The errata list is a list of errors and their corrections that were found after the product was released.
The following errata were submitted by our customers and have not yet been approved or disproved by the author or editor. They solely represent the opinion of the customer.
Version |
Location |
Description |
Submitted by |
Date submitted |
Printed |
Page 35
2nd example |
Example as given :
9780596002701 enc -des3-ede-ofb -d -in ciphertext.bin -out plaintext.doc -pass
pass:trousers
This generates an error.
Example that works :
9780596002701 enc -des-ede3-ofb -d -in ciphertext.bin -out plaintext.doc -pass
pass:trousers
NOTE:
difference is -des3-ede-ofb VS -des-ede3-ofb
|
Anonymous |
|
Printed |
Page 45
2nd paragraph, first sentence |
"..., we can be sure that only the encrypted data can be decrypted with the corresponding private key."
The placement of "only" doesn't make sense, my suggestion:
"..., we can be sure that the encrypted data can only be decrypted with the corresponding private key."
|
Anonymous |
Feb 12, 2009 |
Printed |
Page 48
5th paragraph, 3rd sentence |
(perhaps due to certificate theft)
should be
(perhaps due to private key theft)
|
Anonymous |
|
Printed |
Page 48
5th paragraph, 3rd sentence |
(perhaps due to certificate theft)
should be
(perhaps due to private key theft)
|
Anonymous |
Aug 05, 2008 |
Printed |
Page 50
2nd paragraph, 2nd sentence |
"As with the keyUsage extension, if this extension is present, it should be designated critical."
This is wrong. See RFC 3280, section 4.2.1.13, paragraph 5:
"This extension MAY, at the option of the certificate issuer, be either critical or non-critical."
|
Anonymous |
|
Printed |
Page 50
2nd paragraph, 2nd sentence |
"As with the keyUsage extension, if this extension is present, it should be designated critical."
This is wrong. See RFC 3280, section 4.2.1.13, paragraph 5:
"This extension MAY, at the option of the certificate issuer, be either critical or non-critical."
|
Anonymous |
Aug 05, 2008 |
Printed |
Page 65
4th line (command) |
It seems that the "openssl" command cannot get the number of days and bits set in the configuration file cannot be taken (so it is a problem of the "openssl" command itself).
The following command works OK:
openssl req -config /opt/TMBca/openssl.cnf -x509 -newkey rsa:2048 -days 365 -out cacert.pem -outform PEM
Without specifying the days in the command line, then the number of days is one month (irrespective of the fact that in the configuration file it is set as 365).
|
Anonymous |
|
Printed |
Page 65
Example 3-5 |
The command:
# 9780596002701 req -x509 -newkey rsa -out cacert.pem -outform PEM
(lines 4 and 16)
would not generate the validity of 1 year (365 days) for the self-signed root certificate as shown in example 3-5.
With reference to "req" man-page, the option "-days 365" is required when using "-x509" to generate a validity of 365 days; otherwise the default validity is 30 days.
|
Anonymous |
|
Printed |
Page 65
line 4 |
With current openssl versions, the rsa argument to the newkey option requires the bits. The full command then becomes:
openssl req -x509 -newkey rsa:2048 -out cacert.pem -outform PEM
|
MSopacua |
Jan 12, 2012 |
Printed |
Page 67
n/a |
Does the procedure on pages 60-63 work on Mac OS X. I attempted to do exactly what was listed and the response was the "usage" response from req. It just listed its parameters. It did not say what was wrong with what I had typed.
openssl reports its version as:
OpenSSL> version
OpenSSL 0.9.8l 5 Nov 2009
|
Anonymous |
Sep 14, 2011 |
Printed |
Page 68
Example 3-7 |
Attributes:
unstructuredName :drowssap egnellahc
challengePassword :drowssap egnellahc
Should be: (Tested under OpenSSH 0.9.7a)
Attributes:
unstructuredName :Examples-R-Us, Inc.
challengePassword :cloud noon sundry presto madrid baker
|
Anonymous |
|
Printed |
Page 84
Last paragraph |
The described error function:
char *ERR_error_string_n(unsigned long e, char *buf, size_t len);
should be:
void ERR_error_string_n(unsigned long e, char *buf, size_t len);
at least for OpenSSL 0.9.6.d...
|
Anonymous |
|
Printed |
Page 86
last line |
The prototype of the function shown in the last line is prepended with the word
"The". However this would not result in valid C code and I assume it is a leftover
from some editing of the line/paragraph.
|
Anonymous |
|
Printed |
Page 86
last line |
The work "The" should be omitted.
|
Anonymous |
Aug 05, 2008 |
Printed |
Page 92
2nd paragraph, 2nd sentence |
|
Anonymous |
Aug 05, 2008 |
Printed |
Page 101
1st paragraph in "Using an Alternate Entropy Source" |
"It is licensed under the BSD licence, which means that it's free
and the source code is available."
should read:
"It is licensed under GPL (version 2), which means the source code
is freely available; see http://www.gnu.org/copyleft/gpl.html
for details."
|
Anonymous |
|
Printed |
Page 107
Table 4-1 |
(r = pow(a, 2) % m) should be (r = pow(a, p) % m)
for BN_mod_exp(r, a, p, m, ctx)
|
Anonymous |
|
Printed |
Page 114
Example 5-1, line 17 (THREAD_CREATE macro) |
The THREAD_CREATE macro (for windows) appears to attempt to return an identifier for
the newly created thread. The code, however, will always return the id of the thread
that called the macro.
To return the identifier of the new thread the macro should be modified so read:-
#define THREAD_CREATE(tid, entry, arg) do {
(tid) = GetThreadId (_beginthread ((entry), 0, (arg)))
} while (0);
Because 'GetThreadId' uses the handle returned by _beginthread to retrieve the
identifier of the newly created thread.
|
Anonymous |
|
Printed |
Page 115
example 5-3 |
the for loop:
for (nwritten = 0; nwritten < sizeof(buf); nwritten += err)
should be:
for (nwritten = 0; nwritten < strlen(buf); nwritten += err)
|
Anonymous |
|
Printed |
Page 117
all following examples |
Examples 4-9 through 4-12 define a function seed_prng() defined as:
int seed_prng(int bytes)
But in several of client/server examples in Chapter 5 (Examples 5-5, 5-6, 5-9, and 5-
10) the usage appears to be
void seed_prng(void).
Suggest changing the Chapter 5 examples to show:
seed_prng(1024);
|
Anonymous |
|
Printed |
Page 117
Line 21 |
server_thread() function should return pointer (to suppress compile warning). So
line 21 should read:
void *THREAD_CC server_thread(void *arg)
rather than
void THREAD_CC server_thread(void *arg)
|
Anonymous |
|
Printed |
Page 123
3rd paragraph |
Lines 54-58 should be 53-57
|
Anonymous |
Mar 12, 2014 |
Printed |
Page 124
3rd paragraph |
my9780596002701.cnf file is missing. I believe that openssl.cnf is what was intended. It
should be located in /etc/ssl/9780596002701.cnf
|
Anonymous |
|
Printed |
Page 124
examples of how to create certificates |
my9780596002701.cnf is missing although it is used in several examples to create
certificates. That leaves readers in guessing state and unable to try the examples
out themselves.
|
Anonymous |
|
Printed |
Page 125
1st paragraph |
"Line 56 does this through a call to SSL_set_bio."
should read:
"Line 55 does this through a call to SSL_set_bio."
|
Anonymous |
|
Printed |
Page 125
1st paragraph, 4th line |
|
Anonymous |
Mar 12, 2014 |
Printed |
Page 136
Example 5-8 (function post_connection_check) |
The function post_connection_check() in example 5-8
uses internal functions from the OpenSSL library instead
of stable functions from the public API.
This means that it does only work with OpenSSL 0.9.6
and NOT in 0.9.7 where it causes a program that uses
the function to crash.
It could use the API function X509_get_ext_d2i().
|
Anonymous |
|
Printed |
Page 141
Example 5-10, line 30/39 |
The for loop will just loop forever, so line 40 will never be reached - leaving a
dangling thread. Could change it to a do loop as in example 5.6.
|
Anonymous |
|
Printed |
Page 145
2nd paragraph |
The book says "Of these two choices, DH is better because temporary RSA keys violate
the SSL/TLS protocols".
While it is true that ephemeral Diffie-Hellman is better than
ephemeral RSA from a security perspective, it is definitely not true
that temporary RSA keys violate the SSL/TLS protocols.
Pages 39 and 40 of RFC 2246 describe the (legitimate) use
of ephemeral RSA in the TLS protocol.
Pages 25 and 26 of the SSLv3 draft (draft-freier-ssl-version3-02.txt)
describe the use of ephemeral RSA in the SSLv3 protocol.
|
Anonymous |
|
Printed |
Page 160-163
Example 5-16 |
The variables "have_data_A2B" and "have_data_B2A" are unnecessary. Conditional statements in the example can check for "A2B_len > 0" and "B2A_len > 0", respectively.
|
Anonymous |
Jul 03, 2013 |
Printed |
Page 160
Example 5-16 |
Example 16 in chapter 5 has a fundamental flaw. It uses check_availability to determine
whether to call SSL_Read, so this only happens (renegotiation aside) when the appropriate
bit corresponding to the SSL fd is set in the read fdset. However, this is to ignore
the fact that the SSL reads ahead. So, if a read is done which fills the buffer, and
there is more data read ahead, but no more data beyond that, the SSL_Read will never be
called to read the internally buffered data (i.e. the data that has been read ahead).
The way to fix this is something like (untested) adding:
can_read_A |= SSL_Pending(A);
can_read_B |= SSL_Pending(B);
after check_availability, and then for the text to explain what SSL_Pending does (returns
true if there is buffered data).
|
Anonymous |
Apr 24, 2014 |
Printed |
Page 162
line 131 |
Comments in example 5-16 state "2. there's data in the A to B buffer"
This should be "2. there's data in the B to A buffer"
|
Anonymous |
Jul 03, 2013 |
Printed |
Page 164
3rd paragraph |
The second sentence in the 3rd paragraph references a non-implemented funciton called
set_nonblocking. The function is actually written (in the example code on page 160)
as set_non-blocking.
|
Anonymous |
|
Printed |
Page 165
3rd paragraph, 3rd sentence |
"They assert we are not in the middle of a read operation..."
should read
"They assert we are not in the middle of a write operation..."
|
Anonymous |
|
Printed |
Page 165
3rd paragraph, 3rd sentence |
"They assert we are not in the middle of a read operation..."
should read
"They assert we are not in the middle of a write operation..."
|
Anonymous |
Aug 05, 2008 |
Printed |
Page 185
Example 6-3 |
The coding is not working as the description on the same page. There are problems in
the 3rd parameters of 2 EVP_EncryptUpdate.
data[ol] should be changed as the following
for (i = 0; i < inl / 100; i++)
{
EVP_EncryptUpdate (ctx, &ret[ol], &tmp, &data[i*100], 100);
ol += tmp;
}
if (inl % 100)
{
EVP_EncryptUpdate (ctx, &ret[ol], &tmp, &data[(inl/100)*100], inl % 100);
ol += tmp;
}
|
Anonymous |
|
Printed |
Page 187
Example 66 |
The code calls EVP_EncryptInit() and EVP_DecryptInit(), which (in OpenSSL v0.9.7 at
least) end up calling EVP_CipherInit_Ex(), which has a line:
crypto/evp/evp_env.c#146: ctx->cipher_data=OPENSSL_malloc(ctx->cipher->ctx_size);
this malloc'd space seems not to be freed except in
EVP_CIPHER_CTX_cleanup()
which your example code does not call -- if this is indeed a problem (as I believe it
is), it may be more widespread. It shows up in a library I am using (PTPTL at
SourceForge.net), as well.
Counterexamples (of cleaning up afterwards by calling EVP_CIPHER_CTX_cleanup()) can
be found, e.g., in cyptoevpevp_test.c in test1(), and in cryptopempem_lib.c in
PEM_ASN1_write_bio().
In your particular example, of course, the program exits immediately so it's not a
"serious technical mistake" in that sense. However in the pedagogic sense, I think it
is a serious omission: we look to excellent books like this for good code examples,
and this leak is fairly difficult to detect.
|
Anonymous |
|
Printed |
Page 195
1st line, continued paragraph from previous page |
Sentence:
The MAC algorithm produces a hash value from the data to protect a secret key.
Maybe should be:
The MAC algorithm produces a hash value from the data to protect and the secret key.
|
Anonymous |
|
Printed |
Page 208
In the section of XCBC-MAC |
I'm not reporting errors for XCBC-MAC but would like to give suggestions. It would be better and more practical if the code shown in this section could comply the functions specified in RFC 3566.
|
Anonymous |
|
Printed |
Page 283
In the main() of example 10-5 |
The certificate request generated with the sample code will NOT work correctly with
some certificate authorities (for example Verisign). The problem is that the code
fails to set the version number. The following line of code should be added after
creating the request (with X509_REQ_new()):
X509_REQ_set_version(req, 0L);
|
Anonymous |
|
Printed |
Page 295
last code example, last line |
fprintf(stderr, "Error reading the CRL file
");
should read
fprintf(stderr, "Error reading the CA directory
");
|
Anonymous |
|
Printed |
Page 295
last code example, last line |
fprintf(stderr, "Error reading the CRL file\n");
should read
fprintf(stderr, "Error reading the CA directory\n");
|
Anonymous |
Aug 05, 2008 |
Printed |
Page 310
Description of CA command |
Version 0.9.7b lists a "-extfile file - Configuration file with X509v3 extentions
to add" option that is not described in the book.
{Chapter 10} Example 10-6. Creating a certificate from a request and CA credentials ;
(I use Safari online, so page numbers do not match printed editions.)
The string "nonrepudiation" in the ext_ent array entry for keyUsage fails on OpenSSL 0.9.8e
because OpenSSL uses strcmp, looking for an exact case match. When I change nonrepudiation
to be mixed case, nonRepudiation, example 10-6 works correctly since the strcmp detects a
match. Without this, OpenSSL reports an extension usage error. I'm guessing an older version
of OpenSSL either used stricmp, or perhaps it had all lowercase "nonrepudiation." I hope this
helps. Thanks for an informative book!
|
Anonymous |
|