey );
<br><br>DES_key_schedule keySchedule;
<br>int result;
<br><br>result = DES_set_key_checked( &aKey, &keySchedule );
<br><br>DES_ecb_encrypt( ?, ?, &keySchedule);
<br><br>So, to encrypt an original string to cyphertext, the 1st parameter
<br>seems to contain the original text.
<br>However, it should be of type DES_cblock or const_DES_cblock. Then is
<br>it same to the "aKey"?
<br>Then how to seed the key, "aKey"?
<br><br>Or if I try this..
<br><br>DES_cblock inputBlock = {
<br> 'E', 'n', 'c', 'o', 'd', 'e', 'M', 'e'
<br> };
<br><br>
<br>DES_cblock outputBlock;
<br>
<br>DES_key_schedule keySchedule;
<br><br>int result;
<br>result = DES_set_key_checked( &inputBlock, &keySchedule );
<br>
<br>DES_ecb_encrypt( &inputBlock, &outputBlock, &keySchedule, DES_ENCRYPT );
<br><br>The result is -1 when the DES_set_key_checked() is called. Should I
<br>use DES_set_key_unchecked()?
<br><br>I would appreciate any help.
<br>I am lost totally!
<br><br>JongAm Park
<br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26258972&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26258972&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26258869
[Q] Tutorial or Explanation how to use OpenSSL library functions?
2009-11-08T14:40:16Z
2009-11-08T14:40:16Z
JongAm Park-4
Hello, I am just a beginner at using OpenSSL library.
<br>I write in C/C++ and Objective-C. After looking up the OpenSSL web
<br>site, I found out that there was no document for studying how to use it.
<br>Is there any good source like sample codes, tutorial and so on?
<br><br>Thank you in advance.
<br>JongAm Park
<br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26258869&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26258869&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26258845
[Q] Where is this DES_check_key flag can be set?
2009-11-08T14:38:32Z
2009-11-08T14:38:32Z
JongAm Park-4
Hello.
<br><br>I tried using OpenSSL library for encrypting a string in DES using
<br>OpenSSL.
<br>However, I found out that it was very difficult to understand what to
<br>do by reading MAN page for the DES portion of the OpenSSL.
<br><br>One thing I can't figure out is :
<br><br> DES_set_key() works like DES_set_key_checked() if the DES_check_key
<br>flag is non-zero, otherwise like DES_set_key_unchecked().
<br><br>How is the DES_check_key flag set? There seems to be no function or
<br>data structure where the DES_check_key flag is supposed to be specified.
<br><br>Thank you.
<br>JongAm Park
<br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26258845&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26258845&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26258663
using Open SSL on MIPS platform
2009-11-08T14:14:35Z
2009-11-08T14:14:35Z
Akira Amore
Hi,<br><br>I'm trying to build rdesktop on a Fedora Core 8 system using Tuxbuilder-1.0, targetted for a MIPS embedded system.<br><br>The rdesktop build throws the following error:<br><br>/usr/include/openssl/opensslconf.h:27:2: error: #error "This openssl-devel package does not work your architecture?"<br>
<br>Here are the openssl packages installed on my system:<br><br>openssl-0.9.8b-17.fc8<br>openssl-devel-0.9.8b-17.fc8<br><br>Can someone clue me in on how to proceed?<br><br>thanks for your help<br><br>Akira
<p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26262698
Stunnel 4.28 released
2009-11-08T12:47:04Z
2009-11-08T12:47:04Z
Michal Trojnara
The ChangeLog entry:
<br><br>Version 4.28, 2009.11.08, urgency: MEDIUM:
<br>* New features
<br> - Win32 DLLs for OpenSSL 0.9.8l.
<br> - Transparent proxy support on Linux kernels >=2.6.28.
<br> See the manual for details.
<br> - New socket options to control TCP keepalive on Linux:
<br> TCP_KEEPCNT, TCP_KEEPIDLE, TCP_KEEPINTVL.
<br> - SSL options updated for the recent version of OpenSSL library.
<br>* Bugfixes
<br> - A serious bug in asynchronous shutdown code fixed.
<br> - Data alignment updated in libwrap.c.
<br> - Polish manual encoding fixed.
<br> - Notes on compression implementation in OpenSSL added to the manual.
<br><br>SHA-1 value for stunnel-4.28.tar.gz:
<br>868cba9ec56ed6a02c8ecfa2a87614b4d433611b
<br><br>Home page: <a href="http://stunnel.mirt.net/" target="_top" rel="nofollow">http://stunnel.mirt.net/</a><br>Download: ftp://stunnel.mirt.net/stunnel/
<br><br>Best regards,
<br> Michal Trojnara
<br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262698&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26262698&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26255500
Re: interface stability
2009-11-08T08:52:43Z
2009-11-08T08:52:43Z
Dr. Stephen Henson
On Sun, Nov 08, 2009, David Woodhouse wrote:
<br><div class='shrinkable-quote'><br>> I'm still trying to understand what this actually means in practice, and
<br>> who the target audience is for the various branches.
<br>>
<br>> Presumably, most of the conservative OS distributions (Solaris,
<br>> "Enterprise" Linux distros, various BSDs) will stick with 0.9.8 for the
<br>> time being.
<br>>
<br>> Those who are more versatile will be updating to 1.0.x -- some of them
<br>> like Fedora are there already, in fact.
<br>>
<br>> So is there really any point in a 0.9.10 release? Who would actually
<br>> want to use that, and what would be in it?
<br>>
<br>> In the meantime, there are people who are trying to get features into
<br>> the codebase that people actually use -- Intel's AES-NI support, IBM's
<br>> AES-GCM/AES-CCM/CMAC, etc.
<br>>
<br>> The normal response from distributions is, quite reasonably, "get it
<br>> into 0.9.8 upstream and then we'll talk". Which is obviously not such a
<br>> realistic proposition any more -- so what happens next?
<br>>
</div><br>The aim of the 0.9.10 release (and the 1.0.1 release) is to allow new features
<br>to be added more quickly than a major release and to reduce the possibility
<br>of introducing problems in a stable release.
<br><br>When we want to add a new feature to OpenSSL in the old scheme it could go
<br>into HEAD and it would become part of the next major release.
<br><br>However major releases only occur every few years and there was a need to be
<br>able to add features more quickly which didn't break binary compatibility.
<br><br>So the idea was to separate the bugfix and "timely new feature" versions.
<br><br>So someone who wishes maximum compatibility and least risk of any problems
<br>would stick with the letter changes.
<br><br>Those who want newer features with small risk issues would go with final
<br>number changes that is 1.0.1, 1.0.2. If there was a need to add such features
<br>to the 0.9.8-stable branch (for example that's the only version which can be
<br>currently used with the FIPS140-2 validated module) it would go into 0.9.10
<br>that may not happen and there may not be a 0.9.10 at all.
<br><br>Finally bleeding edge major changes for developers or users who can live with
<br>possibly unstable and occasionally uncompilable code can stick with the
<br>unstable branch which will be 1.1.0 and later.
<br><br>The various AES features you mentioned would be candidates for 1.0.1.
<br><br>It was hoped that the final or penultimate beta of 1.0.0 would be out by now
<br>but the renegotiation issues have thrown everyones schedules off.
<br><br>Steve.
<br>--
<br>Dr Stephen N. Henson. OpenSSL project core developer.
<br>Commercial tech support now available see: <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>Development Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26255500&i=0" target="_top" rel="nofollow">openssl-dev@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26255500&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---Dev-f980.html" embed="fixTarget[980]" target="_top" >OpenSSL - Dev</a></p>
tag:old.nabble.com,2006:post-26255243
Re: interface stability
2009-11-08T08:25:13Z
2009-11-08T08:25:13Z
David Woodhouse
On Fri, 2009-09-11 at 17:59 +0200, Dr. Stephen Henson wrote:
<div class='shrinkable-quote'><br>> Under the new versioning scheme letter changes will retain binary
<br>> compatibility. They will be bugfix only and no new features will be added.
<br>>
<br>> There wont be a 0.9.9 to avoid confusion with what we used to call "0.9.9"
<br>> which is now 1.0.0. So after 0.9.8 there may be a 0.9.10.
<br>>
<br>> Changes to the last number i.e. 1.0.1 or 0.9.10 will retain backwards
<br>> compatibiity but new features can be added.
<br>>
<br>> The middle number as has been noted wont guarantee binary compatibility,
<br>> however source compatibility will be largely maintained though use of some
<br>> deprecated features may be phased out long term. We only make such releases
<br>> every few years.
</div><br>I'm still trying to understand what this actually means in practice, and
<br>who the target audience is for the various branches.
<br><br>Presumably, most of the conservative OS distributions (Solaris,
<br>"Enterprise" Linux distros, various BSDs) will stick with 0.9.8 for the
<br>time being.
<br><br>Those who are more versatile will be updating to 1.0.x -- some of them
<br>like Fedora are there already, in fact.
<br><br>So is there really any point in a 0.9.10 release? Who would actually
<br>want to use that, and what would be in it?
<br><br>In the meantime, there are people who are trying to get features into
<br>the codebase that people actually use -- Intel's AES-NI support, IBM's
<br>AES-GCM/AES-CCM/CMAC, etc.
<br><br>The normal response from distributions is, quite reasonably, "get it
<br>into 0.9.8 upstream and then we'll talk". Which is obviously not such a
<br>realistic proposition any more -- so what happens next?
<br><br>--
<br>dwmw2
<br><br><br><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>Development Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26255243&i=0" target="_top" rel="nofollow">openssl-dev@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26255243&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---Dev-f980.html" embed="fixTarget[980]" target="_top" >OpenSSL - Dev</a></p>
tag:old.nabble.com,2006:post-26254786
Re: Padding mode for RSA_private_decrypt()...
2009-11-08T07:33:15Z
2009-11-08T07:33:15Z
Mounir IDRASSI
Hi,
<br><br>Which version of SSL/TLS are you talking about?
<br>To my knowledge, SSLV2, SSLV3 and TLS1.0 all use PKCS#1 Block Type 2
<br>padding (in case of SSL V2 rollback, that last eight padding bytes are
<br>not random and are set to 0x03 but this special case is detect at the
<br>protocol level).
<br><br>Cheers,
<br>--
<br>Mounir IDRASSI
<br>IDRIX
<br><a href="http://www.idrix.fr" target="_top" rel="nofollow">http://www.idrix.fr</a><br><br>barcaroller wrote:
<div class='shrinkable-quote'><br>> "Mounir IDRASSI" wrote in message ...
<br>>
<br>>
<br>>> You simply can't guess the padding mode if you don't know it in advance.
<br>>> Imagine the security consequences if this was possible : it would mean
<br>>> that an attacker can have information about the clear text without having
<br>>> access to the private key!!
<br>>>
<br>>
<br>> Okay, but the SSL client uses RSA_public_encrypt() with a padding value that
<br>> is unknown to the SSL server, which uses RSA_private_decrypt() later on.
<br>> How can the SSL server know in advance what padding mode the SSL client is
<br>> going to use?
<br>>
<br>>
<br>>
<br>> ______________________________________________________________________
<br>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>> User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254786&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254786&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br>>
</div><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254786&i=2" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254786&i=3" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26254747
Re: Padding mode for RSA_private_decrypt()...
2009-11-08T07:29:39Z
2009-11-08T07:29:39Z
Michael S. Zick-4
On Sun November 8 2009, barcaroller wrote:
<div class='shrinkable-quote'><br>>
<br>> "Mounir IDRASSI" wrote in message ...
<br>>
<br>> > You simply can't guess the padding mode if you don't know it in advance.
<br>> > Imagine the security consequences if this was possible : it would mean
<br>> > that an attacker can have information about the clear text without having
<br>> > access to the private key!!
<br>>
<br>> Okay, but the SSL client uses RSA_public_encrypt() with a padding value that
<br>> is unknown to the SSL server, which uses RSA_private_decrypt() later on.
<br>> How can the SSL server know in advance what padding mode the SSL client is
<br>> going to use?
<br>>
</div><br>The padding is added to the **plain text**
<br>After decryption, the server can determine the padding present.
<br><br>Mike
<br>>
<br>>
<br>> ______________________________________________________________________
<br>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>> User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254747&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254747&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br>>
<br>>
<br><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254747&i=2" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254747&i=3" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26254362
Re: Padding mode for RSA_private_decrypt()...
2009-11-08T06:41:42Z
2009-11-08T06:41:42Z
barcaroller
<br>"Mounir IDRASSI" wrote in message ...
<br><br>> You simply can't guess the padding mode if you don't know it in advance.
<br>> Imagine the security consequences if this was possible : it would mean
<br>> that an attacker can have information about the clear text without having
<br>> access to the private key!!
<br><br>Okay, but the SSL client uses RSA_public_encrypt() with a padding value that
<br>is unknown to the SSL server, which uses RSA_private_decrypt() later on.
<br>How can the SSL server know in advance what padding mode the SSL client is
<br>going to use?
<br><br><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254362&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254362&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26254415
Bug up in openssl 0.9.8
2009-11-08T06:39:43Z
2009-11-08T06:39:43Z
The Doctor
How does this effect openssl 1+ ?
<br>--
<br>Member - Liberal International This is <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254415&i=0" target="_top" rel="nofollow">doctor@...</a> Ici <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254415&i=1" target="_top" rel="nofollow">doctor@...</a>
<br>God, Queen and country! Never Satan President Republic! Beware AntiChrist rising!
<br><a href="http://twitter.com/rootnl2k" target="_top" rel="nofollow">http://twitter.com/rootnl2k</a> <a href="http://www.myspace.com/502748630" target="_top" rel="nofollow">http://www.myspace.com/502748630</a>
<br>For the latest World News go to <a href="http://www.cuttingedge.org/" target="_top" rel="nofollow">http://www.cuttingedge.org/</a> - Lest we forget 2009 .
<br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>Development Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254415&i=2" target="_top" rel="nofollow">openssl-dev@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254415&i=3" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---Dev-f980.html" embed="fixTarget[980]" target="_top" >OpenSSL - Dev</a></p>
tag:old.nabble.com,2006:post-26254421
Bug up in openssl 0.9.8
2009-11-08T06:39:43Z
2009-11-08T06:39:43Z
The Doctor
How does this effect openssl 1+ ?
<br>--
<br>Member - Liberal International This is <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254421&i=0" target="_top" rel="nofollow">doctor@...</a> Ici <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254421&i=1" target="_top" rel="nofollow">doctor@...</a>
<br>God, Queen and country! Never Satan President Republic! Beware AntiChrist rising!
<br><a href="http://twitter.com/rootnl2k" target="_top" rel="nofollow">http://twitter.com/rootnl2k</a> <a href="http://www.myspace.com/502748630" target="_top" rel="nofollow">http://www.myspace.com/502748630</a>
<br>For the latest World News go to <a href="http://www.cuttingedge.org/" target="_top" rel="nofollow">http://www.cuttingedge.org/</a> - Lest we forget 2009 .
<br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254421&i=2" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254421&i=3" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26254311
Re: CryptoAPI calls failing in rand_win on Windows 7
2009-11-08T06:36:19Z
2009-11-08T06:36:19Z
sandeep kiran p
>RAND_poll runs very quickly with a near-empty heap.<div><br></div><div>Do you mean that the calls to Heap32First, Heap32Next, Heap32ListFirst, Heap32ListNext are failing? Can you check the return values from these calls? (using GetLastError?). In any case, the heap traversals are bounded by the 1 sec limit. Even if the variable "good" is 0, the very first block of heap allocated by the current process is retrieved. Can you exactly specify which CryptoAPI is taking so much time?</div>
<div><br></div><div>-Sandeep<br><br><div class="gmail_quote">On Fri, Nov 6, 2009 at 11:45 AM, James Baker <span dir="ltr"><<a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254311&i=0" target="_top" rel="nofollow">jam@...</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex;">
Background: Testing a Ruby app on 64-bit Windows 7 Ultimate, I found<br>
that OpenSSL::PKey::RSA.generate() was taking 98 seconds. Jumping to<br>
C, sampling showed that the great majority of this time was spent in<br>
Heap32Next, which led me to the "heap list and heap walking" section<br>
of RAND_poll in crypto/rand/rand_win.c<br>
<br>
The heap walking (and thread and module walking) are limited to 1s<br>
unless the variable "good" is set, and advapi32.dll is loaded, which<br>
means that "poll the CryptoAPI PRNG" using the conjunction of<br>
CryptAcquireContextW and CryptGenRandom must be failing.<br>
<br>
The 98 seconds comes from walking the contents of the heap after<br>
loading a Rails environment - RAND_poll runs very quickly with a<br>
near-empty heap. Are the crypo-API calls ever expected to fail under<br>
any Windows platform, or is this the abnormality? I'm not aware of any<br>
changes in Win7 that would break those calls (though I'm investigating<br>
whether something permission/security-related is in play here), but<br>
I'm not aware of much about Win7 in general. I also don't see any<br>
Win7-related changes in the OpenSSL changelog - has this platform been<br>
validated already?<br>
<br>
Thanks,<br>
James<br>
______________________________________________________________________<br>
OpenSSL Project <a href="http://www.openssl.org" target="_blank" rel="nofollow">http://www.openssl.org</a><br>
User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254311&i=1" target="_top" rel="nofollow">openssl-users@...</a><br>
Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26254311&i=2" target="_top" rel="nofollow">majordomo@...</a><br>
</blockquote></div><br></div>
<p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26253818
Re: [CVS] OpenSSL: openssl/ssl/ s3_srvr.c
2009-11-08T05:32:12Z
2009-11-08T05:32:12Z
Dr. Stephen Henson
On Sun, Nov 08, 2009, Ben Laurie wrote:
<br><div class='shrinkable-quote'><br>> Dr. Stephen Henson wrote:
<br>> > OpenSSL CVS Repository
<br>> > <a href="http://cvs.openssl.org/" target="_top" rel="nofollow">http://cvs.openssl.org/</a><br>> > ____________________________________________________________________________
<br>> >
<br>> > Server: cvs.openssl.org Name: Dr. Stephen Henson
<br>> > Root: /v/openssl/cvs Email: <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253818&i=0" target="_top" rel="nofollow">steve@...</a>
<br>> > Module: openssl Date: 07-Nov-2009 23:22:40
<br>> > Branch: HEAD Handle: 2009110722224000
<br>> >
<br>> > Modified files:
<br>> > openssl/ssl s3_srvr.c
<br>> >
<br>> > Log:
<br>> > Ooops, revert committed conflict.
<br>>
<br>> This seems to revert rather more than just a conflict...
<br>>
</div><br>Yes it was "work in progres" which shouldn't have been committed at all in
<br>that form.
<br><br>Steve.
<br>--
<br>Dr Stephen N. Henson. OpenSSL project core developer.
<br>Commercial tech support now available see: <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>Development Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253818&i=1" target="_top" rel="nofollow">openssl-dev@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253818&i=2" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---Dev-f980.html" embed="fixTarget[980]" target="_top" >OpenSSL - Dev</a></p>
tag:old.nabble.com,2006:post-26253534
[openssl.org #2095] BUG: sha1-x86_64: out range of signed 32bit displacement
2009-11-08T04:56:46Z
2009-11-08T04:56:46Z
Arkadiusz Miskiewicz via RT
<br>Building with recent binutils 2.20.51.0.2 cause problems below.
<br><br>This is similar problem as #2094 (with fix included)
<br><br>x86_64-pld-linux-gcc -c -I.. -I../.. -I../../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN -DTERMIO -O2
<br>-fno-strict-aliasing -fwrapv -march=x86-64 -gdwarf-2 -g2 -Wall -DMD32_REG_T=int -DOPENSSL_BN_ASM_MONT -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -
<br>DAES_ASM -Wa,--noexecstack -o sha1-x86_64.o sha1-x86_64.s
<br>sha1-x86_64.s: Assembler messages:
<br>sha1-x86_64.s:602: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:620: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:638: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:656: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:674: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:692: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:710: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:728: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:746: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:764: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:782: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:800: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:818: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:836: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:854: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:872: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:890: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:908: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:926: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:944: Error: 0x8f1bbcdc out range of signed 32bit displacement
<br>sha1-x86_64.s:962: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:977: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:992: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1007: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1022: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1037: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1052: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1067: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1082: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1097: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1112: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1127: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1142: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1157: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1172: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1187: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1202: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1216: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1230: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>sha1-x86_64.s:1244: Error: 0xca62c1d6 out range of signed 32bit displacement
<br>make[2]: *** [sha1-x86_64.o] Error 1
<br><br>--
<br>Arkadiusz Miśkiewicz PLD/Linux Team
<br>arekm / maven.pl <a href="http://ftp.pld-linux.org/" target="_top" rel="nofollow">http://ftp.pld-linux.org/</a><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>Development Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253534&i=0" target="_top" rel="nofollow">openssl-dev@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253534&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---Dev-f980.html" embed="fixTarget[980]" target="_top" >OpenSSL - Dev</a></p>
tag:old.nabble.com,2006:post-26253496
Re: Linking and execution problems with a FIPS-capable OpenSSL distribution
2009-11-08T04:51:45Z
2009-11-08T04:51:45Z
Michael S. Zick-4
Any reason for the double posting?
<br>Wouldn't just one address do?
<br><br>Mike
<br><br>On Fri November 6 2009, Daugherty wrote:
<div class='shrinkable-quote'><br>> Synopsis:
<br>> --------
<br>>
<br>> Linking and execution problems with a FIPS-capable OpenSSL distribution.
<br>>
<br>> System:
<br>> ------
<br>>
<br>> openSUSE 11.0 (i586)
<br>> Linux version 2.6.25.20-0.4-pae
<br>> gcc (SUSE Linux) 4.3.1
<br>> OpenSSL 0.9.8g 19 Oct 2007 (currently installed)
<br>> Includes are in /usr/include/openssl
<br>> Libs are in /usr/lib
<br>>
<br>> Fips/OpenSSL Versions:
<br>> ---------------------
<br>>
<br>> openssl-fips-1.2.tar.gz
<br>> openssl-0.9.8l.tar.gz
<br>>
<br>> Goal of this post:
<br>> -----------------
<br>>
<br>> 1. Additional clarification on the linking process as described in the User Guide and comment as to whether my workarounds are correct and in accordance with the Security Policy.
<br>>
<br>> 2. Help on overcoming the "fingerprint does not match" runtime error.
<br>>
<br>> Description:
<br>> -----------
<br>>
<br>> I have read the UserGuide-1.2.pdf and SecurityPolicy-1.2.pdf numerous times and have also scoured the news groups searching for a solution to my problem.
<br>>
<br>> I am trying to link fipscanister.o and libssl into a shared library, specifically, the ACE_SSL library that is part of the latest ACE distribution from the ACE/TAO group. The User Guide is somewhat vague on whether this can be done. From my understanding, linking fipscanister.o and libssl into a shared library is possible since my shared library is considered an application as defined in the User Guide.
<br>>
<br>> So here is what I am doing...
<br>>
<br>> Per the User Guide, I do the usual after successfully performing the two verification steps:
<br>>
<br>> openssl-fips-1.2 # ./config fipscanisterbuild
<br>> make
<br>> make install
<br>>
<br>> openssl-0.9.8l # ./config fips
<br>> make
<br>> make install
<br>>
<br>> As a non-su user, I modify the environment per the User Guide as follows:
<br>>
<br>> export FIPSLD_CC=gcc
<br>> export CC=/usr/local/ssl/fips/bin/fipsld
<br>> export CXX=/usr/local/ssl/fips/bin/fipsld
<br>>
<br>> I also copied the openssl include directory from /usr/local/ssl/fips/include/openssl to /usr/local/include which will be found by gcc. If I did not do this, gcc would find my existing openssl headers located at /usr/include/openssl.
<br>>
<br>> Finally, I modify my LD_LIBRARY_PATH environment variable to include /usr/local/ssl/fips/lib prior to the /usr/lib include so that ld will find the Fips-capable OpenSSL library.
<br>>
<br>> When I execute the ACE_SSL shared library make, I get the following output and error:
<br>>
<br>> /usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>> /usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>> /usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>> /usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>> /usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>> /usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>> /usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>> /usr/local/ssl/fips/bin/fipsld -Wl,-O3 -D_REENTRANT -DACE_HAS_AIO_CALLS -D_GNU_SOURCE -I/home/linuxbuild/ntsdev/3rdParty/ACE_wrappers_L$
<br>> /usr/local/ssl/fips/bin/fipsld: line 94: /usr/local/ssl/fips/bin/../fips/fips_standalone_sha1: No such file or directory
<br>> 1d0
<br>> < HMAC-SHA1(fips_premain.c)= 9e5ddba185ac446e0cf36fcf8e1b3acffe5d0b2c
<br>> /usr/local/ssl/fips/bin/../lib/fips_premain.c fingerprint mismatch
<br>>
<br>>
<br>> The fips_standalone_sha1 program is located in:
<br>>
<br>> /usr/local/src/openssl-fips-1.2/fips/fips_standalone_sha1
<br>> /usr/local/src/openssl-0.9.8l/fips/fips_standalone_sha1
<br>>
<br>> So, I modified the environment as follows to have access to fips_standalone_sha1:
<br>>
<br>> export FIPSLD_CC=gcc
<br>> export CC=/usr/local/src/openssl-fips-1.2/fips/fipsld
<br>> export CXX=/usr/local/src/openssl-fips-1.2/fips/fipsld
<br>>
<br>> This succeeds in linking the shared library; however, it seems like the fips_standalone_sha1 and other dependent files should have been copied to /usr/local/ssl/fips/fips as the headers, modules, and libraries were. It seems that the User Guide could add some explanation on the various duplicate file copies.
<br>>
<br>> Anyways, I then compile and link my application to the shared library created above using gcc/ld instead of fipsld. I also tried compiling and linking my application with fipsld but it did not make a difference.
<br>>
<br>> When my application runs and calls FIPS_mode_set, I get an error of "fingerprint does not match."
<br>>
<br>> Relevant Environment When Building/Linking the ACE_SSL Shared Library
<br>> with fipscanister.o and libssl:
<br>> ---------------------------------------------------------------------
<br>>
<br>> LD_LIBRARY_PATH =
<br>> :/home/linuxbuild/ntsdev/3rdParty/ACE_wrappers_Linux/lib:/usr/lib/oracle/xe/app/oracle/product/10.2.0\
<br>> /server/lib:/usr/local/ssl/fips/lib:/usr/local/lib:/usr/lib:
<br>> FIPSLD_CC=gcc
<br>> CC=/usr/local/src/openssl-fips-1.2/fips/fipsld
<br>> CXX=/usr/local/src/openssl-fips-1.2/fips/fipsld
<br>>
<br>> Relevant Environment When Building/Linking my Application to the
<br>> ACE_SSL dynamic library:
<br>> ---------------------------------------------------------------------
<br>>
<br>> LD_LIBRARY_PATH =
<br>> :/home/linuxbuild/ntsdev/3rdParty/ACE_wrappers_Linux/lib:/usr/lib/oracle/xe/app/oracle/product/10.2.0\
<br>> /server/lib:/usr/local/ssl/fips/lib:/usr/local/lib:/usr/lib:
<br>> ______________________________________________________________________
<br>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>> User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253496&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253496&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br>>
<br>>
</div><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253496&i=2" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253496&i=3" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26253456
Re: [CVS] OpenSSL: openssl/ssl/ s3_srvr.c
2009-11-08T03:55:10Z
2009-11-08T03:55:10Z
Ben Laurie-2
Dr. Stephen Henson wrote:
<div class='shrinkable-quote'><br>> OpenSSL CVS Repository
<br>> <a href="http://cvs.openssl.org/" target="_top" rel="nofollow">http://cvs.openssl.org/</a><br>> ____________________________________________________________________________
<br>>
<br>> Server: cvs.openssl.org Name: Dr. Stephen Henson
<br>> Root: /v/openssl/cvs Email: <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253456&i=0" target="_top" rel="nofollow">steve@...</a>
<br>> Module: openssl Date: 07-Nov-2009 23:22:40
<br>> Branch: HEAD Handle: 2009110722224000
<br>>
<br>> Modified files:
<br>> openssl/ssl s3_srvr.c
<br>>
<br>> Log:
<br>> Ooops, revert committed conflict.
</div><br>This seems to revert rather more than just a conflict...
<br><div class='shrinkable-quote'><br>>
<br>> Summary:
<br>> Revision Changes Path
<br>> 1.182 +26 -52 openssl/ssl/s3_srvr.c
<br>> ____________________________________________________________________________
<br>>
<br>> patch -p0 <<'@@ .'
<br>> Index: openssl/ssl/s3_srvr.c
<br>> ============================================================================
<br>> $ cvs diff -u -r1.181 -r1.182 s3_srvr.c
<br>> --- openssl/ssl/s3_srvr.c 2 Nov 2009 13:38:22 -0000 1.181
<br>> +++ openssl/ssl/s3_srvr.c 7 Nov 2009 22:22:40 -0000 1.182
<br>> @@ -1679,18 +1679,13 @@
<br>> j=0;
<br>> for (num=2; num > 0; num--)
<br>> {
<br>> - if (!EVP_DigestInit_ex(&md_ctx,(num == 2)
<br>> - ?s->ctx->md5:s->ctx->sha1, NULL)
<br>> - || !EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE)
<br>> - || !EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE)
<br>> - || !EVP_DigestUpdate(&md_ctx,&(d[4]),n)
<br>> - || !EVP_DigestFinal_ex(&md_ctx,q,
<br>> - (unsigned int *)&i))
<br>> - {
<br>> - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_EVP_LIB);
<br>> - goto err;
<br>> - }
<br>> -
<br>> + EVP_DigestInit_ex(&md_ctx,(num == 2)
<br>> + ?s->ctx->md5:s->ctx->sha1, NULL);
<br>> + EVP_DigestUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
<br>> + EVP_DigestUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
<br>> + EVP_DigestUpdate(&md_ctx,&(d[4]),n);
<br>> + EVP_DigestFinal_ex(&md_ctx,q,
<br>> + (unsigned int *)&i);
<br>> q+=i;
<br>> j+=i;
<br>> }
<br>> @@ -1709,14 +1704,14 @@
<br>> if (pkey->type == EVP_PKEY_DSA)
<br>> {
<br>> /* lets do DSS */
<br>> - if (!EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL)
<br>> - || !EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE)
<br>> - || !EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE)
<br>> - || !EVP_SignUpdate(&md_ctx,&(d[4]),n)
<br>> - || !EVP_SignFinal(&md_ctx,&(p[2]),
<br>> + EVP_SignInit_ex(&md_ctx,EVP_dss1(), NULL);
<br>> + EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
<br>> + EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
<br>> + EVP_SignUpdate(&md_ctx,&(d[4]),n);
<br>> + if (!EVP_SignFinal(&md_ctx,&(p[2]),
<br>> (unsigned int *)&i,pkey))
<br>> {
<br>> - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_EVP_LIB);
<br>> + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_DSA);
<br>> goto err;
<br>> }
<br>> s2n(i,p);
<br>> @@ -1728,14 +1723,14 @@
<br>> if (pkey->type == EVP_PKEY_EC)
<br>> {
<br>> /* let's do ECDSA */
<br>> - if (!EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL)
<br>> - || !EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE)
<br>> - || !EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE)
<br>> - || !EVP_SignUpdate(&md_ctx,&(d[4]),n)
<br>> - || !EVP_SignFinal(&md_ctx,&(p[2]),
<br>> - (unsigned int *)&i,pkey))
<br>> + EVP_SignInit_ex(&md_ctx,EVP_ecdsa(), NULL);
<br>> + EVP_SignUpdate(&md_ctx,&(s->s3->client_random[0]),SSL3_RANDOM_SIZE);
<br>> + EVP_SignUpdate(&md_ctx,&(s->s3->server_random[0]),SSL3_RANDOM_SIZE);
<br>> + EVP_SignUpdate(&md_ctx,&(d[4]),n);
<br>> + if (!EVP_SignFinal(&md_ctx,&(p[2]),
<br>> + (unsigned int *)&i,pkey))
<br>> {
<br>> - SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_R_EVP_LIB);
<br>> + SSLerr(SSL_F_SSL3_SEND_SERVER_KEY_EXCHANGE,ERR_LIB_ECDSA);
<br>> goto err;
<br>> }
<br>> s2n(i,p);
<br>> @@ -2974,7 +2969,7 @@
<br>> if (s->state == SSL3_ST_SW_SESSION_TICKET_A)
<br>> {
<br>> unsigned char *p, *senc, *macstart;
<br>> - int len, slen, rv = 0;
<br>> + int len, slen;
<br>> unsigned int hlen;
<br>> EVP_CIPHER_CTX ctx;
<br>> HMAC_CTX hctx;
<br>> @@ -3029,21 +3024,11 @@
<br>> else
<br>> {
<br>> RAND_pseudo_bytes(iv, 16);
<br>> -<<<<<<< s3_srvr.c
<br>> - if (!EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
<br>> - s->ctx->tlsext_tick_aes_key, iv))
<br>> - goto evp_err;
<br>> - if (!HMAC_Init_ex(&hctx, s->ctx->tlsext_tick_hmac_key,
<br>> - 16, tlsext_tick_md(), NULL))
<br>> - goto evp_err;
<br>> - memcpy(key_name, s->ctx->tlsext_tick_key_name, 16);
<br>> -=======
<br>> EVP_EncryptInit_ex(&ctx, EVP_aes_128_cbc(), NULL,
<br>> tctx->tlsext_tick_aes_key, iv);
<br>> HMAC_Init_ex(&hctx, tctx->tlsext_tick_hmac_key, 16,
<br>> tlsext_tick_md(), NULL);
<br>> memcpy(key_name, tctx->tlsext_tick_key_name, 16);
<br>> ->>>>>>> 1.180
<br>> }
<br>> l2n(s->session->tlsext_tick_lifetime_hint, p);
<br>> /* Skip ticket length for now */
<br>> @@ -3056,26 +3041,15 @@
<br>> memcpy(p, iv, EVP_CIPHER_CTX_iv_length(&ctx));
<br>> p += EVP_CIPHER_CTX_iv_length(&ctx);
<br>> /* Encrypt session data */
<br>> - if (!EVP_EncryptUpdate(&ctx, p, &len, senc, slen))
<br>> - goto evp_err;
<br>> + EVP_EncryptUpdate(&ctx, p, &len, senc, slen);
<br>> p += len;
<br>> - if (!EVP_EncryptFinal(&ctx, p, &len))
<br>> - goto evp_err;
<br>> + EVP_EncryptFinal(&ctx, p, &len);
<br>> p += len;
<br>> -
<br>> - if (!HMAC_Update(&hctx, macstart, p - macstart))
<br>> - goto evp_err;
<br>> -
<br>> - if (!HMAC_Final(&hctx, p, &hlen))
<br>> - goto evp_err;
<br>> -
<br>> - rv = 1;
<br>> -
<br>> - evp_err:
<br>> EVP_CIPHER_CTX_cleanup(&ctx);
<br>> +
<br>> + HMAC_Update(&hctx, macstart, p - macstart);
<br>> + HMAC_Final(&hctx, p, &hlen);
<br>> HMAC_CTX_cleanup(&hctx);
<br>> - if (!rv)
<br>> - return -1;
<br>>
<br>> p += hlen;
<br>> /* Now write out lengths: p points to end of data written */
<br>> @@ .
<br>> ______________________________________________________________________
<br>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>> CVS Repository Commit List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253456&i=1" target="_top" rel="nofollow">openssl-cvs@...</a>
<br>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253456&i=2" target="_top" rel="nofollow">majordomo@...</a>
<br>>
<br>>
</div><br><br>--
<br><a href="http://www.apache-ssl.org/ben.html" target="_top" rel="nofollow">http://www.apache-ssl.org/ben.html</a> <a href="http://www.links.org/" target="_top" rel="nofollow">http://www.links.org/</a><br><br>"There is no limit to what a man can do or how far he can go if he
<br>doesn't mind who gets the credit." - Robert Woodruff
<br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>Development Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253456&i=3" target="_top" rel="nofollow">openssl-dev@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26253456&i=4" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---Dev-f980.html" embed="fixTarget[980]" target="_top" >OpenSSL - Dev</a></p>
tag:old.nabble.com,2006:post-26250005
Re: Padding mode for RSA_private_decrypt()...
2009-11-07T16:41:49Z
2009-11-07T16:41:49Z
Mounir IDRASSI
Hi,
<br><br>You simply can't guess the padding mode if you don't know it in advance.
<br>Imagine the security consequences if this was possible : it would mean
<br>that an attacker can have information about the clear text without
<br>having access to the private key!!
<br><br>Cheers,
<br>--
<br>Mounir IDRASSI
<br>IDRIX
<br><a href="http://www.idrix.fr" target="_top" rel="nofollow">http://www.idrix.fr</a><br><br>barcaroller wrote:
<div class='shrinkable-quote'><br>> How can I tell what the padding mode was before I attempt to decrypt data.
<br>> For example, when I use
<br>>
<br>> RSA_private_decrypt(encsize,
<br>> encdata,
<br>> decdata,
<br>> privkey,
<br>> RSA_PKCS1_PADDING)
<br>>
<br>>
<br>> I sometimes (but not always) get the following error:
<br>>
<br>> error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is
<br>> not 02
<br>>
<br>>
<br>>
<br>> ______________________________________________________________________
<br>> OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>> User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26250005&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>> Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26250005&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br>>
</div><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26250005&i=2" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26250005&i=3" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26249417
Memory leaks...
2009-11-07T14:50:57Z
2009-11-07T14:50:57Z
barcaroller
<br>I'm getting some memory leaks when I use OpenSSL. I was not able to get rid
<br>of these leaks, even when I use EVP_cleanup() and ERR_free_strings() at the
<br>end of my program.
<br><br><br>Memory Leak 1. PEM_read_PrivateKey()
<br>=====================================
<br><br> EVP_PKEY* key = PEM_read_PrivateKey(fp, NULL, 0, NULL);
<br> ...
<br> EVP_PKEY_free(key);
<br><br> Valgrind reports:
<br><br> ==27769== 24 bytes in 1 blocks are still reachable in loss record 2 of
<br>20
<br> ==27769== at 0x4A05809: malloc (vg_replace_malloc.c:149)
<br> ==27769== by 0x3C3C6DAD41: CRYPTO_malloc (in
<br>/lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C65B565: (within /lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C65B98A: (within /lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C66F9B3: RSA_new_method (in
<br>/lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C66F33C: (within /lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C692EA4: (within /lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C696004: ASN1_item_ex_d2i (in
<br>/lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C6960F3: ASN1_item_d2i (in
<br>/lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C68FC0C: d2i_PrivateKey (in
<br>/lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C6A10B9: PEM_read_bio_PrivateKey (in
<br>/lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C6A1300: PEM_read_PrivateKey (in
<br>/lib64/libcrypto.so.0.9.8e)
<br><br><br>Memory Leak 2. SSL_library_init()
<br>=================================
<br><br> Valgrind reports:
<br><br> ==27769== 24 bytes in 1 blocks are still reachable in loss record 6 of
<br>20
<br> ==27769== at 0x4A05809: malloc (vg_replace_malloc.c:149)
<br> ==27769== by 0x3C3C6DAD41: CRYPTO_malloc (in
<br>/lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C65B565: (within /lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C65BB3B: (within /lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3C6BFBFA: COMP_zlib (in /lib64/libcrypto.so.0.9.8e)
<br> ==27769== by 0x3C3CA31D7F: (within /lib64/libssl.so.0.9.8e)
<br> ==27769== by 0x3C3CA31F48: SSL_COMP_get_compression_methods (in
<br>/lib64/libssl.so.0.9.8e)
<br> ==27769== by 0x3C3CA37784: SSL_library_init (in
<br>/lib64/libssl.so.0.9.8e)
<br><br><br>Memory Leak 3. HMAC_Init()
<br>==========================
<br><br> HMAC_CTX hm;
<br><br> HMAC_Init(&hm, ...);
<br> HMAC_Update(&hm, ...);
<br> HMAC_Final(&hm, ...);
<br> ...
<br> HMAC_cleanup(&hm);
<br><br><br> Valgrind reports:
<br><br> ==31996== at 0x4A05809: malloc (vg_replace_malloc.c:149)
<br> ==31996== by 0x3C3C6DAD41: CRYPTO_malloc (in
<br>/lib64/libcrypto.so.0.9.8e)
<br> ==31996== by 0x3C3C6D8A1D: EVP_DigestInit_ex (in
<br>/lib64/libcrypto.so.0.9.8e)
<br> ==31996== by 0x3C3C6EB36B: HMAC_Init_ex (in
<br>/lib64/libcrypto.so.0.9.8e)
<br><br><br><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26249417&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26249417&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26249410
Padding mode for RSA_private_decrypt()...
2009-11-07T14:11:09Z
2009-11-07T14:11:09Z
barcaroller
<br>How can I tell what the padding mode was before I attempt to decrypt data.
<br>For example, when I use
<br><br> RSA_private_decrypt(encsize,
<br> encdata,
<br> decdata,
<br> privkey,
<br> RSA_PKCS1_PADDING)
<br><br><br>I sometimes (but not always) get the following error:
<br><br> error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is
<br>not 02
<br><br><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26249410&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26249410&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26247321
Re: Searching the "true" about multithreading
2009-11-07T10:23:39Z
2009-11-07T10:23:39Z
Sebastián Treu
Hi David,
<br><br>On Sat, Nov 7, 2009 at 2:35 PM, David Schwartz <<a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26247321&i=0" target="_top" rel="nofollow">davids@...</a>> wrote:
<div class='shrinkable-quote'><br>>
<br>> Sebastián Treu wrote:
<br>>
<br>>> The main idea was avoid polling in an infinite loop consuming CPU
<br>>> resources. I wrote that code thinking in: "If the particular client
<br>>> socket is calling our (thread) attention then fetchs the data". I
<br>>> thought on that approach as I don't know another for non-blocking IO
<br>>> without a poll cycle. If I loop forever on the SSL_read() function,
<br>>> CPU will be kept busy on that job so I thought in a way of not having
<br>>> to do so. Instead, something should "inform" that on that socket is
<br>>> data ready to be read.
<br>>
<br>> Right, but your code call 'select' even if it doesn't need to read data from
<br>> the socket.
<br>>
<br>>> Mmmh...I can't see how to do it without select(). The main important
<br>>> thing here is that this thread is attending only 1 client. Maybe it's
<br>>> confusing because "why use select() then if you are polling always on
<br>>> the same IO socket?". Answer: I don't know if there is another system
<br>>> call to block until a file descriptor is ready to be read.
<br>>
<br>> You totally missed my point. You are correct that you need to block
<br>> somewhere, you are simply blocking in the wrong place for the wrong reason.
<br>> The only reason you should ever block using 'select' on an SSL connection is
<br>> because the SSL state machine cannot make forward progress until the socket
<br>> is ready. But you call 'select' without knowing this.
<br>>
<br>>> Then, if I read first with SSL_read() on non-blocking IO, every time
<br>>> the client isn't writting or sending anything, the server is using and
<br>>> wasting cpu cycles. Without the select() approach and with a maximun
<br>>> of 32 clients my cpu usage went to 200% ( 100 per core). With the
<br>>> select() approach the cpu usage is relative to the clients
<br>>> reading/writting actions.
<br>>
<br>> What? How does calling SSL_read *first* waste CPU cycles? You *cannot* call
<br>> 'select' until you *know* that you need to call 'select'. The data the SSL
<br>> state machine needs to make forward progress may already have been read.
<br>>
<br>>> I believe you are more experienced developer than me (in fact, i'm not
<br>>> what you can call A developer) and if not much to ask, how do you
<br>>> solve this kind of problem? (without removing the roots of the
<br>>> multithreaded server design) I mean, how can you block execution
<br>>> waiting for a "noise" on the file descriptor to take some action
<br>>> without using select()?
<br>>
<br>> I guess I wasn't clear. The problem is not that you are calling 'select' at
<br>> all, the problem is that you are calling 'select' even when you have
<br>> absolutely no reason to do so.
<br>>
<br>> Call SSL_read. If you make forward progress, great. If you make no forward
<br>> progress, the SSL state machine will tell you why. If, for example, it
<br>> returns a 'WANT_READ' indication, then you know that the SSL state machine
<br>> cannot make forward progress unless it reads from the socket. Then, and only
<br>> then, does it make sense to call 'select'.
<br>>
<br>> Again, you *MUST* get this idea out of your head:
<br>> "Read data from socket, decrypt it, pass it to application."
<br>> That is *NOT* what SSL_read does. SSL_read is *NOT* a decryption function.
<br>> It is an entry point into a state machine that can do all kinds of things,
<br>> including reading from the socket.
<br>>
<br>> Here's where your code blows up horribly:
<br>>
<br>> 1) You call SSL_write. A renegotiation is in progress, so it reads data from
<br>> the socket to see if it can complete the renegotiation. It gets the data
<br>> needed to complete the renegotiation and some encrypted application data. It
<br>> sends the encrypted data you asked it to, and returns success.
<br>>
<br>> 2) You enter your broken read function and call 'select', but the data has
<br>> already arrived and been read (in step 1). You deadlock waiting forever for
<br>> data that is already here.
<br>>
<br>> Do you see? You cannot call 'select' unless you know for a fact that the SSL
<br>> state machine needs to read from the socket. Otherwise you could be waiting
<br>> for something that already happened or is not supposed to happen.
<br>>
<br>> Do not "look through" the SSL state machine. Let it do its job.
<br>>
<br>> DS
<br>>
</div><br>Get it. Excellent explanation. I didn't knew that thing about the
<br>state machine. Thanks,
<br><br>Regards,
<br>--
<br>If you want freedom, compile the source. Get gentoo.
<br><br>Sebastián Treu
<br><a href="http://labombiya.com.ar" target="_top" rel="nofollow">http://labombiya.com.ar</a><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26247321&i=1" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26247321&i=2" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26246890
RE: Searching the "true" about multithreading
2009-11-07T09:35:35Z
2009-11-07T09:35:35Z
David Schwartz
<br>Sebastián Treu wrote:
<br><br>> The main idea was avoid polling in an infinite loop consuming CPU
<br>> resources. I wrote that code thinking in: "If the particular client
<br>> socket is calling our (thread) attention then fetchs the data". I
<br>> thought on that approach as I don't know another for non-blocking IO
<br>> without a poll cycle. If I loop forever on the SSL_read() function,
<br>> CPU will be kept busy on that job so I thought in a way of not having
<br>> to do so. Instead, something should "inform" that on that socket is
<br>> data ready to be read.
<br><br>Right, but your code call 'select' even if it doesn't need to read data from
<br>the socket.
<br>
<br>> Mmmh...I can't see how to do it without select(). The main important
<br>> thing here is that this thread is attending only 1 client. Maybe it's
<br>> confusing because "why use select() then if you are polling always on
<br>> the same IO socket?". Answer: I don't know if there is another system
<br>> call to block until a file descriptor is ready to be read.
<br><br>You totally missed my point. You are correct that you need to block
<br>somewhere, you are simply blocking in the wrong place for the wrong reason.
<br>The only reason you should ever block using 'select' on an SSL connection is
<br>because the SSL state machine cannot make forward progress until the socket
<br>is ready. But you call 'select' without knowing this.
<br>
<br>> Then, if I read first with SSL_read() on non-blocking IO, every time
<br>> the client isn't writting or sending anything, the server is using and
<br>> wasting cpu cycles. Without the select() approach and with a maximun
<br>> of 32 clients my cpu usage went to 200% ( 100 per core). With the
<br>> select() approach the cpu usage is relative to the clients
<br>> reading/writting actions.
<br><br>What? How does calling SSL_read *first* waste CPU cycles? You *cannot* call
<br>'select' until you *know* that you need to call 'select'. The data the SSL
<br>state machine needs to make forward progress may already have been read.
<br>
<br>> I believe you are more experienced developer than me (in fact, i'm not
<br>> what you can call A developer) and if not much to ask, how do you
<br>> solve this kind of problem? (without removing the roots of the
<br>> multithreaded server design) I mean, how can you block execution
<br>> waiting for a "noise" on the file descriptor to take some action
<br>> without using select()?
<br><br>I guess I wasn't clear. The problem is not that you are calling 'select' at
<br>all, the problem is that you are calling 'select' even when you have
<br>absolutely no reason to do so.
<br><br>Call SSL_read. If you make forward progress, great. If you make no forward
<br>progress, the SSL state machine will tell you why. If, for example, it
<br>returns a 'WANT_READ' indication, then you know that the SSL state machine
<br>cannot make forward progress unless it reads from the socket. Then, and only
<br>then, does it make sense to call 'select'.
<br><br>Again, you *MUST* get this idea out of your head:
<br>"Read data from socket, decrypt it, pass it to application."
<br>That is *NOT* what SSL_read does. SSL_read is *NOT* a decryption function.
<br>It is an entry point into a state machine that can do all kinds of things,
<br>including reading from the socket.
<br><br>Here's where your code blows up horribly:
<br><br>1) You call SSL_write. A renegotiation is in progress, so it reads data from
<br>the socket to see if it can complete the renegotiation. It gets the data
<br>needed to complete the renegotiation and some encrypted application data. It
<br>sends the encrypted data you asked it to, and returns success.
<br><br>2) You enter your broken read function and call 'select', but the data has
<br>already arrived and been read (in step 1). You deadlock waiting forever for
<br>data that is already here.
<br><br>Do you see? You cannot call 'select' unless you know for a fact that the SSL
<br>state machine needs to read from the socket. Otherwise you could be waiting
<br>for something that already happened or is not supposed to happen.
<br><br>Do not "look through" the SSL state machine. Let it do its job.
<br>
<br>DS
<br><br><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26246890&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26246890&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26246578
Re: Searching the "true" about multithreading
2009-11-07T08:59:18Z
2009-11-07T08:59:18Z
Sebastián Treu
On Sat, Nov 7, 2009 at 12:47 PM, David Schwartz <<a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26246578&i=0" target="_top" rel="nofollow">davids@...</a>> wrote:
<div class='shrinkable-quote'><br>> Your logic is backwards here. You are trying to decide whether or not to
<br>> read data on the decrypted output link, so why are you 'select'ing on the
<br>> encrypted input link?
<br>>
<br>> SSL is a state machine, not a filter. The implementation of SSL_read is
<br>> *NOT*:
<br>> 1) Read some data from the socket.
<br>> 2) If we got any data, decrypt it.
<br>> 3) Return the data we read.
<br>>
<br>> It is:
<br>> 1) Try to make forward progress, doing any reads and writes as necessary.
<br>> 2) If this resulted in any decrypted data, return it.
<br>> 3) If not, tell the caller why.
<br>>
<br>> As a result, you can only 'select' *after* calling SSL_read, never before.
<br>> And you cannot assume that you will be selecting in the read direction,
<br>> because either can be necessary.
<br>>
<br>> DS
</div><br>Hi David,
<br><br>The main idea was avoid polling in an infinite loop consuming CPU
<br>resources. I wrote that code thinking in: "If the particular client
<br>socket is calling our (thread) attention then fetchs the data". I
<br>thought on that approach as I don't know another for non-blocking IO
<br>without a poll cycle. If I loop forever on the SSL_read() function,
<br>CPU will be kept busy on that job so I thought in a way of not having
<br>to do so. Instead, something should "inform" that on that socket is
<br>data ready to be read.
<br><br>Mmmh...I can't see how to do it without select(). The main important
<br>thing here is that this thread is attending only 1 client. Maybe it's
<br>confusing because "why use select() then if you are polling always on
<br>the same IO socket?". Answer: I don't know if there is another system
<br>call to block until a file descriptor is ready to be read.
<br><br>That part of code is threaded, and althought you are right on saying:
<br>"why a server should have 1,000 threads when you have 1,000
<br>connections", the particular use of this application will be a
<br>very-connection-limited server. For example, saying 20 clients is a
<br>huge number of connections. The numbers of threads are limited as the
<br>number of connections.
<br><br>Then, if I read first with SSL_read() on non-blocking IO, every time
<br>the client isn't writting or sending anything, the server is using and
<br>wasting cpu cycles. Without the select() approach and with a maximun
<br>of 32 clients my cpu usage went to 200% ( 100 per core). With the
<br>select() approach the cpu usage is relative to the clients
<br>reading/writting actions.
<br><br>I believe you are more experienced developer than me (in fact, i'm not
<br>what you can call A developer) and if not much to ask, how do you
<br>solve this kind of problem? (without removing the roots of the
<br>multithreaded server design) I mean, how can you block execution
<br>waiting for a "noise" on the file descriptor to take some action
<br>without using select()?
<br><br>I really appreciatte your concern on letting me know my errors and
<br>sorry if this invalidate the main topic thread,
<br>Regards
<br>--
<br>If you want freedom, compile the source. Get gentoo.
<br><br>Sebastián Treu
<br><a href="http://labombiya.com.ar" target="_top" rel="nofollow">http://labombiya.com.ar</a><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26246578&i=1" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26246578&i=2" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26245966
RE: Searching the "true" about multithreading
2009-11-07T07:47:18Z
2009-11-07T07:47:18Z
David Schwartz
Sebastián Treu wrote:
<br><div class='shrinkable-quote'><br>> I used a select() thread with non-blocking IO just to no keep the cpu
<br>> busy in a infinite loop. Kind of:
<br>>
<br>> while( alive && CONTINUE )
<br>> {
<br>> /* The main client attendance */
<br>>
<br>> copy = master;
<br>> if ( select(client->fd+1, ©, NULL,NULL,NULL) == -1)
<br>> printf("<thread %d>:[ERR]:\tSelect fail\n",tid);
<br>> else
<br>> {
<br>> if ( FD_ISSET(client->fd, ©) )
<br>> {
<br>> /* read from the secure connection gaining exclusive
<br>> access */
<br>> /* to the client ssl structure. The 'sender thread' could
<br>> */
<br>> /* access this structure coliding with the 'err' value
<br>> and */
<br>> /* starting a catastrophe.
<br>> */
<br>> pthread_mutex_lock(&client->mutex[SSL_MUTEX]);
<br>> nbytes = SSL_read(client->ssl, client->buffer,
<br>> chunk_size);
<br>> err = SSL_get_error(client->ssl, nbytes);
<br>> pthread_mutex_unlock(&client->mutex[SSL_MUTEX]);
<br>>
<br>> You can check the hole threaded server in earlier development here:
<br>>
<br>> <a href="http://code.google.com/p/tellapic/source/browse/trunk/server.c" target="_top" rel="nofollow">http://code.google.com/p/tellapic/source/browse/trunk/server.c</a></div><br>Your logic is backwards here. You are trying to decide whether or not to
<br>read data on the decrypted output link, so why are you 'select'ing on the
<br>encrypted input link?
<br><br>SSL is a state machine, not a filter. The implementation of SSL_read is
<br>*NOT*:
<br>1) Read some data from the socket.
<br>2) If we got any data, decrypt it.
<br>3) Return the data we read.
<br><br>It is:
<br>1) Try to make forward progress, doing any reads and writes as necessary.
<br>2) If this resulted in any decrypted data, return it.
<br>3) If not, tell the caller why.
<br><br>As a result, you can only 'select' *after* calling SSL_read, never before.
<br>And you cannot assume that you will be selecting in the read direction,
<br>because either can be necessary.
<br><br>DS
<br><br><br><br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26245966&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26245966&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>
tag:old.nabble.com,2006:post-26244711
Linking and execution problems with a FIPS-capable OpenSSL distribution
2009-11-07T05:16:01Z
2009-11-07T05:16:01Z
Daugherty-5
Synopsis:
<br>--------
<br><br>Linking and execution problems with a FIPS-capable OpenSSL distribution.
<br><br>System:
<br>------
<br><br>openSUSE 11.0 (i586)
<br>Linux version 2.6.25.20-0.4-pae
<br>gcc (SUSE Linux) 4.3.1
<br>OpenSSL 0.9.8g 19 Oct 2007 (currently installed)
<br> Includes are in /usr/include/openssl
<br> Libs are in /usr/lib
<br><br>Fips/OpenSSL Versions:
<br>---------------------
<br><br>openssl-fips-1.2.tar.gz
<br>openssl-0.9.8l.tar.gz
<br><br>Goal of this post:
<br>-----------------
<br><br>1. Additional clarification on the linking process as described in the User Guide and comment as to whether my workarounds are correct and in accordance with the Security Policy.
<br><br>2. Help on overcoming the "fingerprint does not match" runtime error.
<br><br>Description:
<br>-----------
<br><br>I have read the UserGuide-1.2.pdf and SecurityPolicy-1.2.pdf numerous times and have also scoured the news groups searching for a solution to my problem.
<br><br>I am trying to link fipscanister.o and libssl into a shared library, specifically, the ACE_SSL library that is part of the latest ACE distribution from the ACE/TAO group. The User Guide is somewhat vague on whether this can be done. From my understanding, linking fipscanister.o and libssl into a shared library is possible since my shared library is considered an application as defined in the User Guide.
<br><br>So here is what I am doing...
<br><br>Per the User Guide, I do the usual after successfully performing the two verification steps:
<br><br>openssl-fips-1.2 # ./config fipscanisterbuild
<br>make
<br>make install
<br><br>openssl-0.9.8l # ./config fips
<br>make
<br>make install
<br><br>As a non-su user, I modify the environment per the User Guide as follows:
<br><br>export FIPSLD_CC=gcc
<br>export CC=/usr/local/ssl/fips/bin/fipsld
<br>export CXX=/usr/local/ssl/fips/bin/fipsld
<br><br>I also copied the openssl include directory from /usr/local/ssl/fips/include/openssl to /usr/local/include which will be found by gcc. If I did not do this, gcc would find my existing openssl headers located at /usr/include/openssl.
<br><br>Finally, I modify my LD_LIBRARY_PATH environment variable to include /usr/local/ssl/fips/lib prior to the /usr/lib include so that ld will find the Fips-capable OpenSSL library.
<br><br>When I execute the ACE_SSL shared library make, I get the following output and error:
<br><br>/usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>/usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>/usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>/usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>/usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>/usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>/usr/local/ssl/fips/bin/fipsld -fvisibility=hidden -fvisibility-inlines-hidden -W -Wall -Wpointer-arith -O3 -ggdb -pipe -D_REENTRANT -DA$
<br>/usr/local/ssl/fips/bin/fipsld -Wl,-O3 -D_REENTRANT -DACE_HAS_AIO_CALLS -D_GNU_SOURCE -I/home/linuxbuild/ntsdev/3rdParty/ACE_wrappers_L$
<br>/usr/local/ssl/fips/bin/fipsld: line 94: /usr/local/ssl/fips/bin/../fips/fips_standalone_sha1: No such file or directory
<br>1d0
<br>< HMAC-SHA1(fips_premain.c)= 9e5ddba185ac446e0cf36fcf8e1b3acffe5d0b2c
<br>/usr/local/ssl/fips/bin/../lib/fips_premain.c fingerprint mismatch
<br><br><br>The fips_standalone_sha1 program is located in:
<br><br>/usr/local/src/openssl-fips-1.2/fips/fips_standalone_sha1
<br>/usr/local/src/openssl-0.9.8l/fips/fips_standalone_sha1
<br>
<br>So, I modified the environment as follows to have access to fips_standalone_sha1:
<br><br>export FIPSLD_CC=gcc
<br>export CC=/usr/local/src/openssl-fips-1.2/fips/fipsld
<br>export CXX=/usr/local/src/openssl-fips-1.2/fips/fipsld
<br><br>This succeeds in linking the shared library; however, it seems like the fips_standalone_sha1 and other dependent files should have been copied to /usr/local/ssl/fips/fips as the headers, modules, and libraries were. It seems that the User Guide could add some explanation on the various duplicate file copies.
<br><br>Anyways, I then compile and link my application to the shared library created above using gcc/ld instead of fipsld. I also tried compiling and linking my application with fipsld but it did not make a difference.
<br><br>When my application runs and calls FIPS_mode_set, I get an error of "fingerprint does not match."
<br><br>Relevant Environment When Building/Linking the ACE_SSL Shared Library
<br>with fipscanister.o and libssl:
<br>---------------------------------------------------------------------
<br><br>LD_LIBRARY_PATH =
<br>:/home/linuxbuild/ntsdev/3rdParty/ACE_wrappers_Linux/lib:/usr/lib/oracle/xe/app/oracle/product/10.2.0\
<br>/server/lib:/usr/local/ssl/fips/lib:/usr/local/lib:/usr/lib:
<br>FIPSLD_CC=gcc
<br>CC=/usr/local/src/openssl-fips-1.2/fips/fipsld
<br>CXX=/usr/local/src/openssl-fips-1.2/fips/fipsld
<br><br>Relevant Environment When Building/Linking my Application to the
<br>ACE_SSL dynamic library:
<br>---------------------------------------------------------------------
<br><br>LD_LIBRARY_PATH =
<br>:/home/linuxbuild/ntsdev/3rdParty/ACE_wrappers_Linux/lib:/usr/lib/oracle/xe/app/oracle/product/10.2.0\
<br>/server/lib:/usr/local/ssl/fips/lib:/usr/local/lib:/usr/lib:
<br>______________________________________________________________________
<br>OpenSSL Project <a href="http://www.openssl.org" target="_top" rel="nofollow">http://www.openssl.org</a><br>User Support Mailing List <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26244711&i=0" target="_top" rel="nofollow">openssl-users@...</a>
<br>Automated List Manager <a href="http://old.nabble.com/user/SendEmail.jtp?type=post&post=26244711&i=1" target="_top" rel="nofollow">majordomo@...</a>
<br><p>From forum: <a href="http://old.nabble.com/OpenSSL---User-f981.html" embed="fixTarget[981]" target="_top" >OpenSSL - User</a></p>