Development of OpenSSL

no_spam_98 | 14 Jun 2012 18:23

Picon

libintel-accel-1.4

http://www.openssl.org/contrib/intel-accel-1.4.tar.gz

I'm attempting to use the libintel-accel-1.4 ENGINE with my OpenSSL 0.9.8x application.

I'm running into a few snags:

1) Why does the sha1_md structure in e_intel_accel.c (L268) set the required_pkey_type to
EVP_PKEY_NULL_method?  This seems to be causing my application to generate the following error(s)
during SSL handshakes:

information: X509_sign
error signing cert
digitial envelope routines:EVP_SignFinal:wrong public key type
asn1 encoding routines:ASN1_item_sign:EVP lib

All of the other ENGINE implementations that I'm familiar with set required_pkey_type to
EVP_PKEY_RSA_method for SHA-1.

2) After applying the tls-aead-0.9.8.diff changes to the OpenSSL code, my application seg faults during
the handshake phase:

#0 0x28242b24 in EVP_MD_size (md=0x0)

In tls1_setup_key_block (~L484):

num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);

EVP_MD_size tries to access a NULL pointer (hash).

It was set to NULL by the AEAD code changes in ssl_cipher_get_evp():

(Continue reading)

Andy Polyakov | 26 Jun 2012 15:38

Picon

Re: libintel-accel-1.4

> http://www.openssl.org/contrib/intel-accel-1.4.tar.gz
> 
> 
> I'm attempting to use the libintel-accel-1.4 ENGINE with my OpenSSL
> 0.9.8x application.
> 
> I'm running into a few snags:
> 
> 1) Why does the sha1_md structure in e_intel_accel.c (L268) set the
> required_pkey_type to EVP_PKEY_NULL_method?

This was fixed. There are two patches at
http://cvs.openssl.org/rlog?f=openssl-addons/intel-accel/e_intel_accel.c.

> 2) After applying the tls-aead-0.9.8.diff changes to the OpenSSL
> code, my application seg faults during the handshake phase:
> 
> #0 0x28242b24 in EVP_MD_size (md=0x0)
> 
> In tls1_setup_key_block (~L484):
> 
> num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
> 
> EVP_MD_size tries to access a NULL pointer (hash).
> 
> It was set to NULL by the AEAD code changes in ssl_cipher_get_evp():
> 
> ...
>  (c->algorithms & SSL_ENC_MASK) == SSL_RC4 &&
>  (c->algorithms & SSL_MAC_MASK) == SSL_MD5 &&

(Continue reading)

no_spam_98 | 28 Jun 2012 23:14

Picon

Re: libintel-accel-1.4


>________________________________
> From: Andy Polyakov <appro <at> openssl.org>
>To: openssl-dev <at> openssl.org 
>Sent: Tuesday, June 26, 2012 8:38 AM
>Subject: Re: libintel-accel-1.4
> 
>> http://www.openssl.org/contrib/intel-accel-1.4.tar.gz
>> 
>> 
>> I'm attempting to use the libintel-accel-1.4 ENGINE with my OpenSSL
>> 0.9.8x application.
>> 
>> I'm running into a few snags:
>> 
>> 1) Why does the sha1_md structure in e_intel_accel.c (L268) set the
>> required_pkey_type to EVP_PKEY_NULL_method?
>
>This was fixed. There are two patches at
>http://cvs.openssl.org/rlog?f=openssl-addons/intel-accel/e_intel_accel.c.
>

Thank you for the link.  That closes the first issue.

>> 2) After applying the tls-aead-0.9.8.diff changes to the OpenSSL
>> code, my application seg faults during the handshake phase:
>> 
>> #0 0x28242b24 in EVP_MD_size (md=0x0)
>> 
>> In tls1_setup_key_block (~L484):

(Continue reading)

Andy Polyakov | 4 Jul 2012 12:52

Picon

Re: libintel-accel-1.4

>>> Are there some other required changes missing from the "tls-aead-0.9.8.diff" 
>>> file?
>> Obviously. Would *md = EVP_md_null() instead of NULL in
>> ssl_cipher_get_evp() do the trick...
>>
> 
> 
> Using EVP_md_null() prevents the seg. fault.  However, now the code
> generates a "Bad Record MAC" alert when a client connects using the
> "stitched" AESNI-CBC-SHA1 cipher suite.  (I assume I would get the
> same error with the "stitched" RC4-HMAC-MD5 cipher suite, but I
> haven't tried it.)

http://cvs.openssl.org/chngview?cn=22689
http://cvs.openssl.org/chngview?cn=22690

Second is patch for patch and is hard to read, see 
http://cvs.openssl.org/fileview?f=openssl-addons/intel-accel/tls-aead-0.9.8.diff&v=1.2 
instead. Basically it removes *md=NULL or *md=EVP_md_null from 
ssl_ciph.c and adds few lines to s3_pkt.c.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

no_spam_98 | 5 Jul 2012 20:45

Picon

Re: libintel-accel-1.4

Andy,
 
I believe that's got it.  Thank you very much!
 
 
----- Original Message -----
> From: Andy Polyakov <appro <at> openssl.org>
> To: openssl-dev <at> openssl.org
> Cc: 
> Sent: Wednesday, July 4, 2012 5:52 AM
> Subject: Re: libintel-accel-1.4
> 
>>>>  Are there some other required changes missing from the 
> "tls-aead-0.9.8.diff" file?
>>>  Obviously. Would *md = EVP_md_null() instead of NULL in
>>>  ssl_cipher_get_evp() do the trick...
>>> 
>> 
>> 
>>  Using EVP_md_null() prevents the seg. fault.  However, now the code
>>  generates a "Bad Record MAC" alert when a client connects using 
> the
>>  "stitched" AESNI-CBC-SHA1 cipher suite.  (I assume I would get 
> the
>>  same error with the "stitched" RC4-HMAC-MD5 cipher suite, but I
>>  haven't tried it.)
> 
> http://cvs.openssl.org/chngview?cn=22689
> http://cvs.openssl.org/chngview?cn=22690
>

(Continue reading)

no_spam_98 | 3 Jul 2012 23:50

Picon

Re: libintel-accel-1.4

>>> 2) After applying the tls-aead-0.9.8.diff changes to the OpenSSL
>>> code, my application seg faults during the handshake phase:
>>> 
>>> #0 0x28242b24 in EVP_MD_size (md=0x0)
>>> 
>>> In tls1_setup_key_block (~L484):
>>> 
>>> num=EVP_CIPHER_key_length(c)+EVP_MD_size(hash)+EVP_CIPHER_iv_length(c);
>>> 
>>> EVP_MD_size tries to access a NULL pointer (hash).
>>> 
>>> It was set to NULL by the AEAD code changes in ssl_cipher_get_evp():
>>> 
>>> ...
>>>  (c->algorithms & SSL_ENC_MASK) == SSL_RC4 &&
>>>  (c->algorithms & SSL_MAC_MASK) == SSL_MD5 &&
>>>  (evp=EVP_get_cipherbyname("RC4-HMAC-MD5")))
>>> *enc = evp, *md = NULL;
>>> else if (s->ssl_version >= TLS1_VERSION &&
>>>  (c->algorithms & SSL_ENC_MASK) == SSL_AES &&
>>>  (c->algorithms & SSL_MAC_MASK) == SSL_SHA1 &&
>>>  (evp=EVP_get_cipherbyname(
>>> c->alg_bits==128?"AES-128-CBC-HMAC-SHA1":
>>>  "AES-256-CBC-HMAC-SHA1")))
>>> *enc = evp, *md = NULL;
>>> return(1);
>>> }
>>> 
>>> I scanned the 1.0.1c code to see how this works there, and it looks like 
>>> EVP_MD_size() now checks for NULL before referencing it, but also, the

(Continue reading)

Return

Return to gmane.comp.encryption.openssl.devel.

Search Archive

Language

Change language

Options

Current view: Threads only / Showing only 20 lines / Not hiding cited text.
Change to All messages, whole messages, or hide cited text.

Post a message
NNTP Newsgroup
Classic Gmane web interface
XML

XML

RSS Feed
List Information

About Gmane