[openssl-users] ECDSA digest configurations

Rajeswari K raji.kotamraju at gmail.com
Mon Apr 27 12:29:21 UTC 2015


Hi Steve,

Thanks for the response.

We are using openssl-1.0.1j.

Following is how have configured NID_sha1 and NID_ecdsa_with_sha1.

We use our own signature and digest methods. But, i see modification of
digest has issue. If i dont set any digest method, then our signature
functions are getting used and for digest openssl's sha1, sha256 etc
functions are getting used.

I see that configuraiton of NID_ecdsa_with_sha1 has some issue on my setup.
Please take a look at these configurations and provide  your inputs.


ECDSA digest structure :

static const EVP_MD ios_ecdsa_sha1 =
{
    NID_ecdsa_with_SHA1,
    NID_ecdsa_with_SHA1,
    SHA_DIGEST_LENGTH,
    EVP_MD_FLAG_PKEY_METHOD_SIGNATURE,
    sha1init,
    sha1update,
    sha1final,
    NULL,
    NULL,
    EVP_PKEY_ECDSA_method,
    SHA_CBLOCK,
    sizeof(EVP_MD *)+sizeof(SHA1_CTX)
};

RSA digest structure :
static const EVP_MD ios_sha1_md =
{
    NID_sha1,
    NID_sha1WithRSAEncryption,
    SHA_DIGEST_LENGTH,
    0,
    sha1init,
    sha1update,
    sha1final,
    NULL,
    NULL,
    EVP_PKEY_RSA_method,
    SHA_CBLOCK,
    sizeof(EVP_MD *) + sizeof(SHA1_CTX)
};

With this update, only RSA ciphers are working fine. But not ECDSA ciphers.

Thanks,
Rajeswari.

On Fri, Apr 24, 2015 at 11:06 PM, Dr. Stephen Henson <steve at openssl.org>
wrote:

> On Fri, Apr 24, 2015, Rajeswari K wrote:
>
> > Hello openssl-users,
> >
> > I have an issue with update of ECDSA digests in our environment.
> >
> > We have our own digest functions for init, update and final where we
> > registered with these functions for NID_sha1, NID_sha256, NID_sha384 and
> > NID_sha512. These digests were updated at openssl, via
> ENGINE_set_digests()
> > function.
> >
> > After update, i see that all RSA cerificate based ciphers are working
> fine
> > with both TLS1.0 and TLS1.2.
> >
> > And, i added the ECDSA algorithm with openssl function
> > EVP_add_digest(EVP_ecdsa());
> >
> > But, for me ECDSA cert based cipher suites are not working. These are
> > landing to following errors.
> >
> > digital envelope routines:EVP_SignFinal:wrong public key type :
> > crypto/evp/p_sign     .c:139:
> >
> > SSL routines:SSL3_SEND_SERVER_KEY_EXCHANGE:EVP lib: ssl/s3_srvr.c:2012
> >
> >
> > Then i tried following
> > Tried to set only NID_ecdsa_with_SHA1 with our init, update and final
> > function and tried to update to openssl via ENGINE_set_digests().
> >
> > But, now seems to be since i updated NID_ecdsa_with_SHA1 with our sha1
> > functions, whole TLS1.0 handshakes stopped working with "decrypt error or
> > bac mac record" errors.
> >
> > Based on this, seems to be there is a basic thing am missing while
> > configuring ECDSA based digests.
> >
> > Can you please help me on this configuration? How can we differentiate
> > between ECDSA digests to RSA digests?
> >
> > Because both usually lands on to same SHA1, SHA256 etc functions.
> >
> > I tried one more thing that, along with NID_sha1, NID_sha256, NID_sha384,
> > NID_sha512 i tried to define NID_ecdsa_with_SHA1, NID_ecdsa_with_SHA256,
> > NID_ecdsa_with_SHA384 and NID_ecdsa_with_SHA512 with respective settings.
> > But, with this setting also landing to same above error of "wrong public
> > key type".
> >
> > I need your inputs on this issue.
> >
>
> So does your code just perform the digest operation and not signing?
>
> Which version was it working with before?
>
> There isn't really any difference between an ECDSA and RSA digest. Older
> versions of OpenSSL linked digests and signing algorithms. That link no
> longer
> exists and some algorithms are marked as being suitable for multiple public
> key algorithms.
>
> Are you setting the flag EVP_MD_FLAG_PKEY_METHOD_SIGNATURE in the EVP_MD
> structure?
>
> An ENGINE providing alternative implementations of built in digests
> shoudn't
> need to call EVP_add_digest. If everything is set up properly OpenSSL
> should
> just switch to the ENGINE implementation.
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150427/605f6fc6/attachment.html>


More information about the openssl-users mailing list