Picon

Re: [openssl.org #3592] bug report. Crash. Critical? Security bug?

Find this:
https://bugzilla.redhat.com/show_bug.cgi?format=multiple&id=987158
http://openssl.6102.n7.nabble.com/AES-cbc-encrypt-amp-aesni-cbc-encrypt-length-parameter-td52370.html
http://www.hardening-consulting.com/en/posts/20140512openssl-and-valgrind.html

2014-11-22 15:09 GMT+03:00 Вячеслав Бадалян <v.badalyan <at> open-bs.ru>:

> We fix all leaks in asteris and libsrtp.... many calls have one leak path
>
> ==44910== Use of uninitialised value of size 8
> ==44910==    at 0x4A08DEF: memcpy (mc_replace_strmem.c:882)
> ==44910==    by 0x38E3EFD266: c2i_ASN1_INTEGER (string3.h:52)
> ==44910==    by 0x38E3F08823: asn1_ex_c2i (tasn_dec.c:992)
> ==44910==    by 0x38E3F0929A: asn1_d2i_ex_primitive (tasn_dec.c:907)
> ==44910==    by 0x38E3F09A61: ASN1_item_ex_d2i (tasn_dec.c:233)
> ==44910==    by 0x38E3F0A683: ASN1_item_d2i (tasn_dec.c:136)
> ==44910==    by 0x38E424D421: d2i_SSL_SESSION (ssl_asn1.c:395)
> ==44910==    by 0x38E4232324: tls_decrypt_ticket (t1_lib.c:2235)
> ==44910==    by 0x38E423251B: tls1_process_ticket (t1_lib.c:2124)
> ==44910==    by 0x38E42474DC: ssl_get_prev_session (ssl_sess.c:482)
> ==44910==    by 0x38E421F94E: ssl3_get_client_hello (s3_srvr.c:1017)
> ==44910==    by 0x38E42222FC: ssl3_accept (s3_srvr.c:357)
> ==44910==  Uninitialised value was created by a stack allocation
> ==44910==    at 0x38E3E90077: aesni_cbc_encrypt (aesni-x86_64.s:2149)
>
> ==44910== Conditional jump or move depends on uninitialised value(s)
> ==44910==    at 0x4A08DF1: memcpy (mc_replace_strmem.c:882)
> ==44910==    by 0x38E3EFD266: c2i_ASN1_INTEGER (string3.h:52)
> ==44910==    by 0x38E3F08823: asn1_ex_c2i (tasn_dec.c:992)
> ==44910==    by 0x38E3F0929A: asn1_d2i_ex_primitive (tasn_dec.c:907)
(Continue reading)

Picon

Re: [openssl.org #3592] bug report. Crash. Critical? Security bug?

We fix all leaks in asteris and libsrtp.... many calls have one leak path

==44910== Use of uninitialised value of size 8
==44910==    at 0x4A08DEF: memcpy (mc_replace_strmem.c:882)
==44910==    by 0x38E3EFD266: c2i_ASN1_INTEGER (string3.h:52)
==44910==    by 0x38E3F08823: asn1_ex_c2i (tasn_dec.c:992)
==44910==    by 0x38E3F0929A: asn1_d2i_ex_primitive (tasn_dec.c:907)
==44910==    by 0x38E3F09A61: ASN1_item_ex_d2i (tasn_dec.c:233)
==44910==    by 0x38E3F0A683: ASN1_item_d2i (tasn_dec.c:136)
==44910==    by 0x38E424D421: d2i_SSL_SESSION (ssl_asn1.c:395)
==44910==    by 0x38E4232324: tls_decrypt_ticket (t1_lib.c:2235)
==44910==    by 0x38E423251B: tls1_process_ticket (t1_lib.c:2124)
==44910==    by 0x38E42474DC: ssl_get_prev_session (ssl_sess.c:482)
==44910==    by 0x38E421F94E: ssl3_get_client_hello (s3_srvr.c:1017)
==44910==    by 0x38E42222FC: ssl3_accept (s3_srvr.c:357)
==44910==  Uninitialised value was created by a stack allocation
==44910==    at 0x38E3E90077: aesni_cbc_encrypt (aesni-x86_64.s:2149)

==44910== Conditional jump or move depends on uninitialised value(s)
==44910==    at 0x4A08DF1: memcpy (mc_replace_strmem.c:882)
==44910==    by 0x38E3EFD266: c2i_ASN1_INTEGER (string3.h:52)
==44910==    by 0x38E3F08823: asn1_ex_c2i (tasn_dec.c:992)
==44910==    by 0x38E3F0929A: asn1_d2i_ex_primitive (tasn_dec.c:907)
==44910==    by 0x38E3F09A61: ASN1_item_ex_d2i (tasn_dec.c:233)
==44910==    by 0x38E3F0A683: ASN1_item_d2i (tasn_dec.c:136)
==44910==    by 0x38E424D421: d2i_SSL_SESSION (ssl_asn1.c:395)
==44910==    by 0x38E4232324: tls_decrypt_ticket (t1_lib.c:2235)
==44910==    by 0x38E423251B: tls1_process_ticket (t1_lib.c:2124)
==44910==    by 0x38E42474DC: ssl_get_prev_session (ssl_sess.c:482)
==44910==    by 0x38E421F94E: ssl3_get_client_hello (s3_srvr.c:1017)
(Continue reading)

Picon

[openssl.org #3606] Need RSA_pubkey_digest()

Can the following function please be added:

int RSA_public_digest(const RSA* key, const EVP_MD *type, unsigned char *md, unsigned int *len);

which would use “type” to generate a digest over the DER encoding of the public portion of “key”,
and deposit “len” bytes into the buffer starting at “md”.

A similar function:

int RSA_private_digest() would take the same parameters as RSA_public_digest(), but for the DER
encoding of the private key. This function is less useful than the first, but is useful for symmetry in the
API and some corner cases.

Rich Salz via RT | 20 Nov 19:46 2014
Picon

[openssl.org #2679] 1.0.1-beta1 issue: Wrong Error Message for short RSA-key

Fixed.

But more importantly, the min keysize is now 512 (for post-1.0.2; should we
backport?)

master c56a50b RT2679: Fix error if keysize too short

Author: Annie Yousar <a.yousar <at> informatik.hu-berlin.de>
Date: Mon Sep 8 16:50:03 2014 -0400

RT2679: Fix error if keysize too short

In keygen, return KEY_SIZE_TOO_SMALL not INVALID_KEYBITS.

** I also increased the minimum from 256 to 512, which is now
documented in CHANGES file. **

Reviewed-by: Matt Caswell <matt <at> openssl.org>
;

--
Rich Salz, OpenSSL dev team; rsalz <at> openssl.org

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Rich Salz via RT | 20 Nov 19:44 2014
Picon

[openssl.org #3488] OPENSSL_config shouldn't exit()

master 14d3b76 RT3488: Update doc for OPENSSL_config

Author: Rich Salz <rsalz <at> openssl.org>
Date: Tue Sep 9 13:45:49 2014 -0400

RT3488: Update doc for OPENSSL_config

Fix CONF_load_modules to CONF_modules_load.
Document that it calls exit.
Advise against using it now.
Add an error print to stderr.

Reviewed-by: Matt Caswell <matt <at> openssl.org>

--
Rich Salz, OpenSSL dev team; rsalz <at> openssl.org

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Rich Salz via RT | 20 Nov 19:35 2014
Picon

[openssl.org #2187] winsock.h inclusion in dtls1.h (bug?)

Per the email thread, we're "rejecting" this.
--
Rich Salz, OpenSSL dev team; rsalz <at> openssl.org

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Picon

How to disable SSLV2 and SSLV3 from apache(unix) server

Hello All,

 

Please let me know how to disable SSLV2 and SSLV3 from apache(Unix) Server.

 

Through Google I found file /etc/httpd/conf/extra/httpd-ssl.conf  or /etc/httpd/conf/ssl.conf  line

 

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:+eNULL

 

Needs change to :

 

SSLCipherSuite ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL

 

But In my server those files are not exist.

 

Thanks,

Kathir

 

Francis ANDRE via RT | 20 Nov 10:54 2014
Picon

[openssl.org #3605] bug report: compilation error and fix for OpenSSL on Cygwin64

Hi

The file include/openssl/e_os2.h produces a compile error when compiling 
third party software using openssl

The line

# if defined(__CYGWIN32__) || defined(OPENSSL_SYSNAME_CYGWIN32)

should be rewritten as

# if defined(__CYGWIN__) || defined(OPENSSL_SYSNAME_CYGWIN32)

because __CYGWIN32__ is undefined under Cygwin64 while __CYGWIN__ is 
defined, both under Cygwin and Cygwin64

Rgds

/* For 32 bit environment, there seems to be the CygWin environment and 
then
    all the others that try to do the same thing Microsoft does... */
#if defined(OPENSSL_SYSNAME_UWIN)
# undef OPENSSL_SYS_UNIX
# define OPENSSL_SYS_WIN32_UWIN
#else
# if defined(__CYGWIN__) || defined(OPENSSL_SYSNAME_CYGWIN32)
#  undef OPENSSL_SYS_UNIX
#  define OPENSSL_SYS_WIN32_CYGWIN
# else
#  if defined(_WIN32) || defined(OPENSSL_SYSNAME_WIN32)
#   undef OPENSSL_SYS_UNIX
#   define OPENSSL_SYS_WIN32
#  endif
#  if defined(OPENSSL_SYSNAME_WINNT)
#   undef OPENSSL_SYS_UNIX
#   define OPENSSL_SYS_WINNT
#  endif
#  if defined(OPENSSL_SYSNAME_WINCE)
#   undef OPENSSL_SYS_UNIX
#   define OPENSSL_SYS_WINCE
#  endif
# endif
#endif

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Martin Paljak | 20 Nov 10:50 2014
Picon

CFP: Security Devroom <at> FOSDEM'15

AKA "Hardware and Software isolation mechanisms"

Next  FOSDEM [1] will, again ([3], [4]), have a security devroom, this
time on the topic  of "Hardware and Software isolation mechanisms".
We'd like to invite  submissions of talks and presentations from
developers, security  researchers and other interested representatives
of open source and free  software and hardware projects.

This is the call for talks and presentations that will take place in
the Security devroom at FOSDEM 2015.

Our topic this year:
As  complex software tends to have bugs, methods to contain the damage
from  a potentially serious bug (e.g., code injection, leak of memory
contents) are required. While such methods have been known and
available  for a long time (HSMs and smart cards, privilege
separation), it is  surprising that an attack like heartbleed required
the revocation of the  private keys of a large part of the Internet.
For that reason Hardware  and Software isolation mechanisms that could
mitigate such attacks, are  again on the line, and the main theme of
this devroom.

For up-to-date submission and event information:
https://github.com/security-devroom/fosdem-2015

The security devroom will be held on Sunday 1st of February 2015 in
Brussels, Belgium at ULB room S.AW1.120 from 09:00 to 17:00.

Feel free to forward this announcement to any relevant FOSS project
mailing list.

[1] https://fosdem.org/2015/
[2] https://github.com/security-devroom/fosdem-2015
[3] https://www.opensc-project.org/opensc/wiki/FOSDEM2011
[4] https://www.opensc-project.org/opensc/wiki/FOSDEM2012

Best,
--
Martin
+372 515 6495
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org

Indtiny S | 18 Nov 17:25 2014
Picon

ECC key generation example using openssl

Dear All,

I have written below code to generate a ECC based private and public key .

But I am missing logic , my keys are not generated .

My goal is to generate , Client :- private = Ca , public= Ca,G and Server:- private=Sa, pub = Sa.G 

and prove Ca.(Sa.G) = Sa.(CaG)



 #include <openssl/obj_mac.h>
 #include <openssl/ec.h>

void handleErrors(void){

printf("\n error ");
}
EC_GROUP *create_curve(void)
{
BN_CTX *ctx;
EC_GROUP *curve;
BIGNUM *a, *b, *p, *order, *x, *y;
EC_POINT *generator;

/* Binary data for the curve parameters */
unsigned char a_bin[28] =
{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFE,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFE};
unsigned char b_bin[28] =
{0xB4,0x05,0x0A,0x85,0x0C,0x04,0xB3,0xAB,0xF5,0x41,
0x32,0x56,0x50,0x44,0xB0,0xB7,0xD7,0xBF,0xD8,0xBA,
0x27,0x0B,0x39,0x43,0x23,0x55,0xFF,0xB4};
unsigned char p_bin[28] =
{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0x00,0x00,0x00,0x00,
0x00,0x00,0x00,0x00,0x00,0x00,0x00,0x01};
unsigned char order_bin[28] =
{0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,0xFF,
0xFF,0xFF,0xFF,0xFF,0x16,0xA2,0xE0,0xB8,0xF0,0x3E,
0x13,0xDD,0x29,0x45,0x5C,0x5C,0x2A,0x3D };
unsigned char x_bin[28] =
{0xB7,0x0E,0x0C,0xBD,0x6B,0xB4,0xBF,0x7F,0x32,0x13,
0x90,0xB9,0x4A,0x03,0xC1,0xD3,0x56,0xC2,0x11,0x22,
0x34,0x32,0x80,0xD6,0x11,0x5C,0x1D,0x21};
unsigned char y_bin[28] =
{0xbd,0x37,0x63,0x88,0xb5,0xf7,0x23,0xfb,0x4c,0x22,
0xdf,0xe6,0xcd,0x43,0x75,0xa0,0x5a,0x07,0x47,0x64,
0x44,0xd5,0x81,0x99,0x85,0x00,0x7e,0x34};

/* Set up the BN_CTX */
if(NULL == (ctx = BN_CTX_new())) handleErrors();

/* Set the values for the various parameters */
if(NULL == (a = BN_bin2bn(a_bin, 28, NULL))) handleErrors();
if(NULL == (b = BN_bin2bn(b_bin, 28, NULL))) handleErrors();
if(NULL == (p = BN_bin2bn(p_bin, 28, NULL))) handleErrors();
if(NULL == (order = BN_bin2bn(order_bin, 28, NULL))) handleErrors();
if(NULL == (x = BN_bin2bn(x_bin, 28, NULL))) handleErrors();
if(NULL == (y = BN_bin2bn(y_bin, 28, NULL))) handleErrors();

/* Create the curve */
if(NULL == (curve = EC_GROUP_new_curve_GFp(p, a, b, ctx))) handleErrors();

/* Create the generator */
if(NULL == (generator = EC_POINT_new(curve))) handleErrors();
if(1 != EC_POINT_set_affine_coordinates_GFp(curve, generator, x, y, ctx))
handleErrors();

/* Set the generator and the order */
if(1 != EC_GROUP_set_generator(curve, generator, order, NULL))
handleErrors();

EC_POINT_free(generator);
BN_free(y);
BN_free(x);
BN_free(order);
BN_free(p);
BN_free(b);
BN_free(a);
BN_CTX_free(ctx);

return curve;
}


void myPrint( BIGNUM * x, char * t ) {
   char * s = BN_bn2dec( x ) ;
   printf("%s%s", s, t ) ;
//   OPENSSL_free(s) ;
   free(s) ;
}

int main()
{
EC_GROUP * cur = create_curve();
if(NULL == cur)
{
handleErrors();
}

EC_KEY *key;
 
if(NULL == (key = EC_KEY_new_by_curve_name(NID_secp224r1)))
handleErrors();

if(1 != EC_KEY_generate_key(key)) handleErrors();

BIGNUM *prv;
EC_POINT *pub;

/* Set up private key in prv */
/* Set up public key in pub */

if(1 != EC_KEY_set_private_key(key, prv)) handleErrors();

myPrint(prv,"\n");
if(1 != EC_KEY_set_public_key(key, pub)) handleErrors();

return 0;

}
Stephen Henson via RT | 18 Nov 15:12 2014
Picon

[openssl.org #3483] [BUG] DTLS/sctp crashes sporadically when remote endpoint closes connection

Fixed now, thanks for the report.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev <at> openssl.org
Automated List Manager                           majordomo <at> openssl.org


Gmane