Setting up NAS Server for OpenSSL
Hi All, First off I have a DISKSTATION DS410 in my business and I am trying to set it up for remote access such that: (1) Clients can 'map the drive' on their laptops (2) VPN to their desktops (which are on the local network with the DS410) I am trying to be secure and use OpenSSL with certifcate authority. Furthermore, I would like to revoke clients if they leave the company, no longer are traveling, etc. I have a signed certificate from GoDaddy and am not sure where to go from here. I've seen several online steps (http://forum.synology.com/wiki/index.php/How_to_generate_custom_SSL_certificates) and know I need to do the following: (1)create private key/csr (2)create public key/csr (3)create revocation list However, I don't know where in the process my GoDaddy certificate goes and how to handle the CRL list. I need help with pretty much everything! If someone has done this before or has a stronger knowledge than me, I would appreciate the help. Cheers! -- View this message in context: http://old.nabble.com/Setting-up-NAS-Server-for-OpenSSL-tp31428217p31428217.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
verify without issuer-certificate?
hi! Can I verify a message or just a certificate WITHOUT having all the issuer certificats (up to the RootCA) in my store?? Is there a option in the commandline tools? I was not able to find one in the man-pages. thanks, chris __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: verify without issuer-certificate?
Am 19.04.2011 09:19, schrieb ch: hi! Can I verify a message or just a certificate WITHOUT having all the issuer certificats (up to the RootCA) in my store?? Is there a option in the commandline tools? I was not able to find one in the man-pages. You can verify a message without checking the certificate's validity by using the -noverify option of openssl smime (http://www.openssl.org/docs/apps/smime.html#-noverify). You can not check a certificate's validity without the certificate chain leading to a CA certificate trusted by you (not necessarily, but usually a root certificate). And it would not make any sense either. Hope it helps Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
OpenSSL for Unix
Good Morning, Where can I get a compiled version of OpenSSL for Unix? how to install openssl in unix ? Thanks´s João Alpande
Re: OpenSSL for Unix
From: João Alpande wavetro...@net.novis.pt Where can I get a compiled version of OpenSSL for Unix? how to install openssl in unix ? It would help if you could specify which unix os? JD __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
How is MD5 fingerprint on X509 created?
Hello, I am able to generate an MD5 fingerprint with the following command. openssl x509 -in user.pem -fingerprint -md5 -noout This fingerprint matches the fingerprint displayed by Thunderbird/Firefox. I am trying to generate an MD5 using a hash function in PHP, http://nl2.php.net/manual/en/function.openssl-digest.php The results I am getting from the PHP function are not the same as using the other methods. I'm sure I'm not putting the right data into the hash function. Should I be hashing the entire contents of the PEM file, only part, or is there additional data I need to add? Thank you, Matt
RE: verify without issuer-certificate?
__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: How is MD5 fingerprint on X509 created?
The thumbprint is the hash of the certificate data in DER format. For example, the following commands would work for both forms: openssl x509 -in user.pem -fingerprint -md5 -noout openssl x509 -in user.cer -inform der -fingerprint -md5 -noout But I f you want to use a raw hash then only the second of the following would work: openssl md5 user.pem (wrong format input) openssl md5 user.cer Erik Tkal Juniper OAC/UAC/Pulse Development From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Matt C Sent: Tuesday, April 19, 2011 1:56 PM To: openssl-users@openssl.org Subject: How is MD5 fingerprint on X509 created? Hello, I am able to generate an MD5 fingerprint with the following command. openssl x509 -in user.pem -fingerprint -md5 -noout This fingerprint matches the fingerprint displayed by Thunderbird/Firefox. I am trying to generate an MD5 using a hash function in PHP, http://nl2.php.net/manual/en/function.openssl-digest.php The results I am getting from the PHP function are not the same as using the other methods. I'm sure I'm not putting the right data into the hash function. Should I be hashing the entire contents of the PEM file, only part, or is there additional data I need to add? Thank you, Matt
Re: How is MD5 fingerprint on X509 created?
On 19 Apr 2011, at 10:55 AM, Matt C wrote: Should I be hashing the entire contents of the PEM file, only part, or is there additional data I need to add? The fingerprint that openssl computes is the hash of the entire certificate in DER format. You should be able to recover the DER-formatted certificate by base64-decoding the block of text between the BEGIN/END lines in the PEM-formatted certifcate. There are other hashes of various parts of the certificate, used for other things, but if you're trying to duplicate what openssl -fingerprint is doing, that's how. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL for Unix
On Tue, Apr 19, 2011 at 11:40:56AM +0100, João Alpande wrote: Good Morning, Where can I get a compiled version of OpenSSL for Unix? how to install openssl in unix ? Thanks´s João Alpande For which Unix box? -- Member - Liberal International This is doc...@nl2k.ab.ca Ici doc...@nl2k.ab.ca God, Queen and country! Never Satan President Republic! Beware AntiChrist rising! http://twitter.com/rootnl2k http://www.facebook.com/dyadallee Stop Stephen Harper ! on 2 May 2011 vote Harper out and Ignatieff in! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
X509 certificate verification error when purpose is set to 'any' using openssl api's
Please can anybody help? This is kind of priority issue for me.
I have following set of certificates with X509 extensions defined for code
signing in PKCS7 format.
Root CA - Key usage (critical): Certificate Sign, CRL Sign
CVC Sub-CA - Key usage (critical): Certificate Sign, CRL Sign
CVC cert - Key usage(critical): Digital Signature, Key Encipherment. Extended
Key Usage(critical): Code Sigining
PKCS#7 signature includes CVC sub-CA and CVC certs. When I verify the signature
using PKCS7_verify() I am getting
error: unsupported certificate purpose
As a work-around suggested by Dr.Stephen I tried setting purpose to any and it
works fine using following command line:
openssl smime -verify -CAfile Root-CA -purpose any -inform PEM -in pk7blob
-content data-signed
But fails when using Openssl API's and the error is
X509_STORE_CTX_purpose_inherit: unknown purpose id.
Following is the code snippet. Most of it is taken from PKCS7_verify() itself
in pkcs7_smime.c
void my_verify_api(PKCS7 *pkcs7, unsigned char *signed_data, int s_len)
{
/* Root CA */
static unsigned char my_root_ca[900]={..};
BIO*bio_t;
const unsigned char *der_cert = my_root_ca;
X509_STORE *cert_store = NULL;
X509 *x509 = NULL;
STACK_OF(X509)*signers;
X509*signer;
X509_STORE_CTXcert_ctx;
inti, k, num_signers;
if (!bio_t = BIO_new_mem_buf((void *)signed_data, s_len))) {
printf(BIO_new_mem_buf failed\n\n);
goto end;
}
OpenSSL_add_all_algorithms();
x509 = d2i_X509(NULL, der_cert, sizeof(my_root_ca));
if (x509 == NULL) {
printf(x509 is NULL.\n);
goto end;
}
cert_store=X509_STORE_new();
if (cert_store == NULL) {
printf(Failed to create new cert store using X509_STORE_new().\n);
goto end;
}
X509_STORE_add_cert(cert_store,x509);
signers = PKCS7_get0_signers(pkcs7, NULL, 0);
if (!signers) {
printf(Error getting signers--\n);
goto end;
}
num_signers = sk_X509_num(signers);
printf(num_signers: %d\n, num_signers);
for (k = 0; k num_signers; k++) {
signer = sk_X509_value(signers, k);
if (!X509_STORE_CTX_init(cert_ctx, cert_store, signer,
pkcs7-d.sign-cert)) {
printf(X509_STORE_CTX_init failed.\n);
sk_X509_free(signers);
goto end;
}
X509_STORE_CTX_set_purpose(cert_ctx, X509_PURPOSE_ANY);
i = X509_verify_cert(cert_ctx);
X509_STORE_CTX_cleanup(cert_ctx);
if (i = 0) {
unsigned long e;
const char *file = NULL, *data = NULL;
int line, flgs;
while ((e = ERR_get_error_line_data(file, line, data, flgs))) {
printf(Error: %d\nError String: %s\n, e, ERR_error_string(e,
NULL));
if (data) {
printf(data: %s\n, data);
}
}
ERR_clear_error();
sk_X509_free(signers);
goto end;
} else {
printf(Certificate got verified--\n\n);
}
}
sk_X509_free(signers);
end:
if (x509 != NULL) {
X509_free(x509);
}
if (cert_store != NULL) {
X509_STORE_free(cert_store);
}
if (bio_t) {
BIO_flush(bio_t);
BIO_free_all(bio_t);
}
EVP_cleanup();
}
Am I doing something wrong here?
Any help is appreciated.
Thanks,
Prkj
Re: DH session Key length
The private exponent length need only be sufficient to make a brute force search (using the public exponent as a target) computationally infeasible, since the discrete log problem is still in the hard category. Cogent DH Private Exponent recommendations are always stated in terms of P, e.g., x : 1 x (p-1)/2. - M On Mon, Apr 18, 2011 at 7:25 PM, Mike Mohr akih...@gmail.com wrote: You might take a look at RFC 3526: http://tools.ietf.org/html/rfc3526 It is my understanding that the DH exponent can be significantly shorter than the modulus without compromising security. RFC 3526 is from 2003, but I haven't found anything published since then that would make me think its assertions are invalid or outdated. The paranoid tinfoil hat crowd can probably take twice the maximum bit count from section 8 (620x2=1240) and be happy. Mike On Mon, Apr 18, 2011 at 8:01 AM, ikuzar razuk...@gmail.com wrote: Hello, I 'd like to know the length of DH session key generated by DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) . Here : http://www.openssl.org/docs/crypto/DH_generate_key.html It is said that key must point to DH_size(dh) bytes of memory. is 128 bits the default length ? how can I adjust this length according the symetric-key algorithm I use ( AES128/ICM) Thanks for your help. __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: DH session Key length
Addendum - depending on the use of DH (usually using the DH shared secret as a basis for key exchange), the choice of prime is more important than private exponent length. Safe primes or strong primes are warranted. Most systems use small generators (e.g., 2). - M On Mon, Apr 18, 2011 at 7:25 PM, Mike Mohr akih...@gmail.com wrote: You might take a look at RFC 3526: http://tools.ietf.org/html/rfc3526 It is my understanding that the DH exponent can be significantly shorter than the modulus without compromising security. RFC 3526 is from 2003, but I haven't found anything published since then that would make me think its assertions are invalid or outdated. The paranoid tinfoil hat crowd can probably take twice the maximum bit count from section 8 (620x2=1240) and be happy. Mike On Mon, Apr 18, 2011 at 8:01 AM, ikuzar razuk...@gmail.com wrote: Hello, I 'd like to know the length of DH session key generated by DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) . Here : http://www.openssl.org/docs/crypto/DH_generate_key.html It is said that key must point to DH_size(dh) bytes of memory. is 128 bits the default length ? how can I adjust this length according the symetric-key algorithm I use ( AES128/ICM) Thanks for your help. __ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How is MD5 fingerprint on X509 created?
Thank you Erik and Wim, that's exactly the information I needed! On Tue, Apr 19, 2011 at 2:27 PM, Wim Lewis w...@omnigroup.com wrote: On 19 Apr 2011, at 10:55 AM, Matt C wrote: Should I be hashing the entire contents of the PEM file, only part, or is there additional data I need to add? The fingerprint that openssl computes is the hash of the entire certificate in DER format. You should be able to recover the DER-formatted certificate by base64-decoding the block of text between the BEGIN/END lines in the PEM-formatted certifcate. There are other hashes of various parts of the certificate, used for other things, but if you're trying to duplicate what openssl -fingerprint is doing, that's how. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: OpenSSL for Unix
It would help if you specified which of the many thousands of releases and versions of UNIX you are talking about, and what architecture/processor/bit-width you need. There won't be compiled versions available for most combinations. You'd need to follow the instructions which come with it if you find a suitable version. Why not just follow the instructions to install it from source? From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of João Alpande Sent: Tuesday, April 19, 2011 11:41 AM To: openssl-users@openssl.org Subject: OpenSSL for Unix Good Morning, Where can I get a compiled version of OpenSSL for Unix? how to install openssl in unix ? Thanks´s João Alpande
Date format for X.509 certificate
I've extracted a date from a public certificate using the PHP command openssl_x509_parse. The date looks like this: 110419141516Z Can someone tell me how to make sense of this date (in PHP if possible). Thank you! Matt
RE: Date format for X.509 certificate
110419141516Z = 2011 04(April) 19th 14:15:16Z(UTC) Erik Tkal Juniper OAC/UAC/Pulse Development From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Matt C Sent: Tuesday, April 19, 2011 5:19 PM To: openssl-users@openssl.org Subject: Date format for X.509 certificate I've extracted a date from a public certificate using the PHP command openssl_x509_parse. The date looks like this: 110419141516Z Can someone tell me how to make sense of this date (in PHP if possible). Thank you! Matt
Re: Date format for X.509 certificate
Check out the date and time functions in PHP and there are ways to format that number into something a little more human readable. Contact me if you would like to know more. This isn't a php forum so no point in talking about it here. On 11-04-19 5:22 PM, Erik Tkal wrote: 110419141516Z = 2011 04(April) 19^th 14:15:16Z(UTC) *Erik Tkal** *Juniper OAC/UAC/Pulse Development *From:*owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] *On Behalf Of *Matt C *Sent:* Tuesday, April 19, 2011 5:19 PM *To:* openssl-users@openssl.org *Subject:* Date format for X.509 certificate I've extracted a date from a public certificate using the PHP command openssl_x509_parse. The date looks like this: 110419141516Z Can someone tell me how to make sense of this date (in PHP if possible). Thank you! Matt -- Bram Cymet Software Developer Canadian Bank Note Co. Ltd. 613-608-9752 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Date format for X.509 certificate
That's simple. Thank you again Erik. On Tue, Apr 19, 2011 at 5:22 PM, Erik Tkal et...@juniper.net wrote: 110419141516Z = 2011 04(April) 19th 14:15:16Z(UTC) *Erik Tkal** *Juniper OAC/UAC/Pulse Development *From:* owner-openssl-us...@openssl.org [mailto: owner-openssl-us...@openssl.org] *On Behalf Of *Matt C *Sent:* Tuesday, April 19, 2011 5:19 PM *To:* openssl-users@openssl.org *Subject:* Date format for X.509 certificate I've extracted a date from a public certificate using the PHP command openssl_x509_parse. The date looks like this: 110419141516Z Can someone tell me how to make sense of this date (in PHP if possible). Thank you! Matt
Re: DH session Key length
So, have I to generate a prime with length = 3200 bits ?, ( the corresponding exponent will belong to 3200-bit MODP group ) in order to generate an AES 128 session key ? ( I use 2 as generator ). Here http://tools.ietf.org/html/rfc3526, it is said : The new Advanced Encryption Standard (AES) cipher [AES], which has more strength, needs stronger groups. For the 128-bit AES we need about a 3200-bit group [Orman01]. ..; in this IETF, 6 MODP groups are exposed. 3200-bit is not among this groups... Concretly, what should I write to obtain AES 128 session key? i Wrote something like this ( in command line ): *openssl dhparam -outform PEM -out dhParams.pem -2 3200* **Then I decode dhParams.pem into internal C struct: dh. Then I call DH_generate_key(DH *dh); , then DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh); with the peer pub_key and I finally want to store this session key at key 2011/4/19 Michael Sierchio ku...@tenebras.com Addendum - depending on the use of DH (usually using the DH shared secret as a basis for key exchange), the choice of prime is more important than private exponent length. Safe primes or strong primes are warranted. Most systems use small generators (e.g., 2). - M On Mon, Apr 18, 2011 at 7:25 PM, Mike Mohr akih...@gmail.com wrote: You might take a look at RFC 3526: http://tools.ietf.org/html/rfc3526 It is my understanding that the DH exponent can be significantly shorter than the modulus without compromising security. RFC 3526 is from 2003, but I haven't found anything published since then that would make me think its assertions are invalid or outdated. The paranoid tinfoil hat crowd can probably take twice the maximum bit count from section 8 (620x2=1240) and be happy. Mike On Mon, Apr 18, 2011 at 8:01 AM, ikuzar razuk...@gmail.com wrote: Hello, I 'd like to know the length of DH session key generated by DH_compute_key(unsigned char *key, BIGNUM *pub_key, DH *dh) . Here : http://www.openssl.org/docs/crypto/DH_generate_key.html It is said that key must point to DH_size(dh) bytes of memory. is 128 bits the default length ? how can I adjust this length according the symetric-key algorithm I use ( AES128/ICM) Thanks for your help. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
