Re: add extension to an existing (signed) CA certificate
Hi there: Ok, then in my case $PREFIX is it_root_ca.crt (PKI public cert) and $CAPREFIX it_root_ca.key (PKI private key) . but here's what I get : [pkiitr...@localhost ~/New_IT_ROOT_CA/pki/ca] $ openssl x509 -set_serial 01 -clrext -extfile openssl.cnf -days 3650 -CA it_root_ca.key -CAkey it_root_ca.key -in it_root_ca.crt -out it_root_ca2.crt The simplest way to do this is: openssl x509 -signkey it_root_ca.key -in it_root_ca.crt -clrext -out it_root_ca2.pem -days 3650 -set_serial 01 -extfile openssl.cnf -extensions your_new_ca_extensions Now, what are the contents of your openssl.cnf: You SHOULD (for a Root CA) have a section something similar to: [your_new_ca_extensions] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints = critical,CA:true keyUsage = critical, digitalSignature, cRLSign, keyCertSign That's it, that's all. Have fun. -- Patrick Patterson President and Chief PKI Architect, Carillon Information Security Inc. http://www.carillon.ca __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
.pem certificate loading issue
I have an ASCII text file with a chain of certificates. I had earlier sent a CSR and got these certificates back from the CA. When I opened the ASCII file I see some text before and after ---BEGIN CERTIFICATE-- and --END CERTIFICATE-- I removed this test because they were file names like CASubroot.pem.txt, CArootpem.txt etc. I tried to use openssl to convert these .pem certificates to .der. It didn't work. I am sure I am doing something wrong. How do I load these certificates into the Java KeyStore ? Since these are certificates signing my CSR I am going to load them back to the Java KeyStore( Not the TrustStore ). Can anyone throw some light on this procedure ? Thanks, Mohan __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: .pem certificate loading issue
What is the link between the existing key's alias and the alias used while importing the CA-root and sub-root certificates ? The CA-root and sub-root certificates have been imported with new aliases. The old alias throws an error. Thanks, Mohan On Thu, Aug 27, 2009 at 2:35 PM, Mohan Radhakrishnanradhakrishnan.mo...@gmail.com wrote: I have an ASCII text file with a chain of certificates. I had earlier sent a CSR and got these certificates back from the CA. When I opened the ASCII file I see some text before and after ---BEGIN CERTIFICATE-- and --END CERTIFICATE-- I removed this test because they were file names like CASubroot.pem.txt, CArootpem.txt etc. I tried to use openssl to convert these .pem certificates to .der. It didn't work. I am sure I am doing something wrong. How do I load these certificates into the Java KeyStore ? Since these are certificates signing my CSR I am going to load them back to the Java KeyStore( Not the TrustStore ). Can anyone throw some light on this procedure ? Thanks, Mohan __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: .pem certificate loading issue
Not it does not look like I need OpenSSL. The following Java command could import the entire chain. keytool -import -alias visaftpsflux -file visacertificateedited.cer -trustcacerts -keystore FSSNABMAPSVISA.jks -storepass password Further testing is required. Mohan On Thu, Aug 27, 2009 at 4:24 PM, Mohan Radhakrishnanradhakrishnan.mo...@gmail.com wrote: What is the link between the existing key's alias and the alias used while importing the CA-root and sub-root certificates ? The CA-root and sub-root certificates have been imported with new aliases. The old alias throws an error. Thanks, Mohan On Thu, Aug 27, 2009 at 2:35 PM, Mohan Radhakrishnanradhakrishnan.mo...@gmail.com wrote: I have an ASCII text file with a chain of certificates. I had earlier sent a CSR and got these certificates back from the CA. When I opened the ASCII file I see some text before and after ---BEGIN CERTIFICATE-- and --END CERTIFICATE-- I removed this test because they were file names like CASubroot.pem.txt, CArootpem.txt etc. I tried to use openssl to convert these .pem certificates to .der. It didn't work. I am sure I am doing something wrong. How do I load these certificates into the Java KeyStore ? Since these are certificates signing my CSR I am going to load them back to the Java KeyStore( Not the TrustStore ). Can anyone throw some light on this procedure ? Thanks, Mohan __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
blocking BIO_read
Hey I'm using the BIO abstraction for reading/writing to sockets - a small part of the BIO_read method is unclear: For a blocking socket, will the BIO_read call block until the length provided in the call is filled in the buffer, or will it return as soon as it managed to read anything from the socket? I see that the underlying implementation uses recv() - recv blocks until something is available: when something is available for reading, read up to len bytes and copy it to the provided buffer, then return, i.e. the length is used as a maximum value. From reading the openssl code I think that BIO_read behaves in the same way as recv - which means that if I want to read a specific number of bytes (no more, no less), I need to loop until I get everything I need. Can anyone confirm this ? Thank you, -- Laura __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
FIPS_mode_set failure in FIPS Capable OpenSSL static library
I am using FIPS object module 1.2 and openssl 0.9.8j on windows. I built fips capable openssl static libraries using these two distributions according to security policy. Call to FIPS_mode_set(1) is failing if I link my application with this static library. Upon further debugging I found that the FIPS capable openssl static library is skipping the fipslink step which attaches fipscanister.lib and fips_premain.c to generate final output. When the use the dynamic libraries of FIPS capable OpenSSL, no problem is seen. Is there any way to build static librares with fipscanister.lib, so that FIPS_mode_set(1) passes? -- View this message in context: http://www.nabble.com/FIPS_mode_set-failure-in-FIPS-Capable-OpenSSL-static-library-tp25168367p25168367.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
OpenSSL with Anonymous DH key exchange - sample program available ?
Hello, Going through various posts, I have come across references to Bodo Moeller's example code showing SSL communication without certificates and using anonymous DH key exchange. If anybody has that sample, can you please forward it ? I have written a client and server taking help from the sample programs. I'm generating the DH params in the server and setting it in the SSL context. I'm setting the cipher as ADH-AES256-SHA in both server and client. The client and server are communicating. To generate the DH parameters P G, I have done this: 1) Calling DH_generate_parameters() in the server will generate the Prime P 2) Calling DH_generate_key() performs the first step of a Diffie-Hellman key exchange by generating private and public DH values. Documentation also talks about this call to generate the shared key: 3) Calling DH_compute_key(), these are combined with the client's public value to compute the shared key. (My program is working even without the DH_compute_key() call in the server - which is strange I think) What I'm not sure is : What is the call I need to make in the client to pass the client's public key ( G (power X) mod P ) to the server ? I'm working on a prototype and beginning to get my hands dirty with OpenSSL. Your help is greatly appreciated. -Ramg
Re: add extension to an existing (signed) CA certificate
Le 26/08/2009 22:16, Patrick Patterson a écrit : Hi there: Ok, then in my case $PREFIX is it_root_ca.crt (PKI public cert) and $CAPREFIX it_root_ca.key (PKI private key) . but here's what I get : [pkiitr...@localhost ~/New_IT_ROOT_CA/pki/ca] $ openssl x509 -set_serial 01 -clrext -extfile openssl.cnf -days 3650 -CA it_root_ca.key -CAkey it_root_ca.key -in it_root_ca.crt -out it_root_ca2.crt The simplest way to do this is: openssl x509 -signkey it_root_ca.key -in it_root_ca.crt -clrext -out it_root_ca2.pem -days 3650 -set_serial 01 -extfile openssl.cnf -extensions your_new_ca_extensions Now, what are the contents of your openssl.cnf: You SHOULD (for a Root CA) have a section something similar to: [your_new_ca_extensions] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints = critical,CA:true keyUsage = critical, digitalSignature, cRLSign, keyCertSign That's it, that's all. OK, I use both of the command I've been given, and now it works :-) openssl x509 -signkey ca.key -set_serial $SERIAL -clrext -extfile opensslIT.cnf -extensions v3_ca -days 5475 -in ca.crt -out new_it_root_ca6.crt or openssl x509 -set_serial $SERIAL -clrext -extfile openssl.cnf -days 5475 -CA it_root_ca.crt -CAkey it_root_ca.key -in it_root_ca.crt -out it_root_ca4.crt My new root CA is at http://www.it-sudparis.eu/pki/IT_MASTER_CA/newitrootca.crt But, now I start to configure an http server reading that new Root CA, but apparently a browser going to https://svnext.it-sudparis.eu/ still shows in the details tab, the Root CA (class1) as the old one !? Here's the relevant httpd ssl.conf directives SSLCertificateFile /etc/pki/tls/certs/svnext.pem SSLCertificateKeyFile /etc/pki/tls/private/svnext.key SSLCertificateChainFile /etc/pki/tls/certs/new_ca-chain-institut-telecom.crt SSLCACertificateFile /etc/pki/tls/certs/newitrootca.crt ( cat evry_ca.crt ; cat itca.crt ; cat newitrootca.crt ) new_ca-chain-institut-telecom.crt I can check old root CA and New root Ca based on not after dates for exemple: in the Browser, not after reads (04/02/2023 16:48:16 GMT) although it should read [r...@svnext /etc/pki/tls/certs] $ openssl x509 -in newitrootca.crt -text | grep Not After Not After : Aug 23 09:37:00 2024 GMT I wonder if browsers do read root CA from SSLCACertificateFile or if the deduce it from SSLCertificateFile /etc/pki/tls/certs/svnext.pem !? in that case it means that I will have to re-sign all my servers :-( ? also, If I test my server with openssl s_client $ openssl s_client -host svnext.it-sudparis.eu -port 443 -CAfile /etc/pki/tls/certs/newitrootca.crt -showcerts CONNECTED(0003) depth=2 /CN=Institut TELECOM class2 Certificate Authority/OU=Institut TELECOM/O=Institut TELECOM/C=fr verify error:num=20:unable to get local issuer certificate verify return:0 Same request with -CAfile pointing to the old/original itrootca.crt : [proca...@anaconda ~] $ openssl s_client -host svnext.it-sudparis.eu -port 443 -CAfile /etc/pki/tls/certs/itrootca.crt -showcerts CONNECTED(0003) depth=3 /CN=Institut TELECOM Root class1 Certificate Authority/O=Institut TELECOM/C=fr verify return:1 depth=2 /CN=Institut TELECOM class2 Certificate Authority/OU=Institut TELECOM/O=Institut TELECOM/C=fr verify return:1 depth=1 /CN=TELECOM Management SudParis class3 Certificate Authority/OU=TELECOM Management SudParis/O=TELECOM Management SudParis/C=fr verify return:1 depth=0 /C=fr/ST=Essonne/L=Evry/O=Telecom et Management SudParis/OU=s2ia/CN=svnext.int-evry.fr verify return:1 I'am confuse, do I have to resign other certificates (2level sub-CA, 3rd level sub-sub-CA, hundreds of servers ... :-( ) , or I misconfigured my apache server !? PS: recall my hierarchie IT_ROOT_CA | -IT_CA-- | | | Evry_CAParis_CA Brest_CA | || www imap
Re: OpenSSL with Anonymous DH key exchange - sample program available ?
Things are getting clearer as I dig deeper. The book Network Security with OpenSSL by John Viega et al has some explanation of how the DH key exchange takes place. With that knowledge, I went through the source code and found that DH_Compute_Key() is being called in s3_clnt.c and s3_srvr.c. So there is no need to call it in client applications. BRs Ramg On Thu, Aug 27, 2009 at 12:23 PM, Ram G mydevfor...@gmail.com wrote: Hello, Going through various posts, I have come across references to Bodo Moeller's example code showing SSL communication without certificates and using anonymous DH key exchange. If anybody has that sample, can you please forward it ? I have written a client and server taking help from the sample programs. I'm generating the DH params in the server and setting it in the SSL context. I'm setting the cipher as ADH-AES256-SHA in both server and client. The client and server are communicating. To generate the DH parameters P G, I have done this: 1) Calling DH_generate_parameters() in the server will generate the Prime P 2) Calling DH_generate_key() performs the first step of a Diffie-Hellman key exchange by generating private and public DH values. Documentation also talks about this call to generate the shared key: 3) Calling DH_compute_key(), these are combined with the client's public value to compute the shared key. (My program is working even without the DH_compute_key() call in the server - which is strange I think) What I'm not sure is : What is the call I need to make in the client to pass the client's public key ( G (power X) mod P ) to the server ? I'm working on a prototype and beginning to get my hands dirty with OpenSSL. Your help is greatly appreciated. -Ramg
Re: blocking BIO_read
On Thu, Aug 27, 2009 at 2:24 PM, Laura Arhirelaura.arh...@endion-software.com wrote: Hey I'm using the BIO abstraction for reading/writing to sockets - a small part of the BIO_read method is unclear: For a blocking socket, will the BIO_read call block until the length provided in the call is filled in the buffer, or will it return as soon as it managed to read anything from the socket? I see that the underlying implementation uses recv() - recv blocks until something is available: when something is available for reading, read up to len bytes and copy it to the provided buffer, then return, i.e. the length is used as a maximum value. From reading the openssl code I think that BIO_read behaves in the same way as recv - which means that if I want to read a specific number of bytes (no more, no less), I need to loop until I get everything I need. Can anyone confirm this ? Confirmed. BIO_read won't wait/guarantee that the requested number of bytes are delivered all, so you'll indeed need to loop to get them all (or an error due to connection issues) if you want to receive a predetermined number of bytes. For completeness / additive: note that 'officially', you should check the BIO_should_retry() call on error (negative error code return), i.e. ---snip[stripped]--- ... i = BIO_read(bio,buf,bufsize); if (i 0) { // error condition - possibly if (BIO_should_retry(bio)) { if (BIO_should_read(bio)) ... if (BIO_should_write(bio)) ... } else { // real error. process the error the way you want/need ERR_print_errors(bio_err); got fail_dramatically; } } else if (i == 0) { // blocking -- conn termination ... break; } else { // collect the returned bytes; shift buf, etc., then wait for the rest ... } ---snip--- as this is what it should look like for any and all BIOs, i.e. when your BIO-using code layer should not be specifically aware of the chain/device peculiarities accessed through the BIO abstraction layer. In the case of raw socket I/O, the 'should_retry' won't fire, at least not with the current implementation on UNIX. Which might be a bother regarding testability versus 'correct' use/implementation of the i/o abstraction. Once you're stacking, say, and SSL BIO into this BIO chain however, things will certainly look /very/ different and you'll surely need that should_retry/etc. code in there. Take care, Ger -- Met vriendelijke groeten / Best regards, Ger Hobbelt -- web:http://www.hobbelt.com/ http://www.hebbut.net/ mail: g...@hobbelt.com mobile: +31-6-11 120 978 -- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
the format of openssl speed
Dear all: I measure my cpu's performance with openssl speed below are the output: # openssl speed rsa Doing 512 bit private rsa's for 10s: 11828 512 bit private RSA's in 9.83s available timing options: TIMES TIMEB HZ=100 [sysconf value] timing function used: times signverifysign/s verify/s rsa 512 bits 0.000831s 0.62s 1203.3 16243.2 rsa 1024 bits 0.003745s 0.000167s267.0 5983.2 1. what is 10s mean? does it mean do the whole test for 10 times? 2. what is 11828 mean? does it mean total bits it running through? 3. from the table it summarize, what does sing/s mean? does it mean can sign 1203.3 times per second? appreciate your help, miloody __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: the format of openssl speed
loody wrote: Dear all: I measure my cpu's performance with openssl speed below are the output: # openssl speed rsa Doing 512 bit private rsa's for 10s: 11828 512 bit private RSA's in 9.83s available timing options: TIMES TIMEB HZ=100 [sysconf value] timing function used: times signverifysign/s verify/s rsa 512 bits 0.000831s 0.62s 1203.3 16243.2 rsa 1024 bits 0.003745s 0.000167s267.0 5983.2 1. what is 10s mean? does it mean do the whole test for 10 times? 2. what is 11828 mean? does it mean total bits it running through? You can ignore these, they're just internal details of how it did the testing. Specifically, it tested for 10 seconds and performed 11,828 operations. But that doesn't really matter. 3. from the table it summarize, what does sing/s mean? does it mean can sign 1203.3 times per second? Yes. Your computer was able to do 1,203 RSA 512-bit signature operations per second. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: the format of openssl speed
Hi: thanks for your help. 2009/8/28 David Schwartz dav...@webmaster.com: loody wrote: Dear all: I measure my cpu's performance with openssl speed below are the output: # openssl speed rsa Doing 512 bit private rsa's for 10s: 11828 512 bit private RSA's in 9.83s available timing options: TIMES TIMEB HZ=100 [sysconf value] timing function used: times sign verify sign/s verify/s rsa 512 bits 0.000831s 0.62s 1203.3 16243.2 rsa 1024 bits 0.003745s 0.000167s 267.0 5983.2 1. what is 10s mean? does it mean do the whole test for 10 times? 2. what is 11828 mean? does it mean total bits it running through? You can ignore these, they're just internal details of how it did the testing. Specifically, it tested for 10 seconds and performed 11,828 operations. But that doesn't really matter. 3. from the table it summarize, what does sing/s mean? does it mean can sign 1203.3 times per second? Yes. Your computer was able to do 1,203 RSA 512-bit signature operations per second. I have other question about report for others: The 'numbers' are in 1000s of bytes per second processed. type 16 bytes 64 bytes256 bytes 1024 bytes 8192 bytes aes-128 cbc 55113.24k73479.13k80244.61k81904.19k82810.67k aes-192 cbc 27970.94k50741.33k63542.21k68268.61k69516.54k aes-256 cbc 26463.46k45607.71k55495.32k59450.22k60169.97k the above mean aes-128 cbc will use 55113.2k bytes/second while encrypting/decrypting 16btytes plain text? appreciate your kind help :) miloody __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Information regarding data and control channel security
Is OpenSSL secures both data and control channel. Could yo please let me know where I can find some reference documents for this. Any help would be appreciated. Thanks, Salini __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org