Re: ECC Usage - using OpenSSL as the server and/or client
[EMAIL PROTECTED] wrote: Hello, Does 'openssl s_server' support this? Are there public ECC TLS implementations this is known to interoperate with? You may look at Firefox source (NSS library). In Firefox (2.0) you may view/control ssl ciphersuites entering "about:config" url and next "ssl" as a filter word. Next you may view/control supported ciphersuites including ECC. That's great. I wonder what they tested it with. Probably the OpenSSL s_server tool ;-) I wonder if apache-ssl supports ECC... __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: About ECC patent and OpenSSL ECC code
Prakash Kamath wrote: My opinion: 2 times 2 = 4 no matter what approach you take, and so no one can sue you to doing that Math. However, if someone comes up with a math logic (software, hardware, combo, whatever) that does the same operation in a superior way, then that is patentable. I personally have been in the room when they've been threatening and they try to make it seem that if you THINK about ECC you're a bad implementor ;-) So it's been a thought-suppressing exercise. Note it took the Europeans to have the nerve to put this into OpenSSL to begin with. Nobody in North America would dare. Fortunately, the Internet actually has a bad memory so we're yet again reproducing this conversation. It's clearly better now. Any decade now this may become popular. Hopefully before someone breaks RSA. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: About ECC patent and OpenSSL ECC code
Larry Bugbee wrote: I'm seeing vendors beginning to support ECC, and a couple of CAs discussing and preparing their CPs. who? got names you can mention in public? Our challenge as developers is to understand and be ready. My point is that we've been in "get ready for ECC" mode since at least 1999. This has all been discussed before many times. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: ECC Usage - using OpenSSL as the server and/or client
Victor Duchovni wrote: On Thu, Jan 10, 2008 at 10:25:00PM -0500, Victor Duchovni wrote: Does 'openssl s_server' support this? Are there public ECC TLS implementations this is known to interoperate with? OpenSSL s_server is a test tool, not an application. In 0.9.9 snapshot builds, s_server support ECDSA, just point your cert and key files at an ECDSA cert and private key. I have not checked whether it has a command-line option to select an EECDH curve, but this is not important. The command-line option is "-named_curve", and if no curve is specified "prime256v1" is used by default unless the "-no_ecdhe" option is supplied (in which case any name curve is also ignored). So, for what its worth, s_server and s_client fully support EECDH and ECDSA. thank you! That's great. I wonder if the out-of-the-box OpenSSL has enough code turned on to test this without being hassled by a patent holder. This has happened before, you know. Apple shipped IDEA in their OpenSSL on OS-X up until around 10.2 (that's when people started reporting it as a bug and the finally pulled it.) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: ECC Usage - using OpenSSL as the server and/or client
Victor Duchovni wrote: OpenSSL s_server is a test tool, not an application. openssl the program, as built in the 'apps' directory of the openssl source tree, is a test tool APPLICATION that has been used for almost a decade to debug and interop test other (mostly commercial) TLS implementations. In 0.9.9 snapshot builds, s_server support ECDSA, just point your cert and key files at an ECDSA cert and private key. I have not checked whether it has a command-line option to select an EECDH curve, but this is not important. It's critical. If you can't test it it doesn't exist. You have to test it before a development team can soundly claim they test any pair of interoperating implementations. I only use OpenSSL, I have working code, slated for Postfix 2.6 in Q1 '09, that allows the SMTP server administrator enable EECDH and allows clients and servers to configure of a third cert/key pair (presumably ECDSA). With this, Postfix 2.6 will be able to do EECDH key exchange and ECDSA authentication. cool. what does it talk to? if it only talks to postfix, I would call that a terribly good first step and a wonderful basis for someone to explore ECC/TLS interoperability with Sendmail and Exchange. It may be some time before the first public CA signs an ECDSA cert (especially with an ECDSA CA cert). agreed. the vendors don't seem to care. However, with private-label CAs, or bilateral key exchange, the EC support in OpenSSL works now when both the server and client run OpenSSL. TLS support in email systems with no public certificate system to support it will be at least as sketchy as the current sorry state of affairs where nobody cares about the signature on their RSA certs :-( Hopefully the CA engine vendors (that'd be Oracle, Entrust, Microsoft, and others...) will wake up and figure this out. I don't have access to other implementations for interop testing. that's ok. someday someone like me will do a product review of someone's ECC/TLS/SMTP product and make sure it gets tested... if we're all really lucky some commercial enterprise will make sure it gets tested and the feedback is properly available in the open source community. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: ECC Usage - using OpenSSL as the server and/or client
Victor Duchovni wrote:
To enable EECDH on a TLSv1 server:
SSL_CTX *server_ctx
int nid;
EC_KEY *ecdh;
const char *curve;
/*
* Elliptic-Curve Diffie-Hellman parameters are either "named curves"
* from RFC 4492 section 5.1.1, or explicitly described curves over
* binary fields. OpenSSL only supports the "named curves", which provide
* maximum interoperability. The recommended curve for 128-bit work-factor
* key exchange is "prime256v1" a.k.a. "secp256r1" from Section 2.7 of
* http://www.secg.org/download/aid-386/sec2_final.pdf
*/
if ((nid = OBJ_sn2nid(curve)) == NID_undef) {
/* unknown curve */
return (0);
}
ERR_clear_error();
if ((ecdh = EC_KEY_new_by_curve_name(nid)) == 0
|| SSL_CTX_set_tmp_ecdh(server_ctx, ecdh) == 0) {
tls_print_errors();
return (0);
}
return (1);
To enable ECDSA certs, just configure an additional cert/key pair in
the server. You can configure up to 3 certficates, one RSA cert, one
DSA cert and one ECDSA cert. The code for adding more certs is the
same for RSA and DSA.
Which cipher-suite will actually be used by the client and server depends
on the client's and server's cipherlist, and whether the server takes
the client's preferences or asserts its own. Clearly both the client and
server need to support EC ciphers.
Does 'openssl s_server' support this? Are there public ECC TLS
implementations this is known to interoperate with?
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
Re: About ECC patent and OpenSSL ECC code
As far as I'm concerned, ECC isn't a legitimate public key algorithm for enterprise use at this time because you can't buy a cert from a CA listed in a major browser where the cert uses ECC. Also, those of use who went through the onerous and in the end counterproductive experience of licensing RSA can tell you that the "give me money or I'll sue you" business model got old after a while. I'm not a lawyer but I do have to give CTO-class advice and, assuming you've found a business case for ECC, I always recommend people do a build/buy/license/"let them threaten litigation we don't care" comparison before entering into not-obviously-useful patent licensing deals. So I recommending paying a lawyer to determine if you even care about some vendor's alleged patent portfolio. The fact ECC is in OpenSSL is cute. In the "oh, isn't that cool, they implement IDEA, RC-6, and ECC" kind of exotic crypto side-show kind of way. It's not part of "openssl, the open source TLS/SSL implementation you can use in the real world" any more than any other non-IE/Firefox-supported TLS ciphersuite combination would be. I'd be more impressed with the NSA/Certicom deal if I could find any public evidence there's any PKI anywhere using ECC for a US .gov. As it is this just ends up looking like another exotic military purchase not related to the enterprise world. Show me an HSPD-12 spec that tells me I have to use ECC ;-) Larry Bugbee wrote: There is no substitute for legal counsel, but Tom had a summary that you might be interested in... http://libtom.org/pages/toorcon8_ecc_tstdenis.pdf See slides 24-27. Larry On Jan 10, 2008, at 2:25 PM, Anilkumar Bollineni wrote: Thanks a lot for the responses. Bill, I agree with you that the use of ECC is really matters here, the area where Certicom holds ECC patents. One of our application with respect to ECC that are planning to use ECDSA (Elliptic Curve DSA) signature based certificate generation/verification, signature generation/verification. Meanwhile I talked to one of the sales guy from Certicom, and he is saying that one of certicom patents is related to ECDSA and he said if I want to do ECDSA from OpenSSL, then I need to get license.I am not sure whether that information is correct or not. The OpenSSL does not say anyword about the EC/ECDSA usage and its patents information in Certicom. The only thing I got about that is that Sun has donated the EC code to OpenSSL. If OpenSSL users are really violating the Certicom patents then if users need to be aware of that, then it is better that OpenSSL tell some information about it in the release notes. Or May be that OpenSSL EC implementation does not violate any certicom patents and that's why OpenSSL is not mentioning? Could somebody has any insight in it? Thanks again. Best Regards, Anil Bill Colvin <[EMAIL PROTECTED]> wrote: I would characterize the Certicom patents as falling into 3 main categories: 1) patents relating to the use of ECC in very specific application circumstances This represents the bulk of Certicom patents. For these patents you will have to do your own research as they are dependent on you application and have nothing to do with OpenSSL. 2) patents that improve the performance of the underlying mathematics For these patents, it would be difficult to say if the developers who implemented the underlying math algorithms happened to implement a patented Certicom technique. However, unless they were actually using the patent docs during implementation, I doubt that this would be the case. 3) patents on ECC techniques Now these are the ones you can find in the implementation of OpenSSL. There are two main ones here – point compression and MQV. Point compression reduces the size of an ECC public key, but ECC keys are much smaller than RSA keys even without it, so this one can be avoided. MQV is a key exchange technique. It also can be avoided by using ECDH. NSA licensed 26 Certicom patents (which includes MQV and point compression) for use in government applications with prime modulus curves greater than 255. This is a good Q&A on the details of this license http://www.certicom.ca/download/aid-501/FAQ-The%20NSA%20ECC%20License%20Agreement.pdf NSA did not license all of Certicom’s patents, only a subset for use in a limited “field of use”. Bill From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Anilkumar Bollineni Sent: January 10, 2008 2:12 PM To: openssl-users@openssl.org Subject: About ECC patent and OpenSSL ECC code Hi there, I have a question on OpenSSL ECC (Elliptic Curve Cryptography) code. I saw that Sun systems has donated the the ECCcode to OpenSSL. Also I saw that Certicom has held 130 patents in ECC area and finally NSA has licensed that code. Suppose if I download the code from the OpenSSL and try to develop a product using the OpenSSL ECC code, does it violate any patent issue with certicom? Can
ipv6 support in 0.9.8g
I am trying to use openssl to exercise some ipv6-literate networking gear. It's not working, and I am investigating what I'm doing wrong. here's what I think I see. note - I did some bit of poking on the list and I didn't see anything but a vaguely recent discussion about a proposed v6 patch and some mention of using something from the live source tree instead. (and if you too hit this in three years because v6 is still not deployed, read past this in the mailing list in case some wise soul corrects me...) to test in v4, I do this: 0. set up the network. if you think about linux and two boxes wired together it's like this: ifconfig eth0 10.0.0.1 netmask 255.255.255.0 on the server ifconfig eth0 10.0.0.2 netmask 255.255.255.0 on the client 1. use apps/CA.pl, etc. to spin a CA and then a server certificate 2. use "openssl s_server", with the cert spun in step 1, 3. use "openssl s_client -connect server" to connect to the server started in step 2. this gives me a whole http-over-ssl sequence, that I can tweak to check sloppy vendors for enabling sslv2, etc. with ipv6, I want to do the same thing: 0. ifconfig eth0 add 2001:0df8::1/32 on the server ifconfig eth0 add 2001:0df8::2/32 on the client 1. cert generation is the same 2. "openssl s_server". ... now it gets to be a problem. "openssl s_server" doesn't seem to put up a tcp "listen" on the ipv6 address. and, "openssl s_client" doesn't seem to parse ipv6 addresses like "2001:0df8::1" or "[2001:0df8::1]" or an entry in /etc/hosts or an entry in the dns that's an record. so here's some questions... 1. does the openssl tool work with ipv6? for listening or for calling? is there an alternate test tool in the openssl distro? 2. how are you supposed to do the ipv6 reverse lookup stuff to check a server certificate for verification? how is that tested (assuming it's there)? I know there's some v6 support in the PKIX certificate parsing area but is it supported in (BIO? where networking things happen.) 3. assuming for the moment I am correct and there is only partial v6 support, are there any other folks out there wishing to use TLS over ipv6? 4. I could use curl or wget or lynx or firefox or something to exercise tls-over-ipv6 connections. Anyone else hit this issue and worked around it with some other tool? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: How to create a certificate with 2 CRL distribution points?
Ted Zeng wrote: > Hi, > > I use Mac OS X 10.4.10 to create a certificate with two DRL distribution > points. I have been able to create certs with one distribution point. > > Here is how I set in the conf file: > > [ certificate_extensions ] > basicConstraints = CA:false > extendedKeyUsage =codeSigning > crlDistributionPoints=URI:http://server1/certs/air1.crl,URI:http://server2/c > erts/air1.crl > > > The certificate generated has only the first URI. > > What should I do to let a certificate have 2 DPs? I only vaguely recall that being possible so I'm assuming you're correct that there can be multiple entries. check the examples... is it "," or some other character that's supposed to be in between. And do you say URI twice? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: windows server 2003 cert req
Are you saying you have a Microsoft Windows 2003 Server system that has already created a certificate request (PKCS-10 formatted data file) with multiple subjectaltname's, and you would like an OpenSSL-based CA to sign it and grant it "server authentication" and "client authentication" key usage? You wouldn't happen to have a reference as to how you cooked this certificate request, do you? w.r.t. server-auth and client-auth, it's something the CA grants, I believe. I think that if you look around for list posts discussing manipulating the inside of openssl.cnf to provide such a thing that may help. I believe that goes in the "ca policy" section. I don't recall pkcs-10 being capable of supporting a certificate request that's got subjectaltnames - that'd be interesting to share if you know how to do that... Phil wrote: > Hi there, > > Up to now I have ever only done certs for web servers which are quite > straight forward. > > I now have the requirement to fulfill requests with the following: > > multiple subject alternative names > server authentication > client authentication > > If anyone can pass on info or point me in the right direction of other > posts, that would be great. I need to know how to take a request from > a windows server and sign in correctly with all these options. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: ocsp behind proxy
Christian Wiesbauer wrote: > I want to know if an ocsp revocation check works with openssl if I'm using a > proxy? OCSP isn't HTTP so what kind of proxy do you mean? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Are there any CA packages that support XMLRPC?
Richard Hartmann wrote: > I am replying to myself to clarify somthing which I should have put > better: > > I want to run my own CA, not buy certificates from established ones. You said "CA packages", you didn't say something to the effect of "use a retail Certificate Authority". So at least some of us interpreted that as "run your own CA". That being said the existence of any code that handles that sort of thing is interesting, since there are so few implementations. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Are there any CA packages that support XMLRPC?
Richard Hartmann wrote: > On 13/09/2007, Rodney Thayer <[EMAIL PROTECTED]> wrote: > > >> Why XMLRPC instead of any of the existing online enrollment protocols? > > Well, the main reason is that, like it or not, XMLRPC is developing into > a kind of lingua franca when it comes to interoperability. The easy > availablity of TLS for this path is an obvious plus. I think that's a reasonable view. the "RPC" aspect of it is outrageously insecure but it's certainly all the rage. > > >> Not that I am trying to defend the existing online enrollment protocols, >> mind you... > > Well, if there is anything that works in a secure and reliable way, I am > all ears :) There's CMP which has only a few implementations (and none open source that I can find), and there's SCEP which has some commercial implementations (and no open source ones that I can find.) >> What CLIENT do you think would interoperate with such a CA, should it >> exist? > > A self-baked one. Fair enough. If there were something out there that one were trying to interoperate with that would of course be interesting. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Are there any CA packages that support XMLRPC?
Richard Hartmann wrote: > Hi all, > > I am looking for existing implementation of a CA that supports external > APIs. Ideally, it should be able to speak XMLRPC or, at least, offer > an API. Why XMLRPC instead of any of the existing online enrollment protocols? Not that I am trying to defend the existing online enrollment protocols, mind you... What CLIENT do you think would interoperate with such a CA, should it exist? I don't know of any who do this. I agree it's an interesting question but in general online enrollment is a fantasy apparently that doesn't exist in the wild (in spite of the claims of the charlatan HSPD-12 vendors trying to use cmp...) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: IPv6 support?
Victor Duchovni wrote: >> do implementations do the dns reverse lookup thing > > No, obtaining the correct peer name to check in certificates is the > responsibility of the application, not the library. not correct. "openssl s_client" is part of openssl, and it doesn't offer sample code to do this. also, turning one's nose up at v6 issues and blaming other software components won't get the stuff working ;-) >> can you buy a certificate from a retail certificate authority > > Not an OpenSSL question. Not correct. "OpenSSL works with..." is part of the point here; "we do IPv6 but we don't work with Verisign, Thawte, Microsoft, Entrust, or GeoTrust" would make it kind of worthless. >> and then of course there would be the question of whether the underlying >> protocol stack sufficiently supported the BIO code and all that. > > For established connections, the BIO layer does not care whether the > socket is V4 or V6 or even a socket for that matter. That's a pleasant developer-grade assertion. One would like to see this proven in real tests (thus "openssl s_client" supporting v6 is interesting...) Remember that OpenSSL is built upon YEARS of coping with allegedly functional but in fact disfunctional software components in the wild. Presuming the v6 experience will be different seems architecturally irresponsible to me. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: IPv6 support?
Victor Duchovni wrote: > On Wed, Sep 12, 2007 at 05:28:01PM -0400, [EMAIL PROTECTED] wrote: > >> Does OpenSSL support IPv6? > > Not really much excuse for asking, the answer is right there on the main > documentation page: > > http://www.postfix.org/documentation.html -> > http://www.postfix.org/IPV6_README.html I don't see any references to SSL, OpenSSL, or crypto for that matter in the referenced Postfix/SMTP document. Besides, can you buy a Verisign cert that does an IPv6 reverse lookup on a public cert? I thought that sort of thing wasn't available, yet. Regardless of what I know about the subject I think it was a perfectly reasonable question. It's still quite rare to hear actual vendors or enterprises worrying about v6 (at least in the US, I guess Japan and other countries have more clue in this arena.) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: IPv6 support?
Victor Duchovni wrote: > On Thu, Sep 13, 2007 at 12:01:58AM -0400, Victor Duchovni wrote: > >> On Wed, Sep 12, 2007 at 05:28:01PM -0400, [EMAIL PROTECTED] wrote: >> >>> Does OpenSSL support IPv6? >> Not really much excuse for asking, the answer is right there on the main >> documentation page: >> >> http://www.postfix.org/documentation.html -> >> http://www.postfix.org/IPV6_README.html > > Oops, sorry, wrong list :-( ah, well, at least I know I'm not crazy for not finding something there... > > Anyway, it certainly does if you setup the connection, and then wrap > OpenSSL around an existing network connection. Not sure which release > is need for support for making V6 connections from OpenSSL itself. > the issues I know of are: does the v6 subjectaltname field parse properly do implementations do the dns reverse lookup thing can you buy a certificate from a retail certificate authority and then of course there would be the question of whether the underlying protocol stack sufficiently supported the BIO code and all that. Gee, I wonder if Vista supports v6 certs in IE 7... __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Multi-threaded SSL Socket Usage
Andrew Armstrong wrote: > Is there anyone out there with experience in using OpenSSL in a > multi-threaded application that can provide some sample code or anything > to help address these issues? I vaguely recall the last time I did this that OpenSSL made no claim of thread safety and you had to lock it yourself. But that was a while ago. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
r.e testing beta
I've tried one of the 0.9.8 snapshots and "make test" is failing, after running for an enormous amount of time. (openssl-0.9.8-stable-SNAP-20050613.tar.gz) Two questions: 1. what's the output supposed to look like, these days? Specifically, is it supposed to run a long time? 2. where's the right place to report this - assuming for the moment I've found a legitimate bit of beta feedback ;-) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Builing examples with VC++
At 09:57 AM 2/25/2003 +, Kevin Murrell wrote: >Hi all > >Sucessfully installed and built the latest release. I am now working my >way through the examples from the (very good) O'Reilly book. I am >having trouble linking them, in particular am unsure which library I >should be linking against. In particular init_OpenSSL Is there an existing MS Visual Studio 6 project? How about a .NET project? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: pass phrase passed to PEM code
At 07:35 PM 2/15/2003 +0100, Dr. Stephen Henson wrote: This is mentioned in detail, with examples, in the pem(3) manual page. In Linux the man pages are installed in /usr/local/ssl/man. In other words they're not put in a place that 'man' can find them. Should I file a bug? I consider it a bug that I can't do "man 3 pem" after having done a "make install". __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
minor problem in bn_mul.c
The prototype for bn_mul_recursive is never defined in bn_lcl.h. It's there but there is an "#if 0" around it. The function bn_mul_recursive is always compiled in, because it's got an "#ifdef BN_RECURSION" around it, and BN_RECURSION is always defined in bn.h. I think the prototype should be put back in. This throws an error on CodeWarrior C on OS X 10.2.3 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: r.e. OpenSSL and MacOS (pre-OS X)
Here's what I've found with OpenSSL 0.9.7 and OS X 10.2.3. There's a Metrowerks Code Warrior project (MCP file) in the 'MacOS' subdirectory. It's REALLY old. It predates OS X and it predates 0.9.7. With some fiddling it might build 0.9.7 libraries and tools. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: r.e. OpenSSL and MacOS (pre-OS X)
At 07:15 AM 2/17/2003 -0800, Aram wrote: I've built it with GNU on OS X. The only problem I ran into was the problem stated in the file PROBLEMS, where OS X already has an older version of the OpenSSL libraries. I've done that too. There is, by the way, a serious problem with that workaround. If you delete the openssl libraries from /usr/lib, your system will never boot again. Many things (including, apparently, fsck or something at startup) simply silently fail to work. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
r.e. OpenSSL and MacOS (pre-OS X)
I'm trying to build OpenSSL 0.9.7 on OS X 10.2.3 with CodeWarrior. I tried using the 'mcp' files in the MacOS directory, but they don't work. Specifically, they can't find /usr/include/sys/types.h. Short of being grumpy the compiler's too clueless to find fundamentals like /usr/include, anyone have any ideas? Does anyone build on OS X? With CodeWarrior, not GNU? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
certificate loading in Internet Explorer for MAC (IE 5.2)
(possibly a resend by my upstream ISP dropped my reverse IP entries and openssl.org drops those) Does anyone know why the fingerprint generated by IE 5.2 on the Mac (OS X 10.2 Jaguar) is different from what OpenSSL shows? OpenSSL's fingerprint (SHA-1 hash) matches what IE 6 on Windows XP shows. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
hash calculation in MAC version of IE?
I created a root certificate with Openssl, then load it into IE 5.2 on the MAC (latest revision, the one that works with OS X) The "fingerprint" it displays doesn't match anything I can identify. The SHA-1 fingerprint of this root as displayed by OpenSSL matches that displayed by IE 6 on Windows XP, so I believe the root is valid. Any ideas what they're doing? At a minimum they've got their display logic a bit confused on the Mac -- it shows 21 bytes for a SHA-1 hash and 17 bytes for an MD5 hash. p.s. smtp server for openssl.org rejects messages from my normal host -- anyone else seeing this? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
non-blocking SSL operations?
are there examples anywhere of non-blocking reads, writes, and accept processing? I see that SSL_read discusses the use of underlying nonblocking BIO's but are there examples? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: pem CSR's
look at CA.pl in the apps directory. At 11:36 AM 11/16/2001 +1300, you wrote: >Hi, > >I was wondering if anyone could teel me how I might generate a csr in PEM >format. > >I belive I need to generate a key etc... but am not sure how to get it to >be pem format. > >Thanks for you help. > >Brett > >__ >OpenSSL Project http://www.openssl.org >User Support Mailing List[EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Secure Telnet
given the recent noise about "the S word" (ssh, which may or may not be a trademark in some places), I think the whole question of SSH vs. Telnet with TLS should be reconsidered. What's the state of the art? STUNNEL with Telnet? At 04:01 PM 3/5/01 -0500, Michael T. Babcock wrote: >http://www.openssh.com/portable.html > >SSH is the only* way to get good secure telnet to a remote machine -- it >_isn't_ telnet, but provides the same functionality using strong security >and public key authentication on top of passwords (if you want). > >* The only way I'll consider secure, at least. > >[EMAIL PROTECTED] wrote: > > > Can anyone outline what is necessary to make telnet work securely? > > What do I need to get and where do I need to get the components? > > A different Apache? mod ssl? openSSL? telnet? > >-- >Michael T. Babcock (PGP: 0xBE6C1895) >http://www.fibrespeed.net/~mbabcock/ > > > >__ >OpenSSL Project http://www.openssl.org >User Support Mailing List[EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: crypto card performance
the hardware vendors claim speeds of 300-2000 RSA operations per second. One would like to think that, with that sort of hardware, one can productively offload even an 800 MHZ CPU. At 07:59 AM 1/19/01 -0800, David Lang wrote: >when I was evaluating similar products a couple years ago I found that it >really didn't help to try and worry about spilling the load over to the >main CPU. > >benchmarks from the time were > >pentium 200 linux 19 connections/sec 100% CPU >RS/6000 233 (RISC) 29 connections/sec 100% CPU >install SSL accelerator 300 connections/sec 10-20% CPU > >nowdays the raw machines will be faster, but you also need to have CPU >time to run CGIs etc. I think it's unlikly that you will gain much by >useing your main CPUs (assuming you get an appropriatly sized SSL >accelerator > >David Lang > > > On Fri, 19 Jan 2001 [EMAIL PROTECTED] wrote: > > > Date: Fri, 19 Jan 2001 12:47:02 - > > From: [EMAIL PROTECTED] > > Reply-To: [EMAIL PROTECTED] > > To: [EMAIL PROTECTED] > > Subject: RE: Rainbow Cryptoswift cards > > > > > -Original Message- > > > From: Louis LeBlanc [mailto:[EMAIL PROTECTED]] > > > Sent: 19 January 2001 12:39 > > > To: [EMAIL PROTECTED] > > > Subject: Re: Rainbow Cryptoswift cards > > > > > > > > > One quick question, just so I know how to answer when this kind of > > > project comes up: > > > The cryptoswift card provides 'onboard' acceleration of SSL based > > > processing, but the card itself can only handle so many > > > transactions per > > > second. What happens if your traffic load exceeds the cards ability? > > > can you easily 'spill' that extra work over to the system if you have > > > any room there? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Rainbow Cryptoswift cards
well... sort of. the 7 January snapshot, which includes working Broadcom engine support, has CryptoSwift, Compaq Atalla, nCipher CHIL and Nuron listed. I thought there was Hifn support too? So... I guess the list is, approximately, in alphabetical order: Broadcom 5805 Compaq Atalla nCipher CHIL Nuron Rainbow CryptoSwift At 04:34 PM 1/19/01 +0100, someone wrote: >The supported Crypto cards are in the Openssl-engine README.ENGINE > >There's currently built-in support for the following crypto devices: > > o CryptoSwift > o Compaq Atalla > o nCipher CHIL __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: crypto cards
I don't see a list. Broadcom is there, but nCipher and Rainbow are not. At 03:09 PM 1/19/01 +, you wrote: >There's a list of supported cards in the openssl changelog at >http://www.openssl.org/news/changelog.html __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Rainbow Cryptoswift cards
is there somewhere one can get a list of the supported engine cards? I mean, there are vendors out there, other than Rainbow, who'd like to put their two milli-euro's worth into this conversation but that would be impolite and a commercial advertisement (yeah, yeah, read the source. I mean a real list of the cards and how you buy them/etc.) At 08:52 AM 1/19/01 -0500, you wrote: >adrien mistretta wrote: > > > > > The cryptoswift card provides 'onboard' acceleration of SSL based > > > processing, but the card itself can only handle so many transactions per > > > second. What happens if your traffic load exceeds the cards ability? > > > can you easily 'spill' that extra work over to the system if you have > > > any room there? > > > > The only thing done with the cryptoswift is the RSA key calculation. All > > others things are done by your CPU(s) > >So what about the actual data encryption/decryption? If the system >handles this, the potential gains are pretty high for a powerful >system. How much of the actual handshake has to be done on the card? > > > > > > I know this can be done with a separate appliance, like the Intel 7115 > > > (which takes the fun of actually implementing a solution away), but > > > these are overly expensive, and make relational performance measurements > > > pretty complicated in many configurations. > > > > There many other appliance > > CiberIQ, Alteon ... > > cryptoswift is very expensive , The sonicwall card seems to be nice (RSA, > > 3DES, DES, ARC[24], SHA1, MD5) and cheap, but i didn't have the opportunity > > to make some tests > >I've heard of the CyberIQ. I've also heard that their numbers were >cooked a little more than most of the providers. I'm sure we will wind >up validating a number of options. > > > > > > Enough rambling about this though. Now you have a context for my > > > original question: can the OpenSSL engine spill extra SSL sessions over > > > to the system cpu? > > > > When I run some test with heavy load of ssl transaction with the > cryptoswift > > 200, the 2 cpus (p3-700) was 0% idle. But i don't know if some keys > > calculation has been done by the cpus > >Interesting. Was your system responsible for anything else (ie, a ftp >server, etc.)? Were you using Apache in the back end? >Our system is pretty streamlined, we have left out a lot of the 'bells >and whistles' found in Apache, so we can handle a lot more throughput. >We can serve 500+ objects on a clear connection from a Netra 440, where >our experience shows Apache at less than half this for the same system. >Purely CPU bound on the server side. Client side (separate system) is >I/O bound until you start fetching on a secure connection. Maybe we >want to see how one of these cards performs there? > >Thanks for your feedback. > >Lou > > > > > > Adrien > > __ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List[EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] > >-- >Louis LeBlanc >Fully Funded Hobbyist, KeySlapper Extrordinaire :) >[EMAIL PROTECTED] >http://acadia.ne.mediaone.net >__ >OpenSSL Project http://www.openssl.org >User Support Mailing List[EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Crypto library for vxWorks
oh god I didn't mean that to go to the list. excuse me! At 01:01 PM 1/18/01 -0800, you wrote: >if you want ... __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Crypto library for vxWorks
if you want some consulting help, I'd be interested in talking to you. At 10:16 AM 1/18/01 -0800, you wrote: >Hi, > >We were thinking of using parts of the crypto libary of openssl in our >product. >Is anybody have some experience porting to vxWorks ? Is there any place, >where we get the commercial support for this ? > >I would appreciate your suggestions. > >Thanks >/Murali __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
mechanical extraction of roots from netscape?
In this document: http://www.kfu.com/~nsayer/encryption/openssl.html it refers to an Apache file, called ca_bundle.crt, which "contains all the roots from Netscape's cert7.db, automatically extracted". What tool did this? Is it in OpenSSL, or in Apache, or what? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Looking for ASN.1 specification for PKCS7
http://www.rsasecurity.com/rsalabs/pkcs/ At 03:14 PM 1/15/01 -0800, John Gebbie wrote: >Do you have any specific links for these documents; specifically the full >RSA pkcs #7 specification (assuming they have it posted somewhere) __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Looking for ASN.1 specification for PKCS7
download the pkcs7 documentation. also, look in the PKIX documentation. when we did the early IPsec work we found there were some missing pieces, I believe RSA eventually published all of it somewhere. At 11:56 AM 1/12/01 -0800, John Gebbie wrote: >Hello, > >I'm trying to locate a *complete* ASN.1 specification for PKCS7. The RSA >website has posted a file called pkcs7.asn that is incomplete (many of the >ASN.1 objects are left blank). Our goal is to use the cryptix library in >our software, but to use the PKCS7 data structures we need to generate those >classes from the ASN.1 specification using an ASN.1 compiler supplied by >cryptix. Any ideas??? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: localhost certificate (no, really!)
the host name would not resolve uniquely. the host name wouldn't represent the business. other parts of the DN (state, organization, etc.) would be unique, but the common name wouldn't. IMO your application should be able to handle multiple hosts, or not care what host if it's the security of the SSL connection. At 05:39 PM 1/12/01 +, Andrew Cooke wrote: >Hi, > >Is it possible to buy a "localhost" certificate from any of the major >suppliers? Is there any reason why it wouldn't work? > >(It's for an application that will run on arbitrary machines that needs >a web browser to make a local connection as part of a sequence of secure >connections - supplying a certificate will stop any security warning >from the browser telling the user that they are insecure...) > >Thanks, >Andrew >__ >OpenSSL Project http://www.openssl.org >User Support Mailing List[EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
netscape/iplanet server certificate and root with openssl
I want to create a root certificate and a server certificate with openssl. These will be used with iPlanet Web Server 4.1 I created the root, using CA.pl. I then created a certificate request with the web server, signed and installed the root and the server certificate. This doesn't work. The web server refuses to start. I see these problems: in the log it claims there is a missing attribute field in the server sert (errors.log for the web server) in the certificate management area of the web server the root shows up as a 'client root', whatever that means. So what fields must be set in a root? I might be missing some. What fields must be set in a server certificate? I tried looking in the email archives but none of the searchable archives helped much looking for this. Pardon me if this has been answered before. Note: there's no "download the archive as one big slab of text" archive, so I couldn't do extreme search techniques... __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: DLL problem
Depending on how you install VC you can have issues with threading. If you compile for multithreading but have the single thread only version of VC loaded, I recall problems... At 08:25 AM 1/21/00 +, Andrew Cooke wrote: >Hi, > >I've compiled 0.9.4 using VC5 and haven't had any problems. > >As far as I remember, I just followed the instructions in INSTALL.W32. >In particular, I don't remember specifying anything about threads >(although the makefile ms\ntdll.mak does include the MD flag). The >library is used in multithreaded code and has not had any problems (as S >Henson says, the calling code must also be compiled with the MD flag). > >However, I do call CRYPTO_set_locking_callback with a routine that I >lifted from mttest.c (according to the comments in my code). I have no >idea whether the library will work without this (it sets up a bunch of >mutexes for locking). > >Andrew > > >Lucia Bonelli wrote: > > > > Hi all. > > > > I succefully compiled openssl0.9.4 on VC++6.0 with the /MD option (for > > multithreading). > > Then, I built another DLL (also with the /MD option) wich uses the > > libeay32.dll, particularly the PEM I/O routines. At run time, everytime > > my DLL calls such routines (for example PEM_ASN1_write ) an exception > > of access violation occurs. > > > > Can anybody help me? > > > > Thanks in advance, Lucia > > > > -- > > Lucia Bonelli > > Engineering Ingegneria Informatica SpA > > Laboratorio Ricerca & Sviluppo > > Viale del Castro Pretorio, 116 > > 00185 Roma Italia > > Tel. +39 06 44741123 > > > > __ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List[EMAIL PROTECTED] > > Automated List Manager [EMAIL PROTECTED] > >__ >OpenSSL Project http://www.openssl.org >User Support Mailing List[EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Millenium and 37 bug
you should be able to go to at least 2049, as the PKIX limit is around 2050. I know some vendors have tested this. At 06:28 PM 1/3/00 +, Andrew Cooke wrote: >Hi, > >Not really a open-ssl bug, but it's interesting and I'm curious to hear >how people will be dealing with it: has anyone tried to make a >certificate that lasts for the next century? We tried (just because we >were fed up with test certificates expiring) and found that we couldn't >get past 2037, presumably because that's when "unix time" runs out of >bits (although this was on NT). > >Presumably the fix is to link against a library which has t_time defined >as something larger (or at least unsigned) - does such a library exist? > >As CRLs and certificate chaining become more popular, it seems, to me, >that having long-lasting certificates will be more important - so I >don't think ignoring the problem is the best solution > >Andrew > >__ >OpenSSL Project http://www.openssl.org >User Support Mailing List[EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Y2K compliance?
I thought there were some cert issues with expiration dates... At 01:33 PM 4/20/99 -0400, Thomas Reinke wrote: >This may not be the answer you are looking for, but we've used >SSLeay for some of our own work (0.9.0b) and have not >encountered any problems during our own Y2K testing. This does >not say that there are any problems, just that in our usage >of the SSLv3 protocol, cert validation and encryption, we >haven't had any problems (yet ;-)) > >Thomas > >Heiko Nardmann wrote: >> >> No, don't hit me!!! >> >> Another one asking for this annoying topic ... >> >> Does anyone know whether SSLeay has any Y2K problems? >> >> -- >> Ciao ... Heiko Nardmann (Dipl.-Ing.), Software Development >> secunet (www.secunet.de), Security Networks GmbH - Sicherheit in >> Netzwerken >> Weidenauer Str. 223-225, D-57076 Siegen >> Tel. : +49 271 48950-13, Fax : +49 271 48950-50 >> __ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List[EMAIL PROTECTED] >> Automated List Manager [EMAIL PROTECTED] > > >Thomas ReinkeTel: (416) 460-7021 >Director of Technology Fax: (416) 598-2319 >E-Soft Inc. http://www.e-softinc.com >__ >OpenSSL Project http://www.openssl.org >User Support Mailing List[EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] > __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Try to generate a 40 bits key... getting an ssleay error...
you need to make your cert key 512 bits and make sure the cipher set is set up to use 40 bit rc4 for symmetric keys. that's in the cipher selection stuff, you don't do it with genrsa. someone who's a current apache user should explain this... meta question... is there/should there be an openssl faq? At 05:20 PM 1/19/99 +0100, you wrote: >Hy, > >I'm trying to generate a 40 key to be used with an ssl-apache server >(due to country limitations). > >I've tried many things to generate it... >ssleay genrsa -rand rand.dat -des 40 > server.key >gives me a server.key file that looks nice, but doing >ssleay req -new -key server.key -out server.csr >gives me errors: > >5682:error:04074070:rsa routines:RSA_sign:digest too big for rsa >key:rsa_sign.c:105: >5682:error:0D072006:asn1 encoding routines:ASN1_SIGN:EVP >lib:a_sign.c:132: > >If someone could give me a hint... > >Thank's in advance > >kbg. > > > >-- >__ >La meteo par le Web : http://www.meteoconsult.fr > >Meteo Consult - Bureau d'etudes meteorologiques >Domaine de Marsinval F-78540 Vernouillet, FRANCE > >Karim BEN GHANEM - mailto:[EMAIL PROTECTED] >Departement Informatique >tel : +33 1 39 65 80 80 - fax : +33 1 39 65 80 96 > > >__ >OpenSSL Project http://www.openssl.org >User Support Mailing List[EMAIL PROTECTED] >Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
signing certificate hierarchies?
how do I set up a hierarchy of signing certificates? I want to do this: root cert (generated with OpenSSL) -> signs Signing Certificate Two (generated with OpenSSL) -> signs User Certificate in other words, I need to generate a cert request for Signing Certificate Two and yet make it a valid root certificate. Do I have to do anything special? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
