RE: FIPS 14-2 vs MD5

[David Schwartz]

Roger No-Spam wrote:

> When building openssl in FIPS 140-2 mode, the MD5 algorithm is
> not available for use. There are, however, several RFCs that mandate
> the use of MD5. Would it be possible to partition a system into a
> FIPS 140-2 part (more security critical parts, e.g SSL) and one other
> part that can include support for RFCs that mandate MD5 (e.g. TCP MD5
> checksum option, PPP CHAP, etc.). Would it be possible to FIPS 140-2
> validate such a system? What would the requirements be regarding the
> partitioning?

Simply disable all those things in FIPS mode. There is no requirement that
your system be useful in FIPS mode, only that it be secure. That is what
everyone else does.

For example, the first Windows versions to support high-security modes
disabled all networking devices and all removable media devices. Linux
requires you to remove the power cord.

DS


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

FIPS 14-2 vs MD5

[Roger No-Spam]

Hello,

When building openssl in FIPS 140-2 mode, the MD5 algorithm is not available 
for use. There are, however, several RFCs that mandate the use of MD5. Would it 
be possible to partition a system into a FIPS 140-2 part (more security 
critical parts, e.g SSL) and one other part that can include support for RFCs 
that mandate MD5 (e.g. TCP MD5 checksum option, PPP CHAP, etc.). Would it be 
possible to FIPS 140-2 validate such a system? What would the requirements be 
regarding the partitioning?

Any pointers to where I can find more info on this topic would be much 
appreciated.

/Roger

_
Med Windows Live kan du ordna, redigera och dela med dig av dina foton.
http://www.microsoft.com/sverige/windows/windowslive/products/photo-gallery-edit.aspx

Re: OpenSSL FIPS Module version 1.2

[Pandit Panburana]

Hello Steve,

 Do you know any fixes in the current 0.9.8k that also applicable to FIPS 
module or there is none?

Thank you,
-Pandit  




From: Dr. Stephen Henson 
To: openssl-users@openssl.org
Sent: Saturday, August 15, 2009 6:39:40 AM
Subject: Re: OpenSSL FIPS Module version 1.2

On Fri, Aug 14, 2009, Pandit Panburana wrote:

> Hello,
> 
> I have a few questions about the FIPS module. 
> 
>1) The current version of OpenSSL FIPS Module is 1.2. It is based on
>0.9.8e and 0.9.8f of standard OpenSSL. The latest stable version is
>0.9.8k. How are fixes get into validated FIPS module? 
> 

There have been no issues so far which have required any changed to the FIPS
module itself. The FIPS module is a tiny subset of a version of OpenSSL
between 0.9.8e and 0.9.8f. You can (and indeed *should*) use the current
version of OpenSSL 0.9.8 (currently 0.9.8k) with the validated moduled. That
way you get all the updates and fixes in the rest of OpenSSL.

>2) The current procedure suggests that the FIPS module is built on the
>same target platform of the application. Is it possible that the target
>platform is different than the building platform but they both are x86
>base platforms (here OS is Linux but may have different version)?
> 

As long as you follow the build procedure to the letter. You can use the
resulting binaries on any binary compatible  platform.

>3) Is there any work around for cross compilation?
> 

Not without revalidation as this would require a different build procedure.
However there are many low cost ways to compile native code on all sorts of
platforms (e.g. ARM) which would avoid the need to cross compile.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Projecthttp://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager  majord...@openssl.org



  

Fwd: Benachrichtung zum Übermittlungsstatus (Fehlge schlagen)

[Serge Fonville]

I'm not sure about you guys, but I find this very annoying

2009/8/17 

> Dies ist eine automatisch erstellte Benachrichtigung +APw-ber den
> Zustellstatus.
>
> +ANw-bermittlung an folgende Empf+AOQ-nger fehlgeschlagen.
>
>   c...@next-motion.de
>
>
>
>
> Final-Recipient: rfc822;c...@next-motion.de 
> Action: failed
> Status: 5.2.2
> X-Display-Name: Carsten Breitbarth - next.motion OHG
>
>
>
> -- Forwarded message --
> From: Serge Fonville 
> To: openssl-users@openssl.org
> Date: Mon, 17 Aug 2009 18:20:37 +0200
> Subject: Re: Creating certificates
> What does your openssl.cnf look like, since it is used in the req?
>
> On Mon, Aug 17, 2009 at 6:00 PM, Gerald Iakobinyi-Pich  > wrote:
>
>> Hy,
>>
>> So my end goal is to have a CA, which I can use to sign certificates. I
>> have set up a CA, that was not that hard. But now I want to create
>> certificates signed by my CA, and I want to provide the subject from the
>> command line. I don't want it to be read from the openssl.cnf. That is
>> because I have to create more certificates, and I do not want to modify the
>> opennssl.cnf, for each of them.
>>
>> I have tried to create certificates, signed by my CA, and the subject
>> information was provided in the openssl.cnf file. That I have succeeded.
>>
>> Then I have tried to provide the subject information from the command
>> line, and that I have failed. And I have verified the contents of the
>> certificate, and the subject was not what I have specified in the command
>> line, but what was found in the config file.
>>
>> So it looks to me like if this option: -subj
>> "/C=DE/L=Munchen/ST=Bayern/O=Org/OU=Dev/CN=Test Certificate" is ignored, and
>> like openssl tries to read this info from the config file, and I do not
>> understand why :(.
>>
>>
>> Regards,
>> Gerald
>>
>>
>>
>> On Mon, Aug 17, 2009 at 6:31 PM, Serge Fonville > > wrote:
>>
>>> Hi,
>>>
>>> I assume you have done a lot of googling and have read the docs
>>> extensively.
>>>
>>> First, what is your end goal?
>>> Since creating a certificate and having it signed by your own CA is not
>>> that difficult.
>>> What resources have you consulted.
>>> What have you already tried.
>>> Have you looked at the resulting certificate to verify its contents
>>>
>>> Regards,
>>>
>>> Serge Fonville
>>>
>>>   On Mon, Aug 17, 2009 at 4:41 PM, Gerald Iakobinyi-Pich <
>>> nutri...@gmail.com> wrote:
>>>
 Hello,

 I am trying to create a certificate, on win, and I am having some
 troubles with OpenSSL. First I generate a key. That's ok. Then I create a
 request:

 openssl req -config .\openssl.cnf -subj
 "/C=DE/L=Munchen/ST=Bayern/O=Org/OU=Dev/CN=Test Certificate"  -new -days 
 365
 -key ..\demo_store\private\private_key_client.pem -outform PEM -out
 ..\demo_store\request\req_server.csr   -passin pass:pass

 Then I want to sign this:
 openssl x509 -inform PEM -req -in ..\demo_store\request\req_server.csr
 -outform DER -out ..\demo_store\certs\cert_server.der -CAform DER -CA
 ..\demo_store\certs\ca_cert.der -CAkeyform PEM -CAkey
 ..\demo_store\private\ca_private_key.pem -CAcreateserial

 And the message printed out is:
 Loading 'screen' into random state - done
 Signature ok
 subject=/C=RO
 Getting CA Private Key


 Now, what disturbs me, is that it seems that the subject I have provided
 with "-subj" in the first "openssl req" command has been ignored.
 Why is that happening? What am I doing wrong?

 Thanks,
 Gerald



>>>
>>
>
>

Re: Creating certificates

[Serge Fonville]

What does your openssl.cnf look like, since it is used in the req?

On Mon, Aug 17, 2009 at 6:00 PM, Gerald Iakobinyi-Pich
wrote:

> Hy,
>
> So my end goal is to have a CA, which I can use to sign certificates. I
> have set up a CA, that was not that hard. But now I want to create
> certificates signed by my CA, and I want to provide the subject from the
> command line. I don't want it to be read from the openssl.cnf. That is
> because I have to create more certificates, and I do not want to modify the
> opennssl.cnf, for each of them.
>
> I have tried to create certificates, signed by my CA, and the subject
> information was provided in the openssl.cnf file. That I have succeeded.
>
> Then I have tried to provide the subject information from the command line,
> and that I have failed. And I have verified the contents of the certificate,
> and the subject was not what I have specified in the command line, but what
> was found in the config file.
>
> So it looks to me like if this option: -subj
> "/C=DE/L=Munchen/ST=Bayern/O=Org/OU=Dev/CN=Test Certificate" is ignored, and
> like openssl tries to read this info from the config file, and I do not
> understand why :(.
>
>
> Regards,
> Gerald
>
>
>
> On Mon, Aug 17, 2009 at 6:31 PM, Serge Fonville 
> wrote:
>
>> Hi,
>>
>> I assume you have done a lot of googling and have read the docs
>> extensively.
>>
>> First, what is your end goal?
>> Since creating a certificate and having it signed by your own CA is not
>> that difficult.
>> What resources have you consulted.
>> What have you already tried.
>> Have you looked at the resulting certificate to verify its contents
>>
>> Regards,
>>
>> Serge Fonville
>>
>>   On Mon, Aug 17, 2009 at 4:41 PM, Gerald Iakobinyi-Pich <
>> nutri...@gmail.com> wrote:
>>
>>> Hello,
>>>
>>> I am trying to create a certificate, on win, and I am having some
>>> troubles with OpenSSL. First I generate a key. That's ok. Then I create a
>>> request:
>>>
>>> openssl req -config .\openssl.cnf -subj
>>> "/C=DE/L=Munchen/ST=Bayern/O=Org/OU=Dev/CN=Test Certificate"  -new -days 365
>>> -key ..\demo_store\private\private_key_client.pem -outform PEM -out
>>> ..\demo_store\request\req_server.csr   -passin pass:pass
>>>
>>> Then I want to sign this:
>>> openssl x509 -inform PEM -req -in ..\demo_store\request\req_server.csr
>>> -outform DER -out ..\demo_store\certs\cert_server.der -CAform DER -CA
>>> ..\demo_store\certs\ca_cert.der -CAkeyform PEM -CAkey
>>> ..\demo_store\private\ca_private_key.pem -CAcreateserial
>>>
>>> And the message printed out is:
>>> Loading 'screen' into random state - done
>>> Signature ok
>>> subject=/C=RO
>>> Getting CA Private Key
>>>
>>>
>>> Now, what disturbs me, is that it seems that the subject I have provided
>>> with "-subj" in the first "openssl req" command has been ignored.
>>> Why is that happening? What am I doing wrong?
>>>
>>> Thanks,
>>> Gerald
>>>
>>>
>>>
>>
>

Re: Creating certificates

[Gerald Iakobinyi-Pich]

Hy,

So my end goal is to have a CA, which I can use to sign certificates. I have
set up a CA, that was not that hard. But now I want to create certificates
signed by my CA, and I want to provide the subject from the command line. I
don't want it to be read from the openssl.cnf. That is because I have to
create more certificates, and I do not want to modify the opennssl.cnf, for
each of them.

I have tried to create certificates, signed by my CA, and the subject
information was provided in the openssl.cnf file. That I have succeeded.

Then I have tried to provide the subject information from the command line,
and that I have failed. And I have verified the contents of the certificate,
and the subject was not what I have specified in the command line, but what
was found in the config file.

So it looks to me like if this option: -subj
"/C=DE/L=Munchen/ST=Bayern/O=Org/OU=Dev/CN=Test Certificate" is ignored, and
like openssl tries to read this info from the config file, and I do not
understand why :(.


Regards,
Gerald


On Mon, Aug 17, 2009 at 6:31 PM, Serge Fonville wrote:

> Hi,
>
> I assume you have done a lot of googling and have read the docs
> extensively.
>
> First, what is your end goal?
> Since creating a certificate and having it signed by your own CA is not
> that difficult.
> What resources have you consulted.
> What have you already tried.
> Have you looked at the resulting certificate to verify its contents
>
> Regards,
>
> Serge Fonville
>
> On Mon, Aug 17, 2009 at 4:41 PM, Gerald Iakobinyi-Pich  > wrote:
>
>> Hello,
>>
>> I am trying to create a certificate, on win, and I am having some troubles
>> with OpenSSL. First I generate a key. That's ok. Then I create a request:
>>
>> openssl req -config .\openssl.cnf -subj
>> "/C=DE/L=Munchen/ST=Bayern/O=Org/OU=Dev/CN=Test Certificate"  -new -days 365
>> -key ..\demo_store\private\private_key_client.pem -outform PEM -out
>> ..\demo_store\request\req_server.csr   -passin pass:pass
>>
>> Then I want to sign this:
>> openssl x509 -inform PEM -req -in ..\demo_store\request\req_server.csr
>> -outform DER -out ..\demo_store\certs\cert_server.der -CAform DER -CA
>> ..\demo_store\certs\ca_cert.der -CAkeyform PEM -CAkey
>> ..\demo_store\private\ca_private_key.pem -CAcreateserial
>>
>> And the message printed out is:
>> Loading 'screen' into random state - done
>> Signature ok
>> subject=/C=RO
>> Getting CA Private Key
>>
>>
>> Now, what disturbs me, is that it seems that the subject I have provided
>> with "-subj" in the first "openssl req" command has been ignored.
>> Why is that happening? What am I doing wrong?
>>
>> Thanks,
>> Gerald
>>
>>
>>
>

Re: Creating certificates

[Serge Fonville]

Hi,

I assume you have done a lot of googling and have read the docs extensively.

First, what is your end goal?
Since creating a certificate and having it signed by your own CA is not that
difficult.
What resources have you consulted.
What have you already tried.
Have you looked at the resulting certificate to verify its contents

Regards,

Serge Fonville

On Mon, Aug 17, 2009 at 4:41 PM, Gerald Iakobinyi-Pich
wrote:

> Hello,
>
> I am trying to create a certificate, on win, and I am having some troubles
> with OpenSSL. First I generate a key. That's ok. Then I create a request:
>
> openssl req -config .\openssl.cnf -subj
> "/C=DE/L=Munchen/ST=Bayern/O=Org/OU=Dev/CN=Test Certificate"  -new -days 365
> -key ..\demo_store\private\private_key_client.pem -outform PEM -out
> ..\demo_store\request\req_server.csr   -passin pass:pass
>
> Then I want to sign this:
> openssl x509 -inform PEM -req -in ..\demo_store\request\req_server.csr
> -outform DER -out ..\demo_store\certs\cert_server.der -CAform DER -CA
> ..\demo_store\certs\ca_cert.der -CAkeyform PEM -CAkey
> ..\demo_store\private\ca_private_key.pem -CAcreateserial
>
> And the message printed out is:
> Loading 'screen' into random state - done
> Signature ok
> subject=/C=RO
> Getting CA Private Key
>
>
> Now, what disturbs me, is that it seems that the subject I have provided
> with "-subj" in the first "openssl req" command has been ignored.
> Why is that happening? What am I doing wrong?
>
> Thanks,
> Gerald
>
>
>

Problem creating certificates

[Gerald Iakobinyi-Pich]

Hello,

I am trying to create a certificate, on win, and I am having some troubles
with OpenSSL. First I generate a key. That's ok. Then I create a request:

openssl req -config .\openssl.cnf -subj
"/C=DE/L=Munchen/ST=Bayern/O=Org/OU=Dev/CN=Test
Certificate"  -new -days 365 -key
..\demo_store\private\private_key_client.pem -outform PEM -out
..\demo_store\request\req_server.csr   -passin pass:pass

Then I want to sign this:
openssl x509 -inform PEM -req -in ..\demo_store\request\req_server.csr
-outform DER -out ..\demo_store\certs\cert_server.der -CAform DER -CA
..\demo_store\certs\ca_cert.der -CAkeyform PEM -CAkey
..\demo_store\private\ca_private_key.pem -CAcreateserial

And the message printed out is:
Loading 'screen' into random state - done
Signature ok
subject=/C=RO
Getting CA Private Key


Now, what disturbs me, is that it seems that the subject I have provided
with "-subj" in the first "openssl req" command has been ignored.
Why is that happening? What am I doing wrong?

Thanks,
Gerald

Creating certificates

[Gerald Iakobinyi-Pich]

Hello,

I am trying to create a certificate, on win, and I am having some troubles
with OpenSSL. First I generate a key. That's ok. Then I create a request:

openssl req -config .\openssl.cnf -subj
"/C=DE/L=Munchen/ST=Bayern/O=Org/OU=Dev/CN=Test Certificate"  -new -days 365
-key ..\demo_store\private\private_key_client.pem -outform PEM -out
..\demo_store\request\req_server.csr   -passin pass:pass

Then I want to sign this:
openssl x509 -inform PEM -req -in ..\demo_store\request\req_server.csr
-outform DER -out ..\demo_store\certs\cert_server.der -CAform DER -CA
..\demo_store\certs\ca_cert.der -CAkeyform PEM -CAkey
..\demo_store\private\ca_private_key.pem -CAcreateserial

And the message printed out is:
Loading 'screen' into random state - done
Signature ok
subject=/C=RO
Getting CA Private Key


Now, what disturbs me, is that it seems that the subject I have provided
with "-subj" in the first "openssl req" command has been ignored.
Why is that happening? What am I doing wrong?

Thanks,
Gerald

Re: OpenSSL FIPS Module version 1.2

[Steve Marquess]

Kyle Hamilton wrote:

 ...

 There were plans for a "rolling validation", where fixes are rolled
 into the next validation effort, but I haven't heard anything from
 the Open Source Software Institute about that.  My fear is that they
 have no funding for such an effort.


Correct.  At one point we though we would have an ongoing sponsorship, 
but that didn't happen.  Each validation requires a big (to us) lump of 
cash for the test lab so without that funding we're stuck.



 You can, however, use the OpenSSL FIPS Module 1.2 as a base, make the
 changes you need for cross-compilation and such, and then get the
 result blesse^Wvalidated.


This has been done, at least several times.  Even if you can't use the 
v1.2 validation directly it provides a useful template for a "roll your 
own" validation.  Given the many v1.2 based validations already on the 
books that should be almost entirely a rubber stamp exercise, absent any 
novel complications.


Although please note that if you decide to purchase your own validation, 
use the *documentation* from v1.2 but the *source* tarball from the most 
current 0.9.8.  Since you're paying for the validation from scratch you 
might as well use the most up-to-date software which has a number of 
happy-to-glad improvements that can't be retroactively incorporated in 
the existing validation.


-Steve M.

--
Steve Marquess
Open Source Software institute
marqu...@oss-institute.org


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: ecdsa-signed certificates algorithm recognition problems

[Laura Arhire]

Just a quick note. openss x509 prints out the correct thing if I use 
0.9.8h (the default openssl on my machine is 0.9.7-something). Now just 
the java part of my problem remains, but I suspect that has something to 
do with my setup. Sorry for the previous message.


Laura

Laura Arhire wrote:

Hello

I have successfully managed to create and use certificates which 
contained and were signed by ecdsa keys in my own prototype program. 
However, upon attempting to import such a certificate in the java 
certificate store, I came upon some trouble. It seems there is 
something wrong with the way I am generating these certificates, as 
the signature algorithm and the public key algorithm come up as 
unknown. Sorry for lengthy message which follows.


In short, I have the following certificate in PEM format:
-BEGIN CERTIFICATE-
MIIB+DCCAbagAwIBAgIBAzAJBgcqhkjOPQQBMEkxCzAJBgNVBAYTAlJPMR8wHQYD
VQQDExZJbmNvcnJlY3QgVGVzdGluZyBUZWFtMRkwFwYDVQQKExBpbmNvcnJlY3Qt
Y2xpZW50MB4XDTA5MDgxNzA5MTkxM1oXDTEwMDgxNzA5MTkxM1owSTELMAkGA1UE
BhMCUk8xHzAdBgNVBAMTFkluY29ycmVjdCBUZXN0aW5nIFRlYW0xGTAXBgNVBAoT
EGluY29ycmVjdC1jbGllbnQwgeowgbsGByqGSM49AgEwga8CAQEwIAYHKoZIzj0B
AQIVAP9/MEMEFP98
BBQcl778VL16i2Ws+J+B1NStxWX6RQMVABBTzeQsFNaW5naHVhUXUzvz+DNFBCkE
Spa1aI71cyhGZGmJaMOLuRPL/IIjpihVMWiUfVncyRIEI1E3esX7MgIVAQAA
AAH0yPknrtPKdSJXAgEBAyoABAm8/G3NfWWhjeRofpq+hNTibLFO/qRFRPoK
yjjVrr53ZII/d++boA8wCQYHKoZIzj0EAQMxADAuAhUAn03MMNELjv87OQc/XRN8
T9u6itoCFQDZieQkFfLKnvg50xT0Tusg0s0ehw==
-END CERTIFICATE-

(prettyfied version to be found at bottom).

When running  "openssl x509 -in wrong-root-ecdsa160.crt -noout -text" 
on it, I get:

Certificate:
   Data:
   Version: 3 (0x2)
   Serial Number: 3 (0x3)
   Signature Algorithm: UNKNOWN
   Issuer: C=RO, CN=Incorrect Testing Team, O=incorrect-client
   Validity
   Not Before: Aug 17 09:19:13 2009 GMT
   Not After : Aug 17 09:19:13 2010 GMT
   Subject: C=RO, CN=Incorrect Testing Team, O=incorrect-client
   Subject Public Key Info:
   Public Key Algorithm: UNKNOWN
   Unable to load Public Key
3104:error:0D09C08F:asn1 encoding routines:d2i_PublicKey:unknown 
public key type:d2i_pu.c:104:
3104:error:0B077066:x509 certificate routines:X509_PUBKEY_get:err asn1 
lib:x_pubkey.c:228:

   Signature Algorithm: UNKNOWN
   30:2e:02:15:00:9f:4d:cc:30:d1:0b:8e:ff:3b:39:07:3f:5d:
   13:7c:4f:db:ba:8a:da:02:15:00:d9:89:e4:24:15:f2:ca:9e:
   f8:39:d3:14:f4:4e:eb:20:d2:cd:1e:87

I suspect the reason why the signature/public key algorithms come up 
as unknown is the same reason I can't get java to load up this 
certificate as well.
The code used to generate this certificate is (removed return-value 
testing for brevity):


   EC_KEY *ec_key = EC_KEY_new_by_curve_name(NID_secp160r1);
   EC_KEY_generate_key(ec_key);
   EC_KEY_check_key(ec_key);

   FILE *f;
   X509 *x;
   EVP_PKEY *pk;
   X509_NAME *name = NULL;
   pk=EVP_PKEY_new();
   x=X509_new();
   EVP_PKEY_assign_EC_KEY(pk, ec_key);
 f  = fopen("wrong-root-ecdsa160.key", "w");
   PEM_write_PrivateKey(f, pk, NULL, NULL, 0, 0, NULL);
   fclose(f);

   X509_set_version(x, 2);
   ASN1_INTEGER_set(X509_get_serialNumber(x), 3);

   // certificate validity
   X509_gmtime_adj(X509_get_notBefore(x), 0);
   X509_gmtime_adj(X509_get_notAfter(x), (long) 60 * 60 * 24 * 365);
   X509_set_pubkey(x, pk);
   name = X509_get_subject_name(x);
   const char *grp = "incorrect-client";

   X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, (const unsigned 
char*) "RO", -1, -1, 0);
   X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (const 
unsigned char*) "Incorrect Testing Team", -1, -1, 0);
   X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC, (const unsigned 
char*) grp, -1, -1, 0);


   X509_set_issuer_name(x, name);
   X509_sign(x, pk, EVP_ecdsa());

   f = fopen("wrong-root-ecdsa160.crt", "w");
   PEM_write_X509(f, x);
   fclose(f);


I can use such the certificate without a problem in my prototype, add 
it to the trusted CAs, use it in client-server handshake etc. Any 
ideas on what I'm doing wrong and how can i get the openssl x509 
command to output the correct certificate? If I run:


   FILE *root_file = fopen("wrong-root-ecdsa160.crt", "r");
   X509 *root_cert = PEM_read_X509(root_file, NULL, NULL, NULL);
   X509_print_fp(stdout, root_cert);

everything prints out as expected:

Certificate:
   Data:
   Version: 3 (0x2)
   Serial Number: 3 (0x3)
   Signature Algorithm: ecdsa-with-SHA1
   Issuer: C=RO, CN=Incorrect Testing Team, O=incorrect-client
   Validity
   Not Before: Aug 17 09:19:13 2009 GMT
   Not After : Aug 17 09:19:13 2010 GMT
   Subject: C=RO, CN=Incorrect Testing Team, O=incorrect-client
   Subject Public Key Info:
   Public Key Algorithm: id-ecPublicKey
   EC Public Key:
   pub:
   04:09:bc:fc:6d:cd:7d:65:a1:8d:e4:68:7e:9a:be:
  

ecdsa-signed certificates algorithm recognition problems

[Laura Arhire]

Hello

I have successfully managed to create and use certificates which 
contained and were signed by ecdsa keys in my own prototype program. 
However, upon attempting to import such a certificate in the java 
certificate store, I came upon some trouble. It seems there is something 
wrong with the way I am generating these certificates, as the signature 
algorithm and the public key algorithm come up as unknown. Sorry for 
lengthy message which follows.


In short, I have the following certificate in PEM format:
-BEGIN CERTIFICATE-
MIIB+DCCAbagAwIBAgIBAzAJBgcqhkjOPQQBMEkxCzAJBgNVBAYTAlJPMR8wHQYD
VQQDExZJbmNvcnJlY3QgVGVzdGluZyBUZWFtMRkwFwYDVQQKExBpbmNvcnJlY3Qt
Y2xpZW50MB4XDTA5MDgxNzA5MTkxM1oXDTEwMDgxNzA5MTkxM1owSTELMAkGA1UE
BhMCUk8xHzAdBgNVBAMTFkluY29ycmVjdCBUZXN0aW5nIFRlYW0xGTAXBgNVBAoT
EGluY29ycmVjdC1jbGllbnQwgeowgbsGByqGSM49AgEwga8CAQEwIAYHKoZIzj0B
AQIVAP9/MEMEFP98
BBQcl778VL16i2Ws+J+B1NStxWX6RQMVABBTzeQsFNaW5naHVhUXUzvz+DNFBCkE
Spa1aI71cyhGZGmJaMOLuRPL/IIjpihVMWiUfVncyRIEI1E3esX7MgIVAQAA
AAH0yPknrtPKdSJXAgEBAyoABAm8/G3NfWWhjeRofpq+hNTibLFO/qRFRPoK
yjjVrr53ZII/d++boA8wCQYHKoZIzj0EAQMxADAuAhUAn03MMNELjv87OQc/XRN8
T9u6itoCFQDZieQkFfLKnvg50xT0Tusg0s0ehw==
-END CERTIFICATE-

(prettyfied version to be found at bottom).

When running  "openssl x509 -in wrong-root-ecdsa160.crt -noout -text" on 
it, I get:

Certificate:
   Data:
   Version: 3 (0x2)
   Serial Number: 3 (0x3)
   Signature Algorithm: UNKNOWN
   Issuer: C=RO, CN=Incorrect Testing Team, O=incorrect-client
   Validity
   Not Before: Aug 17 09:19:13 2009 GMT
   Not After : Aug 17 09:19:13 2010 GMT
   Subject: C=RO, CN=Incorrect Testing Team, O=incorrect-client
   Subject Public Key Info:
   Public Key Algorithm: UNKNOWN
   Unable to load Public Key
3104:error:0D09C08F:asn1 encoding routines:d2i_PublicKey:unknown public 
key type:d2i_pu.c:104:
3104:error:0B077066:x509 certificate routines:X509_PUBKEY_get:err asn1 
lib:x_pubkey.c:228:

   Signature Algorithm: UNKNOWN
   30:2e:02:15:00:9f:4d:cc:30:d1:0b:8e:ff:3b:39:07:3f:5d:
   13:7c:4f:db:ba:8a:da:02:15:00:d9:89:e4:24:15:f2:ca:9e:
   f8:39:d3:14:f4:4e:eb:20:d2:cd:1e:87

I suspect the reason why the signature/public key algorithms come up as 
unknown is the same reason I can't get java to load up this certificate 
as well.
The code used to generate this certificate is (removed return-value 
testing for brevity):


   EC_KEY *ec_key = EC_KEY_new_by_curve_name(NID_secp160r1);
   EC_KEY_generate_key(ec_key);
   EC_KEY_check_key(ec_key);

   FILE *f;
   X509 *x;
   EVP_PKEY *pk;
   X509_NAME *name = NULL;
   pk=EVP_PKEY_new();
   x=X509_new();
   EVP_PKEY_assign_EC_KEY(pk, ec_key);
  
   f  = fopen("wrong-root-ecdsa160.key", "w");

   PEM_write_PrivateKey(f, pk, NULL, NULL, 0, 0, NULL);
   fclose(f);

   X509_set_version(x, 2);
   ASN1_INTEGER_set(X509_get_serialNumber(x), 3);

   // certificate validity
   X509_gmtime_adj(X509_get_notBefore(x), 0);
   X509_gmtime_adj(X509_get_notAfter(x), (long) 60 * 60 * 24 * 365);
   X509_set_pubkey(x, pk);
   name = X509_get_subject_name(x);
   const char *grp = "incorrect-client";

   X509_NAME_add_entry_by_txt(name, "C", MBSTRING_ASC, (const unsigned 
char*) "RO", -1, -1, 0);
   X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (const unsigned 
char*) "Incorrect Testing Team", -1, -1, 0);
   X509_NAME_add_entry_by_txt(name, "O", MBSTRING_ASC, (const unsigned 
char*) grp, -1, -1, 0);


   X509_set_issuer_name(x, name);
   X509_sign(x, pk, EVP_ecdsa());

   f = fopen("wrong-root-ecdsa160.crt", "w");
   PEM_write_X509(f, x);
   fclose(f);


I can use such the certificate without a problem in my prototype, add it 
to the trusted CAs, use it in client-server handshake etc. Any ideas on 
what I'm doing wrong and how can i get the openssl x509 command to 
output the correct certificate? If I run:


   FILE *root_file = fopen("wrong-root-ecdsa160.crt", "r");
   X509 *root_cert = PEM_read_X509(root_file, NULL, NULL, NULL);
   X509_print_fp(stdout, root_cert);

everything prints out as expected:

Certificate:
   Data:
   Version: 3 (0x2)
   Serial Number: 3 (0x3)
   Signature Algorithm: ecdsa-with-SHA1
   Issuer: C=RO, CN=Incorrect Testing Team, O=incorrect-client
   Validity
   Not Before: Aug 17 09:19:13 2009 GMT
   Not After : Aug 17 09:19:13 2010 GMT
   Subject: C=RO, CN=Incorrect Testing Team, O=incorrect-client
   Subject Public Key Info:
   Public Key Algorithm: id-ecPublicKey
   EC Public Key:
   pub:
   04:09:bc:fc:6d:cd:7d:65:a1:8d:e4:68:7e:9a:be:
   84:d4:e2:6c:b1:4e:fe:a4:45:44:fa:0a:ca:38:d5:
   ae:be:77:64:82:3f:77:ef:9b:a0:0f
   Field Type: prime-field
   Prime:
   00:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
   ff:ff:7f:ff:ff:ff
   A

Re: UltraSPARC T2 - OpenSSL - PKCS11 ???

[CH-Kami]

Thanks for your help everyone !

I've checked T5120 hardware specifications : 8 cores 8 threads/core so I
used the multi 64 option :

   signverifysign/s verify/s
rsa  512 bits   0.s   0.s 121283.7 202718.0
rsa 1024 bits   0.s   0.s  30643.1 115804.2
rsa 2048 bits   0.0002s   0.s   5282.8  44109.6
rsa 4096 bits   0.0421s   0.0009s 23.7   1071.3

It looks much better ! Does it look relevent to you ?

About the multi 64 option :  I tried multi 70 to be sure there will be
always a thread waiting to be executed. I've noticed some improvement but
not much ... Is this a good idea ?

-- 
View this message in context: 
http://www.nabble.com/UltraSPARC-T2---OpenSSL---PKCS11-tp24952022p25002897.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org