Re: Elliptic curve in 9.7a
Prashant Kumar wrote: Hello Group, Hi Prashant, Do we support curves K-163 (Group 7) and B-283 (Group 8) in the Elliptic curve implementation in 9.7a ? . No, OpenSSL 0.9.7 supports only the basic arihtmetic for curves over GF(p). For support of binary curves you must wait for 0.9.8 (try the current head). Do we have any example program on how can we use it (I checked in the apps directory and didn't find anything) ?. In the head are some examples (ectest, ecdsatest, apps/ec.c ...). Also, is there any licensing/patent issue if we use this Elliptic curve implementation in our product ?. Don't know, but we tried to avoid patented algorithm. Regards, Nils __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL_read sleeps
Hi, we are using SSL_read in a loop to read all the bytes being sent from a server. We use SSL_peek to know when there's no more data. Problem is SSL_read always sleeps for about one minute when reading the last set of bytes. We are asking it to read the exact number of bytes already returned by SSL_pending. Any ideas? Thanks, Lanre. _ Protect your PC - get McAfee.com VirusScan Online http://clinic.mcafee.com/clinic/ibuy/campaign.asp?cid=3963 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Elliptic curve in 9.7a
Title: RE: Elliptic curve in 9.7a Hello Nils Larsch, Thank you so much for your help. When will OpenSsl 9.8 be released ? Thanks, Prashant Kumar. -Original Message- From: Nils Larsch [mailto:[EMAIL PROTECTED]] Sent: Wednesday, March 26, 2003 4:00 AM To: [EMAIL PROTECTED] Subject: Re: Elliptic curve in 9.7a Prashant Kumar wrote: Hello Group, Hi Prashant, Do we support curves K-163 (Group 7) and B-283 (Group 8) in the Elliptic curve implementation in 9.7a ? . No, OpenSSL 0.9.7 supports only the basic arihtmetic for curves over GF(p). For support of binary curves you must wait for 0.9.8 (try the current head). Do we have any example program on how can we use it (I checked in the apps directory and didn't find anything) ?. In the head are some examples (ectest, ecdsatest, apps/ec.c ...). Also, is there any licensing/patent issue if we use this Elliptic curve implementation in our product ?. Don't know, but we tried to avoid patented algorithm. Regards, Nils __ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Elliptic curve in 9.7a
In message [EMAIL PROTECTED] on Wed, 26 Mar 2003 08:35:43 -0500, Prashant Kumar [EMAIL PROTECTED] said: prkumar Thank you so much for your help. When will OpenSsl 9.8 be released ? 0.9.8 doesn't have a schedule yet. -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] [EMAIL PROTECTED] \ S-168 35 BROMMA \ T: +46-8-26 52 47 \ SWEDEN \ or +46-708-26 53 44 Procurator Odiosus Ex Infernis-- [EMAIL PROTECTED] Member of the OpenSSL development team: http://www.openssl.org/ Unsolicited commercial email is subject to an archival fee of $400. See http://www.stacken.kth.se/~levitte/mail/ for more info. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Minimum RSA Key length ?
Hi, I am experimenting with the minumum RSA key lenght allowed by TLS 1.0. What I gather from reading the specification is that it is left to applications to enforce minimum/maximum lenghts - please correct me if this is not the case. Assuming that TLS 1.0 spec does not place any restriction on the RSA key size in a server certificate, does OpenSSL have any such restriction. e.g. will it allow creation of a server certificate with only 128 bit RSA key? I know it is very insecure, but I want to ignore that part for now. Also what about the browsers? will IE or Netscape accept such a certificate during TLS handshake? thanks, --- asad __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Hard-coded trusted CA-cert
hi, I have tested the SSL handshake but failing when verifying server certificate X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY. I generated the self signed CA and used the same CAcert to verify using openssl verify and also using openssl s_client -verify 1 -CAfile and it seems to be working perfectly ok. Since i dont have a file system on embedded platform i cannot use SSL_CTX_load_verify_locations(). I have converted the CAcert file from base64 format to C structure using openssl utility and i am calling SSL_CTX_use_certificate(ctx,x). Still i see that there is an error some where. I tried calling SSL_CTX_add_extra_chain_cert, but did not help. Can anyone let me know what's wrong in my code? unsigned char CA_cert[811]={ 0x30,0x82,0x03,0x27,0x30,0x82,0x02,0x90,0xA0,0x03,0x02,.}; void ssl_client (void) { SSLeay_add_ssl_algorithms(); meth = SSLv3_client_method(); SSL_load_error_strings(); ctx = SSL_CTX_new (meth); SSL_CTX_set_cipher_list(ctx,SSL3_TXT_RSA_RC4_40_MD5); { X509 *x=NULL; unsigned char* c; /* load our CA cert into the certificate chain */ c = CA_cert; x = d2i_X509(NULL,c,(long) sizeof(CA_cert)); if( x == NULL ){ goto end; } if(!SSL_CTX_add_extra_chain_cert(ctx,x)){ goto end; } socket(..); . . SSL_connect() . /* verify the server certificate */ err= SSL_get_verify_result(SSL *ssl); . } __ Do you Yahoo!? Yahoo! Platinum - Watch CBS' NCAA March Madness, live on your desktop! http://platinum.yahoo.com __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Minimum RSA Key length ?
On Wed, Mar 26, 2003, Asad Ali wrote: Hi, I am experimenting with the minumum RSA key lenght allowed by TLS 1.0. What I gather from reading the specification is that it is left to applications to enforce minimum/maximum lenghts - please correct me if this is not the case. There are various minimum limitations based on the protocol requirements of TLS. For example in static RSA ciphersuites it must be possible to encrypt the pre-master secret using the server's public key. The PMS is 48 bytes in length and the PKCS#1 padding overhead is 11 bytes effectively making the absolute minimum 59 * 8 = 472 bits. For client certificates or for ciphersuites where server certificates sign data it must be able to contain the combined SHA1+MD5 hash and with the overhead again this is 20+16+11 = 47 or 376 bits. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Hard-coded trusted CA-cert
On Wed, Mar 26, 2003, rajagopalan ramanujam wrote: hi, I have tested the SSL handshake but failing when verifying server certificate X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY. I generated the self signed CA and used the same CAcert to verify using openssl verify and also using openssl s_client -verify 1 -CAfile and it seems to be working perfectly ok. Since i dont have a file system on embedded platform i cannot use SSL_CTX_load_verify_locations(). I have converted the CAcert file from base64 format to C structure using openssl utility and i am calling SSL_CTX_use_certificate(ctx,x). Still i see that there is an error some where. I tried calling SSL_CTX_add_extra_chain_cert, but did not help. You need to retrieve the trusted certificate store using SSL_CTX_get_store() and then add the certificate to it using X509_STORE_add_cert(). Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL_CTX_free messes with external session cache
Hi, I noticed that SSL_CTX_free() takes all the sessions in the given CTX's internal session cache, and also removes them from the external session cache (i.e., calls the delete-session callback). Why was this done? I can't think of a security or a logical explanation to this, because these sessions in the external cache are still valid, and other contexts or processes might still want to reuse them! Looking at the SSL_CTX_free() code (ssl/ssl_lib.c), I see that SSL_CTX_flush_sessions(a,0) is called - and from the manual page of that function I understand that what this means is to mark sessions older than time 0 (i.e., all sessions) as *expired*, and all these sessions are also deleted from the external session cache. I don't understand why this kind of behavior should be part of SSL_CTX_free(). By the way, it's relatively easy for me to overcome this behavior by cancelling the delete-session callback before calling SSL_CTX_free() - but I was wondering why I have to do that... -- Nadav Har'El| Wednesday, Mar 26 2003, 23 Adar II 5763 [EMAIL PROTECTED] |- Phone: +972-53-245868, ICQ 13349191 |The human mind is like a parachute - it http://nadav.harel.org.il |functions better when it is open. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: SSL_CTX_free messes with external session cache
On Wed, Mar 26, 2003 at 08:25:10PM +0200, Nadav Har'El wrote: I noticed that SSL_CTX_free() takes all the sessions in the given CTX's internal session cache, and also removes them from the external session cache (i.e., calls the delete-session callback). [Analysis deleted.] Obviously this behaviour is worth discussing. Could it make sense? I have bounced your message into the Request Tracker to open a ticket. Hmm. I extensively use external session caching. But I never call SSL_CTX_free(), as my application will terminate in this moment anyway, so this oddity went by unnoted... Best regards, Lutz -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: SSL_CTX_free messes with external session cache
On Wed, Mar 26, 2003, Lutz Jaenicke wrote about Re: SSL_CTX_free messes with external session cache: Hmm. I extensively use external session caching. But I never call SSL_CTX_free(), as my application will terminate in this moment anyway, so this oddity went by unnoted... This is the bane of C++: it's too easy to write a destructor, so I had one, and it called SSL_CTX_free(). And this destructor got called when a process exited (sort of like atexit(3), but a heck lot harder to debug). :) By the way, this problem is so easy to circumvent that even if you decide not to change the current behaviour, maybe the manual should be changed to say that one can use: SSL_CTX_sess_set_remove_cb(ctx, NULL); SSL_CTX_free(ctx); To free a ctx without having the remove callback called. -- Nadav Har'El| Wednesday, Mar 26 2003, 23 Adar II 5763 [EMAIL PROTECTED] |- Phone: +972-53-245868, ICQ 13349191 |Linux: Because rebooting is for adding http://nadav.harel.org.il |new hardware. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: SSL_CTX_free messes with external session cache
Hi, * Nadav Har'El ([EMAIL PROTECTED]) wrote: Hi, I noticed that SSL_CTX_free() takes all the sessions in the given CTX's internal session cache, and also removes them from the external session cache (i.e., calls the delete-session callback). Why was this done? I can't think of a security or a logical explanation to this, because these sessions in the external cache are still valid, and other contexts or processes might still want to reuse them! Yeah this is dumb, but I think probably you are overreading the design of the relationship between the SSL_CTX-internal cache and external caching callbacks. For the good oil on this, you'll probably have to get in contact with Eric Young and convince him to discuss it with you. Short of that, my impression has been that it's no more than a horrible hack that was jammed in to solve a particular need at the time, and it has since installed itself in ssl/ and would now be difficult to substantially re-engineer without pissing off lots of people. One of the problems is the relationship between the internal cache operations and the cache callbacks. Ie. is the external cache supposed to replace the internal cache, or to allow it to bridge multiple SSL_CTX contexts (or copies of the same one inside forked child processes) using an external parent cache? Things aren't terribly natural in either case; eg. the SSL_SESS_CACHE_NO_INTERNAL_LOOKUP flag is pretty much obligatory if you want sane behaviour in the second case but is not the default for historical reasons. The alternative to that flag would be to add a new external callback similar to get_session that merely checks the continued existence of a session in the external cache, something like has_session. This way, the internal cache could resume sessions it has locally cached by first checking that the external cache has not (through some other SSL_CTX's activity) explicitly invalidated or destroyed the corresponding session. BTW, this is the approach used in the www.distcache.org model. What you're noticing with the expiry of all sessions upon SSL_CTX_free() is perhaps evidence that the original intention of the external callbacks was to replace the internal cache rather than provide an umbrella for multiple internal caches. And then again, the fact the internal cache is maintained in parallel with the external one (rather than being ignored) suggests that perhaps someone was trying to have their cake and eat it too. Initially, it probably looked like that default behaviour killed two birds with one stone, but I think now the picture is a little less satisfying. I'm not sure about the real reasons to be honest though. Looking at the SSL_CTX_free() code (ssl/ssl_lib.c), I see that SSL_CTX_flush_sessions(a,0) is called - and from the manual page of that function I understand that what this means is to mark sessions older than time 0 (i.e., all sessions) as *expired*, and all these sessions are also deleted from the external session cache. I don't understand why this kind of behavior should be part of SSL_CTX_free(). I feel your pain. By the way, it's relatively easy for me to overcome this behavior by cancelling the delete-session callback before calling SSL_CTX_free() - but I was wondering why I have to do that... IMHO, you're probably better off in the mean time disabling the internal caching altogether and implement a coherent model entirely from the external callbacks - this way the SSL_CTX_free() behaviour won't matter because the internal cache is empty so it won't be deleting anything in the external cache. Again, a shameless plug in the direction of www.distcache.org and the apache-1.3/mod_ssl and apache-2 patches show an illustration of this approach. For my own activities with caching, I felt quite early on that to bother implementing an external cache pretty much obligated me to forget about the internal caching. The ideal thing for openssl would be to wait until we have a good opportunity to well and truly ignore backwards compatibility and then just uproot the entire caching interface and replace it with something cleaner. This is not meant to be me bitching about Eric's SSLeay work - it's obvious we benefit from a certain retrospective 20/20 vision that Eric never had at the time. However, we're not yet at a point where we can go breaking large blocks of application code in non-trivial ways so we're sort of obligated to make gentle modifications, add extra flags, and make do. However, when the revolution comes ... I don't know if that helps with your problem though? Are you able to do away with the internal cache, or are you committed to having sane interaction between internal and external caching? Note also that this is all IMHO, there may be others who consider the internal/external caching semantics to be fine as they are. Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.openssl.org/ __
Re: SSL_CTX_free messes with external session cache
On Wed, Mar 26, 2003, Geoff Thorpe wrote about Re: SSL_CTX_free messes with external session cache: IMHO, you're probably better off in the mean time disabling the internal caching altogether and implement a coherent model entirely from the external callbacks - this way the SSL_CTX_free() behaviour won't matter This is very true. In fact, I designed the application in question from the start to use only the external cache (if you remember, I was the one who asked to add the NO_INTERNAL flag - NO_INTERNAL_LOOKUP will still leave me with a big internal session cache). But for several silly and embarrassing reasons, I need to have both an internal and external session cache for now. :( The extra SSL_CTX_sess_set_remove_cb(ctx, NULL); before SSL_CTX_free(ctx) fixes the problem I reported, so it's not a real problem for me, it simply surprised me. The ideal thing for openssl would be to wait until we have a good opportunity to well and truly ignore backwards compatibility and then just uproot the entire caching interface and replace it with something I understand that backward compatibility is important, if people rely on the current behaviour. In this case, I suggest that the manual pages (in this case, of SSL_CTX_free()) be updated to explain what actually happens, and perhaps how to get the other behaviour. Nobody can complain about this if it is explained in the manual :) -- Nadav Har'El| Wednesday, Mar 26 2003, 23 Adar II 5763 [EMAIL PROTECTED] |- Phone: +972-53-245868, ICQ 13349191 |The human mind is like a parachute - it http://nadav.harel.org.il |functions better when it is open. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
SSL_read performance problem
Hi, I have a client and a server using SSL to communicate. the crypto is 3DES-CBC-SHA When the client send message with length 1989 bytes, the SSL_read on server spend about 10 ms. When the client send message with length 1989 bytes, the SSL_read on server spend about 200 ms. This is a big difference that I can explain except that TCP cut message when they are to big ( about 2000 bytes long) Do you have any ideas. Thanks, Jean Pierre _ GRAND JEU SMS : Pour gagner un NOKIA 7650, envoyez le mot IF au 61321 (prix d'un SMS + 0.35 euro). Un SMS vous dira si vous avez gagné. Règlement : http://www.ifrance.com/_reloc/sign.sms __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
RE: Minimum RSA Key length ?
Does TLS support any non-static RSA ciphersuites. For example is it possible to use a 128 bit key to encrypt the pre-master secret in chunks of 16 bytes (including the padding), or use a 256 bit key to encrypt it in 32 byte chunks. regards, --- asad -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Dr. Stephen Henson Sent: Wednesday, March 26, 2003 11:30 AM To: [EMAIL PROTECTED] Subject: Re: Minimum RSA Key length ? On Wed, Mar 26, 2003, Asad Ali wrote: Hi, I am experimenting with the minumum RSA key lenght allowed by TLS 1.0. What I gather from reading the specification is that it is left to applications to enforce minimum/maximum lenghts - please correct me if this is not the case. There are various minimum limitations based on the protocol requirements of TLS. For example in static RSA ciphersuites it must be possible to encrypt the pre-master secret using the server's public key. The PMS is 48 bytes in length and the PKCS#1 padding overhead is 11 bytes effectively making the absolute minimum 59 * 8 = 472 bits. For client certificates or for ciphersuites where server certificates sign data it must be able to contain the combined SHA1+MD5 hash and with the overhead again this is 20+16+11 = 47 or 376 bits. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
PKCS#7
hi, i have a single file in PKCS#7 format can i decrypt this file with openssl? i try this [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip test.pem -inkey key.pem Enter PEM pass phrase: Error decrypting PKCS#7 structure 3428:error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificate:pk7_doit.c:371: 3428:error:21072077:PKCS7 routines:PKCS7_decrypt:decrypt error:pk7_smime.c:405: thanks -- - Marek Cervenka Centrum Vypocetni Techniky CVT - http://cvt.fpf.slu.cz FPF SLU OPAVA - http://www.fpf.slu.cz = __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: SSL_CTX_free messes with external session cache
* Nadav Har'El ([EMAIL PROTECTED]) wrote: The ideal thing for openssl would be to wait until we have a good opportunity to well and truly ignore backwards compatibility and then just uproot the entire caching interface and replace it with something I understand that backward compatibility is important, if people rely on the current behaviour. In this case, I suggest that the manual pages (in this case, of SSL_CTX_free()) be updated to explain what actually happens, and perhaps how to get the other behaviour. Nobody can complain about this if it is explained in the manual :) As someone who now has an excellent working familiarity with the API behaviour, I am sure any patches (diff -u format) you were to contribute in this direction would be most warmly welcomed :-) Cheers, Geoff -- Geoff Thorpe [EMAIL PROTECTED] http://www.openssl.org/ __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PKCS#7
On Wed, Mar 26, 2003, marek cervenka wrote: hi, i have a single file in PKCS#7 format can i decrypt this file with openssl? i try this [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip test.pem -inkey key.pem Enter PEM pass phrase: Error decrypting PKCS#7 structure 3428:error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificate:pk7_doit.c:371: 3428:error:21072077:PKCS7 routines:PKCS7_decrypt:decrypt error:pk7_smime.c:405: You can if pass it a private key and certificate corresponding to one of the recipients of the message. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Minimum RSA Key length ?
On Wed, Mar 26, 2003, Asad Ali wrote: Does TLS support any non-static RSA ciphersuites. For example is it possible to use a 128 bit key to encrypt the pre-master secret in chunks of 16 bytes (including the padding), or use a 256 bit key to encrypt it in 32 byte chunks. No, the standards expect it to be handled in one chunk. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PKCS#7
i have a single file in PKCS#7 format can i decrypt this file with openssl? i try this [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip test.pem -inkey key.pem Enter PEM pass phrase: Error decrypting PKCS#7 structure 3428:error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificate:pk7_doit.c:371: 3428:error:21072077:PKCS7 routines:PKCS7_decrypt:decrypt error:pk7_smime.c:405: You can if pass it a private key and certificate corresponding to one of the recipients of the message. but this file is not email (i'm not creator of this file :( ) this file have PKCS structure (certificate + encrypted data) can i decrypt this file without conversion to s/mime message? -BEGIN PKCS7- MIAGCSqGSIb3DQEHA6CAMIIHRgIBADGCAlMwggElAgEAMIGPMIGGMQswCQYDVQQG EwJDWjENMAsGA1UEChMEdGVzdDENMAsGA1UECxMEdGVzdDENMAsGA1UEBxMEdGVz dDENMAsGA1UECBMEdGVzdDEPMA0GA1UEAxMGQ1JUIENQMRUwEwYJKoZIhvcNAQkB FgZhQGIuY3oxEzARBgNVBBQTCjEyMzQ1Njc4OTACBD6BVHEwCwYJKoZIhvcNAQEB ---cut--- sSardZvWuTsqZfRhoa/bbAuB0giggMfDo03POJLg7CpcqcMZqBJ9i96sI/R2EJMd cf71IyxKbpVLe0QUVjgUmH40SrEWWAVObaRtxjTysPM4KBOPA7oEyZkej1DwFFRk Eqcgi4A6YZGPzX4ll18yMojyk+zKj+l1wwitd/sgDFWnbI1as5IrOq/BXl/zevTb 6/w6RHpK36cCAA== -END PKCS7- -- - Marek Cervenka Centrum Vypocetni Techniky CVT - http://cvt.fpf.slu.cz FPF SLU OPAVA - http://www.fpf.slu.cz = __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PKCS#7
On Wed, Mar 26, 2003, marek cervenka wrote: i have a single file in PKCS#7 format can i decrypt this file with openssl? i try this [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip test.pem -inkey key.pem Enter PEM pass phrase: Error decrypting PKCS#7 structure 3428:error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificate:pk7_doit.c:371: 3428:error:21072077:PKCS7 routines:PKCS7_decrypt:decrypt error:pk7_smime.c:405: You can if pass it a private key and certificate corresponding to one of the recipients of the message. but this file is not email (i'm not creator of this file :( ) this file have PKCS structure (certificate + encrypted data) can i decrypt this file without conversion to s/mime message? Well even if it isn't email the original file will have been encrypted using a certificate's public key and the details of the certificate placed in the structure: specifically its issuer name and serial number. There may be more than one certificate used to allow multiple keys to decrypt the file. So you need at least one key and certificate pair to decrypt it. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PKCS#7
i have a single file in PKCS#7 format can i decrypt this file with openssl? i try this [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip test.pem -inkey key.pem Enter PEM pass phrase: Error decrypting PKCS#7 structure 3428:error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificate:pk7_doit.c:371: 3428:error:21072077:PKCS7 routines:PKCS7_decrypt:decrypt error:pk7_smime.c:405: You can if pass it a private key and certificate corresponding to one of the recipients of the message. but this file is not email (i'm not creator of this file :( ) this file have PKCS structure (certificate + encrypted data) can i decrypt this file without conversion to s/mime message? Well even if it isn't email the original file will have been encrypted using a certificate's public key and the details of the certificate placed in the structure: specifically its issuer name and serial number. There may be more than one certificate used to allow multiple keys to decrypt the file. So you need at least one key and certificate pair to decrypt it. that is clear i have one key and certificate (file is signed and encrypted for my pair) but how can i do this? any known software? -- - Marek Cervenka Centrum Vypocetni Techniky CVT - http://cvt.fpf.slu.cz FPF SLU OPAVA - http://www.fpf.slu.cz = __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: PKCS#7
On Thu, Mar 27, 2003, marek cervenka wrote: i have a single file in PKCS#7 format can i decrypt this file with openssl? i try this [EMAIL PROTECTED] cp]# openssl smime -decrypt -inform der -in pkcs7.enc -recip test.pem -inkey key.pem Enter PEM pass phrase: Error decrypting PKCS#7 structure 3428:error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificate:pk7_doit.c:371: 3428:error:21072077:PKCS7 routines:PKCS7_decrypt:decrypt error:pk7_smime.c:405: You can if pass it a private key and certificate corresponding to one of the recipients of the message. but this file is not email (i'm not creator of this file :( ) this file have PKCS structure (certificate + encrypted data) can i decrypt this file without conversion to s/mime message? Well even if it isn't email the original file will have been encrypted using a certificate's public key and the details of the certificate placed in the structure: specifically its issuer name and serial number. There may be more than one certificate used to allow multiple keys to decrypt the file. So you need at least one key and certificate pair to decrypt it. that is clear i have one key and certificate (file is signed and encrypted for my pair) but how can i do this? any known software? Well yes, the smime utility should do so. However that error message is saying that the issuer(s) and serial number(s) in the message doesn't match those in your certificate. Possibly the file was encrypted using the wrong certificate? There isn't a utility to print out the expected issuer name and serial number names for PKCS#7 encryptedData with OpenSSL so it isn't that easy to check. If you don't mind sending me the file and your certificate (not the private key) I can check to see what the issuer name and serial number(s) are and if they should match. Steve. -- Dr Stephen N. Henson. Core developer of the OpenSSL project: http://www.openssl.org/ Freelance consultant see: http://www.drh-consultancy.demon.co.uk/ Email: [EMAIL PROTECTED], PGP key: via homepage. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]