Hi Erwann
> What you have to do it hash your data, prepare an X509_SIG object, set
> its "algor" to SHA1 (with NULL parameters), and fill the "digest" part
> with your hash result. Then transform it into DER, and sign it with
> CKM_RSA_PKCS mechanism.
Thanks a lot for the explanation. However, I can't find any
documentation about how to setup this X509_SIG object and then transfer
it into DER. The structure seems to look as follows:
typedef struct X509_sig_st
{
X509_ALGOR *algor;
ASN1_OCTET_STRING *digest;
} X509_SIG;
EVP_DigestFinal(&ctx,buf,&buf_len);
gives me a character buffer buf, containing the digest, but I seem to
have to encode this to ASN1_OCTET_STRING.
Can anybody quickly tell me the required functions or point me to an
example of how to do this?
Kind regards
Tim
On 03/15/2013 03:10 PM, Erwann Abalea wrote:
Bonjour,
Le 15/03/2013 14:07, Tim Tassonis a écrit :
Hi
I am trying to generate a csr in a c program by having the signing
part done by pkcs11 calls, and while I get no errors, the resulting
csr fails upon validation:
$ openssl req -verify -in wltx.csr
verify failure
2948:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too
long:.\cry
pto\asn1\asn1_lib.c:150:
2948:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object
header:.\c
rypto\asn1\tasn_dec.c:1306:
2948:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested
asn1 error:.\
crypto\asn1\tasn_dec.c:381:Type=X509_SIG
2948:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP
lib:.\crypto\asn
1\a_verify.c:215:
-----BEGIN CERTIFICATE REQUEST-----
MIICvjCCAagCAQAwezELMAkGA1UEBhMCQ0gxEzARBgNVBAcTClJhcHBlcnN3aWwx
[...]
BBXO9brFuXld13VuE2xg+VnJ8vo3L7/SCC5ufEJaeSUOvQ==
-----END CERTIFICATE REQUEST-----
What is RSA signed is the direct SHA1 of the request, without the X509
"encapsulation".
Below is the function that generates the csr, it always succeds, but
as mentioned, the csr is still invalid
char *gen_csr(char *key_name, struct s_ekva **key_attrs)
{
[...]
inl=ASN1_item_i2d((void
*)req->req_info,&buf_in,ASN1_ITEM_rptr(X509_REQ_INFO));
p = buf_in;
outl=EVP_PKEY_size(pkey);
buf_out = malloc(outl);
sign_mechanism.mechanism = CKM_SHA1_RSA_PKCS;
sign_mechanism.pParameter = NULL;
sign_mechanism.ulParameterLen = 0;
rv = p11->C_SignInit(session, &sign_mechanism, prvkey);
if (rv != CKR_OK) {
return NULL;
}
rv = p11->C_Sign(session, p,inl, buf_out, &outl);
if (rv != CKR_OK) {
return NULL;
}
You're feeding the PKCS#11 library with the request (the part to be
signed), while specifying a CKM_SHA1_RSA_PKCS mechanism. The library
doesn't know it's signing a CSR, and will SHA1 hash the data and RSA
sign it.
What you have to do it hash your data, prepare an X509_SIG object, set
its "algor" to SHA1 (with NULL parameters), and fill the "digest" part
with your hash result. Then transform it into DER, and sign it with
CKM_RSA_PKCS mechanism.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
