How to form a proper hash after writing something into SSL handshake.(Revised)

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

How to form a proper hash after writing something into SSL handshake.(Revised)

Sai Teja Chowdary-2
Hi everyone,

I want to send client certificate, client key exchange and client verify in a single handshake message which appears as multiple handshake messages in a single record. But to sent the client verify I need to first make a hash of previous messages(client certificate and client key exchange) to create the signature. I tried framing the record with above three messages and then directly sending the record in the wire using SSL3_write_machine() which is giving me Bad signature error. So i thought of doing a hash of client certificate and client key exchange messages that go before client verify.

Can anyone help me to find the function in OpenSSL 1.1.1-dev  xx XXX xxxx (or right procedure that needs to be done before creating a certificate verify message)that can do a proper transcript(digest or hash not clear). I tried using ssl3_finish_mac() on the message containing client certificate and client key exchange and then tried to generate the signature in certificate verify message.

But it is giving me a digest check error. I am new to the mailing list want a bit of help to proceed forward stuck here. Please reply in case if anything is not clear.
 
Here is a code snippet, how I am forming the data containing all client certificate , client key exchange and certificate verify messages inside write_state_machine().

if(WPACKET_init(&pkt, s->init_buf)){
//Client certificate formation
             if(!ssl_set_handshake_header(s,&pkt,mt) || confunc != NULL && !confunc(s,&pkt) ||         !ssl_close_construct_packet(s,&pkt,mt)){
                  printf("PROBLEM 1\n");
                }
             transition(s);  //transition to next state i.e client key exchange
             get_construct_message_f(s, &pkt, &confunc, &mt);
//client key exchange formation
             if(!ssl_set_handshake_header(s,&pkt,mt) || confunc != NULL && !confunc(s,&pkt) ||         !ssl_close_construct_packet(s,&pkt,mt)){
                   printf("PROBLEM 2\n");
                }
//ssl3_finish_mac(s, &s->init_buf->data[s->init_off], s->init_num);
             st->write_state_work = post_work(s, st->write_state_work);
             transition(s);  // transition to next state i.e  certificate verify
             get_construct_message_f(s, &pkt, &confunc, &mt);
//certificate verify message formation.
             if(!ssl_set_handshake_header(s,&pkt,mt) || confunc != NULL && !confunc(s,&pkt) ||                                          !ssl_close_construct_packet(s,&pkt,mt)){
                   printf("PROBLEM 3\n");
                }
             WPACKET_finish(&pkt);
}

I also tried to do a ssl3_finish_mac() individually after forming Client certificate and client key exchange (this part is not there in the code but that way also gave me digest check error.)

Here is the stackoverflow link that i posted the question in. Take a look at it for the trace snapshot for handshake message that I am trying to form.

Please take a look at it, appreciate every bit of help.

Jordan, thanks for the suggestion i will definitely try to state the error now on. I am not sure whether SSL_get_error() logs these errors, i tried to print SSL_get_error() it is returning NULL.

Regards
Saiteja.


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: How to form a proper hash after writing something into SSL handshake.(Revised)

Viktor Dukhovni


> On Dec 29, 2017, at 10:18 PM, Sai Teja Chowdary <[hidden email]> wrote:
>
> I want to send client certificate, client key exchange and client verify in a single handshake message which appears as multiple handshake messages in a single record. But to sent the client verify I need to first make a hash of previous messages(client certificate and client key exchange) to create the signature. I tried framing the record with above three messages and then directly sending the record in the wire using SSL3_write_machine() which is giving me Bad signature error. So i thought of doing a hash of client certificate and client key exchange messages that go before client verify.
>
> Can anyone help me to find the function in OpenSSL 1.1.1-dev  xx XXX xxxx (or right procedure that needs to be done before creating a certificate verify message)that can do a proper transcript(digest or hash not clear). I tried using ssl3_finish_mac() on the message containing client certificate and client key exchange and then tried to generate the signature in certificate verify message.

There is no such feature, and none is likely to ever be offered.
The reason is that you're essentially trying to write your own
TLS implementation, and SSL library in OpenSSL is provides public
interfaces for SSL users, not for new SSL implementations.

You can of course build your OpenSSL implementation based on the
OpenSSL source code, but figuring out how the code works is then
up to you. :-(

--
        Viktor.

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|

Re: How to form a proper hash after writing somethinginto SSL handshake.(Revised)

Sai Teja Chowdary

Hi,

 

Happy 2018 everyone.

 

I figured out this issue, I think it would be good to share it here in case if anyone is interested in knowing. The right way to make a hash is by calculating hash individually for the messages client certificate, client key exchange and store the message buffer in an array before calculating the signature in certificate verify message. later after forming the certificate verify message append this to the previous array and write the whole buffer into the wire with ssl3_write_bytes().This way all three message CC, CKE and CV goes in a single record as multiple handshake messages.

 

The function ssl3_finish_mac() is the one that does the hash (Digest) of bytes which ever are to be written to or read from wire.

 

Regards

Saiteja.

From: [hidden email]
Sent: Saturday, December 30, 2017 10:48 AM
To: [hidden email]
Subject: Re: [openssl-users] How to form a proper hash after writing somethinginto SSL handshake.(Revised)

 

 

 

> On Dec 29, 2017, at 10:18 PM, Sai Teja Chowdary <[hidden email]> wrote:

>

> I want to send client certificate, client key exchange and client verify in a single handshake message which appears as multiple handshake messages in a single record. But to sent the client verify I need to first make a hash of previous messages(client certificate and client key exchange) to create the signature. I tried framing the record with above three messages and then directly sending the record in the wire using SSL3_write_machine() which is giving me Bad signature error. So i thought of doing a hash of client certificate and client key exchange messages that go before client verify.

>

> Can anyone help me to find the function in OpenSSL 1.1.1-dev  xx XXX xxxx (or right procedure that needs to be done before creating a certificate verify message)that can do a proper transcript(digest or hash not clear). I tried using ssl3_finish_mac() on the message containing client certificate and client key exchange and then tried to generate the signature in certificate verify message.

 

There is no such feature, and none is likely to ever be offered.

The reason is that you're essentially trying to write your own

TLS implementation, and SSL library in OpenSSL is provides public

interfaces for SSL users, not for new SSL implementations.

 

You can of course build your OpenSSL implementation based on the

OpenSSL source code, but figuring out how the code works is then

up to you. :-(

 

--

           Viktor.

 

--

openssl-users mailing list

To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

 


--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users