'[openssl.org #771] Bug report: Exportable key limit should be 1024 bits instead of 512 bits'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-dev
Subject:    [openssl.org #771] Bug report: Exportable key limit should be 1024 bits instead of 512 bits
From:       "Richard Levitte via RT" <rt () openssl ! org>
Date:       2003-11-28 22:40:36
[Download RAW message or body]


I just committed the proposed change.  It will appear in future 
snapshots and releases of OpenSSL.

Thanks for your contribution.  Ticket resolved.

[czhang2005@hotmail.com - Tue Nov 18 08:34:11 2003]:

> OpenSSL 0.9.7c 30 Sep 2003
> built on: Thu Nov 13 23:47:30 2003
> platform: VC-NT
> options:  bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long)
>    idea(int)
> blowfis
> h(idx)
> compiler: cl  /MDd /W3 /WX /Zi /Yd /Od /nologo -DOPENSSL_SYSNAME_WIN32
> -D_DEBUG
> -DL_ENDIAN -DWIN32_LEAN_AND_MEAN -DDEBUG -DDSO_WIN32
>    -DOPENSSL_SYSNAME_WINNT
> /Fd
> out32dll -DOPENSSL_NO_KRB5
> OPENSSLDIR: "/usr/local/ssl"
> 
> Problem description:
> With the release of OpenSSL 0.9.7c, people start to see the error "SSL
> routines:SSL3_CHECK_CERT_AND_ALGORITHM:missing
> export tmp rsa key:s3_clnt.c:1952" on the cient side, e.g.:
> http://www.mail-archive.com/openssl-users@openssl.org/msg33162.html
> 
> Analysis:
> The root of this problem is in line 109, x509type.c:
> 	if (EVP_PKEY_size(pk) <= 512/8)	/* /8 because it's 512 bits 
we look
> New export regulations allow the export of 56-bit encryption and 1024-
>    bit
> key exchange(check out #define SSL_EXPORT_PKEYLENGTH(a)
>    (SSL_IS_EXPORT40(a)
> ? 512 : 1024) in ssl_locl.h), but this line will attribute any PKEY
>    size
> bigger than 512 bit as non-exportable.  In my scenario: the server has
>    only
> export license, and chooses the cipher EXP1024-RC4-SHA. The server's
>    RSA key
> is also 1024 bit, so it opts NOT to use ephemeral key exchange. Then
>    on the
> client side, OpenSSL correctly identifies EXP1024-RC4-SHA as
>    exportable, but
> incorrectly treats the server's 1024 bit RSA key used to sign the x509
> certificate as non-exportable. Given that no ephemeral key is used to
>    work
> around the "problem", the client side reports error "missing export
>    tmp rsa
> key" and fails the handshake.
> 
> A possible solution would be to change it to:
>                   if (EVP_PKEY_size(pk) <= 1024/8)
> 
> Thanks,
> Charles Zhang
> czhang2005@hotmail.com
> 
> _________________________________________________________________
> Great deals on high-speed Internet access as low as $26.95.
> https://broadband.msn.com (Prices may vary by service area.)
> 


-- 
Richard Levitte
levitte@openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majordomo@openssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic