Integrating New Cipher Suite

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Integrating New Cipher Suite

Schmicker, Robert
Hello,

I'm attempting to integrate a customized cipher suite for TLS 1.2,
however no matter what I try I always seem to end up with this error
(client side):

SSL routines:ssl_cipher_list_to_bytes:no ciphers
available:ssl/statem/statem_clnt.c:3567

Can anyone give some further explanation on this?

Here's some snippets from the client and server setup.

client:

SSL_CTX* InitCTX(void)
{   const SSL_METHOD *method;
    SSL_CTX *ctx;

    OpenSSL_add_all_algorithms();  /* Load cryptos, et.al. */
    SSL_load_error_strings();   /* Bring in and register error messages */
    method = SSLv23_client_method();  /* Create new client-method
instance */
    ctx = SSL_CTX_new(method);   /* Create new context */

    /* Set cipher to use */
    if (SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-MYCIPHER-SHA256") <= 0) {
        printf("Error setting the cipher list.\n");
        exit(0);
    }


    if ( ctx == NULL )
    {
        ERR_print_errors_fp(stderr);
        abort();
    }
    return ctx;
}

server:

SSL_CTX* InitServerCTX(void)
{   const SSL_METHOD *method;
    SSL_CTX *ctx;

    OpenSSL_add_all_algorithms();  /* load & register all cryptos, etc. */
    SSL_load_error_strings();   /* load all error messages */
    method = SSLv23_server_method();  /* create new server-method
instance */
    ctx = SSL_CTX_new(method);   /* create new context from method */
   
    /* Set cipher to use */
    if (SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-MYCIPHER-SHA256") <= 0) {
        printf("Error setting the cipher list.\n");
        exit(0);
    }

    if ( ctx == NULL )
    {
        ERR_print_errors_fp(stderr);
        abort();
    }
    return ctx;
}

Thank you,
Rob

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Integrating New Cipher Suite

Matt Caswell-2


On 08/04/17 18:56, Schmicker, Robert wrote:

> Hello,
>
> I'm attempting to integrate a customized cipher suite for TLS 1.2,
> however no matter what I try I always seem to end up with this error
> (client side):
>
> SSL routines:ssl_cipher_list_to_bytes:no ciphers
> available:ssl/statem/statem_clnt.c:3567
>
> Can anyone give some further explanation on this?

There is no way of dynamically adding new TLS1.2 ciphersuites into
OpenSSL. The only way to do this is to modify the source code. If that's
what you've done then you're going to need to provide a lot more
information about the changes you have made before anyone can help!

Matt


>
> Here's some snippets from the client and server setup.
>
> client:
>
> SSL_CTX* InitCTX(void)
> {   const SSL_METHOD *method;
>     SSL_CTX *ctx;
>
>     OpenSSL_add_all_algorithms();  /* Load cryptos, et.al. */
>     SSL_load_error_strings();   /* Bring in and register error messages */
>     method = SSLv23_client_method();  /* Create new client-method
> instance */
>     ctx = SSL_CTX_new(method);   /* Create new context */
>
>     /* Set cipher to use */
>     if (SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-MYCIPHER-SHA256") <= 0) {
>         printf("Error setting the cipher list.\n");
>         exit(0);
>     }
>
>
>     if ( ctx == NULL )
>     {
>         ERR_print_errors_fp(stderr);
>         abort();
>     }
>     return ctx;
> }
>
> server:
>
> SSL_CTX* InitServerCTX(void)
> {   const SSL_METHOD *method;
>     SSL_CTX *ctx;
>
>     OpenSSL_add_all_algorithms();  /* load & register all cryptos, etc. */
>     SSL_load_error_strings();   /* load all error messages */
>     method = SSLv23_server_method();  /* create new server-method
> instance */
>     ctx = SSL_CTX_new(method);   /* create new context from method */
>    
>     /* Set cipher to use */
>     if (SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-MYCIPHER-SHA256") <= 0) {
>         printf("Error setting the cipher list.\n");
>         exit(0);
>     }
>
>     if ( ctx == NULL )
>     {
>         ERR_print_errors_fp(stderr);
>         abort();
>     }
>     return ctx;
> }
>
> Thank you,
> Rob
>
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Integrating New Cipher Suite

Dr. Stephen Henson
In reply to this post by Schmicker, Robert
On Sat, Apr 08, 2017, Schmicker, Robert wrote:

> Hello,
>
> I'm attempting to integrate a customized cipher suite for TLS 1.2,
> however no matter what I try I always seem to end up with this error
> (client side):
>
> SSL routines:ssl_cipher_list_to_bytes:no ciphers
> available:ssl/statem/statem_clnt.c:3567
>
> Can anyone give some further explanation on this?
>
> Here's some snippets from the client and server setup.
>
> client:
>

That sounds like the cipher isn't visible.

I'd suggest trying s_client/s_server first.

Which version of OpenSSL are you using?

Does your new cipher appear in "openssl ciphers"? If so does the output look
sensible? Does it appear with the -s option too?

Is the cipher visible using "openssl list -cipher-algorithms" (OpenSSL 1.1.0)
or "openssl list-cipher-algorithms" (OpenSSL 1.0.2).

Is your new cipher usable via the command line utilities like "enc"? Does it
seems to be behaving as expected?

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Integrating New Cipher Suite

Schmicker, Robert
In reply to this post by Schmicker, Robert
Thank you for the quick replies!

@Matt Caswell

I have attempted to integrate the cipher suite into the source code and here is what I have done so far…

Please keep in mind this was a previous attempt that mimicked a different cipher suite.

Added defines in include/openssl/tls1.h:
   # define TLS1_CK_ECDHE_ECDSA_WITH_MYCIPHER_SHA384        0x03001306
   # define TLS1_TXT_ECDHE_ECDSA_WITH_MYCIPHER_SHA384       "ECDHE-ECDSA-MYCHIPHER-SHA384"

Added a define in include/openssl/ssl.h:
   # define SSL_TXT_MYCIPHER       "MYCIPHER"

Integrated into ssl/s3_lib.c:
   static SSL_CIPHER ssl3_ciphers[] = {

   {
    1,
    TLS1_TXT_ECDHE_ECDSA_WITH_MYCIPHER_SHA384,
    TLS1_CK_ECDHE_ECDSA_WITH_MYCIPHER_SHA384,
    SSL_kECDHE,
    SSL_aECDSA,
    SSL_MYCIPHER,
    SSL_AEAD,
    TLS1_2_VERSION, TLS1_2_VERSION,
    DTLS1_2_VERSION, DTLS1_2_VERSION,
    SSL_HIGH | SSL_FIPS,
    SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
    64,
    64,
   },


Added the binary representation in ssl/ssl_locl.h:
   # define SSL_MYCIPHER           0x00100000U

Integrated into ssl/ssl_ciph.c:
   #define SSL_ENC_CHACHA_IDX      19
   #define SSL_ENC_MYCIPHER           20
   #define SSL_ENC_NUM_IDX             21

   /* Table of NIDs for each cipher */
   static const ssl_cipher_table
ssl_cipher_table_cipher[SSL_ENC_NUM_IDX] = {
       {SSL_MYCIPHER, NID_MYCIPHER},

   static const SSL_CIPHER cipher_aliases[] = {
       {0, SSL_TXT_MYCIPHER, 0, 0, 0, SSL_MYCIPHER},

Added the loading of the cipher into ssl/ssl_init.c:
   DEFINE_RUN_ONCE_STATIC(ossl_init_ssl_base)
   {
   #ifdef OPENSSL_INIT_DEBUG
       fprintf(stderr, "OPENSSL_INIT: ossl_init_ssl_base: "
               "Adding SSL ciphers and digests\n");
   #endif

       EVP_add_cipher(EVP_mycipher());

   #ifndef OPENSSL_NO_DES
       EVP_add_cipher(EVP_des_cbc());
       EVP_add_cipher(EVP_des_ede3_cbc());
   #endif

Am I missing a step in integration?

@Dr. Stephen Henson
I’m using the most current dev branch 1.1.1-dev and thankfully the -enc does work with the EVP interface as expected.
Also, the cipher suite does show up using "openssl ciphers -v”. However, when using the s_server/s_client, I receive the same error. Please see above for my integration steps.

Any help is much appreciated!
Rob Schmicker

> On Apr 10, 2017, at 8:36 PM, [hidden email] wrote:
>
> Send openssl-users mailing list submissions to
> [hidden email]
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://mta.openssl.org/mailman/listinfo/openssl-users
> or, via email, send a message with subject or body 'help' to
> [hidden email]
>
> You can reach the person managing the list at
> [hidden email]
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of openssl-users digest..."
>
>
> Today's Topics:
>
>   1. Integrating New Cipher Suite (Schmicker, Robert)
>   2. Re: Integrating New Cipher Suite (Matt Caswell)
>   3. Re: RSA PKCS1 v2.1 - Multi-primes and RSASSA-PSS
>      (Dr. Stephen Henson)
>   4. Re: Integrating New Cipher Suite (Dr. Stephen Henson)
>   5. ssl_method_st not defined (Stiju Easo)
>   6. Re: ssl_method_st not defined (Salz, Rich)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Sat, 8 Apr 2017 17:56:54 +0000
> From: "Schmicker, Robert" <[hidden email]>
> To: "[hidden email]" <[hidden email]>
> Subject: [openssl-users] Integrating New Cipher Suite
> Message-ID:
> <[hidden email]>
>
> Content-Type: text/plain; charset="us-ascii"
>
> Hello,
>
> I'm attempting to integrate a customized cipher suite for TLS 1.2,
> however no matter what I try I always seem to end up with this error
> (client side):
>
> SSL routines:ssl_cipher_list_to_bytes:no ciphers
> available:ssl/statem/statem_clnt.c:3567
>
> Can anyone give some further explanation on this?
>
> Here's some snippets from the client and server setup.
>
> client:
>
> SSL_CTX* InitCTX(void)
> {   const SSL_METHOD *method;
>    SSL_CTX *ctx;
>
>    OpenSSL_add_all_algorithms();  /* Load cryptos, et.al. */
>    SSL_load_error_strings();   /* Bring in and register error messages */
>    method = SSLv23_client_method();  /* Create new client-method
> instance */
>    ctx = SSL_CTX_new(method);   /* Create new context */
>
>    /* Set cipher to use */
>    if (SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-MYCIPHER-SHA256") <= 0) {
>        printf("Error setting the cipher list.\n");
>        exit(0);
>    }
>
>
>    if ( ctx == NULL )
>    {
>        ERR_print_errors_fp(stderr);
>        abort();
>    }
>    return ctx;
> }
>
> server:
>
> SSL_CTX* InitServerCTX(void)
> {   const SSL_METHOD *method;
>    SSL_CTX *ctx;
>
>    OpenSSL_add_all_algorithms();  /* load & register all cryptos, etc. */
>    SSL_load_error_strings();   /* load all error messages */
>    method = SSLv23_server_method();  /* create new server-method
> instance */
>    ctx = SSL_CTX_new(method);   /* create new context from method */
>
>    /* Set cipher to use */
>    if (SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-MYCIPHER-SHA256") <= 0) {
>        printf("Error setting the cipher list.\n");
>        exit(0);
>    }
>
>    if ( ctx == NULL )
>    {
>        ERR_print_errors_fp(stderr);
>        abort();
>    }
>    return ctx;
> }
>
> Thank you,
> Rob
>
>
>
> ------------------------------
>
> Message: 2
> Date: Mon, 10 Apr 2017 11:03:05 +0100
> From: Matt Caswell <[hidden email]>
> To: [hidden email]
> Subject: Re: [openssl-users] Integrating New Cipher Suite
> Message-ID: <[hidden email]>
> Content-Type: text/plain; charset=windows-1252
>
>
>
> On 08/04/17 18:56, Schmicker, Robert wrote:
>> Hello,
>>
>> I'm attempting to integrate a customized cipher suite for TLS 1.2,
>> however no matter what I try I always seem to end up with this error
>> (client side):
>>
>> SSL routines:ssl_cipher_list_to_bytes:no ciphers
>> available:ssl/statem/statem_clnt.c:3567
>>
>> Can anyone give some further explanation on this?
>
> There is no way of dynamically adding new TLS1.2 ciphersuites into
> OpenSSL. The only way to do this is to modify the source code. If that's
> what you've done then you're going to need to provide a lot more
> information about the changes you have made before anyone can help!
>
> Matt
>
>
>>
>> Here's some snippets from the client and server setup.
>>
>> client:
>>
>> SSL_CTX* InitCTX(void)
>> {   const SSL_METHOD *method;
>>    SSL_CTX *ctx;
>>
>>    OpenSSL_add_all_algorithms();  /* Load cryptos, et.al. */
>>    SSL_load_error_strings();   /* Bring in and register error messages */
>>    method = SSLv23_client_method();  /* Create new client-method
>> instance */
>>    ctx = SSL_CTX_new(method);   /* Create new context */
>>
>>    /* Set cipher to use */
>>    if (SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-MYCIPHER-SHA256") <= 0) {
>>        printf("Error setting the cipher list.\n");
>>        exit(0);
>>    }
>>
>>
>>    if ( ctx == NULL )
>>    {
>>        ERR_print_errors_fp(stderr);
>>        abort();
>>    }
>>    return ctx;
>> }
>>
>> server:
>>
>> SSL_CTX* InitServerCTX(void)
>> {   const SSL_METHOD *method;
>>    SSL_CTX *ctx;
>>
>>    OpenSSL_add_all_algorithms();  /* load & register all cryptos, etc. */
>>    SSL_load_error_strings();   /* load all error messages */
>>    method = SSLv23_server_method();  /* create new server-method
>> instance */
>>    ctx = SSL_CTX_new(method);   /* create new context from method */
>>
>>    /* Set cipher to use */
>>    if (SSL_CTX_set_cipher_list(ctx, "ECDHE-RSA-MYCIPHER-SHA256") <= 0) {
>>        printf("Error setting the cipher list.\n");
>>        exit(0);
>>    }
>>
>>    if ( ctx == NULL )
>>    {
>>        ERR_print_errors_fp(stderr);
>>        abort();
>>    }
>>    return ctx;
>> }
>>
>> Thank you,
>> Rob
>>
>
>
> ------------------------------
>
> Message: 3
> Date: Mon, 10 Apr 2017 13:46:26 +0000
> From: "Dr. Stephen Henson" <[hidden email]>
> To: [hidden email]
> Subject: Re: [openssl-users] RSA PKCS1 v2.1 - Multi-primes and
> RSASSA-PSS
> Message-ID: <[hidden email]>
> Content-Type: text/plain; charset=us-ascii
>
> On Wed, Apr 05, 2017, Davy Souza wrote:
>
>> Hi,
>>
>>
>> I'm using RSA, but I need to know if OpenSSL RSA implements PKCS#1 v2.1. I have the following questions:
>>
>>   1) Does OpenSSL support multi-prime?
>>
>
> No.
>
>>   2) Does OpenSSL support RSASSA-PSS?
>>
>
> Yes.
>
>>   3) If so, how can I use it?
>>
>
> In what context do you want to use it? For example CMS, certificates, TLS,
> general application code or via the command line?
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
>
>
> ------------------------------
>
> Message: 4
> Date: Mon, 10 Apr 2017 13:56:40 +0000
> From: "Dr. Stephen Henson" <[hidden email]>
> To: [hidden email]
> Subject: Re: [openssl-users] Integrating New Cipher Suite
> Message-ID: <[hidden email]>
> Content-Type: text/plain; charset=us-ascii
>
> On Sat, Apr 08, 2017, Schmicker, Robert wrote:
>
>> Hello,
>>
>> I'm attempting to integrate a customized cipher suite for TLS 1.2,
>> however no matter what I try I always seem to end up with this error
>> (client side):
>>
>> SSL routines:ssl_cipher_list_to_bytes:no ciphers
>> available:ssl/statem/statem_clnt.c:3567
>>
>> Can anyone give some further explanation on this?
>>
>> Here's some snippets from the client and server setup.
>>
>> client:
>>
>
> That sounds like the cipher isn't visible.
>
> I'd suggest trying s_client/s_server first.
>
> Which version of OpenSSL are you using?
>
> Does your new cipher appear in "openssl ciphers"? If so does the output look
> sensible? Does it appear with the -s option too?
>
> Is the cipher visible using "openssl list -cipher-algorithms" (OpenSSL 1.1.0)
> or "openssl list-cipher-algorithms" (OpenSSL 1.0.2).
>
> Is your new cipher usable via the command line utilities like "enc"? Does it
> seems to be behaving as expected?
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
>
>
> ------------------------------
>
> Message: 5
> Date: Tue, 11 Apr 2017 02:20:32 +0530
> From: Stiju Easo <[hidden email]>
> To: [hidden email]
> Subject: [openssl-users] ssl_method_st not defined
> Message-ID:
> <CAD3rvcoR8Kpgfw2F6t_P=[hidden email]>
> Content-Type: text/plain; charset="utf-8"
>
> Hi,
>
>  I am trying to adopt OpenSSL 1.1.0 for my code,
>  I was able to move away from pointers for RSA etc to appropriate
> functions, but i got stuck at session
>
>
> in my code need to assign back the SSL pointer with the cipher, session id
> etc
> as below
>
>  ssl_session->client_version = client_version;
>  ssl_session->session->cipher = ssl_session->s3->tmp.new_cipher =
> pending_cipher;
>  ssl_session->session->session_id_length = ssl_id.getLength();
>
>  as now ssl_method_st  has been moved to ssl_locl.h and I am not supposed
> to include that,
>  is there any API to set these variables?
>  only code reference I saw is ssl/.statem/statem_srvr.c, where it uses
> ssl_locl.h directly.
>
>  My question is 1) is operations like setting Client version , cipher, so
> ,session, allowed with 1.1?
>                  2)so,does API exist for it?
> --
>
>
>          Stiju Easo
>
>
> The unexamined life is not worth living for man.
>      Socrates, in Plato, Dialogues, Apology
>      Greek philosopher in Athens (469 BC - 399 BC)
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170411/839ec228/attachment-0001.html>
>
> ------------------------------
>
> Message: 6
> Date: Tue, 11 Apr 2017 00:36:07 +0000
> From: "Salz, Rich" <[hidden email]>
> To: "[hidden email]" <[hidden email]>
> Subject: Re: [openssl-users] ssl_method_st not defined
> Message-ID:
> <[hidden email]>
> Content-Type: text/plain; charset="utf-8"
>
> No, the functions you want aren?t provided right now.  What are you trying to do?  Why are you modifying the session, outside of the TLS protocol?
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170411/ab65e480/attachment.html>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> openssl-users mailing list
> [hidden email]
> https://mta.openssl.org/mailman/listinfo/openssl-users
>
>
> ------------------------------
>
> End of openssl-users Digest, Vol 29, Issue 10
> *********************************************

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Integrating New Cipher Suite

Dr. Stephen Henson
On Tue, Apr 11, 2017, Schmicker, Robert wrote:

> Added a define in include/openssl/ssl.h:
>    # define SSL_TXT_MYCIPHER       "MYCIPHER"
>
> Integrated into ssl/s3_lib.c:
>    static SSL_CIPHER ssl3_ciphers[] = {
>
>    {
>     1,
>     TLS1_TXT_ECDHE_ECDSA_WITH_MYCIPHER_SHA384,
>     TLS1_CK_ECDHE_ECDSA_WITH_MYCIPHER_SHA384,
>     SSL_kECDHE,
>     SSL_aECDSA,
>     SSL_MYCIPHER,
>     SSL_AEAD,
>     TLS1_2_VERSION, TLS1_2_VERSION,
>     DTLS1_2_VERSION, DTLS1_2_VERSION,
>     SSL_HIGH | SSL_FIPS,
>     SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
>     64,
>     64,
>    },

That's a pretty small number of bits. Do you really mean it to be only 64?

Does you ciphersuite show up with cipher -s?

It's possible it is being rejected because it has insufficient security. If
the number of bits is really 64 you could try droppping the security level to
0 to allow it.

If that doesn't help enable trace support with enable-ssl-trace and then try
the -trace command ot s_client/s_server and see if the new ciphersuites is
sent in ClientHello

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Integrating New Cipher Suite

Schmicker, Robert
In reply to this post by Schmicker, Robert
Added a define in include/openssl/ssl.h:
   # define SSL_TXT_MYCIPHER       "MYCIPHER"

Integrated into ssl/s3_lib.c:
   static SSL_CIPHER ssl3_ciphers[] = {

   {
    1,
    TLS1_TXT_ECDHE_ECDSA_WITH_MYCIPHER_SHA384,
    TLS1_CK_ECDHE_ECDSA_WITH_MYCIPHER_SHA384,
    SSL_kECDHE,
    SSL_aECDSA,
    SSL_MYCIPHER,
    SSL_AEAD,
    TLS1_2_VERSION, TLS1_2_VERSION,
    DTLS1_2_VERSION, DTLS1_2_VERSION,
    SSL_HIGH | SSL_FIPS,
    SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
    64,
    64,
   },
>That's a pretty small number of bits. Do you really mean it to be only 64?
>
>Does you ciphersuite show up with cipher -s?
>
>It's possible it is being rejected because it has insufficient security. If
>the number of bits is really 64 you could try droppping the security level to
>0 to allow it.
>
>If that doesn't help enable trace support with enable-ssl-trace and then try
>the -trace command ot s_client/s_server and see if the new ciphersuites is
>sent in ClientHello
>
>Steve.
>--
>Dr Stephen N. Henson. OpenSSL project core developer.
>Commercial tech support now available see: http://www.openssl.org
After some debugging (exactly as mentioned above) it appears that the cipher suite does not show up in the ClientHello using the s_client/s_server. I modified the cipher for testing to use 512 bits instead of 64 so that it is ranked highest.

Error server side:
SSL routines:tls_post_process_client_hello:no shared cipher:ssl/statem/statem_srvr.c:1979

Error Client side:
SSL routines:ssl3_read_bytes:tlsv1 alert internal error:ssl/record/rec_layer_s3.c:1469:SSL alert number 80

Any idea why the cipher would appear under the list of supported tls1.2 ciphers, yet it does not appear under the ClientHello even if specified with the -cipher option?

Thank you for any leads!
Rob


On 4/12/17 8:06 AM, [hidden email] wrote:
Send openssl-users mailing list submissions to
	[hidden email]

To subscribe or unsubscribe via the World Wide Web, visit
	https://mta.openssl.org/mailman/listinfo/openssl-users
or, via email, send a message with subject or body 'help' to
	[hidden email]

You can reach the person managing the list at
	[hidden email]

When replying, please edit your Subject line so it is more specific
than "Re: Contents of openssl-users digest..."


Today's Topics:

   1. Re: Integrating New Cipher Suite (Dr. Stephen Henson)
   2. Re: RSA PKCS1 v2.1 - Multi-primes and RSASSA-PSS (Davy Souza)
   3.  Escaped Issuer/Subject ([hidden email])
   4. Multithreading: Global locks causing bottleneck in parallel
      SSL_write calls (dipakgaigole)


----------------------------------------------------------------------

Message: 1
Date: Tue, 11 Apr 2017 18:54:09 +0000
From: "Dr. Stephen Henson" [hidden email]
To: [hidden email]
Subject: Re: [openssl-users] Integrating New Cipher Suite
Message-ID: [hidden email]
Content-Type: text/plain; charset=us-ascii

On Tue, Apr 11, 2017, Schmicker, Robert wrote:

Added a define in include/openssl/ssl.h:
   # define SSL_TXT_MYCIPHER       "MYCIPHER"

Integrated into ssl/s3_lib.c:
   static SSL_CIPHER ssl3_ciphers[] = {

   {
    1,
    TLS1_TXT_ECDHE_ECDSA_WITH_MYCIPHER_SHA384,
    TLS1_CK_ECDHE_ECDSA_WITH_MYCIPHER_SHA384,
    SSL_kECDHE,
    SSL_aECDSA,
    SSL_MYCIPHER,
    SSL_AEAD,
    TLS1_2_VERSION, TLS1_2_VERSION,
    DTLS1_2_VERSION, DTLS1_2_VERSION,
    SSL_HIGH | SSL_FIPS,
    SSL_HANDSHAKE_MAC_SHA384 | TLS1_PRF_SHA384,
    64,
    64,
   },
That's a pretty small number of bits. Do you really mean it to be only 64?

Does you ciphersuite show up with cipher -s?

It's possible it is being rejected because it has insufficient security. If
the number of bits is really 64 you could try droppping the security level to
0 to allow it.

If that doesn't help enable trace support with enable-ssl-trace and then try
the -trace command ot s_client/s_server and see if the new ciphersuites is
sent in ClientHello

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org


------------------------------

Message: 2
Date: Tue, 11 Apr 2017 12:50:29 +0000
From: Davy Souza [hidden email]
To: [hidden email] [hidden email]
Subject: Re: [openssl-users] RSA PKCS1 v2.1 - Multi-primes and
	RSASSA-PSS
Message-ID:
	[hidden email]
	
Content-Type: text/plain; charset="iso-8859-1"

In what context do you want to use it? For example CMS, certificates, TLS,
    general application code or via the command line?


It's a C++ embedded application for a POS.  One requirement is to use PKCS#1 v2.1 for RSA functions.


Davy Alves de Souza
Computer Scientist
Federal University of S?o Carlos, Sorocaba / SP - Brazil
________________________________
De: openssl-users [hidden email] em nome de Dr. Stephen Henson [hidden email]
Enviado: segunda-feira, 10 de abril de 2017 10:46:26
Para: [hidden email]
Assunto: Re: [openssl-users] RSA PKCS1 v2.1 - Multi-primes and RSASSA-PSS

On Wed, Apr 05, 2017, Davy Souza wrote:

Hi,


I'm using RSA, but I need to know if OpenSSL RSA implements PKCS#1 v2.1. I have the following questions:

   1) Does OpenSSL support multi-prime?

No.

   2) Does OpenSSL support RSASSA-PSS?

Yes.

   3) If so, how can I use it?

In what context do you want to use it? For example CMS, certificates, TLS,
general application code or via the command line?

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170411/7e8a5420/attachment-0001.html>

------------------------------

Message: 3
Date: Wed, 12 Apr 2017 06:47:25 +0200
From: [hidden email] [hidden email]
To: [hidden email]
Subject: [openssl-users]  Escaped Issuer/Subject
Message-ID: [hidden email]
Content-Type: text/plain; charset=utf-8; format=flowed

I thought about escaping regarding DN itself (LDAP DN).

https://www.ietf.org/rfc/rfc4514.txt

https://www.ibm.com/support/knowledgecenter/en/ssw_i5_54/rzahy/rzahyunderdn.htm

https://msdn.microsoft.com/en-us/library/aa366101%28v=vs.85%29.aspx

Best regards


------------------------------

Message: 4
Date: 12 Apr 2017 10:54:28 -0000
From: "dipakgaigole" [hidden email]
To: [hidden email]
Subject: [openssl-users] Multithreading: Global locks causing
	bottleneck in parallel SSL_write calls
Message-ID: [hidden email]
Content-Type: text/plain; charset="utf-8"

Hi,&nbsp;I have a windows multi-threaded SSL server application which handles each client request in a new thread. The Server handles different types of requests. One of the request type is like &ldquo;send file&rdquo; where server thread has to read a file from local filesystem and send the content to the client.Server configurations:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; FIPS: Enabled&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSL Protocol: TLSv1.2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; Cipher: AES256-SHA&nbsp;It was observed that as the number of thread parallelism increases, the throughput decreases.To profile the server, I had recompiled the OpenSSL and FIPS source with debug symbol information. When run under a statistical profiler &ldquo;verysleepy&ldquo; (http://www.codersnotes.com/sleepy) points out below stack (hotspot
 ) which was consuming most of the time.###################################WaitForSingleObjectEx&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; KERNELBASE&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; [unknown]&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0x7fefd2610dcCRYPTO_lock&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; LIBEAY64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; c:\openssl_src\openssl-1.0.2f\crypto\cryptlib.c 597&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0xfb0bb26FIPS_lock&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nb
 sp;&nbsp; LIBEAY64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; c:\fips_src\openssl-fips-2.0.10\fips\utl\fips_lck.c&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 69&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0xfceb291fips_drbg_bytes&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; LIBEAY64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; c:\fips_src\openssl-fips-2.0.10\fips\rand\fips_drbg_rand.c&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 86&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0xfcfe868RAND_bytes&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&n
 bsp;&nbsp;&nbsp;&nbsp;&nbsp; LIBEAY64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; c:\openssl_src\openssl-1.0.2f\crypto\rand\rand_lib.c&nbsp;&nbsp;&nbsp; 159&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0xfc0dbe5tls1_enc&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLEAY64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; c:\openssl_src\openssl-1.0.2f\ssl\t1_enc.c&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 786&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0x3b6675cdo_ssl3_write&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLEAY64&nbsp;&nbsp;&nbsp;&nbsp;&
 nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; c:\openssl_src\openssl-1.0.2f\ssl\s3_pkt.c&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1042&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0x3b4c336ssl3_write_bytes&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLEAY64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; c:\openssl_src\openssl-1.0.2f\ssl\s3_pkt.c&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 830&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0x3b4baddssl3_write&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLEAY64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; c:\openssl_src\openssl-1.0.2f\ssl\s3_lib.c&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&
 nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 4404&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0x3b4796cSSL_write&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; SSLEAY64&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; c:\openssl_src\openssl-1.0.2f\ssl\ssl_lib.c&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 1047&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; 0x3b7a3e4###################################&nbsp;To check if this behavior can be seen outside of our code, I wrote a standalone multi threaded SSL server which performs same task as &ldquo;send file&rdquo;. And profiling of the standalone server also point out at the similar stack. So I was able to reproduced this behavior in standalone program.File size used: 340 MB&nbsp;To find out how the bottleneck varies with increasing the parallel thread count 
 in standalone SSL server program, I analyzed one thread behavior with different parallelism and here are the results:######################&ldquo;Parallel thread count&rdquo; &nbsp;-&gt; &nbsp;&ldquo;% of time spend in waiting for global lock&rdquo;1 -&gt; 1 %2 -&gt; 2 %5 -&gt; 5 %10 -&gt; 40 %15 -&gt; 46 %20 -&gt; 65 %25 -&gt; 68 %30 -&gt; 70 %######################&nbsp;After digging into the FIPS code found that there is a global lock around the random number generation code which is causing the bottleneck when multiple threads want to perform SSL_write operation in parallel.Code snippet from fips/rand/fips_drbg_rand.c:######################/* Since we only have one global PRNG used at any time in OpenSSL use a global* variable to store context.*/static DRBG_CTX ossl_dctx;&hellip;.&hellip;.static int fips_drbg_bytes(unsigned char *out, int count)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; {&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
 &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; DRBG_CTX *dctx = &amp;ossl_dctx;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; int rv = 0;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; unsigned char *adin = NULL;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; size_t adinlen = 0;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CRYPTO_w_lock(CRYPTO_LOCK_RAND);&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &nbsp; &nbsp;&nbsp; &hellip;.&nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &hellip;.&nbsp; &nbsp; &nbsp;&nbsp; &nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; CRYPTO_w_unlock(CRYPTO_LOCK_RAND);######################&nbsp;As comment from fips_drbg_rand.c says, do we really need to have one global PRNG at any time in OpenSSL? Does any
 one has any suggestion about how starvation (due to the global locks) of parallel SSL_write can be reduced? Any suggestions are welcome :)&nbsp;Thanks,Dipak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20170412/70b473ef/attachment.html>

------------------------------

Subject: Digest Footer

_______________________________________________
openssl-users mailing list
[hidden email]
https://mta.openssl.org/mailman/listinfo/openssl-users


------------------------------

End of openssl-users Digest, Vol 29, Issue 13
*********************************************



--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Integrating New Cipher Suite

Dr. Stephen Henson
On Fri, Apr 14, 2017, Schmicker, Robert wrote:

>
>
> After some debugging (exactly as mentioned above) it appears that the cipher suite does not show up in the ClientHello using the s_client/s_server. I modified the cipher for testing to use 512 bits instead of 64 so that it is ranked highest.
>
> Error server side:
> SSL routines:tls_post_process_client_hello:no shared cipher:ssl/statem/statem_srvr.c:1979
>
> Error Client side:
> SSL routines:ssl3_read_bytes:tlsv1 alert internal error:ssl/record/rec_layer_s3.c:1469:SSL alert number 80
>
> Any idea why the cipher would appear under the list of supported tls1.2 ciphers, yet it does not appear under the ClientHello even if specified with the -cipher option?
>

Hmm... it's not clear why the cipher isn't being sent in client hello. What
output do you get with -security_debug_verbose option? Also try including
@SECLEVEL=0 in the cipher string.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Loading...