Re: Simple question: Maximum length of PEM file?
Can you tell me what are the application dependency factor here so we'll be able to chase a limit? It is used as an RSA key exchange certification/private key pairing. Thanks... JoelKatz wrote: On 7/26/2011 4:38 AM, Katif wrote: I need to know in advance the maximum length of the following three PEM formatted files (excluding the -BEGIN/END lines): It's application-dependent. There is no answer in general. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- View this message in context: http://old.nabble.com/Simple-question%3A-Maximum-length-of-PEM-file--tp32139325p32145362.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
testing null encryption
Hi, I am using openssl-1.0.0d. downloaded the source and built the library. Can anyone suggest how to do the following: a) testing NULL Encryption: While building openssl i modified the macro SSL_DEFAULT_CIPHER_LIST to #define SSL_DEFAULT_CIPHER_LIST eNULL My understanding is the above modification would provide only data authentication with NO encryption. Am i right? Is there a way to check this by running any test programs. If any such program is already provided along with the package .would be good to use them. Kindly let me know if there is any option. b) build openssl with no compression/decompression support in openssl. While building openssl passed no-zlib option in the configure script and build went fine. How am i to ensure the library is built with no compression/de-compression routines. Thanks. have a nice day, navin
disabling encryption
Hi, I am using openssl-1.0.0d. I would prefer to disable encryption in the ssl protocol and have only authentication integrity. ie application data is sent without encryption. Is there a way to do this is in openssl? Does usage of eNULL in the default cipherlist provides this? Thanks. have a nice day, navin
missing export tmp rsa key (1024bit rsa key) with RSA_EXPORT_WITH_DES40_CBC_SHA
Hello, openssl.exe s_client -connect services.gmf.fr:443 exits with the message missing export tmp rsa key The server selects RSA_EXPORT_WITH_DES40_CBC_SHA and sends an 1024bit RSA key. If I increase the RSA key size limits like below: - #define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 512 : 1024) + #define SSL_EXPORT_PKEYLENGTH(a) (SSL_IS_EXPORT40(a) ? 1024 : 1024) the handshake completes successfully. But according to [1] RSA_EXPORT_WITH_DES40_CBC_SHA requires a 512bit RSA key, not 1024. [1] https://bto.bluecoat.com/packetguide/appcelera-3.0.2/configure/ssl-cipher-details-popup.htm The website loads in Firefox because Firefox doesn't send this cipher in the ClientHello. My question is: is this a misconfigured server or is there something I can do to have openssl talk to that site ? Thanks, Bogdan
X509 verify
Hello everyone, I've found some issues using the function X509_verify() on a simple X509 certificate. After the creation, if I call: X509_verify(certificate,ca_key); the function returns 1, but if I call the i2d_X509() function on the certificate and then the d2i_X509() on the obtained byte string, the X509_verify() on the resultant certificate returns 0. I printed the certificate, in a readable format, before and after the i2d() and d2i() execution and the result is exactly the same. The various fields (issuer, subject...) have the correct values. Any ideas? Best Regards Andrea Saracino
Re: testing null encryption
On Wed, Jul 27, 2011 at 02:53:09AM -0700, navin gopalakrishnan wrote: a) testing NULL Encryption: While building openssl i modified the macro SSL_DEFAULT_CIPHER_LIST to #define SSL_DEFAULT_CIPHER_LIST eNULL That was unwise, don't do that. My understanding is the above modification? would provide only data authentication with NO encryption. Or possibly neither: $ openssl ciphers -v eNULL ECDHE-RSA-NULL-SHA SSLv3 Kx=ECDH Au=RSA Enc=None Mac=SHA1 ECDHE-ECDSA-NULL-SHASSLv3 Kx=ECDH Au=ECDSA Enc=None Mac=SHA1 AECDH-NULL-SHA SSLv3 Kx=ECDH Au=None Enc=None Mac=SHA1 ECDH-RSA-NULL-SHA SSLv3 Kx=ECDH/RSA Au=ECDH Enc=None Mac=SHA1 ECDH-ECDSA-NULL-SHA SSLv3 Kx=ECDH/ECDSA Au=ECDH Enc=None Mac=SHA1 NULL-SHASSLv3 Kx=RSA Au=RSA Enc=None Mac=SHA1 NULL-MD5SSLv3 Kx=RSA Au=RSA Enc=None Mac=MD5 as you can see above, the AECDH-NULL-SHA cipher provides neither authentication nor encryption, just message integrity over an anonymous channel. Is there a way to check this by running any test programs. You should not change the DEFAULT cipher list. Rather, applications can be configured with appropriate ciphers at run-time. The ciphers(1) utility, by default lists the DEFAULT ciphers. $ openssl ciphers $ openssl ciphers -v b) build openssl with no compression/decompression support in openssl.? You could read the INSTALL document that is included with the source code. While building openssl passed no-zlib option in the configure script and build went fine. This is documented to do what you requested. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: disabling encryption
Yeah, it does seems to do that. I tested it with s_client and s_server, (s_server with -cipher eNULL),and if client also were not with -cipher -eNULL, then connection failed.So, there might be need to explicitly configure both ends of connection. Citējot navin gopalakrishnan k_nav...@yahoo.com: Hi, I am using openssl-1.0.0d. I would prefer to disable encryption in the ssl protocol and have only authentication integrity. ie application data is sent without encryption. Is there a way to do this is in openssl? Does usage of eNULL in the default cipherlist provides this? Thanks. have a nice day, navin __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
TLS handshake failure
One of our customers is trying to setup a TLS for SIP trunk. Self-signed certificates (2048 bit) non encrypted configuration on SIP trunk work but a CA signed certificate does not. Going by this SSL/TLS detail example http://technet.microsoft.com/en-us/library/cc785811%28WS.10%29.aspxhttp:// technet.microsoft.com/en-us/library/cc785811%28WS.10%29.aspx as a reference for a SSL/TLS handshake protocol - We see the following. Packet Capture (20110721-141405_packet.pcap): Packet # - SSL/TLS Message 1116 - Client Hello 1122 - Server Hello 1628 - Server Certificate 1658 - Client Certificate 1659 - Client Key Exchange ... It stops here. In the CUBE debugs (putty.log): *Jul 21 12:39:23.782: CRYPTO_PKI: Certificate is verified *Jul 21 12:39:23.782: CRYPTO_PKI: Certificate validated without revocation check *Jul 21 12:39:23.782: CRYPTO_PKI: chain cert was anchored to trustpoint DODCA21, and chain validation result was: CRYPTO_VALID_CERT_WITH_WARNING *Jul 21 12:39:23.782: CRYPTO_PKI: Validation TP is DODCA21 *Jul 21 12:39:23.782: CRYPTO_PKI: Certificate validation succeeded *Jul 21 12:39:23.782: SSL_accept:SSLv3 read client certificate A *Jul 21 12:39:23.782: TLS 1.0 Handshake [length 0106], ClientKeyExchange *Jul 21 12:39:23.782: 10 00 01 02 01 00 09 FB B7 04 A8 F4 D7 52 C8 C7 *Jul 21 12:39:23.782: 14 13 55 62 05 68 31 45 0B 75 60 C4 80 66 65 AD *Jul 21 12:39:23.782: 59 28 79 10 22 D7 C3 C5 C6 3D D0 8A 1E E8 59 56 *Jul 21 12:39:23.782: 5F 93 B9 32 D9 0B 73 F8 1A 7B B4 0E 3F B5 44 2B *Jul 21 12:39:23.782: C4 A9 C9 16 9C 5A F9 F6 F5 5F 75 5C FF 51 9B 25 *Jul 21 12:39:23.782: 67 55 22 72 A1 22 F7 D9 0B 3D 3C 34 AA D4 F9 00 *Jul 21 12:39:23.782: E8 1D 73 23 9F 41 C5 1D CE 0D B3 D4 00 8A 75 E3 *Jul 21 12:39:23.782: 1D 91 A2 BF 87 40 9E 04 4F 48 E1 A7 65 3E 14 66 *Jul 21 12:39:23.782: D0 3A 54 59 7D 4A 09 6E 01 44 E1 75 C0 2D 84 9E *Jul 21 12:39:23.782: AD 23 F0 73 F0 57 BA 80 10 45 FC E9 F6 5F 86 4F *Jul 21 12:39:23.782: 8D 43 11 3F 11 23 EC 4E CA 81 75 05 A0 E4 FD D8 *Jul 21 12:39:23.782: 56 46 98 76 6F D2 F3 3D B3 9C 5E 10 34 ED 38 45 *Jul 21 12:39:23.782: 90 1F 4B D2 97 42 5B 61 D3 F0 F2 D0 EE 56 9E 80 *Jul 21 12:39:23.782: F0 FC D6 E8 F9 2C 9B D0 33 53 0E 6C 41 5A E8 79 *Jul 21 12:39:23.782: 84 47 84 7B C0 C8 21 CA 64 D5 23 40 55 EF 01 50 *Jul 21 12:39:23.782: B2 53 D4 0B 87 27 AA 60 D0 1B 6D 19 A7 0D D5 C0 *Jul 21 12:39:23.782: B3 AA 61 0D DE 80 *Jul 21 12:39:23.782: *Jul 21 12:39:23.930: SSL_accept:SSLv3 read client key exchange A *Jul 21 12:40:21.694: SSL_accept:failed in SSLv3 read certificate verify A Everything looks good up to the Client Key Exchange but the CUBE stops at the Client Certificate Verify. We are unable to determine why this is the case. Any pointers on how to further debug this would be greatly appreciated.. Thanks Anamitra
Re: X509 verify
The way I would verify this is by writting the original X509 object into PEM file and dumping the X509 object resulted from d2i_x509() into another PEM file and compares both files using the openssl ; either using asnparse or x509 command. On Wed, Jul 27, 2011 at 9:46 AM, Andrea Saracino saracino.and...@gmail.comwrote: Hello everyone, I've found some issues using the function X509_verify() on a simple X509 certificate. After the creation, if I call: X509_verify(certificate,ca_key); the function returns 1, but if I call the i2d_X509() function on the certificate and then the d2i_X509() on the obtained byte string, the X509_verify() on the resultant certificate returns 0. I printed the certificate, in a readable format, before and after the i2d() and d2i() execution and the result is exactly the same. The various fields (issuer, subject...) have the correct values. Any ideas? Best Regards Andrea Saracino
Re: Bug in OpenSSL 0.9.8e
On 20 Jul 2011, at 2:25 AM, Vinay Kumar wrote: Hi All, I am using OpenSSL OpenSSL 0.9.8e. The OpenSSL function sometimes sha1_block_host_order () crashes on Linux. Is there any fix available for this issue or what are the modifications need to be done? Please guide me. The core back trace is as follows: Program terminated with signal 11, Segmentation fault. #0 0x00560670 in sha1_block_host_order () (gdb) bt #0 0x00560670 in sha1_block_host_order () #1 0x005605a4 in sha1_block_host_order () [etc] Unfortunately the hand-optimized assembly SHA1 implementation tends to confuse debuggers; only the first stack frame of that backtrace is likely accurate, so it's hard to tell where the fault is. Presumably the SHA1 function was either passed a NULL buffer, an invalid buffer, or an invalid buffer length, due to a bug in some code that calls it. You could try examining the machine instruction at which it crashed (x/i $pc in gdb); it is presumably reading from memory via a register. Examine the registers (inf reg in gdb) to see whether it was dereferencing address 0 (null pointer) or some other wild address (bad pointer or bad buffer length). With luck this will give you an idea what to look for next. You could also try recompiling openssl in a more debuggable form (disabling the optimized assembly). (The patches I submitted to Openssl RT ticket #2562 a couple of weeks ago make this problem less severe but they haven't been incorporated into openssl.) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Simple question: Maximum length of PEM file?
On 26 Jul 2011, at 10:16 PM, Katif wrote: Can you tell me what are the application dependency factor here so we'll be able to chase a limit? It is used as an RSA key exchange certification/private key pairing. Thanks... The two things that are variable size are the key material itself, and the many fields that can occur in a certificate. A private key file just has key material, so its size should be proportional to the key size in bits (plus constant overhead); a certificate has key material for the key it represents, a signature from the issuer's key (which may have a size dependent on that key's size), and an arbitrary collection of other data that can be incorporated into the certificate when it's created (such as the name or address of the subject, or a list of permitted/forbidden uses, CRL distribution points, legal boilerplate, etc). I don't think there's any limit to the amount of extension data that can be included in a certificate, though in practice it's rarely more than a few kilobytes. I'd suggest parsing a handful of files using openssl asn1parse to get an idea of what's in there and how large each thing is. The sizes and offsets that asn1parse gives you refer to the DER-encoded file; a PEM-encoded file has four bytes for every three of DER, plus another few percent overhead for line endings. As Kenneth Goldman says, though, you need to consider what will happen when you encounter a certificate larger than you expect, because it *will* happen. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
support for 2048-bit keys
Hello, I am working on a product where we are upgrading from openssl-0.9.8.d to version 1.0.0, and we want to transition from using 1024 bit keys to 2048. I am coming up to speed with SSL in general. My question is: was key length of 2048 already supported on openssl-0.9.8.d? I did read about it in HOWTO, but I just want to make sure. Thanks, Dirce __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Handshake question
I need some help. I am basically stuck and don't know how to fix the handshake and must be missing something. Perhaps it is something with the certificates. I have a server certificate/privatekey and a CA certificate. Server loads its server certificate and private key ( self-signed by a CA that I created). The client loads the CA certificate. Using memory buffers and blocking IO. I begin the handshake by the client intiating hello message. The server reads message, and data is put in its ssl output. This is sent back to client. The client read the data ( SSL_read) and data it populated in the ssl output. This is sent back to the server. ( it is waiting for more input from server) The server reads the data (SSL_read) and nothing is generated in outbut it is waiting for more information from client. Basically I am at a stale mate now. What information am I missing. When I go and look at what state the client is in it say it is UNKWN..what does this imply Do I need a client certificate even though I have programmed the server to be a VERIFY_PEER_NONE? Does anybody have any references/books I can go get to help me with this issue...I am completely lost and confused. Note: I am currently working on windows.
Re: Handshake question
On 27 Jul 2011, at 1:52 PM, castre...@gmail.com wrote: Using memory buffers and blocking IO. I begin the handshake by the client intiating hello message. The server reads message, and data is put in its ssl output. This is sent back to client. The client read the data ( SSL_read) and data it populated in the ssl output. This is sent back to the server. ( it is waiting for more input from server) The server reads the data (SSL_read) and nothing is generated in outbut it is waiting for more information from client. The handshake requires several messages to be sent back and forth. The server has sent another message to the client at this point and is waiting for a response to that message. Has that message been delivered to the client? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Simple question: Maximum length of PEM file?
On 7/26/2011 10:16 PM, Katif wrote: Can you tell me what are the application dependency factor here so we'll be able to chase a limit? It is used as an RSA key exchange certification/private key pairing. Thanks... Maximum RSA key size supported. Extensions supported. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: X509 verify
Hi Erwin, thanks for your fast answer.
I dumped both the certificates in 2 PEM files, then I used the
X509_print_fp() to obtain the readable version of both of them. The two
resulting files are identical. Perhaps there is something wrong in the
invocation of the i2d/d2i functions. I'm posting an extract of the code:
//
struct T_G_4{
unsigned char nonce[NONCE_SIZE];
int cert_size;
unsigned char certificate[MAX_MSG_SIZE-NONCE_SIZE-sizeof(int)];
}
/*...*/
T_G_4 * TG4=new T_G_4;
/*...*/
peer_certificate=/* initialization function */ //this is a private member of
a class and the two functions are members of the same class
EVP_PKEY * pubkey=EVP_PKEY_new();
EVP_PKEY_set1_RSA(pubkey, rsa_ca_pub_key);
X509_verify(peer_certificate,pubkey); //this verification returns 1
unsigned char * serialized certificate=NULL; //following the example of the
openssl d2i_X509 page, NULL pointer avoids the management of the increasing
pointer
TG4-cert_size=i2d(peer_certificate,serialized_certificate);
//serialization
memcpy(TG4-certificate,serialized_certificate,TG4-cert_size);
//initialize the remaining fields and return TG4
//passing the structure to another function
//other function:
/*...*/
unsigned char * serialized_certificate=new unsigned char [TG4-cert_size];
memcpy(serialized_certificate,TG4-certificate,TG4-cert_size);
peer_certificate = d2i_X509(NULL,(const unsigned char
**)serialized_certificate,TG4-cert_size); //deserialization
X509_verify(peer_certificate,pubkey); //now it returns 0... :(
/*...*/
Is there something wrong in this code?
Thanks in advance.
Best Regards
Andrea Saracino
2011/7/27 Erwin Himawan ehima...@gmail.com
The way I would verify this is by writting the original X509 object into
PEM file and dumping the X509 object resulted from d2i_x509() into another
PEM file and compares both files using the openssl ; either using asnparse
or x509 command.
On Wed, Jul 27, 2011 at 9:46 AM, Andrea Saracino
saracino.and...@gmail.com wrote:
Hello everyone,
I've found some issues using the function X509_verify() on a simple X509
certificate. After the creation, if I call:
X509_verify(certificate,ca_key);
the function returns 1, but if I call the i2d_X509() function on the
certificate and then the d2i_X509() on the obtained byte string, the
X509_verify() on the resultant certificate returns 0.
I printed the certificate, in a readable format, before and after the
i2d() and d2i() execution and the result is exactly the same. The various
fields (issuer, subject...) have the correct values. Any ideas?
Best Regards
Andrea Saracino
Re: Handshake question
On 27 Jul 2011, at 4:37 PM, castre...@gmail.com wrote: There is no data to send to the client ( I have checked the BIO out and there is no pending data to send out). This is my main problem. When I check the clients state using SSL_state_string from the last read it returns UNKWN. I went ahead and did some changes just to seem if I could shake things up. Originally I had my context set to server = method_sslv3_tlsv1, client =method_tlsv1 But then I changed it to server = method_sslv3 client = method_sslv3 As I ran this the server came up with the following error on a SSL_read: 0x101069c0 error:140A1159:SSL routines:SSL_BYTES_TO_CIPHER_LIST:scsv received when renegotiatingchar * The data the server was reading, the response from the client. The client had sent a hello, the server sent a response to that, in which the client sent a response and then the server errored. What does this error mean. Again, could there be somthing wrong with my certificates. On the server side i load the server cert( PEM) and the private key. ON the client side I just load the CA cert. Hmmm. In that case, I don't know what the problem is. I've cc'd this back to the openssl-users list in case it gives someone else an idea. scsv received when renegotiating sounds like it's related to the RFC-5746 renegotiation-attack prevention stuff, which I don't know much about. Thanks for your response..I am very confused. Does the Oriely book for OpenSSL have good information?? I haven't read it. :) SSL and OpenSSL can be pretty confusing, good luck. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: X509 verify
I would not use the X509_print_fp(), since it does not give you the PEM or DER
file.
Use intead PEM_write_bio or write_bio() for PEM and DER respectively.
Also check for error for the status of these two bio write function.
hopefully it helps
From: Andrea Saracino
Sent: Wednesday, July 27, 2011 6:05 PM
To: openssl-users@openssl.org
Subject: Re: X509 verify
Hi Erwin, thanks for your fast answer.
I dumped both the certificates in 2 PEM files, then I used the X509_print_fp()
to obtain the readable version of both of them. The two resulting files are
identical. Perhaps there is something wrong in the invocation of the i2d/d2i
functions. I'm posting an extract of the code:
//
struct T_G_4{
unsigned char nonce[NONCE_SIZE];
int cert_size;
unsigned char certificate[MAX_MSG_SIZE-NONCE_SIZE-sizeof(int)];
}
/*...*/
T_G_4 * TG4=new T_G_4;
/*...*/
peer_certificate=/* initialization function */ //this is a private member of a
class and the two functions are members of the same class
EVP_PKEY * pubkey=EVP_PKEY_new();
EVP_PKEY_set1_RSA(pubkey, rsa_ca_pub_key);
X509_verify(peer_certificate,pubkey); //this verification returns 1
unsigned char * serialized certificate=NULL; //following the example of the
openssl d2i_X509 page, NULL pointer avoids the management of the increasing
pointer
TG4-cert_size=i2d(peer_certificate,serialized_certificate); //serialization
memcpy(TG4-certificate,serialized_certificate,TG4-cert_size);
//initialize the remaining fields and return TG4
//passing the structure to another function
//other function:
/*...*/
unsigned char * serialized_certificate=new unsigned char [TG4-cert_size];
memcpy(serialized_certificate,TG4-certificate,TG4-cert_size);
peer_certificate = d2i_X509(NULL,(const unsigned char
**)serialized_certificate,TG4-cert_size); //deserialization
X509_verify(peer_certificate,pubkey); //now it returns 0... :(
/*...*/
Is there something wrong in this code?
Thanks in advance.
Best Regards
Andrea Saracino
2011/7/27 Erwin Himawan ehima...@gmail.com
The way I would verify this is by writting the original X509 object into PEM
file and dumping the X509 object resulted from d2i_x509() into another PEM file
and compares both files using the openssl ; either using asnparse or x509
command.
On Wed, Jul 27, 2011 at 9:46 AM, Andrea Saracino saracino.and...@gmail.com
wrote:
Hello everyone,
I've found some issues using the function X509_verify() on a simple X509
certificate. After the creation, if I call:
X509_verify(certificate,ca_key);
the function returns 1, but if I call the i2d_X509() function on the
certificate and then the d2i_X509() on the obtained byte string, the
X509_verify() on the resultant certificate returns 0.
I printed the certificate, in a readable format, before and after the i2d()
and d2i() execution and the result is exactly the same. The various fields
(issuer, subject...) have the correct values. Any ideas?
Best Regards
Andrea Saracino
Re: X509 verify
By the way sorry for the font size, it does not mean anything, it just mixed
up during cut and paste.
The function to dump x509 into a certificate is is PEM_write_bio_X509() and
the function to dump a x509 der file is bio_write(). Here is the doc on
bio_write http://www.manpagez.com/man/3/BIO_write/osx-10.3.php
erwin
On Wed, Jul 27, 2011 at 8:20 PM, Erwin Himawan ehima...@gmail.com wrote:
**
I would not use the X509_print_fp(), since it does not give you the PEM or
DER file.
Use intead PEM_write_bio or write_bio() for PEM and DER respectively.
Also check for error for the status of these two bio write function.
hopefully it helps
*From:* Andrea Saracino saracino.and...@gmail.com
*Sent:* Wednesday, July 27, 2011 6:05 PM
*To:* openssl-users@openssl.org
*Subject:* Re: X509 verify
Hi Erwin, thanks for your fast answer.
I dumped both the certificates in 2 PEM files, then I used the
X509_print_fp() to obtain the readable version of both of them. The two
resulting files are identical. Perhaps there is something wrong in the
invocation of the i2d/d2i functions. I'm posting an extract of the code:
//
struct T_G_4{
unsigned char nonce[NONCE_SIZE];
int cert_size;
unsigned char certificate[MAX_MSG_SIZE-NONCE_SIZE-sizeof(int)];
}
/*...*/
T_G_4 * TG4=new T_G_4;
/*...*/
peer_certificate=/* initialization function */ //this is a private member
of a class and the two functions are members of the same class
EVP_PKEY * pubkey=EVP_PKEY_new();
EVP_PKEY_set1_RSA(pubkey, rsa_ca_pub_key);
X509_verify(peer_certificate,pubkey); //this verification returns 1
unsigned char * serialized certificate=NULL; //following the example of the
openssl d2i_X509 page, NULL pointer avoids the management of the increasing
pointer
TG4-cert_size=i2d(peer_certificate,serialized_certificate);
//serialization
memcpy(TG4-certificate,serialized_certificate,TG4-cert_size);
//initialize the remaining fields and return TG4
//passing the structure to another function
//other function:
/*...*/
unsigned char * serialized_certificate=new unsigned char [TG4-cert_size];
memcpy(serialized_certificate,TG4-certificate,TG4-cert_size);
peer_certificate = d2i_X509(NULL,(const unsigned char
**)serialized_certificate,TG4-cert_size); //deserialization
X509_verify(peer_certificate,pubkey); //now it returns 0... :(
/*...*/
Is there something wrong in this code?
Thanks in advance.
Best Regards
Andrea Saracino
2011/7/27 Erwin Himawan ehima...@gmail.com
The way I would verify this is by writting the original X509 object into
PEM file and dumping the X509 object resulted from d2i_x509() into another
PEM file and compares both files using the openssl ; either using asnparse
or x509 command.
On Wed, Jul 27, 2011 at 9:46 AM, Andrea Saracino
saracino.and...@gmail.com wrote:
Hello everyone,
I've found some issues using the function X509_verify() on a simple X509
certificate. After the creation, if I call:
X509_verify(certificate,ca_key);
the function returns 1, but if I call the i2d_X509() function on the
certificate and then the d2i_X509() on the obtained byte string, the
X509_verify() on the resultant certificate returns 0.
I printed the certificate, in a readable format, before and after the
i2d() and d2i() execution and the result is exactly the same. The various
fields (issuer, subject...) have the correct values. Any ideas?
Best Regards
Andrea Saracino
Re: Handshake question
You metion that: Server loads its server certificate and private key ( self-signed by a CA that I created). I would liem to clarify: the server cert is a self signed cert? or the CA cert is a self signed cert? If the server cert is a self signed cert, the server is actually the ca, which in this case, the client needs the server slef signed cert. If the server is not a self-signed cert, make sure that the ca self-signed cert can verify the server cert. You can use the openssl verify CLI to do this. If you can then give the ca cert to client. If i remember correctly, when you set the verify peer to none, the server does not do cert-based auth on the client. however, tls spec specifies that client must do cert-based auth on the server. so, server must send the client its cert. hopefully, my reply make sense. On Wed, Jul 27, 2011 at 3:52 PM, castre...@gmail.com wrote: I need some help. I am basically stuck and don't know how to fix the handshake and must be missing something. Perhaps it is something with the certificates. I have a server certificate/privatekey and a CA certificate. Server loads its server certificate and private key ( self-signed by a CA that I created). The client loads the CA certificate. Using memory buffers and blocking IO. I begin the handshake by the client intiating hello message. The server reads message, and data is put in its ssl output. This is sent back to client. The client read the data ( SSL_read) and data it populated in the ssl output. This is sent back to the server. ( it is waiting for more input from server) The server reads the data (SSL_read) and nothing is generated in outbut it is waiting for more information from client. Basically I am at a stale mate now. What information am I missing. When I go and look at what state the client is in it say it is UNKWN..what does this imply Do I need a client certificate even though I have programmed the server to be a VERIFY_PEER_NONE? Does anybody have any references/books I can go get to help me with this issue...I am completely lost and confused. Note: I am currently working on windows.
