Re: Newbie question about ssl password
Hi, mads Now I want to run ssl aware apache as service, but I failed, then how can I let modssl read password from another way, for example, read from a file? Thanks in advance. See http://www.modssl.org/docs/2.8/ssl_reference.html#ToC2 vh Mads Toftum I am working on windows, I try to setup SSLPassPhraseDialog exec:/apache/password.exe in httpd.conf but it is no use, then I build ApacheModuleSSL project myself and trace into it, I found if SSL_COMPAT was not defined, ssl will ingore this command, but when I define it, it crashed, so would u please give me some real example, thank u very much. Bye, Sincerely yours tjww. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Failed installation tests for 0.9.6 or FreeBSD 4.2
From: "Ronald F. Guilmette" [EMAIL PROTECTED] rfg % bc rfg bc 1.05 rfg Copyright 1991, 1992, 1993, 1994, 1997, 1998 Free Software Foundation, Inc. rfg This is free software with ABSOLUTELY NO WARRANTY. rfg For details type `warranty'. rfg rfg rfg Looks like GNU bc to me!! rfg rfg So now what? Looks like it wasn't that much FAQ then. Could you send me (not the list) test/tmp.bntest? -- Richard Levitte \ Spannvgen 38, II \ [EMAIL PROTECTED] Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, Celo Communications: http://www.celocom.com/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: echoping 4.1 released : a tool to test SSL servers
[EMAIL PROTECTED] wrote: -Original Message- From: Ben Laurie [mailto:[EMAIL PROTECTED]] Sent: 14 February 2001 13:25 To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Subject: Re: echoping 4.1 released : a tool to test SSL servers [EMAIL PROTECTED] wrote: This is just the kind of thing I'm looking for for testing SSL acceleration cards. By testing on the actual server I can see the raw performance increase without having to factor in network latency. Snag is you have to factor in the effects of session caching, which means that a simple test like this may not give an indicative result. Cheers, Ben. Thanks Ben for cheering me up. Perhaps If I have a machine that can change it's IP number constantly I could get round it. Or perhaps not. Maybe I could disable session caching altogether. This is only a development machine anyway (and has been trashed many times). That wasn't exactly what I meant: in a live server you do less RSA and more symmetric because of session caching. Cheers, Ben. -- http://www.apache-ssl.org/ben.html "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: echoping 4.1 released : a tool to test SSL servers
On Wed, 14 Feb 2001, Ben Laurie wrote: ... Thanks Ben for cheering me up. Perhaps If I have a machine that can change it's IP number constantly I could get round it. Or perhaps not. Maybe I could disable session caching altogether. This is only a development machine anyway (and has been trashed many times). That wasn't exactly what I meant: in a live server you do less RSA and more symmetric because of session caching. Which brings us to the issue: Are there statistics for a typical e-commerce/(ssl/tls)-enabled www site as to what percentage each of the cryptographic primitives are used? If this is not available already, I believe someone can generate this info by parsing the ssl_log files of the WWW server (debug enabled). Thanks, Simos Xenitellis __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
link problems on NT with openssl 096
Hi, We developpe an application running on NT and Solaris with openssl 092b. Icompile openssl 096 on Solaris and NT using Visual C++ 6 and when I try to recompile my application with openssl 096on Visual 6, I have got thelink error messages : conflicts with default library (MSVCRT,LIBC and LIBCD) if I use the option /nodefaultlib to ignore the default library I have got the error messages : unresolved external symbol. Have you got any idea to solvethis problem ? thanks, Matthieu Ludinard
stunnel as https proxy: works, but need sanity check
I've been trying to set up stunnel on the firewall to accept SSL-encrypted connections and forward them to internal http addresses. This is for staff use only, so I don't care about having a certificate signed by a public CA. I do, however, want to require users to have certificates. I've finally worked out something that actually works, but as I'm relatively new to this, I wanted to pass it by the list and see whether anyone recognizes something I'm doing stupidly or something that opens me up for some type of attack other than what one could do on any SSL connection. Here's the procedure: mkdir /etc/stunnel cd /etc/stunnel Create CA key: openssl genrsa -des3 -out ca.key 2048 Create self-signed CA Certificate openssl req -new -x509 -days 365 -key ca.key -out ca.crt Create CA pem cat ca.crt ca.key ca.pem Generate server certificate request openssl req -new -nodes -out server.csr -keyout server.key -newkey rsa:2048 Sign sign.sh server.csr enter key for ca result: server.crt Create server pem cat server.crt server.key server.pem Generate user key (for each user) openssl genrsa -des3 -out user.key 2048 Generate certificate request openssl req -new -key user.key -out user.csr Sign sign.sh user.csr enter key for ca result: user.crt Create user.pem cat user.crt user.key user.pem Generate pkcs12 openssl pkcs12 -export -out user.p12 -in user.crt -inkey user.key Give user.p12 to user to import into browser. Create hash symbolic links c_rehash -a /etc/stunnel Verify -- all should be okay openssl verify -CApath . ca.pem openssl verify -CApath . server.pem openssl verify -CApath . user.pem Now: stunnel -d server:server-port -a /etc/stunnel -p /etc/stunnel/server.pem -r internal:port -v 3 will create a situation in which https://server:server-port will issue a certificate and accept connections from people only with client certificates signed by its signing authority. As I said, this procedure works. Does anyone see a problem with it? Thanks for any advice. -- E. Jay Berkenbilt [EMAIL PROTECTED] http://www.ql.org/q/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: link problems on NT with openssl 096
I've seen it, and fixed it. Rather unhelpfully, I can't fully remember how. C/C++ - Code Generation - (Debug) Multi-threaded DLL Make sure that you are consistent with your use of this DLL in making your lib, and then .exe hth Tat. Matthieu Ludinard wrote: Hi, We developpe an application running on NT and Solaris with openssl 092b. I compile openssl 096 on Solaris and NT using Visual C++ 6 and when I try to recompile my application with openssl 096 on Visual 6, I have got the link error messages : conflicts with default library (MSVCRT,LIBC and LIBCD) if I use the option /nodefaultlib to ignore the default library I have got the error messages : unresolved external symbol. Have you got any idea to solve this problem ? thanks, Matthieu Ludinard begin:vcard n:Kong;Tat Sing tel;fax:+44 (0)161 833 3636 tel;work:+44 (0)161 833 3777 x-mozilla-html:FALSE url:www.consegna.co.uk org:Consegna Advanced Technlogies Ltd version:2.1 email;internet:[EMAIL PROTECTED] title:Senior Technical Architect adr;quoted-printable:;;1st Floor=0D=0A30-32 Thomas Street=0D=0A;Manchester;;M4 1ER; fn:Tat Sing Kong end:vcard
netscape_comment extension
Hi! What do You think? May I use the netscape_comment extension to hold my application specific information in text form (maybe in base64)? Cly __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: link problems on NT with openssl 096
Make sure you use the same C runtime library to link your application as you specified to build openssl. Which makefile did you use to build openssl, nt.mak or ntdll.mak? _ Greg Stark Ethentica, Inc. [EMAIL PROTECTED] _ - Original Message - From: Matthieu Ludinard To: [EMAIL PROTECTED] Sent: Wednesday, February 14, 2001 11:06 AM Subject: link problems on NT with openssl 096 Hi, We developpe an application running on NT and Solaris with openssl 092b. I compile openssl 096 on Solaris and NT using Visual C++ 6 and when I try to recompile my application with openssl 096 on Visual 6, I have got the link error messages : conflicts with default library (MSVCRT,LIBC and LIBCD) if I use the option /nodefaultlib to ignore the default library I have got the error messages : unresolved external symbol. Have you got any idea to solve this problem ? thanks, Matthieu Ludinard __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: netscape_comment extension
What do You think? May I use the netscape_comment extension to hold my application specific information in text form (maybe in base64)? This is a non-authenticated attribute. i.e. it's not signed and can be changed by the user without changing the certificate signature. So don't use it for anything related to security. - Dale. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
EVP question about key sizes
Title: EVP question about key sizes Hi! I want to use Blowfish with a 256 bit key size. Looking at the EVP docu I found EVP_CIPHER_CTX_set_key_length. Some time ago somebody mentioned that it is impossible to use differnt key sizes in the EVP API. Is EVP_CIPHER_CTX_set_key_length a new function which eliminates this limitation? Or do I have to use the BF methodes? Regards, Armin Koenigsdorfer
Re: netscape_comment extension
This is a non-authenticated attribute. i.e. it's not signed and can be changed by the user without changing the certificate signature. Wrong. *Everything* in a certificate is signed. /r$ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: netscape_comment extension
What a shame... I thought it is simple... So what parts of certificate are protected with signature? Cly "Dale Peakall" dale.peakall@bit-artTo: [EMAIL PROTECTED] s.com cc: Sent by: Subject: RE: netscape_comment extension owner-openssl-users@o penssl.org 2001.02.14 17:40 Please respond to openssl-users What do You think? May I use the netscape_comment extension to hold my application specific information in text form (maybe in base64)? This is a non-authenticated attribute. i.e. it's not signed and can be changed by the user without changing the certificate signature. So don't use it for anything related to security. - Dale. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Openssl Installation
Hello, When I run the ./Configure myOS command I get an error on the last line saying make not found. So when I run the make command it does not work. I am on a networked environment, using a network appliance. Hopefully this is not the problem. What I need Openssl for: To translate a PKCS#10 CSR into human readable form. Thanks, Jeff Murphy __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: netscape_comment extension
[EMAIL PROTECTED] wrote: Hi! What do You think? May I use the netscape_comment extension to hold my application specific information in text form (maybe in base64)? Well you could I suppose but that would be a non standard use of it. If you've got your own OID you could simply add a new OID as an alias to netscape_comment and it would be handled in the same way. Thats one case where its easy to add new extensions. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: EVP question about key sizes
A. Knigsdorfer wrote: Hi! I want to use Blowfish with a 256 bit key size. Looking at the EVP docu I found EVP_CIPHER_CTX_set_key_length. Some time ago somebody mentioned that it is impossible to use differnt key sizes in the EVP API. Is EVP_CIPHER_CTX_set_key_length a new function which eliminates this limitation? Yes thats its purpose. The original comment about EVP restrictions no longer applies to newer versions of OpenSSL. You can now do almost anything with EVP that you can do with the low level routines, which may go away one day. To change the key length you have to call EVP_EncryptInit() (or similar) to just set the cipher then EVP_CIPHER_CTX_set_key_length() followed by EVP_EncryptInit() again to set the actual key and IV. see EVP_EncryptInit() manual page for more info. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Profile for X509 attribute certificates
Derick Cassidy wrote: Hello After playing around with the SSL stuff, I am successfully able to validate online crls (ldap query, then lastUpdate/nextUpdate them). What I would like to do now, is validate attributeCertificates I tried using the same approach as the CRLs ldap query; d2i the returned attribute to an X509_CRL struct call lastUpdate / nextUpdate. With the attribute certificate, I tried d2i the returned attribute to an X509 struct call X509_not_validBefore X509_not_validAfter but my program dies a horrible death. Am I using the correct struct for the attribute certificate? OpenSSL doesn't currently support attribute certificates at all. The ASN1 parsing routines are probably choking when you try to call d2i_X509() because that will only handle certificates. Speaking personally I've seen lots of talk about attribute certificates and read various specs but I've yet to see a single example. I certainly wouldn't mind seeing one, if you don't mind sending it to me and it would help any future plans to add attribute certificate support to OpenSSL. Tha ASN1 side at least should be vastly less painful with the new code. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: netscape_comment extension
This is a non-authenticated attribute. i.e. it's not signed and can be changed by the user without changing the certificate signature. Wrong. *Everything* in a certificate is signed. Don't you hate it when you're wrong. Was confusing myself with S/MIME and M$'s certificate properties (which I assumed were S/MIME style non-authenticated attributes). - Dale. P.S. Anyone know where the X.509 V3 spec can be found (without having to purchase all $92 of it from ansidocstore which seems a little excessive particularly as I've already got the '88 spec)? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
netscape cant connect https
I recently setup my ApacheSSL Server with all the latest stuff, modssl2.8.0 apache 1.3.17 and openssl 0.9.6. I am getting an input/output error when connecting to my https server with netscape 4.73. When i use internet explorer 5.5, i dont get any connection errors. I have attached my log files and my httpd.conf. Any help is greatlly appreciated. Thanks! Ian Spivack [Wed Feb 14 13:57:03 2001] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/var/run/ssl_scache' for scanning (System error follows) [Wed Feb 14 13:57:03 2001] [error] System: No such file or directory (errno: 2) [Wed Feb 14 13:57:03 2001] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/var/run/ssl_scache' for reading (fetch) (System error follows) [Wed Feb 14 13:57:03 2001] [error] System: No such file or directory (errno: 2) [Wed Feb 14 13:57:03 2001] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/var/run/ssl_scache' for writing (store) (System error follows) [Wed Feb 14 13:57:03 2001] [error] System: No such file or directory (errno: 2) [Wed Feb 14 13:57:05 2001] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/var/run/ssl_scache' for scanning (System error follows) [Wed Feb 14 13:57:05 2001] [error] System: No such file or directory (errno: 2) [Wed Feb 14 13:57:05 2001] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/var/run/ssl_scache' for reading (fetch) (System error follows) [Wed Feb 14 13:57:05 2001] [error] System: No such file or directory (errno: 2) [Wed Feb 14 13:57:05 2001] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/var/run/ssl_scache' for writing (store) (System error follows) [Wed Feb 14 13:57:05 2001] [error] System: No such file or directory (errno: 2) [Wed Feb 14 13:58:04 2001] [error] mod_ssl: SSL handshake failed (server mail.spivack.burdell.org:443, client 148.184.176.32) (OpenSSL library error follows) [Wed Feb 14 13:58:04 2001] [error] OpenSSL: error:0407106B:rsa routines:RSA_padding_check_PKCS1_type_2:block type is not 02 [Wed Feb 14 13:58:04 2001] [error] OpenSSL: error:04065072:rsa routines:RSA_EAY_PRIVATE_DECRYPT:padding check failed [Wed Feb 14 13:58:04 2001] [error] OpenSSL: error:1408B076:SSL routines:SSL3_GET_CLIENT_KEY_EXCHANGE:bad rsa decrypt [Wed Feb 14 14:02:06 2001] [error] mod_ssl: Cannot open SSLSessionCache DBM file `/var/run/ssl_scache' for writing (store) (System error follows) [Wed Feb 14 14:02:06 2001] [error] System: No such file or directory (errno: 2) [14/Feb/2001 13:56:52 01809] [info] Server: Apache/1.3.17, Interface: mod_ssl/2.8.0, Library: OpenSSL/0.9.6 [14/Feb/2001 13:56:52 01809] [info] Init: 1st startup round (still not detached) [14/Feb/2001 13:56:52 01809] [info] Init: Initializing OpenSSL library [14/Feb/2001 13:56:52 01809] [info] Init: Loading certificate private key of SSL-aware server mail.spivack.burdell.org:443 [14/Feb/2001 13:56:52 01809] [info] Init: Seeding PRNG with 136 bytes of entropy [14/Feb/2001 13:56:52 01809] [info] Init: Generating temporary RSA private keys (512/1024 bits) [14/Feb/2001 13:56:53 01809] [info] Init: Configuring temporary DH parameters (512/1024 bits) [14/Feb/2001 14:03:33 00138] [info] Server: Apache/1.3.17, Interface: mod_ssl/2.8.0, Library: OpenSSL/0.9.6 [14/Feb/2001 14:03:33 00138] [info] Init: 1st startup round (still not detached) [14/Feb/2001 14:03:33 00138] [info] Init: Initializing OpenSSL library [14/Feb/2001 14:03:33 00138] [info] Init: Loading certificate private key of SSL-aware server mail.spivack.burdell.org:443 [14/Feb/2001 14:03:33 00138] [info] Init: Seeding PRNG with 136 bytes of entropy [14/Feb/2001 14:03:33 00138] [info] Init: Generating temporary RSA private keys (512/1024 bits) [14/Feb/2001 14:03:34 00138] [info] Init: Configuring temporary DH parameters (512/1024 bits) [14/Feb/2001 14:03:34 00139] [info] Init: 2nd startup round (already detached) [14/Feb/2001 14:03:34 00139] [info] Init: Reinitializing OpenSSL library [14/Feb/2001 14:03:34 00139] [info] Init: Seeding PRNG with 136 bytes of entropy [14/Feb/2001 14:03:34 00139] [info] Init: Configuring temporary RSA private keys (512/1024 bits) [14/Feb/2001 14:03:34 00139] [info] Init: Configuring temporary DH parameters (512/1024 bits) [14/Feb/2001 14:03:34 00139] [info] Init: Initializing (virtual) servers for SSL [14/Feb/2001 14:03:34 00139] [info] Init: Configuring server mail.spivack.burdell.org:443 for SSL protocol [14/Feb/2001 14:04:33 00142] [info] Connection to child 1 established (server mail.spivack.burdell.org:443, client 148.184.176.32) [14/Feb/2001 14:04:33 00142] [info] Seeding PRNG with 1160 bytes of entropy [14/Feb/2001 14:04:33 00142] [info] Connection: Client IP: 148.184.176.32, Protocol: SSLv3, Cipher: RC4-MD5 (128/128 bits) [14/Feb/2001 14:04:33 00142] [info] Initial (No.1) HTTPS request received for child 1 (server mail.spivack.burdell.org:443) [14/Feb/2001 14:04:35 00142] [info] Connection to child 1 closed with
ignore it - test only
ignore it - test only __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: netscape_comment extension
P.S. Anyone know where the X.509 V3 spec can be found (without having to purchase all $92 of it from ansidocstore which seems a little excessive particularly as I've already got the '88 spec)? Hoyt Kesterson, one of the editors, and Groupe Bull have been making pre-publication drafts available for some time. (Once balloted and approved, they're removed from the FTP area.) He announce sthis on the PKIX mailing list. At any rate, you can find useful things like the V4 final draft, etc., within: ftp://ftp.bull.com/pub/OSIdirectory/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
PKCS12
Hi, Tomcat use SSL directly, I use the keytool of the JDK to generate the key pair and a self certificate. I need to generate certificates for clients but the browser says that if have to be in the format PKCS12. For the keytool I specify a keystore type at the command line, via the -storetype option and I put that uses the pkcs12, but it not function, also I changed the value of the keystore.type property specified in the security properties file " java.security", that resides in the JDK security properties directory, java.home\lib\security and also didnt function. How can I generate a certificate with the pkcs12 format using the keytool of the JDK?? Julie. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Client certificates from private CA, with Outlook or Outlook Express
Hi, I'm wondering if anyone can shed any light on a problem I'm having with Outlook Express? Apologies for posting a load of debug output to the list, but I didn't really know what was safe to omit. I'm trying to setup secure IMAP, using stunnel (stage 2 is to go for secure SMTP as well, with postfix/TLS). I've created my own CA, signed a client certificate and a server certificate. I've imported the CA, and client certificate (via 'openssl pkcs12') into IE. If I use IE to go to https://mail.brain:993/, it will successfully connect (prompting me to select the client certificate), and I can sniff network traffic on the redirected connection (of course, imapd doesn't speak http very clearly, but there is definitely some plain-text confusion going on ;-). I'm running stunnel like this: stunnel -v 2 -D 7 -f -A /home/tim/CAs_file_for_stunnel.pem-p /home/tim/server_cert3_pub_priv.pem -d simap -r imap2 simap i.e. redirect to local imap port, listen on simap port (993), and insist on client certificate authentication. In Outlook 2000, and Outlook Express 5 (under Win98, with all Windows Updates, and Office 2000 updates applied), it will refuse to connect. The Outlook Express "diagnostics" say: "Configuration: Account: mail.brain Server: mail.brain User name: tim Protocol: IMAP Port: 993 Secure(SSL): 1 Code: 800ccc1a " And Stunnel says: LOG7[1806:92162]: simap started LOG5[1806:92162]: simap connected from 10.0.0.168:1366 LOG7[1806:92162]: simap connecting 127.0.0.1:143 LOG7[1806:92162]: Remote host connected LOG7[1806:92162]: before/accept initialization LOG7[1806:92162]: before/accept initialization LOG7[1806:92162]: SSLv2/v3 read client hello A LOG3[1806:92162]: SSL_accept: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol LOG7[1806:92162]: simap finished (0 left) LOG7[1807:93186]: simap started LOG5[1807:93186]: simap connected from 10.0.0.168:1367 LOG7[1807:93186]: simap connecting 127.0.0.1:143 LOG7[1807:93186]: Remote host connected LOG7[1807:93186]: before/accept initialization LOG7[1807:93186]: before/accept initialization LOG7[1807:93186]: SSLv3 read client hello A LOG7[1807:93186]: SSLv3 write server hello A LOG7[1807:93186]: SSLv3 write certificate A LOG7[1807:93186]: SSLv3 write certificate request A LOG7[1807:93186]: SSLv3 flush data LOG7[1807:93186]: SSLv3 read client certificate A LOG7[1807:93186]: SSLv3 read client certificate B LOG7[1807:93186]: SSLv3 read client certificate B LOG7[1807:93186]: SSLv3 read client certificate B LOG3[1807:93186]: SSL_accept: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate LOG7[1807:93186]: simap finished (0 left) If I run Netscape Communicator 4.75 on the same Windows box, everything is fine: LOG7[2366:1026]: simap started LOG5[2366:1026]: simap connected from 10.0.0.168:1596 LOG7[2366:1026]: simap connecting 127.0.0.1:143 LOG7[2366:1026]: Remote host connected LOG7[2366:1026]: before/accept initialization LOG7[2366:1026]: before/accept initialization LOG7[2366:1026]: SSLv3 read client hello A LOG7[2366:1026]: SSLv3 write server hello A LOG7[2366:1026]: SSLv3 write certificate A LOG7[2366:1026]: SSLv3 write certificate request A LOG7[2366:1026]: SSLv3 flush data LOG5[2366:1026]: VERIFY OK: depth=1: /C=UK/ST=East Sussex/L=Brighton/O=Digitalbrain.com Ltd./OU=Internet Systems/CN=Digitalbrain Certificate Authority (Intranet)[EMAIL PROTECTED] LOG5[2366:1026]: VERIFY OK: depth=0: /C=UK/ST=East Sussex/L=Brighton/O=Digitalbrain.com Ltd./OU=Internet [EMAIL PROTECTED] LOG7[2366:1026]: SSLv3 read client certificate A LOG7[2366:1026]: SSLv3 read client key exchange A LOG7[2366:1026]: SSLv3 read certificate verify A LOG7[2366:1026]: SSLv3 read finished A LOG7[2366:1026]: SSLv3 write change cipher spec A LOG7[2366:1026]: SSLv3 write finished A LOG7[2366:1026]: SSLv3 flush data LOG7[2366:1026]: SSL negotiation finished successfully LOG7[2366:1026]:1 items in the session cache LOG7[2366:1026]:0 client connects (SSL_connect()) LOG7[2366:1026]:0 client connects that finished LOG7[2366:1026]:0 client renegotiatations requested LOG7[2366:1026]:1 server connects (SSL_accept()) LOG7[2366:1026]:1 server connects that finished LOG7[2366:1026]:0 server renegotiatiations requested LOG7[2366:1026]:0 session cache hits LOG7[2366:1026]:0 session cache misses LOG7[2366:1026]:0 session cache timeouts LOG7[2366:1026]: SSL negotiation finished successfully LOG6[2366:1026]: simap opened with SSLv3, cipher RC4-MD5 (128 bits) LOG7[2366:1026]: Socket closed on read LOG5[2366:1026]: Connection closed: 74407 bytes sent to SSL, 523 bytes sent to socket LOG7[2366:1026]: simap finished (0 left) Here is what https://mail.brain:993/ does: LOG7[2456:3074]: simap started LOG5[2456:3074]: simap connected from 10.0.0.168:1621 LOG7[2456:3074]: simap connecting 127.0.0.1:143 LOG7[2456:3074]: Remote host connected LOG7[2456:3074]: before/accept
Re: Client certificates from private CA, with Outlook or Outlook Express
On Wed, Feb 14, 2001 at 09:24:46PM +, Tim Small wrote: I'm wondering if anyone can shed any light on a problem I'm having with Outlook Express? Apologies for posting a load of debug output to the list, but I didn't really know what was safe to omit. I'm trying to setup secure IMAP, using stunnel (stage 2 is to go for secure SMTP as well, with postfix/TLS). I am using a setup like this. You don't say which type of IMAP server you are using. As far as I have seen, several of them by now support SSL out of the box (cyrus, UofW and others). I personally use UofW and can assure you that it works. I've created my own CA, signed a client certificate and a server certificate. I've imported the CA, and client certificate (via 'openssl pkcs12') into IE. If I use IE to go to https://mail.brain:993/, it will successfully connect (prompting me to select the client certificate), and I can sniff network traffic on the redirected connection (of course, imapd doesn't speak http very clearly, but there is definitely some plain-text confusion going on ;-). Use "openssl s_client -connect hostname:553" to check your connections. You should see something like: [lots of SSL info deleted] .. * OK [CAPABILITY IMAP4 IMAP4REV1 STARTTLS LOGIN-REFERRALS AUTH=PLAIN AUTH=LOGIN] localhost IMAP4rev1 2000.287 at Wed, 14 Feb 2001 22:46:26 +0100 (MET) I'm running stunnel like this: stunnel -v 2 -D 7 -f -A /home/tim/CAs_file_for_stunnel.pem-p /home/tim/server_cert3_pub_priv.pem -d simap -r imap2 simap i.e. redirect to local imap port, listen on simap port (993), and insist on client certificate authentication. I don't think UofW imapd supports client certificates, but see below... In Outlook 2000, and Outlook Express 5 (under Win98, with all Windows Updates, and Office 2000 updates applied), it will refuse to connect. The Outlook Express "diagnostics" say: "Configuration: Account: mail.brain Server: mail.brain User name: tim Protocol: IMAP Port: 993 Secure(SSL): 1 Code: 800ccc1a " And Stunnel says: ... LOG3[1807:93186]: SSL_accept: error:140890C7:SSL routines:SSL3_GET_CLIENT_CERTIFICATE:peer did not return a certificate To my knowlegde, Outlook does not support client certificates for SSL connections. Certificates available are only used to sign/encrypt emails. You will make the same experience when it comes to the SMTP part. If I run Netscape Communicator 4.75 on the same Windows box, everything is fine: Yes, Netscape supports this use of client certificates. I (as the author of Postfix/TLS) have been examining this into detail and to my best knowledge Outlook does not support usage of client certificates for IMAP, POP3, or SMTP. No better news today, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] BTU Cottbus http://www.aet.TU-Cottbus.DE/personen/jaenicke/ Lehrstuhl Allgemeine Elektrotechnik Tel. +49 355 69-4129 Universitaetsplatz 3-4, D-03044 Cottbus Fax. +49 355 69-4153 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
BIO_read fail if SSLVerifyClient require
Hi, I have 2 clients applications to send https request to 2 different web server. My first client run on Linux Red Hat 7 and send https request to IIS 4.0 web server on an NT 4.0 Server and my second client run on NT 4.0 Server and send https request to Apache web server on a Linux Red Hat 7 machine. These 2 clients use the same C++ class using OpenSSL to send http request on an SSL connection. My first client application (client on Linux Red Hat 7 connecting to IIS web server) work perfectly. My second client application (client on NT 4 connection to Apache) have some problem with the handshaking. First, my client establish the connection with Apache when I call BIO_write to send my https request. At this point, the handshaking seems to work correctly (client and server certificates are exenged wihtout any error). But when I call BIO_read to read the response from the server, a re-negotiation is performed and the BIO_read function fail and BIO_should_retry return 0 after 1 or 2 retry (this appen only if Apache need a client certificate). My Apache setting: Alias /php/ "/var/www/php/" Directory "/var/www/php/" AllowOverride None Order allow,deny Allow from All SSLVerifyClient require SSLVerifyDepth 1 SSLRequireSSL SSLRequire ( %{SSL_CLIENT_S_DN_O} eq "TravelNet Technologies Inc." \ and %{SSL_CLIENT_S_DN_OU} eq "Data Valet" \ and %{SSL_CLIENT_S_DN_CN} eq "10.255.255.253") SSLOptions +StrictRequire +OptRenegotiate /Directory My code: #ifdef _WINDEF_ #include winsock2.h #else #include string.h #include sys/time.h #include sys/types.h #include unistd.h #endif #include "DVMacro.h" #include "DVCertPasswd.h" #include "SSLSupport.h" #define CERT_ORGANISATION "TravelNet Technologies Inc." #define CERT_ORGANISATION_UNIT "Data Valet" #define CERT_CITY"Montreal" #define CERT_STATE"Quebec" #define CERT_COUNTRY "CA" #define CA_CERT_ORGANISATION "TravelNet Technologies Inc." #define CA_CERT_ORGANISATION_UNIT "Data Valet" #define CA_CERT_COMMON_NAME "TravelNet" #define CA_CERT_CITY"Montreal" #define CA_CERT_STATE"Quebec" #define CA_CERT_COUNTRY"CA" static char * g_sCertCommonName = NULL; static int VerifyCallback(int preverify_ok, X509_STORE_CTX * ctx); static int VerifyCertData( char * buf, bool bCA); static int PasswordCallback(char *buf, int size, int rwflag, void *password); // // This function is used to verify the content of the server certificate or the CA certificate. // This function is called by VerifyCallback(). // Return value: 0 if the data is not valide. // 1 if the data is valide. // // Note: buf supposed to have this format: // for CA certificate: /Email is not verify. // /C=CA/ST=Quebec/O=TravelNet Technologies Inc./OU=Data [EMAIL PROTECTED] // for server certificate: /CN must be Data Valet server IP address. // /C=CA/ST=Quebec/L=Montreal/O=TravelNet Technologies Inc./OU=Data // [EMAIL PROTECTED] // static int VerifyCertData( char * buf, bool bCA) { int iResult = 1; char * sField = NULL; char * sTemp = NULL; #ifdef _WINDEF_ if (buf) sTemp = strtok(buf, "/="); while (sTemp iResult) { sField = strtok(NULL, "/="); if (sField) #else if (buf) { if (buf[0] == '/') buf++; else iResult = 0; } while (buf iResult) { sField = strsep(buf, "/"); if (sField) { sTemp = strsep(sField, "="); if (sTemp) #endif { if (strcmp(sTemp, "C") == 0) { if (bCA) { if (strcmp(sField, CA_CERT_COUNTRY) != 0) iResult = 0; } else { if (strcmp(sField, CERT_COUNTRY) != 0) iResult = 0; } } else if (strcmp(sTemp, "ST") == 0) { if (bCA) { if (strcmp(sField, CA_CERT_STATE) != 0) iResult = 0; } else { if (strcmp(sField, CERT_STATE) != 0) iResult = 0; } } else if (strcmp(sTemp, "L") == 0) { if (bCA) { if (strcmp(sField, CA_CERT_CITY) != 0) iResult = 0; } else { if (strcmp(sField, CERT_CITY) != 0) iResult = 0; } } else if (strcmp(sTemp, "O") == 0) { if (bCA) { if (strcmp(sField, CA_CERT_ORGANISATION) != 0) iResult = 0; } else { if (strcmp(sField, CERT_ORGANISATION) != 0) iResult = 0; } } else if (strcmp(sTemp, "OU") == 0) { if (bCA) { if (strcmp(sField, CA_CERT_ORGANISATION_UNIT) != 0) iResult = 0; } else { if (strcmp(sField, CERT_ORGANISATION_UNIT) != 0) iResult = 0; } } else if (strcmp(sTemp, "CN") == 0) { if (bCA) { if (strcmp(sField, CA_CERT_COMMON_NAME) != 0)
Newbie questions
Hi - I am working on a perl SSL wget type program, and I have a few questions regarding certificate authentication. I am sorry if these are silly questions; I have been trying to find documentation for quite some time and cant seem to find anything. So my questions are, basically, how do I set up something to verify a host's x509's issuer against a list of trusted issuers? I would assume this is part of the set_verify callback, however there is no doc's on how to use that function. I have been able to extract from other peoples source that I need .pem certificate files, but what exactly is a .pem? And how would I interface with them? I really just need to compare the issuer fingerprint against a trusted issuers file, but I can find nothing on how to extract that. And the callbacks do not seem to allow you to either. Once again, I apologize for these very very newbie'ish questions, but I can not find anything regarding this. To quote the perl module doc's: The corresponding Perl function should be something like this: sub verify { my ($ok, $subj_cert, $issuer_cert, $depth, $errorcode, $arg, $chain) = @_; print "Verifying certificate...\n"; ... return $ok; } It is used like this: Net::SSLeay::set_verify ($ssl, Net::SSLeay::VERIFY_PEER, \verify); And that is the entire section on verification, and the most verbose explaination I've seen yet. ;-) So what do I do? Thanks for the help. -Ian __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RSA Encrypt/Decrypt fails
Hello, I have a problem for which I found no real solution in the manual or the list archives. The basic idea is to encrypt data using RSA_private_encrypt and retrieve it using RSA_public_decrypt. For RSA_private_encrypt, I set flen to RSA_size() to encrypt just one block and decrypt it later. If there is more data, it is processed blockwise in a loop. RSA_NO_PADDING is used (yeah, I know one shouldnt do that). For most blocks, the decryption works fine. For some block it just doesnt work. I dont get any error reports, the decrypted data just isnt what it should be. Below you find an excerpt from the code (some NULL checkings and the like omitted). What am I doing wrong? Once again: There is no overlapping memory or the like, the process functions properly in most cases, but in some cases (it seems to be depending on the data actually!) the routine fails, either at encryption or decryption (or even both?). Ciao Jan // get key rsaStruct = PEM_read_RSAPrivateKey(fp, NULL, NULL, password); // srcLen is original length given as a function parameter unsigned long destLen = srcLen; // Now pad to correct block size, resulting in a destination length of // N*RSA_size() unsigned long blocklength = RSA_size(rsaStruct); destLen = (((destLen - 1)/ blocklength) + 1) * blocklength; // create destination array dest = new unsigned char[destLen]; memset(dest, 0, destLen); // create source array unsigned char *tmpSrc = new unsigned char[destLen]; memset(tmpSrc, 0, destLen); // copy original source data, result is an array of correct length containing // the source and trailing zeroes memcpy(tmpSrc, src, srcLen); // now encrypt blockwise for (unsigned long i = 0; i destLen; i+= blocklength) { if (blocklength!=RSA_private_encrypt(blocklength, (tmpSrc+i), (dest+i), rsaStruct, RSA_NO_PADDING)) { printf("RSA Encrpytion Error.\n"); delete [] dest; delete [] tmpSrc; return 0; } } // and now decrypt the data again // array to contain the decrypted data unsigned char *tmpDest = new unsigned char[destLen]; for (i = 0; i destLen; i+= blocklength) { if (blocklength!=RSA_public_decrypt(blocklength, (dest+i), (tmpDest+i), rsaStruct, RSA_NO_PADDING)) { printf("RSA Decryption Error.\n"); delete [] dest; delete [] tmpDest; delete [] tmpSrc; return 0; } } -- Jan Zoellner - VidSoft GmbH eMail: [EMAIL PROTECTED] - Tel: ++49 351 435 34 17 WWW: http://www.vidsoft.de __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: RSA Encrypt/Decrypt fails
Just a guess, but a fairly educated one, try setting flen to 1 byte (or even 1 bit) smaller than the key. What I suspect is happening is you are sometimes trying to encrypt values that are larger than the modulus so you're getting a modular reduction of the value encrypted. Joe - Original Message - From: "Jan Zoellner" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 14, 2001 2:25 PM Subject: RSA Encrypt/Decrypt fails Hello, I have a problem for which I found no real solution in the manual or the list archives. The basic idea is to encrypt data using RSA_private_encrypt and retrieve it using RSA_public_decrypt. For RSA_private_encrypt, I set flen to RSA_size() to encrypt just one block and decrypt it later. If there is more data, it is processed blockwise in a loop. RSA_NO_PADDING is used (yeah, I know one shouldnt do that). For most blocks, the decryption works fine. For some block it just doesnt work. I dont get any error reports, the decrypted data just isnt what it should be. Below you find an excerpt from the code (some NULL checkings and the like omitted). What am I doing wrong? Once again: There is no overlapping memory or the like, the process functions properly in most cases, but in some cases (it seems to be depending on the data actually!) the routine fails, either at encryption or decryption (or even both?). Ciao Jan // get key rsaStruct = PEM_read_RSAPrivateKey(fp, NULL, NULL, password); // srcLen is original length given as a function parameter unsigned long destLen = srcLen; // Now pad to correct block size, resulting in a destination length of // N*RSA_size() unsigned long blocklength = RSA_size(rsaStruct); destLen = (((destLen - 1)/ blocklength) + 1) * blocklength; // create destination array dest = new unsigned char[destLen]; memset(dest, 0, destLen); // create source array unsigned char *tmpSrc = new unsigned char[destLen]; memset(tmpSrc, 0, destLen); // copy original source data, result is an array of correct length containing // the source and trailing zeroes memcpy(tmpSrc, src, srcLen); // now encrypt blockwise for (unsigned long i = 0; i destLen; i+= blocklength) { if (blocklength!=RSA_private_encrypt(blocklength, (tmpSrc+i), (dest+i), rsaStruct, RSA_NO_PADDING)) { printf("RSA Encrpytion Error.\n"); delete [] dest; delete [] tmpSrc; return 0; } } // and now decrypt the data again // array to contain the decrypted data unsigned char *tmpDest = new unsigned char[destLen]; for (i = 0; i destLen; i+= blocklength) { if (blocklength!=RSA_public_decrypt(blocklength, (dest+i), (tmpDest+i), rsaStruct, RSA_NO_PADDING)) { printf("RSA Decryption Error.\n"); delete [] dest; delete [] tmpDest; delete [] tmpSrc; return 0; } } -- Jan Zoellner - VidSoft GmbH eMail: [EMAIL PROTECTED] - Tel: ++49 351 435 34 17 WWW: http://www.vidsoft.de __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Newbie's question, How to sign a cert request by a CA cert.
Hi, I'm new to openssl. I tried to distribute some certs. So what I supposed to do are, 1. became a CA. to generate a self-signed cert 2. generate a cert request and use the CA cert to sign this cert req. But how to do that by CA.pl. some cmds are a little bit confusing for me. Any idea? Thanks.
More questions about cipher suites
Hi, I got a few questions about ciphering suites. Please help if you know the answers. - Are the list of cipher suites supported in TLS v1 and SSL v3 identical? Like RSA_WITH_RC4_128_MD5 are being used in both protocol? - Also, I checked the tls1.h in Openssl's include directory and found there are some ciphers like "TLS1_CK_RSA_EXPORT1024_WITH_RC4_56_MD5 0x300060 which is not defined in the TLS RFC. Are those proprietary cipher suites supported by OpenSSL only? Thanks Patrick __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Linker Error
I triad to compile openssl source code in AIX 4.3.3 Compiler version of 3.6.6 and also triad compiling with gcc. In both cases I got the following error. rm -f openssl cc -o openssl -DMONOLITH -I../include -O -DAIX -DB_ENDIAN -qmaxmem=16384 openssl.o verify.o asn1pars.o req.o dgst.o dh.o dhparam.o enc.o passwd.o gendh.o errstr.o ca.o pkcs7.o crl2p7.o crl.o rsa.o rsautl.o dsa.o dsaparam.o x509.o genrsa.o gendsa.o s_server.o s_client.o speed.o s_time.o apps.o s_cb.o s_socket.o app_rand.o version.o sess_id.o ciphers.o nseq.o pkcs12.o pkcs8.o spkac.o smime.o rand.o -L. -L.. -L../.. -L../../.. -L.. -lssl -L.. -lcrypto ld: 0711-317 ERROR: Undefined symbol: .__C_runtime_startup ld: 0711-345 Use the -bloadmap or -bnoquiet option to obtain more information. make: 1254-004 The error code from the last command is 8. Could you please tel me witch library do I need in order to build on executable? Frank __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
symmetric key produced by Diffie-Helman alg. not equal in both sides
Hi everybody, I am using the DH algorithm to produce a symmetric key (based on DSA private and public keys). There was no problem on Linux and Windows platforms as long as I had a random device. On Solaris platform, the routine DH_generate_key(dh) fails, because there is no random device (and the routine fails to get random data). Well, at this point I seeded the PRNG myself (just with RAND_seed(...)). The DH_generate_key(dh) didn't fail, but at the end of this process I have got two different symmetric keys, which doesn't help a lot in case of a symmetric encryption ;-) . What may cause the DH algorithm to produce two different keys ? I can only guess the the PRNG wasn't seeded well... Thanks, Ohad. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: symmetric key produced by Diffie-Helman alg. not equal in both sides
If all you're callling is DH_generate_key(...) then it should create different keys. That function call only generates the public and private keys. What you need to do is: DH_generate_parameters(...) transfer the parameters between machines so that they are both working in the same field DH_generate_key(...) the machines swap public keys DH_compute_key(...) the output of DH_compute_key on both machines should be identical. If that's not identical I can help you build the computations from scratch and that will work (it's not much harder than calling the functions above). Joe __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: symmetric key produced by Diffie-Helman alg. not equal in both sides
Of course I'm calling the DH_compute_key(...) after sharing the DH public key both sides. The symmetric keys are already produced successfully on Windows and Linux. Thanks, Ohad. -Original Message- From: Joseph Ashwood [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 14, 2001 6:14 PM To: [EMAIL PROTECTED] Subject: Re: symmetric key produced by Diffie-Helman alg. not equal in both sides If all you're callling is DH_generate_key(...) then it should create different keys. That function call only generates the public and private keys. What you need to do is: DH_generate_parameters(...) transfer the parameters between machines so that they are both working in the same field DH_generate_key(...) the machines swap public keys DH_compute_key(...) the output of DH_compute_key on both machines should be identical. If that's not identical I can help you build the computations from scratch and that will work (it's not much harder than calling the functions above). Joe __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: symmetric key produced by Diffie-Helman alg. not equal in both sides
Most likely these will sound like really stupid questions, but honest they're the same questions I've had to ask myself to find the answers. Have you verified that the parameters used by both sides are the same? Have you verified that the public key is transferred correctly? I'm just trying to narrow down where the problem is. If these aren't the problem than have you verified that g does not divide p? (it shouldn't if you called DH_generate parameters but since there's obviously a problem . . . ) Have you checked to see that the openSSL implementation computes a set of test vectors for exponentiation properly? Joe - Original Message - From: "Bruker, Ohad" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 14, 2001 6:25 PM Subject: RE: symmetric key produced by Diffie-Helman alg. not equal in both sides Of course I'm calling the DH_compute_key(...) after sharing the DH public key both sides. The symmetric keys are already produced successfully on Windows and Linux. Thanks, Ohad. -Original Message- From: Joseph Ashwood [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 14, 2001 6:14 PM To: [EMAIL PROTECTED] Subject: Re: symmetric key produced by Diffie-Helman alg. not equal in both sides If all you're callling is DH_generate_key(...) then it should create different keys. That function call only generates the public and private keys. What you need to do is: DH_generate_parameters(...) transfer the parameters between machines so that they are both working in the same field DH_generate_key(...) the machines swap public keys DH_compute_key(...) the output of DH_compute_key on both machines should be identical. If that's not identical I can help you build the computations from scratch and that will work (it's not much harder than calling the functions above). Joe __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: symmetric key produced by Diffie-Helman alg. not equal in both sides
Hi Joe. All the basic stuff you mentioned is implemented right. It is already *WORKING* on Linux and Windows platforms without any problems. I encounter this problem probably because Solaris does not support random device !!! The manual seeding of the PRNG probably cause this problem (symmetric key in both sides is not equal). Thanks, Ohad. -Original Message- From: Joseph Ashwood [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 14, 2001 6:42 PM To: [EMAIL PROTECTED] Subject: Re: symmetric key produced by Diffie-Helman alg. not equal in both sides Most likely these will sound like really stupid questions, but honest they're the same questions I've had to ask myself to find the answers. Have you verified that the parameters used by both sides are the same? Have you verified that the public key is transferred correctly? I'm just trying to narrow down where the problem is. If these aren't the problem than have you verified that g does not divide p? (it shouldn't if you called DH_generate parameters but since there's obviously a problem . . . ) Have you checked to see that the openSSL implementation computes a set of test vectors for exponentiation properly? Joe - Original Message - From: "Bruker, Ohad" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Sent: Wednesday, February 14, 2001 6:25 PM Subject: RE: symmetric key produced by Diffie-Helman alg. not equal in both sides Of course I'm calling the DH_compute_key(...) after sharing the DH public key both sides. The symmetric keys are already produced successfully on Windows and Linux. Thanks, Ohad. -Original Message- From: Joseph Ashwood [mailto:[EMAIL PROTECTED]] Sent: Wednesday, February 14, 2001 6:14 PM To: [EMAIL PROTECTED] Subject: Re: symmetric key produced by Diffie-Helman alg. not equal in both sides If all you're callling is DH_generate_key(...) then it should create different keys. That function call only generates the public and private keys. What you need to do is: DH_generate_parameters(...) transfer the parameters between machines so that they are both working in the same field DH_generate_key(...) the machines swap public keys DH_compute_key(...) the output of DH_compute_key on both machines should be identical. If that's not identical I can help you build the computations from scratch and that will work (it's not much harder than calling the functions above). Joe __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: symmetric key produced by Diffie-Helman alg. not equal in both sides
"Bruker, Ohad" wrote: Hi Joe. All the basic stuff you mentioned is implemented right. It is already *WORKING* on Linux and Windows platforms without any problems. I encounter this problem probably because Solaris does not support random device !!! The manual seeding of the PRNG probably cause this problem (symmetric key in both sides is not equal). Thanks, Ohad. It is unlikely that the PRNG is the cause if it generates the DH keypair without error. I assume 'make test' works on Solaris without problems. Try transferring a DH keypair from one of the working platforms to Solaris and see if you still have problems when you call DH_compute_key(). That should avoid having to generate keys on Solaris and avoid using the PRNG. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
s_client and egd?
I have openssl-0.9.6, egd-0.8 and prngd-0.9.3 installed on Solaris 2.6. The imap and pop services seem to be working with ssl OK, and I was able to generate test certs/keys etc. so I'm assuming egd and prngd are working. In debugging some other stuff, I attempted to use openssl s_client ... I get "random number generator has not been seeded" errors and "PRNG not seeded" errors. Openssl s_client will not accept -rand /var/run/egd-pool and nothing I've tried setting RANDFILE to seems to help. Does s_client work with egd/prngd or am I missing something basic here? Jim Pennino __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
where i can find the documentation
hello whenever i search for documentation i get into www.openssl.org/docs which no explaination of library functions and error codes. so please inform where to find the documentation. thanks in advance Do You Yahoo!? Get your free @yahoo.co.in address at http://mail.yahoo.co.in __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
What does the e-value do?
When using the OpenSSL to generate RSA keys, there is a parameter "e-value", which can be either 0x10001 or 0x3. I have read some articles of RSA, but none of them refer such a parameter, are there some body can tell me what does this "e-value" do while generating RSA keys. Any help are appreciated. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: obtaining input from a file or from the command line
I tried : ./openssl genrsa -des -out ca.key 2048 After I changed MIN for passphrase to 0 in openssl.cnf No luck. It still asks for passphrase and seeks a minimum of 4 chars. Since I wondered where this 4 came from, I looked around. I might be wrong, but it seems to make a call to pem_lib.c in which the MIN is defined to be 4 ! In crypto/pem/pem_lib.c: #define MIN_LENGTH 4 Is there any way to not have openssl genrsa invoke pem_lib for passphrase encryption at all ? Thanks, Sandipan PS. My apologies to users of the mailing list who were hit with read receipt requests. I am new to openssl-users and did not know it doesnt filter out the request for disposition notification. I am now shutting off the request flag on my OE5.5 before posting. - Original Message - From: "Richard Levitte - VMS Whacker" [EMAIL PROTECTED] To: [EMAIL PROTECTED] Cc: [EMAIL PROTECTED] Sent: Wednesday, February 14, 2001 3:33 PM Subject: Re: obtaining input from a file or from the command line From: "Sandipan Gangopadhyay" [EMAIL PROTECTED] sandipan Thanks - you have saved me from grave error. I had assumed sandipan des3 = 3des despite what the man page said !!! Uhmm, DES in CBC mode is popularly called tripple-DES or 3des, so your assumption was perfectly correct... -- Richard Levitte \ Spannvgen 38, II \ [EMAIL PROTECTED] Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, Celo Communications: http://www.celocom.com/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: obtaining input from a file or from the command line
From: "Sandipan Gangopadhyay" [EMAIL PROTECTED] sandipan I tried : sandipan ./openssl genrsa -des -out ca.key 2048 sandipan After I changed MIN for passphrase to 0 in openssl.cnf sandipan sandipan No luck. I don't get this! What exactly do you think encryption with no (or 0-length) password will gain you? Certainly not any extra security! -- Richard Levitte \ Spannvgen 38, II \ [EMAIL PROTECTED] Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 Redakteur@Stacken \ SWEDEN \ or +46-709-50 36 10 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Software Engineer, Celo Communications: http://www.celocom.com/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]