libcryptoplus exception: elliptic curve routines:EC_POINT_cmp:incompatible objects

[wrouesnel]

2014-05-30T09:02:55.337913 [DEBUG] Cipher suite: ecdhe_rsa_aes256_gcm_sha384
terminate called after throwing an instance of 'cryptoplus::error::cryptographic_exception'
  what():  error:10071065:elliptic curve routines:EC_POINT_cmp:incompatible objects

After building freelan from source on Ubuntu 14.04 I'm seeing this error from the freelan2 binary when the servers try to connect.

I have openssl 1.0.1f-1ubuntu2.1 installed.

[ereOn]

@wrouesnel That's weird.

I'll try to build it on Ubuntu 14.04 and see what causes this. I don't know exactly when, because I have pretty busy weeks coming ahead, but I'll let you know of my progress.

Thanks for reporting that.

[ereOn]

Seems the error was introduced by https://github.com/freelan-developers/freelan-all/pull/24.

Investigating...

[ereOn]

@champtar Could you please run the latest ecdhe sample on your different systems and tell me which curves are supported ? It seems that secp521r1 is failing on all my regular Linux systems.

Meanwhile, I will tackle https://github.com/freelan-developers/freelan-all/issues/28 to solve this all at once.

[ereOn]

https://github.com/freelan-developers/freelan-all/issues/28 done.

[ereOn]

@wrouesnel : Should be fixed now as of #28.

Let me know if that works.

[champtar]

hi @ereOn

result on my fedora

NID_X9_62_c2pnb163v1 (nid: 684): error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group
NID_X9_62_c2pnb163v2 (nid: 685): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_X9_62_c2pnb163v3 (nid: 686): error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group
NID_X9_62_c2pnb176v1 (nid: 687): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_X9_62_c2tnb191v1 (nid: 688): error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group
NID_X9_62_c2tnb191v2 (nid: 689): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_X9_62_c2tnb191v3 (nid: 690): error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group
NID_X9_62_c2pnb208w1 (nid: 693): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_X9_62_c2tnb239v1 (nid: 694): error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group
NID_X9_62_c2tnb239v2 (nid: 695): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_X9_62_c2tnb239v3 (nid: 696): error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group
NID_X9_62_c2pnb272w1 (nid: 699): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_X9_62_c2pnb304w1 (nid: 700): error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group
NID_X9_62_c2tnb359v1 (nid: 701): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_X9_62_c2pnb368w1 (nid: 702): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_X9_62_c2tnb431r1 (nid: 703): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_X9_62_prime256v1 (nid: 415): 256
NID_secp112r1 (nid: 704): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp112r2 (nid: 705): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp128r1 (nid: 706): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp128r2 (nid: 707): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp160k1 (nid: 708): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp160r1 (nid: 709): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp160r2 (nid: 710): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp192k1 (nid: 711): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp224k1 (nid: 712): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp224r1 (nid: 713): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp256k1 (nid: 714): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_secp384r1 (nid: 715): 384
NID_secp521r1 (nid: 716): 528
NID_sect113r1 (nid: 717): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect113r2 (nid: 718): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect131r1 (nid: 719): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect131r2 (nid: 720): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect163k1 (nid: 721): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect163r1 (nid: 722): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect163r2 (nid: 723): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect193r1 (nid: 724): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect193r2 (nid: 725): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect233k1 (nid: 726): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect233r1 (nid: 727): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect239k1 (nid: 728): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect283k1 (nid: 729): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect283r1 (nid: 730): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect409k1 (nid: 731): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect409r1 (nid: 732): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect571k1 (nid: 733): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_sect571r1 (nid: 734): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_wap_wsg_idm_ecid_wtls1 (nid: 735): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_wap_wsg_idm_ecid_wtls3 (nid: 736): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_wap_wsg_idm_ecid_wtls4 (nid: 737): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_wap_wsg_idm_ecid_wtls5 (nid: 738): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_wap_wsg_idm_ecid_wtls7 (nid: 740): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_wap_wsg_idm_ecid_wtls8 (nid: 741): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_wap_wsg_idm_ecid_wtls9 (nid: 742): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_wap_wsg_idm_ecid_wtls10 (nid: 743): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_wap_wsg_idm_ecid_wtls11 (nid: 744): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve
NID_wap_wsg_idm_ecid_wtls12 (nid: 745): error:100C508D:elliptic curve routines:PKEY_EC_CTRL:invalid curve

please retake a look at https://github.com/freelan-developers/freelan-all/issues/19

[wrouesnel]

I can confirm my original issue is fixed and it's running fine now on Ubuntu.

[ereOn]

@wrouesnel : Thanks for the feedback. It is very much appreciated.

[ereOn]

@champtar : It seems picking only one curve is doomed to fail on some platforms. I went back on picking SECT571r1 by default because it works on most systems. However, I am completely for adding a #define to change these defaults for the systems you are dealing with.

[champtar]

@ereOn, what linux are you using, secp521r1 is in every ssl lib, and it's in fedora 20/ubuntu 12.04/openwrt BB (see #19), so i still think secp521r1 is the best default.

@ereOn @wrouesnel, please run openssl ecparam -list_curves to see the list of curves on your system.

@wrouesnel when you were testing, did you update both end?

[ereOn]

@champtar I'm testing on a really common Debian box (amd64).

The thing is: the elliptic curve exists, is known, but OpenSSL fails upon its usage. It does so for two other elliptic curves as well. I couldn't understand why this is failing and OpenSSL's documentation on this is almost inexistent. You can reproduce this easily by running the ecdhe sample on such a system.

Here is my output:

secp112r1 : SECG/WTLS curve over a 112 bit prime field
secp112r2 : SECG curve over a 112 bit prime field
secp128r1 : SECG curve over a 128 bit prime field
secp128r2 : SECG curve over a 128 bit prime field
secp160k1 : SECG curve over a 160 bit prime field
secp160r1 : SECG curve over a 160 bit prime field
secp160r2 : SECG/WTLS curve over a 160 bit prime field
secp192k1 : SECG curve over a 192 bit prime field
secp224k1 : SECG curve over a 224 bit prime field
secp224r1 : NIST/SECG curve over a 224 bit prime field
secp256k1 : SECG curve over a 256 bit prime field
secp384r1 : NIST/SECG curve over a 384 bit prime field
secp521r1 : NIST/SECG curve over a 521 bit prime field
prime192v1: NIST/X9.62/SECG curve over a 192 bit prime field
prime192v2: X9.62 curve over a 192 bit prime field
prime192v3: X9.62 curve over a 192 bit prime field
prime239v1: X9.62 curve over a 239 bit prime field
prime239v2: X9.62 curve over a 239 bit prime field
prime239v3: X9.62 curve over a 239 bit prime field
prime256v1: X9.62/SECG curve over a 256 bit prime field
sect113r1 : SECG curve over a 113 bit binary field
sect113r2 : SECG curve over a 113 bit binary field
sect131r1 : SECG/WTLS curve over a 131 bit binary field
sect131r2 : SECG curve over a 131 bit binary field
sect163k1 : NIST/SECG/WTLS curve over a 163 bit binary field
sect163r1 : SECG curve over a 163 bit binary field
sect163r2 : NIST/SECG curve over a 163 bit binary field
sect193r1 : SECG curve over a 193 bit binary field
sect193r2 : SECG curve over a 193 bit binary field
sect233k1 : NIST/SECG/WTLS curve over a 233 bit binary field
sect233r1 : NIST/SECG/WTLS curve over a 233 bit binary field
sect239k1 : SECG curve over a 239 bit binary field
sect283k1 : NIST/SECG curve over a 283 bit binary field
sect283r1 : NIST/SECG curve over a 283 bit binary field
sect409k1 : NIST/SECG curve over a 409 bit binary field
sect409r1 : NIST/SECG curve over a 409 bit binary field
sect571k1 : NIST/SECG curve over a 571 bit binary field
sect571r1 : NIST/SECG curve over a 571 bit binary field
c2pnb163v1: X9.62 curve over a 163 bit binary field
c2pnb163v2: X9.62 curve over a 163 bit binary field
c2pnb163v3: X9.62 curve over a 163 bit binary field
c2pnb176v1: X9.62 curve over a 176 bit binary field
c2tnb191v1: X9.62 curve over a 191 bit binary field
c2tnb191v2: X9.62 curve over a 191 bit binary field
c2tnb191v3: X9.62 curve over a 191 bit binary field
c2pnb208w1: X9.62 curve over a 208 bit binary field
c2tnb239v1: X9.62 curve over a 239 bit binary field
c2tnb239v2: X9.62 curve over a 239 bit binary field
c2tnb239v3: X9.62 curve over a 239 bit binary field
c2pnb272w1: X9.62 curve over a 272 bit binary field
c2pnb304w1: X9.62 curve over a 304 bit binary field
c2tnb359v1: X9.62 curve over a 359 bit binary field
c2pnb368w1: X9.62 curve over a 368 bit binary field
c2tnb431r1: X9.62 curve over a 431 bit binary field
wap-wsg-idm-ecid-wtls1: WTLS curve over a 113 bit binary field
wap-wsg-idm-ecid-wtls3: NIST/SECG/WTLS curve over a 163 bit binary field
wap-wsg-idm-ecid-wtls4: SECG curve over a 113 bit binary field
wap-wsg-idm-ecid-wtls5: X9.62 curve over a 163 bit binary field
wap-wsg-idm-ecid-wtls6: SECG/WTLS curve over a 112 bit prime field
wap-wsg-idm-ecid-wtls7: SECG/WTLS curve over a 160 bit prime field
wap-wsg-idm-ecid-wtls8: WTLS curve over a 112 bit prime field
wap-wsg-idm-ecid-wtls9: WTLS curve over a 160 bit prime field
wap-wsg-idm-ecid-wtls10: NIST/SECG/WTLS curve over a 233 bit binary field
wap-wsg-idm-ecid-wtls11: NIST/SECG/WTLS curve over a 233 bit binary field
wap-wsg-idm-ecid-wtls12: WTLS curvs over a 224 bit prime field
Oakley-EC2N-3:
IPSec/IKE/Oakley curve #3 over a 155 bit binary field.
Not suitable for ECDSA.
Questionable extension field!
Oakley-EC2N-4:
IPSec/IKE/Oakley curve #4 over a 185 bit binary field.
Not suitable for ECDSA.
Questionable extension field!