problems

Things to watch out for.

EVP_PKEY_size()

This function returns the maxim number of bytes needed to hold a signature/encryption performed with this key. For RSA keys, it is the modulus size in bytes. For DSA it is normally 48. We get 48 because the DSA signature is made of 2 ASN1 INTEGERS of 160 bits. If the top bit is set, they encode to 23 bytes each. Add the 2 byte sequence header, and we have 48 bytes. The problems are caused because half the time the INTEGER will encode to 23 bytes, 1/2*-1/256 will encode to 22 bytes, and then ever decreasing by 1/256 chance of being less bytes. So what does this mean? When checking that an encoded data object is the correct size, you can only really check that it is less than a maximum and greater than zero. To do more than this, you will have to grovel around inside the EVP_PKEY structure.

No common ciphers

While using SSLeay 0.8.0, you will probably come across situations where the two processes claim to share no ciphers but you feel they should. What follows is a discussion on what is probably going wrong.

SSL_CIPHER. Some programs use the SSL_CIPHER environment variable to specify the cipher to use. If set, this could be causing the problems.
No certificate loaded. As of SSLv3, it is quite valid to have no certificates and to use Anonymous DH. If Anonymous DH is not available to be used, the library will just keep on rejecting connection with no shared cipher error.
No ciphers have been loaded into the library. For SSLeay 0.8.0, no ciphers or message digests are hardwired into the SSL library. Instead, ciphers are registered and then dynamically looked up. If no ciphers or message digests are registered, problems will occur.

SSLeay_add_all_algorithms() will register all ciphers and digests contained in the SSLeay package.

SSLeay_add_ssl_algorithms() will just register the algorithms required for SSL.

EVP_add_cipher(EVP_CIPHER *cipher) can be used to register an indervidual cipher as

EVP_add_digest(EVP_MD *digest) can be used to register a message digest.

If you are expecting to use export ciphers and your RSA encryption certificate is greater than 512 bits in length, you will have to register a temporary RSA key.

SSL_CTX_need_tmp_RSA(SSL_CTX *ctx), when called after loading the certificates and private keys, will return true if a temporary RSA key is required due to the certificate size.

SSL_CTX_set_tmp_rsa(SSL_CTX *ctx,RSA *rsa) can be used to set the temporary RSA key, or

SSL_CTX_set_tmp_rsa_callback(SSL_CTX *ctx,tmp_rsa_cb);

RSA *tmp_rsa_cb(SSL *s,int export); can be used to specify a callback to be called when a temporary key is required. In theory a temporary RSA key can be required for a non-export RSA cipher if the certificate is for signing only. Currently SSLeay does not check to see if a certificate can only be used for signing.

RSA *RSA_generate_key(512,RSA_F4,NULL); is the call to make to generate 512 bit RSA private key.

To use an ephemeral DH cipher, a DH key needs to be provided.

SSL_CTX_set_tmp_dh(SSL_CTX *ctx,DH *dh) will specify the DH key to use.

back