From kent at nimblestorage.com Sat Oct 1 01:49:38 2016 From: kent at nimblestorage.com (Kent Peacock) Date: Fri, 30 Sep 2016 18:49:38 -0700 Subject: Change EVP_aes_xxx_wrap to use FIPS crypto module in FIPS mode Message-ID: <57EF1632.7000705@nimblestorage.com> The FIPS certified 2.0.x crypto module does not incorporate the key wrap modes within the module boundary, and calls the local AES_{encrypt,decrypt} functions (which is, strictly speaking, a no-no). So, it's not using FIPS validated crypto. This patch provides a modification to use the appropriate underlying FIPS EVP_aes_..._ecb APIs which use the FIPS module to do the actual block-at-a-time encryption/decryption. Kent -------------- next part -------------- --- crypto/evp/e_aes.c.orig 2016-09-30 16:35:00.973857408 -0700 +++ crypto/evp/e_aes.c 2016-09-30 16:34:20.579119933 -0700 @@ -1920,10 +1920,7 @@ EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS) #endif typedef struct { - union { - double align; - AES_KEY ks; - } ks; + EVP_CIPHER_CTX aes_ctx; /* Indicates if IV has been set */ unsigned char *iv; } EVP_AES_WRAP_CTX; @@ -1935,10 +1932,22 @@ if (!iv && !key) return 1; if (key) { - if (ctx->encrypt) - AES_set_encrypt_key(key, ctx->key_len * 8, &wctx->ks.ks); - else - AES_set_decrypt_key(key, ctx->key_len * 8, &wctx->ks.ks); + const EVP_CIPHER *cipher; + switch (ctx->key_len * 8) { + case 128: + cipher = EVP_aes_128_ecb(); + break; + case 192: + cipher = EVP_aes_192_ecb(); + break; + case 256: + cipher = EVP_aes_256_ecb(); + break; + default: + return 0; + } + EVP_CipherInit(&wctx->aes_ctx, cipher, key, NULL, ctx->encrypt); + EVP_CIPHER_CTX_set_padding(&wctx->aes_ctx, 0); if (!iv) wctx->iv = NULL; } @@ -1949,6 +1958,20 @@ return 1; } +static block128_f +aes_wrap_encrypt(const unsigned char *in, unsigned char *out, const void *key) +{ + int outlen; + return EVP_EncryptUpdate(key, out, &outlen, in, 16); +} + +static block128_f +aes_wrap_decrypt(const unsigned char *in, unsigned char *out, const void *key) +{ + int outlen; + return EVP_DecryptUpdate(key, out, &outlen, in, 16); +} + static int aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inlen) { @@ -1969,14 +1992,27 @@ return inlen - 8; } if (ctx->encrypt) - rv = CRYPTO_128_wrap(&wctx->ks.ks, wctx->iv, out, in, inlen, - (block128_f) AES_encrypt); + rv = CRYPTO_128_wrap(&wctx->aes_ctx, wctx->iv, out, in, inlen, + (block128_f) aes_wrap_encrypt); else - rv = CRYPTO_128_unwrap(&wctx->ks.ks, wctx->iv, out, in, inlen, - (block128_f) AES_decrypt); + rv = CRYPTO_128_unwrap(&wctx->aes_ctx, wctx->iv, out, in, inlen, + (block128_f) aes_wrap_decrypt); return rv ? (int)rv : -1; } +static int aes_wrap_cleanup(EVP_CIPHER_CTX *c) +{ + EVP_AES_WRAP_CTX *wctx = c->cipher_data; + + if (wctx) { + EVP_CIPHER_CTX_cleanup(&wctx->aes_ctx); + OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); + OPENSSL_free(c->cipher_data); + } + memset(c, 0, sizeof(EVP_CIPHER_CTX)); + return 1; +} + #define WRAP_FLAGS (EVP_CIPH_WRAP_MODE \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) @@ -1985,7 +2021,7 @@ NID_id_aes128_wrap, 8, 16, 8, WRAP_FLAGS, aes_wrap_init_key, aes_wrap_cipher, - NULL, + aes_wrap_cleanup, sizeof(EVP_AES_WRAP_CTX), NULL, NULL, NULL, NULL }; @@ -1999,7 +2035,7 @@ NID_id_aes192_wrap, 8, 24, 8, WRAP_FLAGS, aes_wrap_init_key, aes_wrap_cipher, - NULL, + aes_wrap_cleanup, sizeof(EVP_AES_WRAP_CTX), NULL, NULL, NULL, NULL }; @@ -2013,7 +2049,7 @@ NID_id_aes256_wrap, 8, 32, 8, WRAP_FLAGS, aes_wrap_init_key, aes_wrap_cipher, - NULL, + aes_wrap_cleanup, sizeof(EVP_AES_WRAP_CTX), NULL, NULL, NULL, NULL }; From kent at nimblestorage.com Sat Oct 1 01:48:36 2016 From: kent at nimblestorage.com (Kent Peacock) Date: Fri, 30 Sep 2016 18:48:36 -0700 Subject: Change EVP_aes_xxx_wrap to use FIPS crypto module in FIPS mode Message-ID: <57EF15F4.3010508@nimblestorage.com> The FIPS certified 2.0.x crypto module does not incorporate the key wrap modes within the module boundary, and calls the local AES_{encrypt,decrypt} functions (which is, strictly speaking, a no-no). So, it's not using FIPS validated crypto. This patch provides a modification to use the appropriate underlying FIPS EVP_aes_..._ecb APIs which FIPS module to do the actual block-at-a-time encryption/decryption. Kent -------------- next part -------------- --- crypto/evp/e_aes.c.orig 2016-09-30 16:35:00.973857408 -0700 +++ crypto/evp/e_aes.c 2016-09-30 16:34:20.579119933 -0700 @@ -1920,10 +1920,7 @@ EVP_CIPH_FLAG_FIPS | CUSTOM_FLAGS) #endif typedef struct { - union { - double align; - AES_KEY ks; - } ks; + EVP_CIPHER_CTX aes_ctx; /* Indicates if IV has been set */ unsigned char *iv; } EVP_AES_WRAP_CTX; @@ -1935,10 +1932,22 @@ if (!iv && !key) return 1; if (key) { - if (ctx->encrypt) - AES_set_encrypt_key(key, ctx->key_len * 8, &wctx->ks.ks); - else - AES_set_decrypt_key(key, ctx->key_len * 8, &wctx->ks.ks); + const EVP_CIPHER *cipher; + switch (ctx->key_len * 8) { + case 128: + cipher = EVP_aes_128_ecb(); + break; + case 192: + cipher = EVP_aes_192_ecb(); + break; + case 256: + cipher = EVP_aes_256_ecb(); + break; + default: + return 0; + } + EVP_CipherInit(&wctx->aes_ctx, cipher, key, NULL, ctx->encrypt); + EVP_CIPHER_CTX_set_padding(&wctx->aes_ctx, 0); if (!iv) wctx->iv = NULL; } @@ -1949,6 +1958,20 @@ return 1; } +static block128_f +aes_wrap_encrypt(const unsigned char *in, unsigned char *out, const void *key) +{ + int outlen; + return EVP_EncryptUpdate(key, out, &outlen, in, 16); +} + +static block128_f +aes_wrap_decrypt(const unsigned char *in, unsigned char *out, const void *key) +{ + int outlen; + return EVP_DecryptUpdate(key, out, &outlen, in, 16); +} + static int aes_wrap_cipher(EVP_CIPHER_CTX *ctx, unsigned char *out, const unsigned char *in, size_t inlen) { @@ -1969,14 +1992,27 @@ return inlen - 8; } if (ctx->encrypt) - rv = CRYPTO_128_wrap(&wctx->ks.ks, wctx->iv, out, in, inlen, - (block128_f) AES_encrypt); + rv = CRYPTO_128_wrap(&wctx->aes_ctx, wctx->iv, out, in, inlen, + (block128_f) aes_wrap_encrypt); else - rv = CRYPTO_128_unwrap(&wctx->ks.ks, wctx->iv, out, in, inlen, - (block128_f) AES_decrypt); + rv = CRYPTO_128_unwrap(&wctx->aes_ctx, wctx->iv, out, in, inlen, + (block128_f) aes_wrap_decrypt); return rv ? (int)rv : -1; } +static int aes_wrap_cleanup(EVP_CIPHER_CTX *c) +{ + EVP_AES_WRAP_CTX *wctx = c->cipher_data; + + if (wctx) { + EVP_CIPHER_CTX_cleanup(&wctx->aes_ctx); + OPENSSL_cleanse(c->cipher_data, c->cipher->ctx_size); + OPENSSL_free(c->cipher_data); + } + memset(c, 0, sizeof(EVP_CIPHER_CTX)); + return 1; +} + #define WRAP_FLAGS (EVP_CIPH_WRAP_MODE \ | EVP_CIPH_CUSTOM_IV | EVP_CIPH_FLAG_CUSTOM_CIPHER \ | EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_FLAG_DEFAULT_ASN1) @@ -1985,7 +2021,7 @@ NID_id_aes128_wrap, 8, 16, 8, WRAP_FLAGS, aes_wrap_init_key, aes_wrap_cipher, - NULL, + aes_wrap_cleanup, sizeof(EVP_AES_WRAP_CTX), NULL, NULL, NULL, NULL }; @@ -1999,7 +2035,7 @@ NID_id_aes192_wrap, 8, 24, 8, WRAP_FLAGS, aes_wrap_init_key, aes_wrap_cipher, - NULL, + aes_wrap_cleanup, sizeof(EVP_AES_WRAP_CTX), NULL, NULL, NULL, NULL }; @@ -2013,7 +2049,7 @@ NID_id_aes256_wrap, 8, 32, 8, WRAP_FLAGS, aes_wrap_init_key, aes_wrap_cipher, - NULL, + aes_wrap_cleanup, sizeof(EVP_AES_WRAP_CTX), NULL, NULL, NULL, NULL }; From ldcsaa at 163.com Sun Oct 2 03:34:10 2016 From: ldcsaa at 163.com (ldcsaa at 163.com) Date: Sun, 2 Oct 2016 11:34:10 +0800 Subject: bug report openssl-1.1.0b (ssl_rsa.c) Message-ID: <201610021134066170587@163.com> hello, should the following problem were BUGS ? SSL_use_PrivateKey_file SSL_use_certificate_file SSL_use_RSAPrivateKey_file for example: SSL_use_PrivateKey_file ----------------------------------------------------------------------------- int SSL_use_PrivateKey_file(SSL *ssl, const char *file, int type) { int j, ret = 0; BIO *in; EVP_PKEY *pkey = NULL; in = BIO_new(BIO_s_file()); if (in == NULL) { SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_BUF_LIB); goto end; } if (BIO_read_filename(in, file) <= 0) { SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, ERR_R_SYS_LIB); goto end; } if (type == SSL_FILETYPE_PEM) { j = ERR_R_PEM_LIB; pkey = PEM_read_bio_PrivateKey(in, NULL, ssl->ctx->default_passwd_callback, ssl-> ctx->default_passwd_callback_userdata); } else if (type == SSL_FILETYPE_ASN1) { j = ERR_R_ASN1_LIB; pkey = d2i_PrivateKey_bio(in, NULL); } else { SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, SSL_R_BAD_SSL_FILETYPE); goto end; } if (pkey == NULL) { SSLerr(SSL_F_SSL_USE_PRIVATEKEY_FILE, j); goto end; } ret = SSL_use_PrivateKey(ssl, pkey); EVP_PKEY_free(pkey); end: BIO_free(in); return (ret); } ----------------------------------------------------------------------------- were the red lines wrong? perhaps use this : pkey = PEM_read_bio_PrivateKey(in, NULL, ssl->default_passwd_callback, ssl->default_passwd_callback_userdata); ldcsaa at 163.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From gjcoram at gmail.com Mon Oct 3 05:13:59 2016 From: gjcoram at gmail.com (Geoffrey Coram) Date: Mon, 3 Oct 2016 01:13:59 -0400 Subject: calloc issue in crypto\LPdir_win.c Message-ID: <20161003011359.A4AC0D50.gjcoram@gmail.com> Hi - I had a link failure due to an unresolved external "calloc" when trying to build a WindowsCE application using OpenSSL 1.0.2j. calloc appears in crypto\LPdir_win.c on line 98. I think one is supposed to use LocalAlloc for WindowsCE instead of malloc or calloc. I didn't get a link error for malloc that appears on line 72 of that file (on line 77, that memory is zeroed out), so it seems like a fix for me would be to use a malloc and memset instead of calloc. calloc also appears in ssl\kssl.c, though my application does not use functions from that file. I was puzzled to see calls to "calloc" and also "kssl_calloc" -Geoffrey From lthomas at serena.com Tue Oct 4 12:39:25 2016 From: lthomas at serena.com (Llewelyn Thomas) Date: Tue, 4 Oct 2016 12:39:25 +0000 Subject: BUG: openssl1.0.2j Solaris-Sparc : ../util/shlib_wrap.sh ./bad_dtls_test - core dump Message-ID: $ uname -a SunOS orl-rpd-sunbld1 5.10 Generic_141444-09 sun4v sparc SUNW,SPARC-Enterprise-T5120 $ echo $PATH /opt/sunstudio12.1/bin:/usr/ccs/bin:/usr/bin:/usr/openwin/bin test_bad_dtls ../util/shlib_wrap.sh ./bad_dtls_test *** Signal 10 - core dumped make: Fatal error: Command failed for target `test_bad_dtls' Current working directory /apps/llew/openssl-1.0.2j/test *** Error code 1 The following command caused the error: (cd test && echo "testing..." && \ TOP= && unset TOP ${LIB+LIB} ${LIBS+LIBS} ${INCLUDE+INCLUDE} ${INCLUDES+INCLUDES} ${DIR+DIR} ${DIRS+DIRS} ${SRC+SRC} ${LIBSRC+LIBSRC} ${LIBOBJ+LIBOBJ} ${ALL+ALL} ${EXHEADER+EXHEADER} ${HEADER+HEADER} ${GENERAL+GENERAL} ${CFLAGS+CFLAGS} ${ASFLAGS+ASFLAGS} ${AFLAGS+AFLAGS} ${LDCMD+LDCMD} ${LDFLAGS+LDFLAGS} ${SCRIPTS+SCRIPTS} ${SHAREDCMD+SHAREDCMD} ${SHARE DFLAGS+SHAREDFLAGS} ${SHARED_LIB+SHARED_LIB} ${LIBEXTRAS+LIBEXTRAS} && make -e LC_ALL=C PLATFORM='solaris64-sparcv9-cc' PROCESSOR='' CC ='cc' CFLAG='-KPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -xtarget=ultra -m64 -xO5 -xstrconst -xdepen d -Xa -DB_ENDIAN -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DGHASH_ASM' AS='cc' ASFLAG='-KPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -xtarget=ultra -m64 -xO5 -xst rconst -xdepend -Xa -DB_ENDIAN -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DGHASH_A SM -c' AR='ar r' NM='nm' RANLIB='/usr/ccs/bin/ranlib' RC='windres' CROSS_COMPIL E='' PERL='/usr/bin/perl' ENGDIRS='ccgost' SDIRS='objects md4 md5 sha hmac ripemd whrlpool des aes rc2 rc4 idea bf cast ca mellia seed modes bn ec rsa dsa ecdsa dh ecdh dso engine buffer bio stack lhash rand err evp asn1 pem x509 x509v3 conf txt_db pkcs7 pkcs12 comp ocsp ui krb5 cms pqueue ts srp cmac' LIBRPATH='/apps/openssl-1.0.2j-bin/lib' INSTALL_PREFIX='' INSTALLTOP='/apps/o penssl-1.0.2j-bin' OPENSSLDIR='/apps/openssl-1.0.2j-bin/ssl' LIBDIR='lib' MAKEDEPEND='$${TOP}/util/domd $$ {TOP} -MD makedepend' DEPFLAG='-DOPENSSL_NO_DEPRECATED -DOPENSSL_NO_EC_NISTP_64_GCC_128 -DOPENSSL_NO_GMP -DOPENSSL_NO_JPAKE -DOPENSSL_NO_LIB UNBOUND -DOPENSSL_NO_MD2 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_RC5 -DOPENSSL_NO_RFC3779 -DOPENSSL_NO_SCTP -DOPENSSL_NO_SSL_TRACE -DOPENSSL_NO_SSL2 - DOPENSSL_NO_STORE -DOPENSSL_NO_UNIT_TEST -DOPENSSL_NO_WEAK_SSL_CIPHERS' MAKEDEPPROG='makedepend' SHARED_LDFLAGS= '-m64 -G -dy -z text' KRB5_INCLUDES='' LIBKRB5='' ZLIB_INCLUDE='-I/apps/zlib-1.2.3-bin//include' LIBZLIB='/apps/zlib-1.2.3-bin //solaris10-sparc64/lib' EXE_EXT='' SHARED_LIBS='libcrypto.so.1.0.0 libssl.so.1.0.0' SHLIB_EXT='.so.1.0.0' SHLIB_TARGET='solaris-share d' PEX_LIBS='' EX_LIBS='-lsocket -lnsl -ldl -L/apps/zlib-1.2.3-bin//solaris10-sparc64/lib -lz' CPUID_OBJ='sparcv9cap.o sparccpuid.o' BN_ASM='bn-sparcv9.o sparcv9-mont.o sparcv9a-mont.o vis3-mont.o sparct4-mont.o sparcv9-gf2m.o' EC_ASM='' DES_ENC='des_enc-sparc.o fcrypt_b .o dest4-sparcv9.o' AES_ENC='aes_core.o aes_cbc.o aes-sparcv9.o aest4-sparcv9.o' CMLL_ENC='camellia.o cmll_misc.o cmll_cbc.o cmllt4- sparcv9.o' BF_ENC='bf_enc.o' CAST_ENC='c_enc.o' RC4_ENC='rc4_enc.o rc4_skey.o' RC5_ENC='rc5_enc.o' SHA1_ASM_OBJ='sha1-sparcv9.o sha256-sparcv9.o sha512-sparcv9.o' MD5_ASM_OBJ='md5-sparcv9.o' RMD160_ASM_OBJ='' WP _ASM_OBJ='wp_block.o' MODES_ASM_OBJ='ghash-sparcv9.o' ENGINES_ASM_OBJ='' PERLASM_SCHEME= 'void' FIPSLIBDIR='' FIPSDIR='/usr/local/ssl/fips-2.0' FIPSCANLIB="${FIPSCANLIB:-}" THIS=${THIS:-tests} MAKEFILE=Makefile MAKEOVERRIDES= TOP=.. TESTS='alltests' OPENSSL_DEBUG_MEMORY=on OPENSSL_CONF=../apps/openssl.cnf tes ts ); make: Fatal error: Command failed for target `tests' $ pstack test/core core 'test/core' of 17356: ./bad_dtls_test ffffffff7e5c1944 time (100104adc, 25400, 1, 0, fffffffffffffc0b, 5) + 14 0000000100002cbc main (0, 0, 0, 18, 0, 100104a8c) + dc 0000000100001c1c _start (0, 0, 0, 0, 0, 0) + 17c Configure command used: $ ./Configure solaris64-sparcv9-cc --prefix=$OPENSSL_HOME threads zlib --with-zlib-lib=$ZLIB_HOME/solaris10-sparc64/lib --with-zlib-include=$ZLIB_HOME/include shared no-mdc2 no-rc5 -------------- next part -------------- An HTML attachment was scrubbed... URL: From sgbrazhnikov at gmail.com Wed Oct 5 06:15:33 2016 From: sgbrazhnikov at gmail.com (Sergey G Brazhnikov) Date: Wed, 5 Oct 2016 11:15:33 +0500 Subject: Bug in 1.1.0 (lost compatibility with previous releases) Message-ID: Hi, guys. Just figured out that files encrypted with OpenSSL 1.1.0-stable can not be decrypted with previous releases and vice versa. Tested aes256, cast5-cfb, camellia128 on 1.1.0-stable, 1.0.2-stable and 0.9.8(cast5-cfb only) All built without errors, passed all tests. Configuration VC-WIN32, os Windows 8.1 Pro x64, compiler vs2015. Regards, Sergey. -------------- next part -------------- An HTML attachment was scrubbed... URL: From litt at acm.org Wed Oct 5 10:55:01 2016 From: litt at acm.org (Timothe Litt) Date: Wed, 5 Oct 2016 06:55:01 -0400 Subject: PEM parsing incorrect; whitespace in PEM crashes parser Message-ID: <4c1a748f-94f7-efed-b63b-d4328fc318dd@acm.org> PEM consists of base64 inside a header and trailer line. OpenSSL crashes with embedded newlines. This was mentioned to me by the OpenXPKI project. See RFC 7468 section 2: Data before the encapsulation boundaries are permitted, and parsers MUST NOT malfunction when processing such data. Furthermore, parsers SHOULD ignore whitespace and other non- base64 characters and MUST handle different newline conventions. Reproducible with the attached PEM certificate request and OpenSSL 1.02h (linux). openssl req -text -in t/csr1.pem unable to load X509 request 3086379164:error:0906D066:PEM routines:PEM_read_bio:bad end line:pem_lib.c:809: This request is valid - although it (intentionally) also exceeds the standard line length. Note that OpenSSL will accept it if re-formatted: | perl -Mwarnings -Mstrict -MMIME::Base64 -e'local $/; my $x = ; $x =~ s/.*^(-----BEGIN CERTIFICATE REQUEST-----\r?\n)(.*)^(-----END CERTIFICATE REQUEST-----).*/$1 . encode_base64(decode_base64( $2 )) . $3/ems; print $x' -------------- next part -------------- Certificate Request: Data: Version: 0 (0x0) Subject: C=AU, ST=Some-State, L=my city, O=Internet Widgits Pty Ltd, OU=Big org, OU=Smaller org, CN=My Name/emailAddress=none at no-email.com, DC=domainComponent Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) Modulus: 00:a0:00:f3:58:dd:26:40:15:1b:67:8d:b6:3d:ab: cb:c4:8a:86:52:cd:d1:99:b0:e8:4a:b3:1d:f0:20: 11:11:f1:66:75:a1:67:0c:f9:d8:f5:91:80:da:99: bf:49:d2:d8:4d:57:cc:9b:5b:64:7a:c0:82:e7:09: 23:8f:6e:4c:c4:30:46:ec:68:28:e6:fe:60:28:a1: d4:b0:3d:02:e3:e4:3e:15:fa:13:42:67:e8:e4:1d: 51:99:e7:99:30:74:cd:77:7f:b6:e2:84:85:f4:6c: e9:a3:cb:1a:63:e4:61:d9:51:e2:e4:1c:c7:5d:e4: f1:91:5c:56:b9:84:17:95:3b Exponent: 65537 (0x10001) Attributes: challengePassword :unable to print attribute unstructuredName :unable to print attribute Requested Extensions: X509v3 Basic Constraints: critical CA:TRUE X509v3 Key Usage: critical Digital Signature, Non Repudiation, Key Encipherment X509v3 Extended Key Usage: E-mail Protection, TLS Web Server Authentication, TLS Web Client Authentication, Code Signing, E-mail Protection, Time Stamping, OCSP Signing X509v3 Subject Alternative Name: email:noway at none.com, URI:https://fred.example.net, email:someday at nowhere.example.com, DNS:www.example.net, DNS:www.example.com, DNS:example.net, DNS:example.com, IP Address:10.2.3.4, IP Address:2001:DB8:741:0:0:0:0:0 X509v3 Subject Key Identifier: 00:12:45:9A X509v3 Certificate Policies: critical Policy: postOfficeBox CPS: http://there.example.net CPS: http://here.example.net User Notice: Organization: Suspicious minds Numbers: 8, 11 Explicit Text: Trust but verify User Notice: Organization: Suspicious minds Numbers: 8, 11 Explicit Text: Trust but verify Policy: 1.5.88.103 Signature Algorithm: sha1WithRSAEncryption 9f:49:67:16:4d:d5:14:df:3f:32:ba:e9:02:4a:be:27:16:db: 45:e3:7d:52:d9:14:4b:75:11:0f:22:6d:56:c8:c1:ad:96:f1: e7:8b:d4:9a:28:79:c4:a8:c3:3f:81:f5:88:b3:d1:7d:e8:f4: ea:c2:61:ae:04:5e:34:21:a9:1a:79:dd:42:36:bf:a7:85:23: 82:9f:9c:91:eb:aa:5c:18:d6:d3:7a:55:09:97:3d:5f:3a:31: a1:69:06:58:ed:62:fd:a9:31:73:4d:47:ea:fb:dc:96:b0:14: 85:1e:2a:6e:76:46:f8:b2:f0:fd:86:2f:61:4d:9a:d8:8b:ed: 83:ea -----BEGIN CERTIFICATE REQUEST----- MIIEbjCCA9cCAQAwgdQxCzAJBgNVBAYTAkFVMRMwEQYDVQQIDApTb21lLVN0YXRl MRAwDgYDVQQHDAdteSBjaXR5MSEwHwYDVQQKDBhJbnRlcm5ldCBXaWRnaXRzIFB0 eSBMdGQxEDAOBgNVBAsMB0JpZyBvcmcxFDASBgNVBAsMC1NtYWxsZXIgb3JnMRAw DgYDVQQDDAdNeSBOYW1lMSAwHgYJKoZIhvcNAQkBFhFub25lQG5vLWVtYWlsLmNv bTEfMB0GCgmSJomT8ixkARkWD2RvbWFpbkNvbXBvbmVudDCBnzANBgkqhkiG9w0B AQEFAAOBjQAwgYkCgYEAoADzWN0mQBUbZ422PavLxIqGUs3RmbDoSrMd8CAREfFm daFnDPnY9ZGA2pm/SdLYTVfMm1tkesCC5wkjj25MxDBG7Ggo5v5gKKHUsD0C4+Q+ FfoTQmfo5B1RmeeZMHTNd3+24oSF9Gzpo8saY+Rh2VHi5BzHXeTxkVxWuYQXlTsC AwEAAaCCAlcwFQYJKoZIhvcNAQkHMQgMBlNlY3JldDAXBgkqhkiG9w0BCQIxCgwI TXlDb0ZvQ28wggIjBgkqhkiG9w0BCQ4xggIUMIICEDAPBgNVHRMBAf8EBTADAQH/ MA4GA1Ud DwEB/wQEAwIF4D BPBgNVHSUESDBGBggrBgEFBQcDBAYIKwYBBQUHAwEG CCsGAQUFBwMCBggrBgEFBQcDAwYIKwYBBQUHAwQGCCsGAQUFBwMIBggrBgEFBQcD CTCBpgYDVR0RBIGeMIGbgQ5ub3dheUBub25lLmNvbYYYaHR0cHM6Ly9mcmVkLmV4 YW1wbGUubmV0gRtzb21lZGF5QG5vd2hlcmUuZXhhbXBsZS5jb22CD3d3dy5leGFt cGxlLm5ldIIPd3d3LmV4YW1wbGUuY29tggtleGFtcGxlLm5ldIILZXhhbXBsZS5j b22HBAoCAwSHECABDbgHQQAAAAAAAAAAAAAwDQYDVR0OBAYEBAASRZowgeMGA1Ud IAEB/wSB2DCB1TCBywYDVQQSMIHDMCQGCCsGAQUFBwIBFhhodHRwOi8vdGhlcmUu ZXhhbXBsZS5uZXQwIwYIKwYBBQUHAgEWF2h0dHA6Ly9oZXJlLmV4YW1wbGUubmV0 MDoGCCsGAQUFBwICMC4wGhoQU3VzcGljaW91cyBtaW5kczAGAgEIAgELGhBUcnVz dCBidXQgdmVyaWZ5MDoGCCsGAQUFBwICMC4wGhoQU3VzcGljaW91cyBtaW5kczAGAgEIAgELGhBUcnVzdCBidXQgdmVyaWZ5MAUGAy1YZzANBgkqhkiG9w0BAQUFAAOB gQCfSWcWTdUU3z8yuukCSr4nFttF431S2RRLdREPIm1WyMGtlvHni9SaKHnEqMM/ gfWIs9F96PTqwmGuBF40Iakaed1CNr+nhSOCn5yR66pcGNbTelUJlz1fOjGhaQZY 7WL9qTFzTUfq+9yWsBSFHipudkb4svD9hi9hTZrYi+2D6g== -----END CERTIFICATE REQUEST----- -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4577 bytes Desc: S/MIME Cryptographic Signature URL: From valentin at astro.rug.nl Wed Oct 5 18:56:04 2016 From: valentin at astro.rug.nl (Valentin B) Date: Wed, 5 Oct 2016 20:56:04 +0200 Subject: Bug in OpenSSL 1.0.2j-fips 26 Sep 2016 or maybe affects all Message-ID: <890b9e82-eaa7-fb9f-64e3-3ff1ce154f60@astro.rug.nl> Hi, While playing around with prime number generation I noticed that the following generates a core dump. I think this is definitely a bug. How to reproduce: $ openssl prime '' Segmentation fault (core dumped) I haven't included any strace output but this can be reproduced by you as well. Kind regards, -- Valentin Bajrami Kapteyn Astronomical Institute University of Groningen Postbus 800 NL-9700 AV Groningen The Netherlands Phone: +31-(0)50-3634068 PGP Fingerprint: 50D7 E233 C2E0 1C81 BB7F F8D8 E51B CF89 A52E 5271 -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 819 bytes Desc: OpenPGP digital signature URL: From Felix.Wyss at inin.com Fri Oct 7 03:49:38 2016 From: Felix.Wyss at inin.com (Wyss, Felix) Date: Fri, 7 Oct 2016 03:49:38 +0000 Subject: fprintf(stderr, ...) in d1_both.c Message-ID: <37DB69B3-6B3C-4D81-BF03-738E898E4EB9@inin.com> Good Morning, Inspecting some code in the OpenSSL DTLS implementation, I noticed three places in the file ?d1_both.c? where error conditions result in an sprintf to stderr: Line 1071 in function dtls1_read_failed Line 1143 in function dtls1_retransmit_buffered_messages Line 1243 in function dtls1_retransmit_message We?re using version 1.0.2j. It should be obvious why it?s rather inappropriate for a library like OpenSSL to write to stderr instead of reporting errors to the application. Even more so considering that OpenSSL already has a sophisticated error reporting mechanism. Regards, --Felix Wyss -------------- next part -------------- An HTML attachment was scrubbed... URL: From noloader at gmail.com Fri Oct 7 18:01:46 2016 From: noloader at gmail.com (Jeffrey Walton) Date: Fri, 7 Oct 2016 14:01:46 -0400 Subject: Some OpenSSL 1.1.0 does not decode FIPS error codes Message-ID: I'm working with a non-capable version of the library (I need to gt it updated since release): $ openssl version OpenSSL 1.1.0-pre6-dev xx XXX xxxx Looking at a question on another site, the OP provides: With FIPS, compilation goes fine, but generates the following when run: 139686960322208:error:2D0A0086:FIPS routines:FIPS_cipher:selftest failed:fips_enc.c:336: 139686960322208:error:2D0A0086:FIPS routines:FIPS_cipher:selftest failed:fips_enc.c:336: Trying to decode the error on this machine results in: $ openssl errstr 0x2D0A0086 error:2D0A0086:FIPS routines:func(160):reason(134) It seems some versions of the library don't have the necessary error codes available to them. From jose.oliveira at grupoicts.com.br Mon Oct 10 10:16:06 2016 From: jose.oliveira at grupoicts.com.br (Jose Carlos de Oliveira) Date: Mon, 10 Oct 2016 07:16:06 -0300 Subject: OPENSSL: Linux SLESS11 Message-ID: <000701d222df$51833390$f4899ab0$@oliveira@grupoicts.com.br> Hi, I have downloaded and builded last tree openssl versions for linux: 1) openssl-1.0.1u.tar.gz 2) openssl-1.0.2j.tar.gz 3) openssl-1.1.0b.tar.gz I successful followed all steps found at file INSTALL By the way, when I try to use it I have the bellow messages: undefined reference to ?EVP_CIPHER_CTX_init? undefined reference to ?EVP_CIPHER_CTX_cleanup? The OS I?m using is a Linux SLESS11 desktop 32 bits: kernel 3.0.13-0.27-default Regards, Jos? Carlos de Oliveira (Oliveira) Pesquisador / Desenvolvedor - Grupo ICTS Brasilia - DF - Asa Norte SCN Q05 - Brasilia Shopping - Torre Norte Sala 917 Fone:+5561-3246.7089 Cel:+5561-99311.9226 Site: www.grupoicts.com.br -------------- next part -------------- An HTML attachment was scrubbed... URL: From stefan.lahner at isis-papyrus.com Tue Oct 11 06:57:25 2016 From: stefan.lahner at isis-papyrus.com (Stefan Lahner) Date: Tue, 11 Oct 2016 08:57:25 +0200 Subject: Fix: Merge commit fe2d149 (RT2867: des_ede3_cfb1 ignored "size in bits" flag) to OpenSSL_1_0_2-stable Message-ID: <0ea44946-2535-0305-d06e-27057038b004@isis-papyrus.com> Hello, the fix for "RT2867: des_ede3_cfb1 ignored "size in bits" flag " (commit fe2d149119063ec3c89fd6db9af8a6970e3e6032) was only committed for master (1.1.0) but not for the still supported 1.0.2 (and 1.0.1) branch. Would it be possible to merge it to OpenSSL_1_0_2-stable (and maybe also OpenSSL_1_0_1-stable)? Regards, Stefan -- Stefan Lahner, ISIS Papyrus Europe AG, DEV, T: +43-2236-27551-336 -------------- next part -------------- An HTML attachment was scrubbed... URL: From simone.sgualdini at gmail.com Tue Oct 11 15:55:21 2016 From: simone.sgualdini at gmail.com (Simone Sgualdini) Date: Tue, 11 Oct 2016 17:55:21 +0200 Subject: Memory leak in rsa_new/rsa_free Message-ID: Hi, I'm writing a c++ server application that calls thounsands of times per hour the rsa_new() and rsa_free() openssl functions. After debugging a lot I discovered that "sometimes" (I'm not able to tell a precise number) the rsa_free does not release properly the memory allocated by the rsa_new. In order to prove this I created the simple program below. If i run it, i see the related working set going bigger and bigger, 4KB per second. I'm using the 1.0.2.8 version of libeay32.dll and ssleay32.ddl under windows 7 64 bit. It this a known bug? I'm forgetting something? Thanks in advance Simone Sgualdini Italy //--------------------------------------------------------------------------- #include #ifdef _cplusplus extern "C" { #endif #include #include #include #include #include #ifdef _cplusplus } #endif #pragma hdrstop HMODULE libeay32DLL = NULL; HMODULE ssleay32DLL = NULL; typedef RSA * (CALLBACK *myRSA_new) (void); typedef void (CALLBACK *myRSA_free) (RSA *r); typedef int (CALLBACK *mySSL_library_init) (void); myRSA_new _RSA_new = NULL; myRSA_free _RSA_free = NULL; mySSL_library_init _SSL_library_init; //--------------------------------------------------------------------------- #pragma argsused int main(int argc, char* argv[]) { RSA *rsa; unsigned long count = 0; libeay32DLL = LoadLibrary("libeay32.dll"); ssleay32DLL = LoadLibrary("ssleay32.dll"); if(libeay32DLL && ssleay32DLL) { _RSA_new = (myRSA_new) GetProcAddress(libeay32DLL,"RSA_new"); _RSA_free = (myRSA_free) GetProcAddress(libeay32DLL,"RSA_free"); _SSL_library_init = (mySSL_library_init) GetProcAddress(ssleay32DLL,"SSL_library_init"); } _SSL_library_init(); while(1) { if(++count %100 == 0) // whitout this, I get a stack overflow immediately Sleep(1); *_RSA_free(_RSA_new());* } return 0; } -------------- next part -------------- An HTML attachment was scrubbed... URL: