Re: Regarding Getting tlsv1 alert decrypt error
As per my knowledge such thing man not happen.. may something go wrong with your code.. share your code if someone can look at up, Thanks, Saurabh On 8/16/12, venkataragavan vijayakumar wrote: > Hi All, > > We are running load through the openssl 1.0 DTLS connection , It is working > fine for some 1000 messages between client and server , after this we are > getting the tlsv1 alert decrypt error while do ssl_write. > > Please let me the solution to avoid this error. > > Thanks, > Venkat > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How to extend key usage
You need to get familiar yourself with openssl and (SSL). Best way to start is documentation (SSL API) and use demos provided with openssl source code. On 8/16/12, Eric Fowler wrote: > I am a relative OpenSSL newbie, and I have had a task assigned to me > which entails some SSL knowledge. > > My task is to take existing code, and add to it one of the > capabilities in the table. > > I have a X509V3_CTX struct and it has been passed to X509V3_set_ctx(). > I suspect the next step involves X509V3_add_value() but am not sure of > that, nor of the exact procedure. > > Can anyone talk me through this? If I add (say) clientAuth through > this method, is it going to work? > > Thanks > > Eric > > > > Value Meaning > - --- > serverAuth SSL/TLS Web Server Authentication. > clientAuth SSL/TLS Web Client Authentication. > codeSigning Code signing. > emailProtection E-mail Protection (S/MIME). > timeStamping Trusted Timestamping > msCodeInd Microsoft Individual Code Signing (authenticode) > msCodeCom Microsoft Commercial Code Signing (authenticode) > msCTLSign Microsoft Trust List Signing > msSGC Microsoft Server Gated Crypto > msEFS Microsoft Encrypted File System > nsSGC Netscape Server Gated Crypto > __ > OpenSSL Project http://www.openssl.org > User Support Mailing Listopenssl-users@openssl.org > Automated List Manager majord...@openssl.org > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Unregister an index registered with RSA_get_ex_new_index
On Thu, Aug 16, 2012, Felipe Blauth wrote: > Dear all, > > Im writing an OpenSSL engine and I have some internal data to manage via > ex_data functions. > > What I've been doing so far is using RSA_get_ex_new_index(0, NULL, NULL, > NULL, ), at the initialization of the engine to register > a free function for structures allocated when the method > ENGINE_load_private_key (or ENGINE_load_public_key) is called. > To do so, I use the method RSA_set_ex_data(, by RSA_get_ex_new_index> , ) and I do the proper cleanup > at accordingly. > > Everything works fine, except for the fact that, when I finish the engine, > other keys that are not engine related still try to get cleaned up by free function>, which no longer exists, and my program crashes. > > I realize, also, that if I call CRYPTO_cleanup_all_ex_data after finishing > the engine, no problems occur. > > The problem with CRYPTO_cleanup_all_ex_data is that I'm planning to have > multiple engines at the same time, so I'd like to cleanup only the index > created with RSA_get_ex_new_index for an specific engine. > > I tryed to debug the method RSA_get_ex_new_index to figure something out, > but didn't understand it well =p. > There is currently no way to unregister an index. There is a workaround for RSA though. Don't register a free function when you call RSA_get_ex_new_index and instead free up and zero the ex data in the RSA_METHOD finish function instead. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: RSA OAEP with sha256
Hi Martin,
In OpenSSL implementation of OAEP, MGF1 is hardcoded with SHA-1 (look at
the end of the file rsa_oaep.c). Moreover, the function
RSA_padding_add_PKCS1_OAEP is using explicitly SHA-1 as the unique
possible hash. That's why your results are incorrect.
Personally, I overcame these limitations by implementing my own version
of RSA_padding_add_PKCS1_OAEP that accepts any hash and any MGF
implementation. I guess you should do the same.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 8/16/2012 11:27 PM, Martin Kaiser wrote:
Dear all,
I'd like to encrypt some bytes using RSA OAEP with MGF1. Both OAEP and
MGF1 should use sha256 instead of the default sha1.
Does openssl support this at all? I tried something along the lines of
size_t outlen;
int ret;
EVP_PKEY_CTX *ctx;
unsigned char in[] = { some bytes ... };
EVP_PKEY *key = NULL;
RSA *r = NULL;
unsigned char n[] = { ... }; /* 128 bytes */
unsigned char e[] = { 0x01, 0x00, 0x01 };
key = EVP_PKEY_new();
r = RSA_new();
assert(r);
EVP_PKEY_assign_RSA(key, r);
key->pkey.rsa->n = BN_bin2bn(n, sizeof(n), NULL);
key->pkey.rsa->e = BN_bin2bn(e, sizeof(e), NULL);
ctx = EVP_PKEY_CTX_new(key, NULL);
assert(ctx);
ret = EVP_PKEY_encrypt_init(ctx);
assert(ret>=0);
ret = EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING);
assert(ret>=0);
ret = EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_CRYPT,
EVP_PKEY_CTRL_MD, 0, (void *)EVP_sha256);
assert(ret>=0);
ret = EVP_PKEY_encrypt(ctx, out, &outlen, in, sizeof(in));
assert(ret>=0);
assert(outlen==128);
This doesn't fail on any asserts. I tried
ret = EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256());
instead of EVP_PKEY_CTX_ctrl().
This would not work because of a EVP_PKEY_OP_TYPE_... mismatch.
Unfortunately, the output does not seem to be correct, I can't produce
valid messages that are recognized by a receiving side that's known to
work with oeap sha256.
Does anyone see what I'm doing wrong here? Or does anyone have test
vectors so that I can verify my code? I know there's test vectors from
rsasecurity but they're only for oaep sha1.
Thanks in advance for your help,
Martin
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: RSA OAEP with sha256
On Thu, Aug 16, 2012, Martin Kaiser wrote:
> Dear all,
>
> I'd like to encrypt some bytes using RSA OAEP with MGF1. Both OAEP and
> MGF1 should use sha256 instead of the default sha1.
>
> Does openssl support this at all? I tried something along the lines of
>
>size_t outlen;
>int ret;
>EVP_PKEY_CTX *ctx;
>unsigned char in[] = { some bytes ... };
>
>EVP_PKEY *key = NULL;
>RSA *r = NULL;
>
>unsigned char n[] = { ... }; /* 128 bytes */
>unsigned char e[] = { 0x01, 0x00, 0x01 };
>
>key = EVP_PKEY_new();
>r = RSA_new();
>assert(r);
>EVP_PKEY_assign_RSA(key, r);
>key->pkey.rsa->n = BN_bin2bn(n, sizeof(n), NULL);
>key->pkey.rsa->e = BN_bin2bn(e, sizeof(e), NULL);
>
>ctx = EVP_PKEY_CTX_new(key, NULL);
>assert(ctx);
>
>ret = EVP_PKEY_encrypt_init(ctx);
>assert(ret>=0);
>
>ret = EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING);
>assert(ret>=0);
>
>ret = EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_CRYPT,
> EVP_PKEY_CTRL_MD, 0, (void *)EVP_sha256);
>assert(ret>=0);
>
>ret = EVP_PKEY_encrypt(ctx, out, &outlen, in, sizeof(in));
>assert(ret>=0);
>assert(outlen==128);
>
>
> This doesn't fail on any asserts. I tried
>
> ret = EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256());
>
> instead of EVP_PKEY_CTX_ctrl().
> This would not work because of a EVP_PKEY_OP_TYPE_... mismatch.
>
> Unfortunately, the output does not seem to be correct, I can't produce
> valid messages that are recognized by a receiving side that's known to
> work with oeap sha256.
>
> Does anyone see what I'm doing wrong here? Or does anyone have test
> vectors so that I can verify my code? I know there's test vectors from
> rsasecurity but they're only for oaep sha1.
>
You aren't doing anything wrong, it's just that OpenSSL currently is hard
coded with sha1 for OAEP. This will be addressed at some point.
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
RSA OAEP with sha256
Dear all,
I'd like to encrypt some bytes using RSA OAEP with MGF1. Both OAEP and
MGF1 should use sha256 instead of the default sha1.
Does openssl support this at all? I tried something along the lines of
size_t outlen;
int ret;
EVP_PKEY_CTX *ctx;
unsigned char in[] = { some bytes ... };
EVP_PKEY *key = NULL;
RSA *r = NULL;
unsigned char n[] = { ... }; /* 128 bytes */
unsigned char e[] = { 0x01, 0x00, 0x01 };
key = EVP_PKEY_new();
r = RSA_new();
assert(r);
EVP_PKEY_assign_RSA(key, r);
key->pkey.rsa->n = BN_bin2bn(n, sizeof(n), NULL);
key->pkey.rsa->e = BN_bin2bn(e, sizeof(e), NULL);
ctx = EVP_PKEY_CTX_new(key, NULL);
assert(ctx);
ret = EVP_PKEY_encrypt_init(ctx);
assert(ret>=0);
ret = EVP_PKEY_CTX_set_rsa_padding(ctx, RSA_PKCS1_OAEP_PADDING);
assert(ret>=0);
ret = EVP_PKEY_CTX_ctrl(ctx, -1, EVP_PKEY_OP_TYPE_CRYPT,
EVP_PKEY_CTRL_MD, 0, (void *)EVP_sha256);
assert(ret>=0);
ret = EVP_PKEY_encrypt(ctx, out, &outlen, in, sizeof(in));
assert(ret>=0);
assert(outlen==128);
This doesn't fail on any asserts. I tried
ret = EVP_PKEY_CTX_set_signature_md(ctx, EVP_sha256());
instead of EVP_PKEY_CTX_ctrl().
This would not work because of a EVP_PKEY_OP_TYPE_... mismatch.
Unfortunately, the output does not seem to be correct, I can't produce
valid messages that are recognized by a receiving side that's known to
work with oeap sha256.
Does anyone see what I'm doing wrong here? Or does anyone have test
vectors so that I can verify my code? I know there's test vectors from
rsasecurity but they're only for oaep sha1.
Thanks in advance for your help,
Martin
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Unregister an index registered with RSA_get_ex_new_index
Dear all, Im writing an OpenSSL engine and I have some internal data to manage via ex_data functions. What I've been doing so far is using RSA_get_ex_new_index(0, NULL, NULL, NULL, ), at the initialization of the engine to register a free function for structures allocated when the method ENGINE_load_private_key (or ENGINE_load_public_key) is called. To do so, I use the method RSA_set_ex_data(, , ) and I do the proper cleanup at accordingly. Everything works fine, except for the fact that, when I finish the engine, other keys that are not engine related still try to get cleaned up by , which no longer exists, and my program crashes. I realize, also, that if I call CRYPTO_cleanup_all_ex_data after finishing the engine, no problems occur. The problem with CRYPTO_cleanup_all_ex_data is that I'm planning to have multiple engines at the same time, so I'd like to cleanup only the index created with RSA_get_ex_new_index for an specific engine. I tryed to debug the method RSA_get_ex_new_index to figure something out, but didn't understand it well =p. Thank you. -- Felipe Menegola Blauth
Re: [openssl-users] OpenSSL OCSP
Le 16/08/2012 18:38, adrien pisarz a écrit : Ps: does anyone know why the engine option is not available with ocsp and the private key must be in a file instead of store securely in a HSM ? As said by Dr Henson, this is only a testing tool, not a production service. If you need a production-grade system, you'll have to write your own using the API. -- Erwann ABALEA
How to extend key usage
I am a relative OpenSSL newbie, and I have had a task assigned to me which entails some SSL knowledge. My task is to take existing code, and add to it one of the capabilities in the table. I have a X509V3_CTX struct and it has been passed to X509V3_set_ctx(). I suspect the next step involves X509V3_add_value() but am not sure of that, nor of the exact procedure. Can anyone talk me through this? If I add (say) clientAuth through this method, is it going to work? Thanks Eric Value Meaning - --- serverAuth SSL/TLS Web Server Authentication. clientAuth SSL/TLS Web Client Authentication. codeSigning Code signing. emailProtection E-mail Protection (S/MIME). timeStamping Trusted Timestamping msCodeInd Microsoft Individual Code Signing (authenticode) msCodeCom Microsoft Commercial Code Signing (authenticode) msCTLSign Microsoft Trust List Signing msSGC Microsoft Server Gated Crypto msEFS Microsoft Encrypted File System nsSGC Netscape Server Gated Crypto __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Elliptic Curve key generation help
Hi,
Thanks for the response. I still have a small problem regarding ECDSA key
generation. I have the following code to generate ECDSA public/private key pair:
EC_KEY *ecKey = EC_KEY_new();
> if (ecKey == NULL)
> return ERR_CODE_ECDSA_EC_KEY_NEW_EXCEPTION;
>
>
>
> EC_GROUP *group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
> if (group == NULL)
> return ERR_CODE_ECDSA_EC_GROUP_NEW_BY_CURVE_NAME_EXCEPTION;
>
>
>
> EC_KEY_set_group(ecKey, group);
>
>
>
>
>
> if (!EC_KEY_generate_key(ecKey))
> return ERR_CODE_ECDSA_EC_KEY_GENERATE_KEY;
>
>
>
> BIO* memoryBioPriKey = BIO_new(BIO_s_mem());
>
> PEM_write_bio_ECPrivateKey(memoryBioPriKey, ecKey, NULL, NULL, 0, NULL,
>NULL);
> char* pchPriKey = NULL;
> pchPriKey = new char[4096];
> BIO_read(memoryBioPriKey, pchPriKey, 4096);
> strPrivateKey.assign(pchPriKey);
>
> iPrivateKeyLen = strPrivateKey.length();
> BIO_free(memoryBioPriKey);
> if (pchPriKey != NULL) {
> delete []pchPriKey;
> pchPriKey = NULL;
> }
> ERR_print_errors_fp(stderr);
>
>
> BIO* memoryBioPubKey = BIO_new(BIO_s_mem());
> PEM_write_bio_EC_PUBKEY(memoryBioPubKey, ecKey);
> char* pchPubKey = NULL;
> pchPubKey = new char[4096];
> BIO_read(memoryBioPubKey, pchPubKey, 4096);
> strPublicKey.assign(pchPubKey);
>
> iPublicKeyLen = strPublicKey.length();
> BIO_free(memoryBioPubKey);
> if (pchPubKey != NULL) {
> delete []pchPubKey;
> pchPubKey = NULL;
> }
The generated public key and private key look like this, which is not meaning
full:
-BEGIN PUBLIC KEY-
>MIIBSzCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP8B
>MFsEIP8B
>///8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMVAMSd
>NgiG5wSTamZ44ROdJreBn36QBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5
>RdiYwpZP40Li/hp/m47n60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP8A
>//+85vqtpxeehPO5ysL8YyVRAgEBA0IABCESPFrTQknk/kDJ8aYTi4Nb
>751jubWetBy2TFX4rGZthD7h4W04E1cXDqQB+yFKgNiT1hg+5857SrHSuzxOo0Q=
>-END PUBLIC KEY-
>
>>
>
>>
>
>>
>-BEGIN EC PRIVATE KEY-
>MIIBaAIBAQQgV+8Lgl7Tu0v/CnS3HdkqE59UEHFzUZTy1rJheMoUUYuggfowgfcC
>AQEwLAYHKoZIzj0BAQIhAP8B
>MFsEIP8B///8BCBaxjXYqjqT57Pr
>vVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMVAMSdNgiG5wSTamZ44ROdJreBn36QBEEE
>axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpZP40Li/hp/m47n60p8D54W
>K84zV2sxXs7LtkBoN79R9QIhAP8A//+85vqtpxeehPO5ysL8
>YyVRAgEBoUQDQgAEIRI8WtNCSeT+QMnxphOLg1vvnWO5tZ60HLZMVfisZm2EPuHh
>bTgTVxcOpAH7IUqA2JPWGD7nzntKsdK7PE6jRA==
>-END EC PRIVATE KEY-
Any idea what are these extra characters inside the public key and private key?
It is really strange to me. Maybe I'm not using the openssl APIs in the correct
sequence. Any idea?
From: Jason Goldberg
To: ""
Sent: Wednesday, August 15, 2012 2:35 PM
Subject: Re: Elliptic Curve key generation help
You can actually skip the step of using the BN functions and write your keypair
directly to PEM format:
PEM_write_bio_ECPrivateKey
You can then use the BIO functions to either read a string from memory, write
it to file, etc. See: http://www.openssl.org/docs/crypto/bio.html#
Jason
On Aug 15, 2012, at 5:59 AM, Mohammad khodaei
wrote:
Hi,
>
>
>Based on the previous conversations, I tried to generate Elliptic Curve
>public/Private key pair. I want to convert the output BIGNUM* to char* in
>order to perform the rest of my task. Using BN_bn2hex is the correct api to do
>this? It seems it returns a 32 byte Hex while when I generate EC keys by
>command, it is much bigger. I want an output like this for public key and
>private key:
>
>
>-BEGIN EC PARAMETERS-
>>BggqhkjOPQMBBw==
>>-END EC PARAMETERS-
>>-BEGIN EC PRIVATE KEY-
>>MHcCAQEEIDbJzdK8bkYoC4CsuFCBBGPHg21AC1vHh7Dg67tTZ8z9oAoGCCqGSM49
>>AwEHoUQDQgAEuhRNaqvmtnVpzewv8g3zh2PDh1FwoojEQguGKGCseKffEIoLn6ua
>>Vn9cpsV7OX5hvcafIyqC+gIPuJovPi0Buw==
>>-END EC PRIVATE KEY-
>
>
>
>
>and
>
>
>-BEGIN PUBLIC KEY-
>>MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEuhRNaqvmtnVpzewv8g3zh2PDh1Fw
>>oojEQguGKGCseKffEIoLn6uaVn9cpsV7OX5hvcafIyqC+gIPuJovPi0Buw==
>>-END PUBLIC KEY-
>
>
>
>
>Here is my code:
>
>
> EC_KEY *ecKey = EC_KEY_new();
> EC_GROUP *group = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
> EC_KEY_set_group(ecKey, group);
>
>
> int iECGenKey = EC_KEY_generate_key(ecKey);
>
>
> BIGNUM *pPubKey, *pPrivKey;
>
>
> pPrivKey = (BIGNUM*) EC_KEY_get0_private_key(ecKey);
> char* pchPrivKey = BN_bn2hex(pPrivKey);
> int nBytes = BN_num_bytes(pPrivKey);
>
>
> string strPrivKey;
> strPrivKey.assign(pchPrivKey);
> if (pPrivKey != NULL)
> OPENSSL_free(pPrivKey);
>
>
> pPubKey = (BIGNUM*) EC_KEY_get0_public_key(ecKey);
> char* pchPubKey = BN_bn2hex(pPubKey);
> string strPubKey;
> strPub
RE: [openssl-users] OpenSSL OCSP
Hi, The tests were made on a 0.9.8 version. I will update to a 1.0 or higher and keep you inform. regardsadrien Ps: does anyone know why the engine option is not available with ocsp and the private key must be in a file instead of store securely in a HSM ?From: smad...@adobe.com To: openssl-users@openssl.org CC: apis...@hotmail.com Date: Tue, 14 Aug 2012 11:29:53 -0700 Subject: RE: [openssl-users] OpenSSL OCSP Hi Adrien, Just out of curiosity, what version of OpenSSL are you using? I can get OCSP to work with version 0.9.8, but not 1.0 or later and I’m looking to see if anyone else has had any luck with the current version. Thanks,Steve From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Erwann Abalea Sent: Tuesday, August 14, 2012 10:35 AM To: openssl-users@openssl.org Cc: adrien pisarz Subject: Re: [openssl-users] OpenSSL OCSP Bonjour, Answers inline. -- Erwann ABALEA Le 14/08/2012 19:03, adrien pisarz a écrit :Hi, I have several questions about the ocsp functionnality. I read many articles before asking those questions and unfortunetaly I still don't have the answers. Maybe you can help me. Fist of all, here is my ocsp configuration : openssl ocsp -index index_prod.txt -CAfile OpCA.pem -rsigner ocsp.crt -rkey ocsp.key -port 3456 -text -out /home/userocsp/ocsp_responder.log The file index is populated by a self-made script, the ocsp.crt (resp. key) is a certificate (resp. key) which contains the ocsp signature extensions the OpCA.pem contains the subAC certificate Here are my questions : 1. Why the ocsp client work only if the -VAFile is set and otherwise I got a signature error ? Is there a way to solve this issue ? Maybe because the responder is not one of: - the CA that signed the certificate you're requesting the status on - a designated responder directly signed by the CA that signed the certificate you're requesting the status on Reread RFC2560. If you're instanciating the third possible responder type (trusted responder whose public key is trusted by the requester), then you obviously need to inform the client/requester. You didn't provide elements on who signed who, so that's just a guess. 2. If I wan manage several subAC should I open a port foreach subCA ? With the command-line tool, yes. If you need to have more CAs, then you could probably try something more suited than the command-line tools. The command-line tool also doesn't respond to GET requests, only POST ones. 3. Why the ocsp responder requires that all the certificates (even the valide's one) must be present in the index.txt in order to provide a correct answer ? I was expected that openssl will check the certificate signature and if the serial is not present in the index.txt, it will answer good and not unknow. Design choice. You're giving the responder a database, so it supposed to know *all* the certificates. OCSP can be based on CRLs (black-list), but that's not implemented by the tool. If that's what you want, you'll have to write your own. 4. As said, the openssl responder is working but a IHS server is not abble to validate his answer and I got those errors : [...]Does anyone know how to configure an IHS with an openssl ocsp responder ? You may ask your provider for this, not OpenSSL.
Re: X509 certificate algorithm
On Thu, Aug 16, 2012, Kenneth Goldman wrote: > I call these: > > d2i_X509() > X509_print_fp() > > which calls > pkey_set_type() > EVP_PKEY_asn1_find() > and that call fails. > > I've traced the following error down to the rsaOAEP algorithm, which has a > nid of 919. I've included both the openssl and dumpasn1 dump of the > X509 certificate. Am I doing something wrong in openssl, or is there > a problem with the certificate? I tried certificates from two > vendors, and they both fail at the same point. > > Well the problem is that OpenSSL doesn't currently support OAEP certificates. I've never come across one so if you could send an example that would be useful. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
X509 certificate algorithm
I call these:
d2i_X509()
X509_print_fp()
which calls
pkey_set_type()
EVP_PKEY_asn1_find()
and that call fails.
I've traced the following error down to the rsaOAEP algorithm, which has a
nid of 919. I've included both the openssl and dumpasn1 dump of the
X509 certificate. Am I doing something wrong in openssl, or is there
a problem with the certificate? I tried certificates from two
vendors, and they both fail at the same point.
X509_print_fp() gives
Subject Public Key Info:
Public Key Algorithm: rsaesOaep
Unable to load Public Key
140243704706728:error:0609E09C:lib(6):func(158):reason(156):p_lib.c:239:
140243704706728:error:0B07706F:lib(11):func(119):reason(111):x_pubkey.c:155:
~~
dumpasn1 gives ()
152 0: . . SEQUENCE {}
154 351: . . SEQUENCE {
158 74: . . . SEQUENCE {
160 9: . . . . OBJECT IDENTIFIER rsaOAEP (1 2 840 113549 1 1 7)
: . . . . . (PKCS #1)
171 61: . . . . SEQUENCE {
173 11: . . . . . [0] {
175 9: . . . . . . SEQUENCE {
177 5: . . . . . . . OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: . . . . . . . . (OIW)
184 0: . . . . . . . NULL
: . . . . . . . }
: . . . . . . }
186 24: . . . . . [1] {
188 22: . . . . . . SEQUENCE {
190 9: . . . . . . . OBJECT IDENTIFIER pkcs1-MGF (1 2 840 113549 1 1 8)
: . . . . . . . . (PKCS #1)
201 9: . . . . . . . SEQUENCE {
203 5: . . . . . . . . OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
: . . . . . . . . . (OIW)
210 0: . . . . . . . . NULL
: . . . . . . . . }
: . . . . . . . }
: . . . . . . }
212 20: . . . . . [2] {
214 18: . . . . . . SEQUENCE {
216 9: . . . . . . . OBJECT IDENTIFIER
: . . . . . . . . rsaOAEP-pSpecified (1 2 840 113549 1 1 9)
: . . . . . . . . (PKCS #1)
227 5: . . . . . . . OCTET STRING 54 43 50 41 00 TCPA.
: . . . . . . . }
: . . . . . . }
: . . . . . }
: . . . . }
234 271: . . . BIT STRING, encapsulates {
239 266: . . . . SEQUENCE {
243 257: . . . . . INTEGER
: . . . . . . 00 FB FD F9 09 63 15 A4.c..
: . . . . . . 62 5F 79 C7 A9 E2 F8 FFb_y.
: . . . . . . B4 C9 68 2F 32 F0 D4 3A..h/2..:
: . . . . . . 78 AF A3 51 D1 95 DF E3x..Q
: . . . . . . 83 BE BF 74 D2 61 03 F6...t.a..
: . . . . . . 82 8C D6 3C C6 86 1A 73...<...s
: . . . . . . 09 5A A5 9E 5D 1B D6 D8.Z..]...
: . . . . . . 72 50 BE 02 D7 0A 8B 8CrP..
: . . . . . . BC BF 92 CF 7D 25 62 E0}%b.
: . . . . . . D5 96 4D 04 96 95 83 24..M$
: . . . . . . A5 23 1E 10 21 06 16 06.#..!...
: . . . . . . BF 33 99 F7 D1 F0 BF 18.3..
: . . . . . . 7C B3 1E B6 D2 20 F6 DF| ..
: . . . . . . 09 52 F5 2C 3E D0 2D 82.R.,>.-.
: . . . . . . D8 AB A6 6A 34 73 8E 9E...j4s..
: . . . . . . D8 B7 7B 4B 5F DE 4B 9F..{K_.K.
: . . . . . . 31 4A 7D C4 EC 81 EC 231J}#
: . . . . . . 79 AD E4 78 DA 52 41 BBy..x.RA.
: . . . . . . 03 6B 1A 3F 9C A6 E5 7F.k.?
: . . . . . . 3F B9 62 03 55 01 E7 44?.b.U..D
: . . . . . . C9 88 B5 90 A8 CE 3E E3..>.
: . . . . . . 62 D2 34 56 E8 02 C2 F4b.4V
: . . . . . . 09 4E 58 71 32 29 D4 DF.NXq2)..
: . . . . . . 05 8B 37 58 06 66 9A 91..7X.f..
: . . . . . . 1A 20 B2 3A 0A 5F 35 F2. .:._5.
: . . . . . . 9E 7A 39 79 EA 97 1D B0.z9y
: . . . . . . 39 2B AA 93 BB 94 8F 159+..
: . . . . . . 30 03 C5 38 28 53 1D 610..8(S.a
: . . . . . . 3E EB AB 3B E7 98 96 A1>..;
: . . . . . . D2 35 0E 3D 37 26 F9 D0.5.=7&..
: . . . . . . 93 05 99 B3 0C 4C B7 FA.L..
: . . . . . . C4 36 BB 52 D1 B6 D5 9E.6.R
: . . . . . . D7 .
504 3: . . . . . INTEGER 65537
: . . . . . }
: . . . . }
: . . . }
--
Ken Goldman kgold...@us.ibm.com
914-784-7646 (863-7646)
Re: How do session accept timeout with OpenSSL
* Charles Mills [2012-08-15 17:31]: > Every OpenSSL example I have seen uses BIO, but there is no need to use > BIO, right (unless one wants I/O-type-independence). That's right, though the socket BIO methods also abstract away quite a few obscure platform specifics. > I have eliminated all of my BIO usage. I'm using normal TCP/IP bind(), > select(), accept(), and then SSL_set_fd(ssl, socket) and SSL_accept(); I > then use SSL_read() to read data on the session. It seems to be working > (with some loose ends, but I am getting farther than before). > > Is there anything wrong with this approach? No. However, SSL_set_fd() automatically creates a socket BIO, so you don't save an abstraction layer by setting up the socket manually. > What about the select? Is there some sort of BIO_select()? There's no such thing, but you could retrieve the underlying socket descriptor with BIO_get_fd() and call select() on that. Holger __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
