Re: documentation on installation

[Charles Mills]

Perhaps not on an OpenSSL list?You might try stackoverflow.comCharlesSent from 
a mobile; please excuse the brevity.
 Original message From: Dawn Cassara  
Date: 8/5/19  5:53 PM  (GMT-05:00) To: openssl-users@openssl.org Subject: 
documentation on installation Where would I find the easiest, most 
comprehensive installation instructions for Windows 2012 r2?-- Dawn 
Cassara832-224-6826 / 314-332-0279Houston / St. Louis Reputation Management
http://HoustonRepManagement.com
http://StLouisRepManagement.com

Re: [openssl-users] in the department of "ain't no perfect"

[Charles Mills]

Temporary solutions that "work" tend to become permanent solutions.

That's how products end up shipping with hard-coded admin passwords or similar 
back doors.

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of 
Hubert Kario
Sent: Wednesday, January 16, 2019 6:47 AM
To: Eliot Lear
Cc: openssl-users@openssl.org
Subject: Re: [openssl-users] in the department of "ain't no perfect"

On Wednesday, 16 January 2019 13:22:53 CET Eliot Lear wrote:
> Hi Hubert
> 
> On 16.01.19 12:27, Hubert Kario wrote:
> > For maintaining signatures that need to be valid long into the 
> > future standards like CAdES should be used. They keep time of 
> > signing in timestamps signed by trusted time-stamping authorities, 
> > along with the rest of revocation data necessary to verify the original 
> > signature.
> 
> Understood.  At this point in the maturity cycle of the technology, 
> we're just not there yet.  My choices are, have people ignore invalid 
> signatures in their entirety or provide something more nuanced for now.

you don't have to start with implementing the full CAdES-LTA, you can start 
with just adding support for timestamping, the CAdES-T

using time from the signature to verify it is as good as ignoring the 
certificate expiration date - if you need to make the signatures verifiable 
now, do that, not use the false sense of security of using easily fakeable date

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] in the department of "ain't no perfect"

[Charles Mills]

Leaping into something where I really don't know what I am talking about, does 
not code signing do that routinely? I can install software signed with a 
certificate that has expired, provided it had not expired when the code was 
signed.

Does that help, or it is just useless chatter about something you already knew?

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of 
Eliot Lear
Sent: Tuesday, January 15, 2019 7:29 AM
To: openssl-users@openssl.org
Subject: [openssl-users] in the department of "ain't no perfect"

I realize things haven't been made easy to do this on purpose, and that there's 
even a comment in one of the man pages to that effect, but here goes...

I have an application that requires long-lived signatures, perhaps long past 
the point where the signer's cert has expired.  I'd like a way to extract the 
signature date from a CMS structure.  With all the opaque structs that have 
been introduced in the last few releases, it's not clear to me how to do that.  
Any examples or guidance (other than don't do that)?

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Close TCP socket after SSL_clear()?

[Charles Mills]

Thanks @Michael. I read up on TIME_WAIT Assassination.

I think that sort of thing may have been the problem I was trying to fix.
After an "error" disconnection, the customer was reporting that their client
could not re-connect. I had trouble getting good traces out of the customer,
but I suspect the problem was that the underlying TCP connection was still
hanging.

I have never in my life touched SO_LINGER. There is no socket duplication,
fork(), or the like.

Thanks again,

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Michael Wojcik
Sent: Saturday, January 12, 2019 6:20 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Close TCP socket after SSL_clear()?

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of
> Charles Mills
> Sent: Friday, January 11, 2019 17:06
>
> >SSL_shutdown(connection) || SSL_shutdown(connection);
>
> I like it! (Not!)
>
> I don't pretend to be a bits and bytes expert on TCP protocol. You can't
be
> an expert on everything.
>
> So I will listen to expert advice. I know 99% of you all are 'nix guys and
> this is a Windows problem. I am seeing OTOH where my Windows doc says
> closesocket() does an abortive termination, and OTOH a discussion of a
> graceful closesocket() with SO_LINGER/SO_DONTLINGER.
>
> (1) This code is (at the application level) purely a receiver of data and
> (2) without the TLS layer in place it is hard to picture any meaningful
data
> transfer and (3) we are in a session cleanup situation anyway -- so it
seems
> to me that an abortive disconnect is perfectly fine. Am I wrong?

Yes, you're wrong. You don't want an abortive disconnect.

A TCP connection can be closed in four (or five) ways:

1. Normal close, which involves the FIN / FIN-ACK / ACK sequence. When the
last ACK is received, both sides know that all data has been received by the
peer stack, and at the point when the corresponding ACK was generated, the
peer "believed" it would be able to deliver the data to the application
eventually. (That is, the stack hadn't been informed that the application's
identifier for the connection - the socket - had been closed.)

2. Abortive close, which involves a RST from one side to the peer, and
that's it. RST is a one-way, unacknowledged flow. There are a number of
reasons why it's undesirable, some of which I'll go into below.

3. Abortive close due to network management message: the stack receives an
ICMP message indicating a packet could not be delivered, such as
HOST_UNREACH. From the application's point of view, the result is similar to
#2, except for the particular error code it sees.

4. Timeout from TCP retransmit, either for an application send or, if it's
enabled, TCP keepalive.

5. Arguably a separate case: 1-3 but generated by a middlebox, such as as a
router, or an application firewall. In other words, the connection is forced
closed by someone spoofing the peer. From the application's point of view,
that makes no difference.

Applications should almost never use an abortive close. TCP is intended to
be a reliable (best-effort) stream transport, and it can only meet its
(already weak) service guarantees if you let it acknowledge all application
data and close the conversation cleanly.

Now, when you have a higher-level conversation protocol such as TLS, and the
higher-level protocol has already negotiated end-of-conversation, that may
not seem important; the peers have agreed that they're not going to send
anything more. That assumes, however, that the peers are well-behaved. And
it is at the very least notionally cleaner to let the conversation close
normally.

Beyond that, an abortive close can cause TIME_WAIT Assassination, which is a
Bad Thing. If you don't know what TIME_WAIT Assassination is, that's a sign
you shouldn't be doing abortive closes. Don't invoke extraordinary behavior
you don't understand.

Now, all that said: Winsock closesocket will NOT do an abortive disconnect
if you have not mucked with the SO_LINGER socket option (which you should
not do unless you understand TCP). I don't know what documentation you saw
that claims otherwise, but it's wrong.

Calling shutdown before closesocket won't hurt anything, but (if you use the
pattern that we've discussed in this thread) won't do anything useful
either, in most cases.

One case I forgot in my previous discussion: It's worth remembering that
close/closesocket operates on a single reference to the connection, while
shutdown operates on the connection itself. That is, the logic for
close/closesocket is notionally something like this:

   close the descriptor/handle
   decrement the conversation's reference count
   if the reference count is 0
  if connection is still open for sending
 shutdown(SHUT_WR)
  if connection is still open for receiving
 shutdown(SHUT_RD)

In the c

Re: [openssl-users] Close TCP socket after SSL_clear()?

[Charles Mills]

>SSL_shutdown(connection) || SSL_shutdown(connection);

I like it! (Not!)

I don't pretend to be a bits and bytes expert on TCP protocol. You can't be
an expert on everything.

So I will listen to expert advice. I know 99% of you all are 'nix guys and
this is a Windows problem. I am seeing OTOH where my Windows doc says
closesocket() does an abortive termination, and OTOH a discussion of a
graceful closesocket() with SO_LINGER/SO_DONTLINGER.

(1) This code is (at the application level) purely a receiver of data and
(2) without the TLS layer in place it is hard to picture any meaningful data
transfer and (3) we are in a session cleanup situation anyway -- so it seems
to me that an abortive disconnect is perfectly fine. Am I wrong?

Thanks for all of your help.

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Michael Wojcik
Sent: Friday, January 11, 2019 12:48 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Close TCP socket after SSL_clear()?

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of Karl Denninger
> Sent: Friday, January 11, 2019 13:04

>if (!SSL_shutdown(connection)) {
>SSL_shutdown(connection)
>}

Or if you really want to baffle future maintainers:

SSL_shutdown(connection) || SSL_shutdown(connection);

> The underlying handle is still open at the OS level after this, so on Unix
anyway you want
> to notify the OS that the socket is invalid for further I/O and then close
it.
> ...
>shutdown(slave_socket[x].fd, SHUT_RDWR);
>close(slave_socket[x].fd);

Maybe I'm missing something, but I don't see much advantage to calling
shutdown(SHUT_RDRW) and then immediately calling close(). close will
implicitly do what shutdown does, in the normal case, including trying to
send unsent data and waiting (for a while) for any remaining ACKs.

If there's unsent or un-ACK'd data, shutdown will attempt to send it until
the TCP retransmit limit is reached; that's normally longer than the linger
time for the socket, so shutdown could try harder, and by the same token
block longer, than close. But the same effect can be achieved by setting a
longer linger time for the socket and just calling close.

Similarly, if linger has been disabled (by setting the SO_LINGER option
appropriately), then close will just abort the connection (i.e. send an RST,
rather than a FIN, and not wait for the corresponding FIN-ACK; or if the
peer sent the FIN, send an RST rather than a FIN-ACK and not wait for the
last ACK). But anyone who disables linger on a TLS connection gets what they
deserve.

shutdown is generally useful if:

- You only want a half-close (which is rarely used, even when it would be
useful, and isn't generally appropriate for a TLS connection).

- You want a full close, but you want to be able to retrieve the error
information from the socket if the close fails. In that case, use shutdown,
followed by getsockopt(SO_ERROR) if shutdown returns an error, followed by
close. But your code is ignoring the return value from shutdown and not
using getsockopt(SO_ERROR).

The real question is: will the application do anything differently if any
remaining outbound data - which there shouldn't be because at this point
we've tried to do a blocking SSL_shutdown - can't be sent, and the closing
FIN / FIN-ACK / ACK handshake completed, within the default linger time? And
if so, will the application do anything that can't be achieved by just
increasing the linger time?

I think it'd be nice if more non-trivial applications used
shutdown(SHUT_RDWR) + getsockopt(SO_ERROR) + close, and reported the error
(if there is one) for diagnostic purposes. But beyond that there isn't a lot
most applications can do, and for most a simple close is probably going to
be fine.

But as I said I may have overlooked some good reason for this particular
code pattern.

--
Michael Wojcik
Distinguished Engineer, Micro Focus



-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Close TCP socket after SSL_clear()?

[Charles Mills]

@Karl, thanks, I'm not sure of anything. This was my first OpenSSL project
and I just hacked on it until it "worked." It's been working for years but
now we are seeing a re-connection error.

 

So, it sounds like

 

. Do the SSL_shutdown() a second time if it returns 0.

. Lose the SSL_clear()

. There is an SSL_free() in there following the snippet I pasted -
leave it in there

. Clean up the underlying socket appropriately. Looks like perhaps
shutdown(socket, SD_BOTH) is the Windows equivalent of SHUT_RDWR - followed
by closesocket()

 

Thanks again!

 

Charles

 

From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Karl Denninger
Sent: Friday, January 11, 2019 10:04 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Close TCP socket after SSL_clear()?

 

 

On 1/10/2019 17:07, Charles Mills wrote:

On Windows, for a new session, I am issuing a Windows accept() followed by
SSL_new(), SSL_set_fd() and so forth.

 

When the session sees some sort of an abnormal receive condition, I am doing

 

   int retCode = SSL_get_shutdown(sessionSSL);

   if ( retCode & SSL_RECEIVED_SHUTDOWN )

   {

  SSL_shutdown(sessionSSL);

   }

   else

   {

  SSL_clear(sessionSSL);

   }

 

Questions:

 

1.   Do I also need to do a closesocket() (equivalent to UNIX close())
on the Windows socket?

2.   Does anyone want to critique the above logic in any other way?

 

The code basically "works" but I see evidence that a Windows TCP session is
still open following an SSL error.

 

Thanks,

 

Charles Mills




 

Are you sure you want to use SSL_clear() in the first place?  It retains the
session's settings which is only useful if the *exact* same peer is going to
reconnect on the same SSL object.  If a *different* peer connects there's a
decent shot that the connection will fail.

You also likely want to call SSL_shutdown(connection) again IF the first
call returns zero; the first one sends a notification and if the other end
hasn't closed yet returns zero.  The second waits for a termination, either
normal notification or abnormal, from the other end.

if (!SSL_shutdown(connection)) {
SSL_shutdown(connection)
}

The underlying handle is still open at the OS level after this, so on Unix
anyway you want to notify the OS that the socket is invalid for further I/O
and then close it.

Code snippet (took_error is a flag that says "this connection is no longer
needed", it's could be either an error in the higher level code or a "we're
all done, let this connection go" indication):

if (slave_socket[x].took_error) {
slave_socket[x].connected = 0;  /* Connection is void */
if (slave_socket[x].ssl_fd != NULL) { /* If there's a
valid SSL connection */
if (!SSL_shutdown(slave_socket[x].ssl_fd)) {
SSL_shutdown(slave_socket[x].ssl_fd);
}
SSL_free(slave_socket[x].ssl_fd);
slave_socket[x].ssl = 0; /* We are not in SSL mode
*/
}
shutdown(slave_socket[x].fd, SHUT_RDWR);
close(slave_socket[x].fd);

. Clean up the rest of the things you need to do
when the connection ends

Since the next connection may come from a different peer I do not use
SSL_clear but rather SSL_free.

The call to shutdown() tells the OS to send any data queued on the socket,
wait for an ACK and then send FIN.

-- 
Karl Denninger
k...@denninger.net
The Market Ticker
[S/MIME encrypted email preferred] 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Close TCP socket after SSL_clear()?

[Charles Mills]

On Windows, for a new session, I am issuing a Windows accept() followed by
SSL_new(), SSL_set_fd() and so forth.

 

When the session sees some sort of an abnormal receive condition, I am doing

 

   int retCode = SSL_get_shutdown(sessionSSL);

   if ( retCode & SSL_RECEIVED_SHUTDOWN )

   {

  SSL_shutdown(sessionSSL);

   }

   else

   {

  SSL_clear(sessionSSL);

   }

 

Questions:

 

1.   Do I also need to do a closesocket() (equivalent to UNIX close())
on the Windows socket?

2.   Does anyone want to critique the above logic in any other way?

 

The code basically "works" but I see evidence that a Windows TCP session is
still open following an SSL error.

 

Thanks,

 

Charles Mills



-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

[Charles Mills]

Those darned customers are asking for it!

I do understand the privacy exposure. Don't know if the customers do or do
not.

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Viktor Dukhovni
Sent: Monday, December 3, 2018 12:40 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Question on necessity of
SSL_CTX_set_client_CA_list

> On Dec 3, 2018, at 3:35 PM, Charles Mills  wrote:
> 
> OCSP and OCSP stapling are currently higher on my wish list than this.

Good luck with OCSP, the documentation could definitely be better, and
various projects get it wrong.  IIRC curl gets OCSP right, so you
could look there for example code, some other projects go through the
motions, but don't always achieve a robust result.

[ FWIW, I don't care much for OCSP, it's often not required, so it is
  then not clear what security properties it provides. ]

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

[Charles Mills]

> zOS does, for example, at least if you're using the RACF security
provider.

Ha! Spoken like a Micro Focus guy! One of the most likely clients for this
server is in fact implemented on z/OS. Just FYI, the key variable is not so
much RACF: (a.) RACF is just (in this case) a certificate store, not a TLS
implementation; and (b.) I think the other two ESM's (CA TSS and ACF2) are
99% equivalent in their certificate facilities.

The TLS implementation is named System SSL (sometimes known as GSK). That is
the TLS library, roughly parallel to OpenSSL. (In fact I don't know of any
other TLS implementation on z/OS other than the OpenSSL port -- but there
could be some.) GSK also implements its own certificate store, but I don't
think it is widely used in production. 

Yes, there would be lots of certificates in the certificate store, but at
least in the case of the client I wrote, you configure it in advance to use
a particular named certificate, so the server application itself does not
have any choice at run time. It is "one certificate, take it or leave it."

Thanks for the heads-up on Windows. I develop for both platforms, but I am
much less familiar with all of the ins and outs of Windows.

OCSP and OCSP stapling are currently higher on my wish list than this.

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Michael Wojcik
Sent: Monday, December 3, 2018 10:58 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Question on necessity of
SSL_CTX_set_client_CA_list

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Charles Mills
> Sent: Monday, December 03, 2018 10:55
>
> Got it. Thanks. I would think the basic client case is "one certificate,
one CA"

I'm going to disagree somewhat with this assumption, but not necessarily
with your decision.

That assumption is probably safe for some use cases, but not all. For
example, Windows-based clients that use Microsoft's TLS implementation
(SChannel, via CAPI or CNG or any of the various wrapper APIs, including the
.NET Framework) have access to all the "personal" certificates in the
Windows per-machine and per-user certificate stores. In a Windows domain
environment, certificates may be added to those stores by central
administration, as well as being created or added locally. So such clients
could have quite a few client certificates available to them.

Some other TLS implementations can optionally use the Windows certificate
stores. I believe Netscape's NSS can be configured to do so, for example. A
suitable JSSE provider is included with the standard Windows JRE and JDK
distributions. And OpenSSL itself has a CAPI engine that can (probably) be
used to pull client certificates from the Windows stores.

(I say "probably" because when we went to use the OpenSSL CAPI engine some
years ago, we ran into some issues caused by Microsoft's awkward provider
mechanism and how it interacts with private-key storage, and I ended up
enhancing the OpenSSL CAPI module in various ways. So I don't recall what
exactly works with it out of the box.)

There are other environments which similarly provide centralized storage of
certificates (and corresponding private keys) to all clients. zOS does, for
example, at least if you're using the RACF security provider.

Perhaps more importantly, as Viktor noted, some clients won't send a
certificate at all unless they have one signed by a CA on the server's list,
or at least only if the server sends a non-empty list.

The list is also useful for clients that want to help the user select from
among a set of certificates.

> so I think I will roll with what we have (especially since the product has
been
> out there for years with no reported problems in this area -- although I
think
> client certificate usage is rare) but keep the issue in mind if a problem
comes
> up.

Despite what I wrote above, the important thing, of course, is what your
users need. If they haven't needed a server that sends a CA list, there's a
good chance they won't need one any time soon. Often there are better things
to address first. TLS configuration is important, but certainly for the
software projects I work on there are any number of important areas for
further work. You can't do everything at once.

--
Michael Wojcik
Distinguished Engineer, Micro Focus

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] [EXTERNAL] Re: Self-signed error when using SSL_CTX_load_verify_locations CApath

[Charles Mills]

LOL. Amen to that. It has gotten a WHOLE lot better. I started with OpenSSL
somewhere around 2010 and the documentation was EXTREMELY sparse to say the
list. Lots of functions documented as "under construction."

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Michael Wojcik
Sent: Monday, December 3, 2018 10:58 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] [EXTERNAL] Re: Self-signed error when using
SSL_CTX_load_verify_locations CApath

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Charles Mills
> Sent: Monday, December 03, 2018 10:53
>
> I appreciate it. OpenSSL is of course a great product but it can be a
little
> mystifying to debug.

If I were ever to write a book about OpenSSL, "a great product but a little
mystifying" would be an appropriate epigraph. Maybe Ivan should use it for
the next edition of his OpenSSL Cookbook. (Recommended, by the way, or its
larger sibling Bulletproof TLS; find them at feistyduck.com.)

Not that it hasn't gotten better over the years: better encapsulation and
abstraction, a lot more convenience functionality, a lot more explanation
and samples on the OpenSSL wiki (which I think didn't even exist when I
first started using OpenSSL). I have great appreciation for the team's
efforts. But SSL/TLS is a great big ball of hair to begin with, and while I
have tremendous respect for Eric Young, Steven Hensen, and the rest of the
original contributors, the OpenSSL source is not exactly a monument to
readability. (Though even in the early versions there were some important
steps in that direction, like mostly consistent, safe naming conventions for
external identifiers, thank goodness.)

--
Michael Wojcik
Distinguished Engineer, Micro Focus

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

[Charles Mills]

Got it. Thanks. I would think the basic client case is "one certificate, one 
CA" so I think I will roll with what we have (especially since the product has 
been out there for years with no reported problems in this area -- although I 
think client certificate usage is rare) but keep the issue in mind if a problem 
comes up.

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of 
Viktor Dukhovni
Sent: Sunday, December 2, 2018 5:50 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

> On Dec 2, 2018, at 7:38 PM, Charles Mills  wrote:
> 
> I have an OpenSSL (v1.1.0f) server application that processes client 
> certificates.
>  
> The doc for SSL_CTX_load_verify_locations() states “In server mode, when 
> requesting a client certificate, the server must send the list of CAs of 
> which it will accept client certificates. This list is not influenced by the 
> contents of CAfile or CApath and must explicitly be set using the 
> SSL_CTX_set_client_CA_list family of functions.”
>  
> The application makes no calls to SSL_CTX_set_client_CA_list() yet receives 
> client certificates without errors.
>  
> Can someone please explain the discrepancy. I’m especially wondering if I 
> have set a trap that will spring down the road: “yes it works, but if a user 
> does X then it will not work.”

The default list is empty.  Some client implementations, IIRC Java's TLS
stack or at least some Java TLS toolkits, will not use a client certificate
unless the server's list is non-empty, and perhaps may also require that it
include a CA name that matches an issuer of their certificate.

Other clients have but one default certificate and use it regardless of the
server's CA list.  Your mileage may vary.

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] [EXTERNAL] Re: Self-signed error when using SSL_CTX_load_verify_locations CApath

[Charles Mills]

I appreciate it. OpenSSL is of course a great product but it can be a little
mystifying to debug.

I am a developer and I understand the problem of "layering" and
virtualization, where the component that realizes there is a problem is so
far removed that it does not know what the underlying real problem is. That
said, I would suggest that "Provided chain ends with untrusted self-signed
certificate" still does not really convey "no relevant CA certificate found
in the provided path."

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Michael Wojcik
Sent: Monday, December 3, 2018 7:22 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] [EXTERNAL] Re: Self-signed error when using
SSL_CTX_load_verify_locations CApath

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Viktor Dukhovni
> Sent: Saturday, December 01, 2018 13:53
>
> On Sat, Dec 01, 2018 at 07:12:24PM +, Michael Wojcik wrote:
>
> > > Are there compatibility concerns around changing error message
> > > text for which users may have created regex patterns in scripts?
> > >
> > > I agree the text could be better, but not sure in what releases
> > > if any to change the text, since the change may cause issues
> > > for some users.
> >
> > Sure, this is always a concern. Maybe the change could be considered for
> > OpenSSL 3.0, since that's a major release.
>
> Care to create a PR against the "master" branch?  Something
> along the lines of:
>
> "Provided chain ends with untrusted self-signed certificate"
>   
> or better.  Here "untrusted" might mean not trusted for the requested
> purpose, but more precise is not always more clear.

I should be able to do that. (My OpenSSL contributor paperwork is still in
progress, but since this PR wouldn't include any actual code, I don't think
I need to wait for that.)

May be a few days before I get a chance to do it.

--
Michael Wojcik
Distinguished Engineer, Micro Focus


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

[Charles Mills]

Do I need to say no calls to SSL_CTX_set_client_CA_list() nor any of the
three related functions listed on the man page?

 

Charles

 

From: Charles Mills [mailto:charl...@mcn.org] 
Sent: Sunday, December 2, 2018 4:38 PM
To: 'openssl-users@openssl.org'
Subject: Question on necessity of SSL_CTX_set_client_CA_list

 

I have an OpenSSL (v1.1.0f) server application that processes client
certificates.

 

The doc for SSL_CTX_load_verify_locations() states "In server mode, when
requesting a client certificate, the server must send the list of CAs of
which it will accept client certificates. This list is not influenced by the
contents of CAfile or CApath and must explicitly be set using the
SSL_CTX_set_client_CA_list family of functions."

 

The application makes no calls to SSL_CTX_set_client_CA_list() yet receives
client certificates without errors.

 

Can someone please explain the discrepancy. I'm especially wondering if I
have set a trap that will spring down the road: "yes it works, but if a user
does X then it will not work."

 

Thanks!

 

Charles 

 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Self-signed error when using SSL_CTX_load_verify_locations CApath

[Charles Mills]

Sorry, I do not have a packet capture tool configured.

I have a verify callback with a lot of trace messages. I can see that it is
only entered once; X509_STORE_CTX_get_error_depth() is 1.

Does that tell us anything useful?

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Kyle Hamilton
Sent: Saturday, December 1, 2018 10:29 PM
To: openssl-users
Subject: Re: [openssl-users] Self-signed error when using
SSL_CTX_load_verify_locations CApath

Wireshark and other packet capture tools can help you determine
exactly what's in the chain sent by the client.  If the self-signed
root isn't being sent, then the "self-signed certificate in
certificate chain" error should never have been sent, and a bug report
on that issue would be appropriate.

If the root is being sent, though, having some idea of what you're
doing when constructing your sessions could help us to figure out why
it is when you didn't intend it to be.

-Kyle H
On Sat, Dec 1, 2018 at 1:47 PM Charles Mills  wrote:
>
> > It was found in the chain of certificates sent by the client to the
> > server for validation
>
> Again, I could be wrong but that is my point. I do not think the client is
> sending a chain of certificates, but rather only one, the CA-signed client
> certificate. (I wrote and configured the client, and generated the
> certificate, and loaded it into the certificate store.)
>
> Charles
>
> -Original Message-
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
Of
> Viktor Dukhovni
> Sent: Saturday, December 1, 2018 12:47 PM
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] Self-signed error when using
> SSL_CTX_load_verify_locations CApath
>
> On Sat, Dec 01, 2018 at 12:29:42PM -0800, Charles Mills wrote:
>
> > I could easily be wrong -- you guys know more about certificates than I
> ever
> > will -- but I do not *think* there is any self-signed certificate in
this
> > scenario. There should be exactly two certificates in this discussion:
> >
> > 1. The client certificate. It is not self-signed (in the correct sense
of
> > the term, as opposed to the erroneous popular sense): it is signed by my
> > "in-house" CA.
> >
> > 2. The CA certificate. Yes, it is a root and self-signed, but you didn't
> > find it, right?
>
> You seem to be stuck on a narrow meaning of the word "found".  The
> self-signed certificate *was* found, but not in the trust-store.
>
> It was found in the chain of certificates sent by the client to the
> server for validation.  That's what the error message is telling
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Question on necessity of SSL_CTX_set_client_CA_list

[Charles Mills]

I have an OpenSSL (v1.1.0f) server application that processes client
certificates.

 

The doc for SSL_CTX_load_verify_locations() states "In server mode, when
requesting a client certificate, the server must send the list of CAs of
which it will accept client certificates. This list is not influenced by the
contents of CAfile or CApath and must explicitly be set using the
SSL_CTX_set_client_CA_list family of functions."

 

The application makes no calls to SSL_CTX_set_client_CA_list() yet receives
client certificates without errors.

 

Can someone please explain the discrepancy. I'm especially wondering if I
have set a trap that will spring down the road: "yes it works, but if a user
does X then it will not work."

 

Thanks!

 

Charles 

 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Self-signed error when using SSL_CTX_load_verify_locations CApath

[Charles Mills]

> It was found in the chain of certificates sent by the client to the
> server for validation

Again, I could be wrong but that is my point. I do not think the client is
sending a chain of certificates, but rather only one, the CA-signed client
certificate. (I wrote and configured the client, and generated the
certificate, and loaded it into the certificate store.)

Charles

-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Viktor Dukhovni
Sent: Saturday, December 1, 2018 12:47 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Self-signed error when using
SSL_CTX_load_verify_locations CApath

On Sat, Dec 01, 2018 at 12:29:42PM -0800, Charles Mills wrote:

> I could easily be wrong -- you guys know more about certificates than I
ever
> will -- but I do not *think* there is any self-signed certificate in this
> scenario. There should be exactly two certificates in this discussion:
> 
> 1. The client certificate. It is not self-signed (in the correct sense of
> the term, as opposed to the erroneous popular sense): it is signed by my
> "in-house" CA.
> 
> 2. The CA certificate. Yes, it is a root and self-signed, but you didn't
> find it, right?

You seem to be stuck on a narrow meaning of the word "found".  The
self-signed certificate *was* found, but not in the trust-store.

It was found in the chain of certificates sent by the client to the
server for validation.  That's what the error message is telling

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Self-signed error when using SSL_CTX_load_verify_locations CApath

[Charles Mills]

I could easily be wrong -- you guys know more about certificates than I ever
will -- but I do not *think* there is any self-signed certificate in this
scenario. There should be exactly two certificates in this discussion:

1. The client certificate. It is not self-signed (in the correct sense of
the term, as opposed to the erroneous popular sense): it is signed by my
"in-house" CA.

2. The CA certificate. Yes, it is a root and self-signed, but you didn't
find it, right? (Because of my error in not running the hash utility.) If
you found it what is the problem? Does the hashing process imply trust? Then
the error message should be "untrusted CA certificate," no? (There is only
one certificate in the CApath folder.)

Am I missing something?

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Viktor Dukhovni
Sent: Friday, November 30, 2018 4:37 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Self-signed error when using
SSL_CTX_load_verify_locations CApath

> On Nov 30, 2018, at 7:25 PM, Charles Mills  wrote:
> 
> Well, it ought then to say "I couldn't find any certificates at all"
rather
> than "I found a self-signed certificate" when it did not.

A self-signed certificate was found, in the chain being verified.
The message should likely be more clear (perhaps along the lines
suggested by Michael Wojcik), but it is not incorrect.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Self-signed error when using SSL_CTX_load_verify_locations CApath

[Charles Mills]

Well, it ought then to say "I couldn't find any certificates at all" rather
than "I found a self-signed certificate" when it did not.

I used to manage product developers. Sometimes I would point out a need for
product improvement and they would say "the code doesn't work that way." I
would reply "I understand. I'm asking you to change the code."

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Viktor Dukhovni
Sent: Friday, November 30, 2018 3:35 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Self-signed error when using
SSL_CTX_load_verify_locations CApath

> On Nov 30, 2018, at 5:00 PM, Charles Mills  wrote:
> 
> "Self-signed certificate in certificate chain" does not to me convey "No
certificate hash links" (or "CA certificate not found in hash links").

That's not really possible, because the code that's doing certificate
validation works with an abstract certificate store API, and does not
know whether a particular certificate should or should not have been
listed a trust-anchor in some store.

All we know is that we've reached a self-signed certificate in the
chain (so no further issuers can be found) and it is not in any
of the trust stores, so verification fails.

Perhaps we could document the errors in a bit more depth, but I don't
think it is possible to tell you that your CApath was missing some
specific symlink.

-- 
-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Self-signed error when using SSL_CTX_load_verify_locations CApath

[Charles Mills]

Thank you, yes, that solved it.

May I respectfully suggest that you consider improving the error message?

"Self-signed certificate in certificate chain" does not to me convey "No 
certificate hash links" (or "CA certificate not found in hash links").

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of 
Viktor Dukhovni
Sent: Friday, November 30, 2018 10:22 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Self-signed error when using 
SSL_CTX_load_verify_locations CApath

> On Nov 30, 2018, at 12:47 PM, Charles Mills  wrote:
> 
> I am using a client certificate that was signed by my “homegrown” CA (which 
> uses the OpenSSL utility). When I point to the CA .PEM with 
> SSL_CTX_load_verify_locations CAfile it works perfectly. When instead I use 
> CApath to point to a folder that contains only that one .PEM file it fails. 

See the documentation of c_rehash.

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Self-signed error when using SSL_CTX_load_verify_locations CApath

[Charles Mills]

(Apologies if a duplicate - I think I mis-sent the first attempt.)

 

I wrote a TLS server application that runs under Windows and has been
working successfully for years. I am currently using OpenSSL 1.1.0f. When I
wrote the code I only supported a single CA file for client certificates. I
pass the file name in through SSL_CTX_load_verify_locations CAfile and with
CApath NULL. Recently I was asked to add support for multiple CA files. I
updated my parameter handling to support a CA path, and I can now pass the
path instead using SSL_CTX_load_verify_locations CApath.

 

I am using a client certificate that was signed by my "homegrown" CA (which
uses the OpenSSL utility). When I point to the CA .PEM with
SSL_CTX_load_verify_locations CAfile it works perfectly. When instead I use
CApath to point to a folder that contains only that one .PEM file it fails.
My verify callback is driven with

 

-Error with certificate at depth: 1

err 19:self signed certificate in certificate chain

error:1417C086:SSL routines:tls_process_client_certificate:certificate
verify failed:ssl\statem\statem_srvr.c:2893:

 

Yes, the CA certificate is a root certificate and is self-signed. But it
works as a CAfile. Can someone give me some guidance here?

 

FWIW I specify SSL_CTX_set_verify(sslContext, SSL_VERIFY_PEER,
verify_callback);

 

Thanks,

 

Charles

 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Should I stop using locking callbacks in OpenSSL 1.1.0x ?

[Charles Mills]

 Not to disagree of course,  but you can always put printf's in your callbacks 
to confirm. 



CharlesSent from a mobile; please excuse the brevity.
 Original message From: "Salz, Rich via openssl-users" 
 Date: 4/13/18  3:22 PM  (GMT-05:00) To: 
openssl-users@openssl.org Subject: Re: [openssl-users] Should I stop using 
locking callbacks in OpenSSL 1.1.0x ? 


 


Does this mean I can safely remove all usages of the above functions from my 
application code? I'd appreciate if someone could explain
 the above comment in a little more detail or confirm what I'm saying. Or has 
anyone else been in the same situation?


 
Yes.  Do not use the locking callbacks.  OpenSSL uses system-native threads and 
locks now.


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Help with making a SHA >1 certificate

[Charles Mills]

The CA’s certificate validity is 

 

Not After : Nov 18 17:39:38 2024 GMT

 

Charles

 

From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of 
warron.french
Sent: Monday, November 6, 2017 4:02 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Help with making a SHA >1 certificate

 

Charles, I am no expert either - sorry.

 

However, the question about why is your signed certificate at least not getting 
to be over 1 year in "length?"   What is the duration of the CA's certificate?

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Help with making a SHA >1 certificate

[Charles Mills]

Please forgive my ignorance here. I'm really not a certificate expert. I'm a
software developer trying to make certificates to use in a testing
situation.

 

I've got some scripts that I have been using for years. I've just upgraded
to 1.10f (but there are no upgrade issues that I know of - that's not the
problem).

 

My last test certificate expired. So I am trying to make another one. All I
seem to be able to make are SHA-1 signed certificates, but I'm trying to
load them into a FIPS-140 (non-OpenSSL) key repository and it is failing, I
think because of the SHA-1. Here is how I am making the certificate. What do
I have to do differently to make a SHA-512 (or at least some SHA > 1)
certificate?

 

C:\OpenSSL-Win32-110f\bin\openssl.exe req -newkey rsa:2048 -sha512 -keyout
%1.key.pem -out %1.req.pem -config openssl_edited_win32_default.cfg
-extensions usr_cert -reqexts usr_cert -nodes -days 3650

C:\OpenSSL-Win32-110f\bin\openssl req -text -in %1.req.pem -sha512

C:\OpenSSL-Win32-110f\bin\openssl.exe ca -in %1.req.pem -config
CMC_root_config.cnf -out %1.pem -verbose -cert CMC_root.pem -keyfile
CMC_root.key.pem -passin pass:password

 

Here is what I end up with:

 

Signature Algorithm: sha1WithRSAEncryption

Issuer: CN=Charles Mills Consulting, LLC, ST=California,
C=US/emailAddress=charl...@mcn.org, O=Charles Mills Consulting, LLC

Validity

Not Before: Nov  6 19:13:09 2017 GMT

Not After : Nov  6 19:13:09 2018 GMT

Subject: CN=Charles Mills Consulting, LLC, ST=California,
C=US/emailAddress=charl...@mcn.org, O=CZAGENT_Nov2017

Subject Public Key Info:

Public Key Algorithm: rsaEncryption

Public-Key: (2048 bit)

 

While we're at it, why doesn't my -days 3650 seem to have any effect?

 

Thanks!

 

Charles 

 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Replacing CRYPTO_NUM_LOCKS on migration 101 to 110

[Charles Mills]

Works like a champ! Threaded code is handling 800 TLS server sessions with
nary a callback in sight.

 

Charles

 

From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Paul Dale
Sent: Wednesday, October 18, 2017 5:04 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Replacing CRYPTO_NUM_LOCKS on migration 101 to
110

 

Yes.

 

Pauli

-- 

Oracle

Dr Paul Dale | Cryptographer | Network Security & Encryption 

Phone +61 7 3031 7217

Oracle Australia

 

From: Charles Mills [mailto:charl...@mcn.org] 
Sent: Thursday, 19 October 2017 7:20 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Replacing CRYPTO_NUM_LOCKS on migration 101 to
110

 

Wow! Thanks. 

 

You are saying to just drop out this array, and the two
CRYPTO_set_..._callback() functions, and the functions they reference?

 

Charles

 

From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Paul Dale
Sent: Wednesday, October 18, 2017 2:14 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Replacing CRYPTO_NUM_LOCKS on migration 101 to
110

 

OpenSSL 1.1.x handle the locking themselves.  You don't need to install the
locking call backs and don't need to provide locking functionality.

 

Pauli

-- 

Oracle

Dr Paul Dale | Cryptographer | Network Security & Encryption 

Phone +61 7 3031 7217

Oracle Australia

 

From: Charles Mills [mailto:charl...@mcn.org] 
Sent: Thursday, 19 October 2017 6:09 AM
To: openssl-users@openssl.org
Subject: [openssl-users] Replacing CRYPTO_NUM_LOCKS on migration 101 to 110

 

I am migrating a multi-threaded Windows application from OpenSSL 1.0.1h to
1.1.0f.

 

I am using the Shining Light pre-built Windows DLLs.

 

The code, which I wrote some time ago, has a statement HANDLE
Comm::sslMutexArray[CRYPTO_NUM_LOCKS];

 

The array is referenced by my sslLockingFunction.

 

When I compile with the 1.1.0f headers I get at undefined symbol on
CRYPTO_NUM_LOCKS.

 

Is my understanding of
http://www.manpagez.com/man/3/CRYPTO_num_locks/osx-10.3.php correct?
Basically, I need to replace the static array
sslMutexArray[CRYPTO_NUM_LOCKS] with a malloc() or new to get an array of
the size returned by a call to CRYPTO_num_locks(void)? Is that correct?
Anything else I need to do in this regard?

 

Thanks,

 

Charles 

 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Where is mttest.c?

[Charles Mills]

Got it. Thanks,

Charles


-Original Message-
From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of 
Richard Levitte
Sent: Thursday, October 19, 2017 12:19 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Where is mttest.c?

In message <131801d34857$50fe15e0$f2fa41a0$@mcn.org> on Wed, 18 Oct 2017 
14:23:18 -0700, "Charles Mills" <charl...@mcn.org> said:

charlesm> Sorry – OpenSSL is not what I do every day.
charlesm> 
charlesm> I see in the man pages a reference to crypto/threads/mttest.c.

That's the 1.0.2 manpages, right?

charlesm> I’ve got the 1.1.0f tar and the crypto directory does not 
charlesm> contain a threads directory. Where do I find mttest.c?

You don't.  It's been removed in 1.1.0, and as far as I can see, you won't find 
any reference to mttest.c in the 1.1.0 docs...

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Where is mttest.c?

[Charles Mills]

Sorry - OpenSSL is not what I do every day. 

 

I see in the man pages a reference to crypto/threads/mttest.c. I've got the
1.1.0f tar and the crypto directory does not contain a threads directory.
Where do I find mttest.c?

 

Thanks,

 

Charles 

 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Replacing CRYPTO_NUM_LOCKS on migration 101 to 110

[Charles Mills]

Wow! Thanks. 

 

You are saying to just drop out this array, and the two
CRYPTO_set_..._callback() functions, and the functions they reference?

 

Charles

 

From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of
Paul Dale
Sent: Wednesday, October 18, 2017 2:14 PM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] Replacing CRYPTO_NUM_LOCKS on migration 101 to
110

 

OpenSSL 1.1.x handle the locking themselves.  You don't need to install the
locking call backs and don't need to provide locking functionality.

 

Pauli

-- 

Oracle

Dr Paul Dale | Cryptographer | Network Security & Encryption 

Phone +61 7 3031 7217

Oracle Australia

 

From: Charles Mills [mailto:charl...@mcn.org] 
Sent: Thursday, 19 October 2017 6:09 AM
To: openssl-users@openssl.org
Subject: [openssl-users] Replacing CRYPTO_NUM_LOCKS on migration 101 to 110

 

I am migrating a multi-threaded Windows application from OpenSSL 1.0.1h to
1.1.0f.

 

I am using the Shining Light pre-built Windows DLLs.

 

The code, which I wrote some time ago, has a statement HANDLE
Comm::sslMutexArray[CRYPTO_NUM_LOCKS];

 

The array is referenced by my sslLockingFunction.

 

When I compile with the 1.1.0f headers I get at undefined symbol on
CRYPTO_NUM_LOCKS.

 

Is my understanding of
http://www.manpagez.com/man/3/CRYPTO_num_locks/osx-10.3.php correct?
Basically, I need to replace the static array
sslMutexArray[CRYPTO_NUM_LOCKS] with a malloc() or new to get an array of
the size returned by a call to CRYPTO_num_locks(void)? Is that correct?
Anything else I need to do in this regard?

 

Thanks,

 

Charles 

 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Replacing CRYPTO_NUM_LOCKS on migration 101 to 110

[Charles Mills]

I am migrating a multi-threaded Windows application from OpenSSL 1.0.1h to
1.1.0f.

 

I am using the Shining Light pre-built Windows DLLs.

 

The code, which I wrote some time ago, has a statement HANDLE
Comm::sslMutexArray[CRYPTO_NUM_LOCKS];

 

The array is referenced by my sslLockingFunction.

 

When I compile with the 1.1.0f headers I get at undefined symbol on
CRYPTO_NUM_LOCKS.

 

Is my understanding of
http://www.manpagez.com/man/3/CRYPTO_num_locks/osx-10.3.php correct?
Basically, I need to replace the static array
sslMutexArray[CRYPTO_NUM_LOCKS] with a malloc() or new to get an array of
the size returned by a call to CRYPTO_num_locks(void)? Is that correct?
Anything else I need to do in this regard?

 

Thanks,

 

Charles 

 

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

RE: SSL alert number 51

[Charles Mills]

I posted the certificates. What's next?

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Matt Caswell
Sent: Wednesday, November 19, 2014 3:35 PM
To: openssl-users@openssl.org
Subject: Re: SSL alert number 51



On 19/11/14 22:57, Charles Mills wrote:
 Dave -
 
 Thanks much.
 
 Either there's a bug somewhere or you are being attacked (MitM'ed).
 
 Unlikely I am being MitM'ed -- the connection is over a VPN. (Why TLS 
 when there is already a VPN in place? I am testing TLS software and 
 the VPN is a fact of life and my only client to server link.
 
 Do you mean the server, running 1.0.1h on Win7, produced this error
 message, or some client talking *to* such a server produced the error?
 
 Statement was kind of ambiguous, wasn't it? The server, which is 
 OpenSSL 1.0.1h 5 Jun 2014, produced this message, when the client 
 attempted to connect.
 
 The client is application software that uses the IBM GSK crypto 
 library on z/OS. The error message at the client end is Error code 9 
 returned from GSK function gsk_secure_socket_init(): Cryptographic 
 processing error. It is my code that produces that exact message, but 
 the 9 comes back from the indicated method and the text comes from a
system function, gsk_strerror(9).
 The documentation says
 
 9 Cryptographic processing error.
 Explanation: An error is detected by a cryptographic function. This 
 error may also occur if key sizes that are non-FIPS are used during an 
 SSL handshake while operating in FIPS mode.

My guess is that this last sentence is the cause of your problem.

 User response: If the error occurred while executing in FIPS mode, 
 check that only FIPS key sizes are used.
 Collect a System SSL trace containing the error and then contact your 
 service representative.
 
 I can connect between the client and the server using the set of 
 parameters under test. They negotiate TLSV1.1 and what you call 
 DHE-RSA-AES256-SHA and

FIPS 140-2 places restrictions on the size of the RSA key that you can use.
I'm not a FIPS 140-2 expert but I believe you have to be compliant with the
various other FIPS standards including FIPS 186-4(?):

This Standard specifies three choices for the length of the modulus
(i.e.,nlen): 1024, 2048 and 3072 bits. Federal Government entities shall
generate digital signatures using one or more of these choices.

So how big is your RSA key on the server? Are you able to post the
certificate?

Matt

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: SSL alert number 51

[Charles Mills]

Thanks. I guess I may have to open a problem with IBM. The IBM documentation
clearly lists a number of cipher suites (at they call them) that use SHA1
(including the one we (IBM+OpenSSL) default to as being FIPS 140-2
compliant.

GSK appears to only support SHA1 and MD5, and MD4 is pretty clearly not FIP
140-2 compliant.

Hmm. I had this note partly composed when Dr. Henson's reply came in. I am
thoroughly mystified.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Matt Caswell
Sent: Friday, November 21, 2014 7:04 AM
To: openssl-users@openssl.org
Subject: Re: SSL alert number 51



On 21/11/14 14:43, Charles Mills wrote:
 I posted the certificates. What's next?
 
 Charles

The key sizes look ok to me. As I said I'm no FIPS expert, but this page
http://wiki.openssl.org/index.php/FIPS_mode_and_TLS

says the following:
The RSA key in the certificate has to be of suitable size (2048 bits
minimum) as do all other keys in the chain and none of the CAs can sign
using SHA1.

But your certificates say:
Signature Algorithm: sha1WithRSAEncryption

So I'm wondering if that is the problem? Failing that you may need to
approach IBM since the alert is being generated from their code.

Matt
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: SSL alert number 51

[Charles Mills]

Thanks guys for all of the clues! I got it working! Long story. Wow, FIPS is
a moving target. I re-did my root CA with SHA 256, and my server
certificate. I had to move my testing from z/OS V1R13 to z/OS V2R1 --
*apparently* V1R13 does not support TLS V1.2 which as you intimated at some
point may be required for things that FIPS requires. (A corollary would seem
to be that z/OS V1R13 does not support current FIPS requirements but don't
quote me on that.)

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Friday, November 21, 2014 11:00 AM
To: openssl-users@openssl.org
Subject: Re: SSL alert number 51

On Fri, Nov 21, 2014, Charles Mills wrote:

 Thanks. I guess I may have to open a problem with IBM. The IBM 
 documentation clearly lists a number of cipher suites (at they call 
 them) that use SHA1 (including the one we (IBM+OpenSSL) default to as 
 being FIPS 140-2 compliant.
 
 GSK appears to only support SHA1 and MD5, and MD4 is pretty clearly 
 not FIP
 140-2 compliant.
 
 Hmm. I had this note partly composed when Dr. Henson's reply came in. 
 I am thoroughly mystified.
 

Could try to connect your client to OpenSSL's s_server utility with the
-state (or for 1.0.2 -trace)? If we can find out what message is triggering
that error it might give some hints.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: SSL alert number 51

[Charles Mills]

To set the record straight, I am told that a PTF (IBMese for patch) is
required for z/OS V1R13 to support TLS v1.2.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Charles Mills
Sent: Friday, November 21, 2014 12:07 PM
To: openssl-users@openssl.org
Subject: RE: SSL alert number 51

Thanks guys for all of the clues! I got it working! Long story. Wow, FIPS is
a moving target. I re-did my root CA with SHA 256, and my server
certificate. I had to move my testing from z/OS V1R13 to z/OS V2R1 --
*apparently* V1R13 does not support TLS V1.2 which as you intimated at some
point may be required for things that FIPS requires. (A corollary would seem
to be that z/OS V1R13 does not support current FIPS requirements but don't
quote me on that.)

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

SSL alert number 51

[Charles Mills]

Good day -

 

Can anyone offer some clues on

 

10280:error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt
error:.\ssl\s3_pkt.c:1275:SSL alert number 51

 

OpenSSL 1.01h is the server, running on Windows 7 Pro 64 bit. 

 

Thanks,

 

Charles 

RE: SSL alert number 51

[Charles Mills]

Dave -

Thanks much.

 Either there's a bug somewhere or you are being attacked (MitM'ed).

Unlikely I am being MitM'ed -- the connection is over a VPN. (Why TLS when
there is already a VPN in place? I am testing TLS software and the VPN is a
fact of life and my only client to server link.

 Do you mean the server, running 1.0.1h on Win7, produced this error
message, or some client talking *to* such a server produced the error?

Statement was kind of ambiguous, wasn't it? The server, which is OpenSSL
1.0.1h 5 Jun 2014, produced this message, when the client attempted to
connect.

The client is application software that uses the IBM GSK crypto library on
z/OS. The error message at the client end is Error code 9 returned from GSK
function gsk_secure_socket_init(): Cryptographic processing error. It is my
code that produces that exact message, but the 9 comes back from the
indicated method and the text comes from a system function, gsk_strerror(9).
The documentation says

9 Cryptographic processing error.
Explanation: An error is detected by a cryptographic
function. This error may also occur if key sizes that are
non-FIPS are used during an SSL handshake while
operating in FIPS mode.
User response: If the error occurred while executing
in FIPS mode, check that only FIPS key sizes are used.
Collect a System SSL trace containing the error and
then contact your service representative.

I can connect between the client and the server using the set of parameters
under test. They negotiate TLSV1.1 and what you call DHE-RSA-AES256-SHA and
GSK calls Cipher Suite 39 - SSL V3.0 AES SHA-1(ephemeral Diffie-Hellman)
RSA. It works provided I do not turn on FIPS 140-2 mode. If I turn on FIPS
140-2 mode with rc = gsk_fips_state_set(GSK_FIPS_STATE_ON); and use
otherwise identical parameters then this error occurs. (Cipher Suite 39 is a
valid FIPS 140-2 cipher suite, according to the IBM GSK documentation.)

I don't think that an s_client test would be terribly informative, seeing as
I can connect with the actual client software.

Back to you ...

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Wednesday, November 19, 2014 2:20 PM
To: openssl-users@openssl.org
Subject: RE: SSL alert number 51

 From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
 Sent: Wednesday, November 19, 2014 14:08

 10280:error:1409441B:SSL routines:SSL3_READ_BYTES:tlsv1 alert decrypt
error:.\ssl\s3_pkt.c:1275:SSL alert number 51

http://tools.ietf.org/html/rfc5246.html#section-7.2
   decrypt_error
  A handshake cryptographic operation failed, including being unable
  to correctly verify a signature or validate a Finished message.
  This message is always fatal.

Either there's a bug somewhere or you are being attacked (MitM'ed).

 OpenSSL 1.01h is the server, running on Windows 7 Pro 64 bit. 

Do you mean the server, running 1.0.1h on Win7, produced this error message,
or some client talking *to* such a server produced the error?
In either case, what is in the error output or log of the opposite peer?

If you try to connect s_client to the server, or the client to s_server,
respectively, does it work or what error info does it give you?

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: SSL alert number 51

[Charles Mills]

- DHE is 1024
- RSA is 2048

Server certificate:

Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=Charles Mills Consulting, LLC, ST=California,
C=US/emailAddress=charles
m...@mcn.org, O=Charles Mills Consulting, LLC
Validity
Not Before: Nov 19 17:06:26 2014 GMT
Not After : Nov 19 17:06:26 2015 GMT
Subject: CN=Charles Mills Consulting, LLC, ST=California,
C=US/emailAddress=charle
s...@mcn.org, O=X201NOTEBOOK_Server
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c2:31:37:47:60:74:b9:b7:f1:3e:31:40:d4:5b:
76:0b:a6:fb:d7:0d:75:87:3e:70:9b:1b:93:d2:a1:
0c:94:68:ba:ee:75:eb:28:28:de:16:25:32:d3:7a:
8c:4a:3f:39:1e:82:b6:5a:8a:89:75:cc:cc:77:87:
af:8f:9c:c6:dc:b2:40:5c:8a:0a:74:3e:f1:f5:9f:
da:23:b7:4d:a5:b7:48:7b:44:aa:58:8f:42:34:41:
a2:51:22:50:50:74:28:99:5f:56:b5:f8:77:26:8e:
a1:96:f3:28:10:7c:bf:75:37:a6:45:e7:3a:a2:63:
4f:ec:39:b0:12:51:90:18:7e:e2:a1:9e:76:c7:77:
bd:ab:cf:0c:d2:d0:e8:cb:a8:fc:c3:85:94:41:ed:
53:82:f5:0c:32:dc:0d:80:e5:2d:34:f1:9c:e4:98:
2d:93:20:6b:57:78:87:3e:5e:c5:50:45:5a:ac:af:
dc:bd:38:c1:3d:31:2c:18:bc:4f:f2:7e:cf:f0:ba:
94:57:54:3e:89:2a:af:37:73:08:4d:b7:e3:e1:bb:
9a:86:6d:f6:73:a3:22:d8:d9:c7:8d:2a:32:8a:be:
fa:36:66:54:c1:3a:7a:bd:e6:b8:2b:72:65:1f:c3:
5c:91:ca:bc:44:7b:0b:d2:8f:1c:73:75:ff:5d:ce:
cf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Alternative Name:
DNS:X201NOTEBOOK_Server, DNS:10.17.40.*, DNS:10.17.40.*
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
7B:A3:68:D6:1D:26:59:91:5D:21:1B:45:99:C4:B2:92:BF:46:1D:29
Signature Algorithm: sha1WithRSAEncryption
 61:2e:16:1c:b5:90:72:e8:b6:1c:00:82:5f:7f:70:69:14:e3:
 6b:fc:4c:3d:7f:24:f1:85:73:16:21:58:7e:46:4f:b5:97:d3:
 5e:92:f0:4e:70:be:28:41:12:65:1e:fd:12:f3:43:d5:96:44:
 60:96:3e:52:d8:1f:ae:8b:52:a1:bc:4f:1b:1a:59:2b:8f:5a:
 49:1e:21:4b:14:f1:d1:84:b3:fb:58:48:04:27:5f:ac:28:73:
 3b:81:c3:39:72:0a:6b:3e:c4:58:a9:a9:75:78:a1:f0:4e:6d:
 e7:4e:a2:71:22:9d:11:1a:a8:38:03:8c:ff:5c:9d:e0:a2:3a:
 39:39:0b:fb:c2:7a:ec:42:4e:fb:fe:53:c1:63:b1:c6:2d:59:
 14:82:4f:07:05:9d:91:96:e9:bd:15:c0:ba:f4:da:54:81:2e:
 11:f8:b9:86:00:a2:09:fc:7a:f5:c5:2d:44:06:c8:cc:2a:ad:
 b8:d7:12:90:43:7a:74:81:64:6b:19:db:00:d1:f6:cf:da:b9:
 c7:49:5e:4d:18:65:6d:ef:c0:0d:b9:9c:d1:27:27:b6:64:0c:
 11:5c:0d:a9:54:90:38:aa:61:63:f1:88:ae:d4:1b:40:98:96:
 3c:13:e9:97:8e:9f:a4:01:f5:a4:ff:4d:4a:c7:2e:a6:56:63:
 82:c0:57:7b
-BEGIN CERTIFICATE-
MIIETDCCAzSgAwIBAgIBDTANBgkqhkiG9w0BAQUFADCBkzEmMCQGA1UEAwwdQ2hh
cmxlcyBNaWxscyBDb25zdWx0aW5nLCBMTEMxEzARBgNVBAgMCkNhbGlmb3JuaWEx
CzAJBgNVBAYTAlVTMR8wHQYJKoZIhvcNAQkBFhBjaGFybGVzbUBtY24ub3JnMSYw
JAYDVQQKDB1DaGFybGVzIE1pbGxzIENvbnN1bHRpbmcsIExMQzAeFw0xNDExMTkx
NzA2MjZaFw0xNTExMTkxNzA2MjZaMIGJMSYwJAYDVQQDDB1DaGFybGVzIE1pbGxz
IENvbnN1bHRpbmcsIExMQzETMBEGA1UECAwKQ2FsaWZvcm5pYTELMAkGA1UEBhMC
VVMxHzAdBgkqhkiG9w0BCQEWEGNoYXJsZXNtQG1jbi5vcmcxHDAaBgNVBAoME1gy
MDFOT1RFQk9PS19TZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCMTdHYHS5t/E+MUDUW3YLpvvXDXWHPnCbG5PSoQyUaLrudesoKN4WJTLTeoxK
PzkegrZaiol1zMx3h6+PnMbcskBcigp0PvH1n9ojt02lt0h7RKpYj0I0QaJRIlBQ
dCiZX1a1+HcmjqGW8ygQfL91N6ZF5zqiY0/sObASUZAYfuKhnnbHd72rzwzS0OjL
qPzDhZRB7VOC9Qwy3A2A5S008ZzkmC2TIGtXeIc+XsVQRVqsr9y9OME9MSwYvE/y
fs/wupRXVD6JKq83cwhNt+Phu5qGbfZzoyLY2ceNKjKKvvo2ZlTBOnq95rgrcmUf
w1yRyrxEewvSjxxzdf9dzs8xAgMBAAGjgbIwga8wCQYDVR0TBAIwADA2BgNVHREE
LzAtghNYMjAxTk9URUJPT0tfU2VydmVyggoxMC4xNy40MC4qggoxMC4xNy40MC4q
MB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAsBglghkgBhvhCAQ0EHxYd
T3BlblNTTCBHZW5lcmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFHujaNYdJlmR
XSEbRZnEspK/Rh0pMA0GCSqGSIb3DQEBBQUAA4IBAQBhLhYctZBy6LYcAIJff3Bp
FONr/Ew9fyTxhXMWIVh+Rk+1l9NekvBOcL4oQRJlHv0S80PVlkRglj5S2B+ui1Kh
vE8bGlkrj1pJHiFLFPHRhLP7WEgEJ1+sKHM7gcM5cgprPsRYqal1eKHwTm3nTqJx
Ip0RGqg4A4z/XJ3gojo5OQv7wnrsQk77/lPBY7HGLVkUgk8HBZ2Rlum9FcC69NpU
gS4R+LmGAKIJ/Hr1xS1EBsjMKq241xKQQ3p0gWRrGdsA0fbP2rnHSV5NGGVt78AN
uZzRJye2ZAwRXA2pVJA4qmFj8Yiu1BtAmJY8E+mXjp+kAfWk/01Kxy6mVmOCwFd7
-END CERTIFICATE-

Underlying root:

Certificate:
Data:
Version: 3 (0x2

RE: SSL alert number 51

[Charles Mills]

To be perfectly clear, the server is not OpenSSL itself but application code
that calls OpenSSL. The code is stable and in production and, as I said,
works if I do *not* turn on FIPS on the client. I could trace through the
calls if necessary.

Also, I will be out of the office all day Thursday so this is probably my
last reply for ~36 hours.

Thanks for your help. I really appreciate what you folks do.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Charles Mills
Sent: Wednesday, November 19, 2014 4:53 PM
To: openssl-users@openssl.org
Subject: RE: SSL alert number 51

- DHE is 1024
- RSA is 2048

Server certificate:

Certificate:
Data:
Version: 3 (0x2)
Serial Number: 13 (0xd)
Signature Algorithm: sha1WithRSAEncryption
Issuer: CN=Charles Mills Consulting, LLC, ST=California,
C=US/emailAddress=charles m...@mcn.org, O=Charles Mills Consulting, LLC
Validity
Not Before: Nov 19 17:06:26 2014 GMT
Not After : Nov 19 17:06:26 2015 GMT
Subject: CN=Charles Mills Consulting, LLC, ST=California,
C=US/emailAddress=charle s...@mcn.org, O=X201NOTEBOOK_Server
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:c2:31:37:47:60:74:b9:b7:f1:3e:31:40:d4:5b:
76:0b:a6:fb:d7:0d:75:87:3e:70:9b:1b:93:d2:a1:
0c:94:68:ba:ee:75:eb:28:28:de:16:25:32:d3:7a:
8c:4a:3f:39:1e:82:b6:5a:8a:89:75:cc:cc:77:87:
af:8f:9c:c6:dc:b2:40:5c:8a:0a:74:3e:f1:f5:9f:
da:23:b7:4d:a5:b7:48:7b:44:aa:58:8f:42:34:41:
a2:51:22:50:50:74:28:99:5f:56:b5:f8:77:26:8e:
a1:96:f3:28:10:7c:bf:75:37:a6:45:e7:3a:a2:63:
4f:ec:39:b0:12:51:90:18:7e:e2:a1:9e:76:c7:77:
bd:ab:cf:0c:d2:d0:e8:cb:a8:fc:c3:85:94:41:ed:
53:82:f5:0c:32:dc:0d:80:e5:2d:34:f1:9c:e4:98:
2d:93:20:6b:57:78:87:3e:5e:c5:50:45:5a:ac:af:
dc:bd:38:c1:3d:31:2c:18:bc:4f:f2:7e:cf:f0:ba:
94:57:54:3e:89:2a:af:37:73:08:4d:b7:e3:e1:bb:
9a:86:6d:f6:73:a3:22:d8:d9:c7:8d:2a:32:8a:be:
fa:36:66:54:c1:3a:7a:bd:e6:b8:2b:72:65:1f:c3:
5c:91:ca:bc:44:7b:0b:d2:8f:1c:73:75:ff:5d:ce:
cf:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Subject Alternative Name:
DNS:X201NOTEBOOK_Server, DNS:10.17.40.*, DNS:10.17.40.*
X509v3 Extended Key Usage:
TLS Web Server Authentication, TLS Web Client Authentication
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
7B:A3:68:D6:1D:26:59:91:5D:21:1B:45:99:C4:B2:92:BF:46:1D:29
Signature Algorithm: sha1WithRSAEncryption
 61:2e:16:1c:b5:90:72:e8:b6:1c:00:82:5f:7f:70:69:14:e3:
 6b:fc:4c:3d:7f:24:f1:85:73:16:21:58:7e:46:4f:b5:97:d3:
 5e:92:f0:4e:70:be:28:41:12:65:1e:fd:12:f3:43:d5:96:44:
 60:96:3e:52:d8:1f:ae:8b:52:a1:bc:4f:1b:1a:59:2b:8f:5a:
 49:1e:21:4b:14:f1:d1:84:b3:fb:58:48:04:27:5f:ac:28:73:
 3b:81:c3:39:72:0a:6b:3e:c4:58:a9:a9:75:78:a1:f0:4e:6d:
 e7:4e:a2:71:22:9d:11:1a:a8:38:03:8c:ff:5c:9d:e0:a2:3a:
 39:39:0b:fb:c2:7a:ec:42:4e:fb:fe:53:c1:63:b1:c6:2d:59:
 14:82:4f:07:05:9d:91:96:e9:bd:15:c0:ba:f4:da:54:81:2e:
 11:f8:b9:86:00:a2:09:fc:7a:f5:c5:2d:44:06:c8:cc:2a:ad:
 b8:d7:12:90:43:7a:74:81:64:6b:19:db:00:d1:f6:cf:da:b9:
 c7:49:5e:4d:18:65:6d:ef:c0:0d:b9:9c:d1:27:27:b6:64:0c:
 11:5c:0d:a9:54:90:38:aa:61:63:f1:88:ae:d4:1b:40:98:96:
 3c:13:e9:97:8e:9f:a4:01:f5:a4:ff:4d:4a:c7:2e:a6:56:63:
 82:c0:57:7b
-BEGIN CERTIFICATE-
MIIETDCCAzSgAwIBAgIBDTANBgkqhkiG9w0BAQUFADCBkzEmMCQGA1UEAwwdQ2hh
cmxlcyBNaWxscyBDb25zdWx0aW5nLCBMTEMxEzARBgNVBAgMCkNhbGlmb3JuaWEx
CzAJBgNVBAYTAlVTMR8wHQYJKoZIhvcNAQkBFhBjaGFybGVzbUBtY24ub3JnMSYw
JAYDVQQKDB1DaGFybGVzIE1pbGxzIENvbnN1bHRpbmcsIExMQzAeFw0xNDExMTkx
NzA2MjZaFw0xNTExMTkxNzA2MjZaMIGJMSYwJAYDVQQDDB1DaGFybGVzIE1pbGxz
IENvbnN1bHRpbmcsIExMQzETMBEGA1UECAwKQ2FsaWZvcm5pYTELMAkGA1UEBhMC
VVMxHzAdBgkqhkiG9w0BCQEWEGNoYXJsZXNtQG1jbi5vcmcxHDAaBgNVBAoME1gy
MDFOT1RFQk9PS19TZXJ2ZXIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB
AQDCMTdHYHS5t/E+MUDUW3YLpvvXDXWHPnCbG5PSoQyUaLrudesoKN4WJTLTeoxK
PzkegrZaiol1zMx3h6+PnMbcskBcigp0PvH1n9ojt02lt0h7RKpYj0I0QaJRIlBQ
dCiZX1a1+HcmjqGW8ygQfL91N6ZF5zqiY0/sObASUZAYfuKhnnbHd72rzwzS0OjL
qPzDhZRB7VOC9Qwy3A2A5S008ZzkmC2TIGtXeIc+XsVQRVqsr9y9OME9MSwYvE/y
fs/wupRXVD6JKq83cwhNt+Phu5qGbfZzoyLY2ceNKjKKvvo2ZlTBOnq95rgrcmUf
w1yRyrxEewvSjxxzdf9dzs8xAgMBAAGjgbIwga8wCQYDVR0TBAIwADA2BgNVHREE

RE: I can't believe how much this sucks

[Charles Mills]

It tends to be a shortcoming of many, many types of software documentation
that it is feature-oriented rather than task-oriented. That is, it does a
good job of saying this switch does this, that parm specfies that and a
poor job of answering the question I want to accomplish X. What the heck do
I do? Examples are good, but they are not the only, and perhaps not the
best, way of presenting task-oriented documentation. (The trouble with an
example is one sometimes finds oneself asking do I HAVE to do it that way,
or did that writer just CHOOSE to do it that way?)

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of John Zavgren
Sent: Monday, November 19, 2012 6:45 AM
To: openssl-users@openssl.org
Subject: Re: I can't believe how much this sucks

 

Thomas:

You make very good suggestions. Of them all (aside from the use of tact in
approaching the developers :-) ), I think that easy-to-follow code examples
would improve the openSSL experience more than anything else you identify.
These examples could even provide a natural context for the cookbook usage
examples, and then we'd achieve two of your objectives.

 

I can recall situations where I had to incorporate a cartographic
calculation in code I was writing, e.g., compute a signature, and was unable
to find any examples, and the man pages were a poor starting point. They are
good for learning the individual library procedures, but they aren't good
for pulling them together to create a working software module. (In fact,
when I needed to learn how to compute a signature, I downloaded the openVPN
source code and read it.)

 

So, what is a list of easy-to-follow code examples? Here are some
suggestions:

1.) read private key and a message from a file: encrypt message with private
key, write encrypted buffer to (another) file.

2.) read cert and private key, read file, compute signature, etc.

3.) read file, read signature, read ca certs, validate signature.

4.) Example 3 + check CRL.

5.) Example 3 + check with OCSP responder.

???

I'm sure there are a LOT of CA related examples that would help, because I
find the creation of a CA to be one of the more painful exercises.

 

 

 

 

On Sun, Nov 18, 2012 at 11:19 PM, Thomas J. Hruska
shineli...@shininglightpro.com wrote:

On 11/13/2012 11:34 AM, Sanford Staab wrote:

I have been struggling with openssl for a few months now writing batch
scripts on windows trying to make a .net web client with a client
certificate work with 2-way ssl against an apache web server.

Do you guys just want to continue to answer questions on this alias and not
FIX the docs somewhat over time?  I could go into a litany of how much
information is just missing from the docs with INCOMPLETE everywhere.  (see
this link for one of the 900k+ hits on a google search of
openssl+docs+suck for how much hell you guys are putting people through
trying to figure out this tool)

openssl is used all over the world by tons of people (so I feel dumb having
problems here - but I know from Google I am not alone.) but it is just
unbelievable to me that the docs remain so terse and useless for so many
years.

I have sent email to this alias previously asking how I can help with this.
It seems to me there should be an openssl docs forum where content from this
eventually finds its way into the online docs themselves.

A tool is only as good as people are able to use it.

 

The OpenSSL dev team consists of fairly old-school *NIX folks.  It is a
low-level library and certificate generation and manipulation tool that has
gained significant notoriety for its reliability, stability, and security.

The primary documentation is manpages.  This is an outdated method of
documenting software and, as I've found, the primary source of many
complaints.  In this regard, it is time to move on.  I can't remember the
last time I had to fire up 'man'.  I'm much more apt to just run a Google
search.

Given my experience with end-users of this product, I've come to the
conclusion that there are three distinct forms of documentation needed for
OpenSSL:

- API documentation.  This is already fairly complete but hard to find
everything and needs someone to go over it and update it.  Areas that are
entirely missing need to be fleshed out.  It is also time to consider an
alternative format to the traditional manpage.

- Cookbook usage examples.  'openssl' command-line commands to accomplish
common tasks in a cookbook format.  I can point people to third-party sites
(madboa comes to mind).  However this sort of thing should really be on the
OpenSSL website.

- Complete, easy-to-follow code examples for a variety of common programming
tasks.  There are the test programs, but I view those more for testing the
library for consistency against itself than demonstration on how to code
against the library.  There's a difference.  The OpenSSL website should
always have the definitive collection in a copy-and-paste ready format.

RE: I can't believe how much this sucks

[Charles Mills]

That article is unbelievably scary, and your analysis is spot on.

 

I admit it: I sometimes assume that if the C compiler “likes” (matches to a 
declaration) what I have coded then it must be correct – given the absence of 
documentation. Did you see the example in the article of the API where a 
parameter of 1 meant No and 2 meant Yes, and a programmer had coded it passing 
a value of true, intending it to mean Yes, but which the compiler (of course) 
accepted and the function saw as a parameter of 1 (= No)?

 

Charles

From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of Sanford Staab(Gmail)
Sent: Thursday, November 15, 2012 5:27 AM
To: openssl-users@openssl.org
Subject: Re: I can't believe how much this sucks

 

It’s interesting that this article shows that LACK OF GOOD DOCUMENTATION and 
POOR API DESIGN are at the heart of this problem.

I have noticed over the years that much of our society has changed its very 
idea of what a good application is.

It used to be that if something could not be easily understood or behaved badly 
or unexpectedly, people would see this as a bug in need of fixing.

With the rise in software complexity, requirements for budgets and schedules, 
we have now evolved to a society of hoop jumpers who see software as good 
enough if they can find a path to make it do what they want.

Developers have followed suit, practically forced to do so, and we now have 
massive amounts of broken code on broken code on broken code.

Ownership of code (ie really taking responsibility for it) is unheard of 
because the onerous burden of being responsible for your work is simply an open 
door to a lawyer that wants to steal the fruit of your labor.

It is no wonder under these circumstances that “security by obscurity” has 
become the defacto standard of the day.

The true bug here is our justice system unfortunately.

I think it is high time for a v2 of openssl, a rewrite almost from scratch, 
removing support for older protocols and ciphers and simplifying it down with 
full TDD from start to finish to really correct this problem.

And of course, probably not gonna happen.

But thanks for listening.

 

Sandy

 

-Original Message- 

From: Marco Molteni (mmolteni) 

Sent: Thursday, November 15, 2012 4:42 AM 

To: openssl-users@openssl.org 

Subject: Re: I can't believe how much this sucks 

 

Another amen.

 

I am a professional programmer. I am grateful for OpenSSL. At the same

time, each time I have to use it directly (as opposed to use a few of the

good C++ wrappers) I know I will be going down to hell and fight for my

life, and when I will come back, my hairs will be grayer :-)

 

Lack of good documentation is a problem for any software library, but in

this case lack of documentation can also cause security vulnerabilities

because the user of the API misunderstood it.

 

As Charles, I propose as food for though the very recent, very good paper

on the security risks of (among other things) wrong APIs and wrong

documentation:

The Most Dangerous Code in the World: Validating SSL Certificates in

Non-Browser Software,

available at  http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf 
http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf

 

marco.m

 

On 13.11.2012 19:49 , Charles Mills charl...@mcn.org wrote:

 

AMEN!

 

Why is it easier to answer dumb question after dumb question here rather

than to document the darned product once? (Never mind the cumulative

labor of all the

 programmers trying to figure out and debug the same problems again and

again and again, all over the world.)

 

Consider

http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf. Doesn’t *some* of the

responsibility for these (severe and scary!) problems fall on the lack of

clear documentation?

 

It’s a GREAT product and I love it and am grateful but why after years

and years do the man pages still say “under construction”?

 

Charles

 

:��IϮ��r�m (���Z+�K‑�+1���x ��h���[�z�(���Z+� 
��f�y�‑�f���h��)z{,���

RE: I can't believe how much this sucks

[Charles Mills]

AMEN!

 

Why is it easier to answer dumb question after dumb question here rather than 
to document the darned product once? (Never mind the cumulative labor of all 
the programmers trying to figure out and debug the same problems again and 
again and again, all over the world.)

 

Consider http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf. Doesn’t *some* of the 
responsibility for these (severe and scary!) problems fall on the lack of clear 
documentation?

 

It’s a GREAT product and I love it and am grateful but why after years and 
years do the man pages still say “under construction”?

 

Charles

From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of Sanford Staab
Sent: Tuesday, November 13, 2012 10:35 AM
To: openssl-users@openssl.org
Subject: I can't believe how much this sucks

 

I have been struggling with openssl for a few months now writing batch scripts 
on windows trying to make a .net web client with a client certificate work with 
2-way ssl against an apache web server.

 

Do you guys just want to continue to answer questions on this alias and not FIX 
the docs somewhat over time?  I could go into a litany of how much information 
is just missing from the docs with INCOMPLETE everywhere.  (see this link 
http://www.wolmarans.com/drupal/?q=node/22  for one of the 900k+ hits on a 
google search of “openssl+docs+suck” for how much hell you guys are putting 
people through trying to figure out this tool)

 

openssl is used all over the world by tons of people (so I feel dumb having 
problems here – but I know from Google I am not alone.) but it is just 
unbelievable to me that the docs remain so terse and useless for so many years.

 

I have sent email to this alias previously asking how I can help with this.  It 
seems to me there should be an openssl docs forum where content from this 
eventually finds its way into the online docs themselves.

 

A tool is only as good as people are able to use it.

 

So let me get specific here – one simple specific question (of many that I 
have) that has me clueless:

 

The command of:

openssl s_client -connect www.pawnmasterpro.com:443 -CApath ssl\certs -cert 
ssl\certs\client_1.crt -key ssl\keys\client_1.key -pass 
file:ssl\keys\Client_1_pwd.txt

 

results in output containing:

No client certificate CA names sent

 

from the docs for the s_client command, –cert option says:

-cert certname 

The certificate to use, if one is requested by the server. The default is not 
to use a certificate. 

My guess from this is that this command is referring to the CLIENT SSL 
certificate - no?  If my assumption is correct, then why am I getting this 
error?  Or is this a notification of something normal and I should be looking 
elsewhere?

 

I have checked the Apache httpd-ssl.cnf file I am using and verified that all 
the certificate related parts are filled in and I have verified the integrity 
of all the certificates referenced by it.

I have been able to do straight one-way SSL with the server as well with both 
IE and Chrome browsers.  Two-way SSL fails with the server logs indicating that 
the client “refused” the connection.

I am using a self-signed CA which was used to sign the server certificate.  The 
client certificate is also signed by the same CA self-signed certificate.

Apache error logs give me this:

[Tue Nov 13 12:38:56 2012] [error] [client 127.0.0.1] Invalid method in request 
 
Which is about as useful as the openssl docs are.
I am also seeing this in openssl’s s_client output:
verify error:num=19:self signed certificate in certificate chain
From what I think I understand, this should not be a showstopper problem as 
all root CA certs would naturally be self-signed no?
Full output of this operation with the –showcerts command is attached for 
reference.
I have read through many forum examples of how to do this and it seems simple 
enough but then when it doesn’t work, figuring out what things MEAN and how to 
address what is wrong proves to be be very difficult indeed.

RE: I can't believe how much this sucks

[Charles Mills]

EXACTLY!

 

Charles

From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of Sanford Staab
Sent: Tuesday, November 13, 2012 12:53 PM
To: openssl-users@openssl.org
Subject: Re: I can't believe how much this sucks

 

Couldn’t agree more Ted.  I think the bar on open-source product documentation 
has been going way up over time.  If I were these guys, I’d get it right so I 
wouldn’t have to keep bothering to answer so many questions over and over.

 

From: Ted Byers mailto:r.ted.by...@gmail.com  

Sent: Tuesday, November 13, 2012 2:49 PM

To: openssl-users@openssl.org 

Subject: Re: I can't believe how much this sucks

 

On Tue, Nov 13, 2012 at 2:02 PM, Lee Fisher blib...@gmail.com wrote:

For things that the peer support forum and the existing documentation don't 
cover, you have the source code, which is definitive.

Additionally, there are professional OpenSSL consultants you can use for help.

It would be more productive to submit bugs and patches, instead of a litany :-)


Even so, some of those closely involved in the project ought to be doing a 
better job of documenting the product.  Telling people to hire consultants is 
even worse than telling people to read the code.  I develop software for a 
living, and I would be ashamed of any attempt to release even one of my 
products without a proper reference manual, complete design documentation, 
including a reasonable suite of UML documents (in the case of an open source 
product since good coders benefit from good design documentation - which, 
admittedly, I have not produced) and a thorough tutorial.  I have had feedback 
on some of my products that the end users found my interface so intuitive that 
they did not look at the documentation I'd provided even once, but I do not see 
that as an excuse for not producing proper documentation.  In my view, the 
documentation for a product is as much a part of the product as the code in the 
product.  The product is not ready for release until the documentation is as 
complete and polished as is the code.

Peer support is hardly a good, or cost effective, substitute for good 
documentation; and contrary to what some coders I have met, and worked with, 
have claimed, the source code is often not adequate documentation.  Yes, you 
see what the code is doing, but tracing execution paths through it can be a 
tedious nightmare; especially if the coder that produced it wrote the code as a 
candidate for an obfuscated coding contest (something, BTW, I would regard as 
grounds for dismissal if obfuscation is the only justification the code can 
offer for it).

In my own coding, the only libraries I use often are those that are well 
documented.  Life is just too short to waste on libraries that are poorly 
documented (unless someone wants to pay me to do so - but they'd be paying a 
significant premium for such a tedious, and  usually frustrating, task).

I am not criticising the documentation for openssl, and will not; but I would 
encourage those who are responsible for maintaining and improving openssl to 
not neglect the documentation.  It would be a mistake to leave that for someone 
else to do, for when that happens, it is certain that the documentation will 
suffer.

just my $0.02, as a coder with decades of coding experience.

Cheers

Ted

RE: Find the difference in (milli|micro)seconds between two ASN1_TIME values

[Charles Mills]

A struct tm is only granular down to whole seconds, right?

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Wednesday, November 07, 2012 9:33 AM
To: openssl-users@openssl.org
Subject: Re: Find the difference in (milli|micro)seconds between two
ASN1_TIME values

On Wed, Nov 07, 2012, Graham Leggett wrote:

 Hi all,
 
 I would like to know how long a CRL has until it expires in seconds (or
milli or microseconds, don't care, I can convert), and am struggling to find
a formally supported way to do this.
 
 What I would like to do is return the difference between a given ASN1_TIME
and the current time, or two ASN1_TIME values (don't care which, I can
generate an ASN1_TIME from the current time).
 
 Does openssl offer a function to do this, or will I be forced to write my
own?
 

There isn't currently a function to do this but there is a commented out
(and largely untested) function in crypto/asn1/a_time.c to convert an
ASN1_TIME structure to a struct tm and a function to diff two tm structures
called OPENSSL_gmtime_diff.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: https server using openssl

[Charles Mills]

Absolutely!

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Andrey Koltsov
Sent: Tuesday, October 30, 2012 4:08 AM
To: openssl-users@openssl.org
Cc: Indtiny s
Subject: Re: https server using openssl

Hi.

I think that you should write simple HTTP server first and add SSL support
to it afterwards.


Best regards,

Andrey Koltsov
software developer


29.10.2012 20:49, Indtiny s пишет:

   Hi,
 I have CCM chiper suite in the openssl and for some other requirement I
have write my own simple webserver... Can somebody help me to develop simple
openssl based webserver ..

 I just need to support the POST operation at my server side
 i.e , in my requirement , client will post the data to web server , here
server should receive the data and provide the HTTP response as 201 to
client .

 How to start implementing this with the help of openssl ..?

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Need inputs/suggestions on SSL/TLS protocol version fallback mechanism.

[Charles Mills]

Do you call SSL_CTX_set_options() with bit flags (SSL_OP_ALL,
SSL_OP_NO_SSLv3, etc.) to indicate the protocols you are willing to accept?

 

BTW, openssl-users (not -dev) is the proper forum for this sort of
questions.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Bhat, Jayalakshmi
Manjunath
Sent: Monday, October 29, 2012 5:27 AM
To: openssl-...@openssl.org; openssl-users@openssl.org
Subject: Need inputs/suggestions on SSL/TLS protocol version fallback
mechanism.

 

Hi All,

 

I have a client application that uses SSL23_client_method(). When the client
is getting connected to server that supports TLS 1.0 there are no issues.
When the client is getting connected to server that supports only SSLv3.0,
connection is getting aborted with protocol number error.

 

I have couple of question around this issue.

 

1.   If I like to support the fallback mechanism,  I need to implement
the same in the client application. SSL client state machine in OpenSSL does
not implement any fallback. 

2.   I did not see any recommendation in SSL/TLS RFC to implement the
fallback mechanism. I wanted to know are there any side effects in OpenSSL
library if fallback mechanism is implemented.

 

Any help on this points are appreciated.

 

Regards

Jayalakshmi

 

 

 

RE: Need inputs/suggestions on SSL/TLS protocol version fallback mechanism.

[Charles Mills]

You should at least look into it. I am not sure what the defaults are
without looking at the docs. Try setting SSL_OP_ALL (sounds good to me) |
SSL_OP_NO_SSLv2 (SSL v2 is considered to be badly flawed). That should
(IIRC) leave you able to accept SSL v3, TLS v1, and TLS v1.1. 

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Bhat, Jayalakshmi
Manjunath
Sent: Monday, October 29, 2012 7:28 AM
To: openssl-users@openssl.org
Subject: RE: Need inputs/suggestions on SSL/TLS protocol version fallback
mechanism.

 

Hi Charles,

 

Thank you for the reply.  I am not setting any option using
SSL_CTX_set_options, should I indicate protocols using this function?. 

 

Regards

Jaya

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Charles Mills
Sent: Monday, October 29, 2012 7:40 PM
To: openssl-users@openssl.org
Subject: RE: Need inputs/suggestions on SSL/TLS protocol version fallback
mechanism.

 

Do you call SSL_CTX_set_options() with bit flags (SSL_OP_ALL,
SSL_OP_NO_SSLv3, etc.) to indicate the protocols you are willing to accept?

 

BTW, openssl-users (not -dev) is the proper forum for this sort of
questions.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Bhat, Jayalakshmi
Manjunath
Sent: Monday, October 29, 2012 5:27 AM
To: openssl-...@openssl.org; openssl-users@openssl.org
Subject: Need inputs/suggestions on SSL/TLS protocol version fallback
mechanism.

 

Hi All,

 

I have a client application that uses SSL23_client_method(). When the client
is getting connected to server that supports TLS 1.0 there are no issues.
When the client is getting connected to server that supports only SSLv3.0,
connection is getting aborted with protocol number error.

 

I have couple of question around this issue.

 

1.   If I like to support the fallback mechanism,  I need to implement
the same in the client application. SSL client state machine in OpenSSL does
not implement any fallback. 

2.   I did not see any recommendation in SSL/TLS RFC to implement the
fallback mechanism. I wanted to know are there any side effects in OpenSSL
library if fallback mechanism is implemented.

RE: Trouble with Windows DLL

[Charles Mills]

Aha! Got it, I think. Thanks. Was not aware that one could do this sort of
thing. Neat trick. GetProcAddress() is documented only for locating
functions in a DLL, but I guess __declspec(dllexport) causes the name to be
exported in such a way that GetProcAddress() can find it.

 OpenSSL_Applink is OpenSSL specific as the name indicates, not to mention
that the file applink.c is part of the OpenSSL distro and install.

Well, yeah, of course I knew that. But just because you distroed something
called OpenSSL_printf would not mean that printf was OpenSSL-specific, which
is more or less the question that I asked (whether *applink* was
SSL-specific).

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Monday, October 29, 2012 11:52 AM
To: openssl-users@openssl.org
Subject: RE: Trouble with Windows DLL

 From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
 Sent: Friday, 26 October, 2012 11:08

 1. Pardon my ignorance. So _Applink is a generic Windows facility, not 
 OpenSSL-specific? Can you point me to a link or something that 
 explains. I could not find anything.

OpenSSL_Applink is OpenSSL specific as the name indicates, not to mention
that the file applink.c is part of the OpenSSL distro and install.
GetModuleHandle() and GetProcAddress() are Windows generic; look at the code
in ms/uplink.c. 

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: add hash signature as part of the stream on which this hash is based on

[Charles Mills]

Isn't that a little like the guy who committed suicide, cut himself up in
little pieces, and flushed himself down the toilet?

Some checksums are computed such that the checksum is part of the message,
and if all if well, the checksum of the entire message including the
appended sum is 0 or 0x or some such, but the original checksum I think
is always computed on what came before it. The bi-sync CRC-16 (boy, am I
dating myself!) was computed that way IIRC.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Michael Zintakis
Sent: Saturday, October 27, 2012 9:31 AM
To: openssl-users@openssl.org
Subject: add hash signature as part of the stream on which this hash is
based on

Maybe a bit daft of me to ask this, but is it possible to calculate a hash
on a stream of bytes where the resulting hash is considered to be part of
that stream?

In other words, lets assume that I have a stream which is, say, 64 bytes
long in total, consisting of 48 bytes of payload, plus 16-byte for the
hash and that hash has been calculated based on the *entire* stream
(payload+hash) of 64 bytes. Would that be possible to produce with openssl
or is this a bit of a chicken-and-egg scenario? Thanks!
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Trouble with Windows DLL

[Charles Mills]

1. Pardon my ignorance. So _Applink is a generic Windows facility, not
OpenSSL-specific? Can you point me to a link or something that explains. I
could not find anything.

2. While searching, I did find this:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms682586(v=vs.85).as
px It's a definitive explanation of a topic that was discussed here recently
(this thread?): how does Windows determine which copy of a DLL to use? One
thing of note: it is decidedly NOT true that if you put the DLL in the same
folder as the EXE that is the one that will always get used. Ridiculously
complex, but a definitive explanation, FWIW.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Thursday, October 25, 2012 2:00 PM
To: openssl-users@openssl.org
Subject: RE: Trouble with Windows DLL

 From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
 Sent: Wednesday, 24 October, 2012 19:08

  The code for uplink looks to me like it looks for 
 _Applink ONLY in the .exe
 
 It *HAS* to be a .exe? OpenSSL has logic that depends on what type of
 executable is calling it? If I had a .exe that worked with OpenSSL I could
 not necessarily turn it into a .DLL that exported services to calling
 programs?
   
No, OpenSSL on Windows does not have logic that depends on the caller, 
that's why this DOESN'T work. The simplest upward dynamic lookup in 
Windows looks only in the .exe. In order to look in the .dll, OpenSSL 
would need more complicated code to figure out is that was called from 
a .dll and not the .exe, and WHICH particular .dll because you could 
have multiple .dll's compiled differently, and lookup there.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Trouble with Windows DLL

[Charles Mills]

Not sure if it is relevant but are you calling SSL_library_init()?

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Mitchell, Daniel F
Sent: Tuesday, October 23, 2012 12:05 PM
To: openssl-users@openssl.org
Subject: Trouble with Windows DLL

 

Hello,

 

I am trying to use openssl in a Windows DLL.  However, on the first openssl
call I make after these:

CRYPTO_malloc_init();

OpenSSL_add_all_algorithms();

 

I get the no OPENSSL_Applink error.  I read the FAQ, and I have compiled
with /MD, I have included applink.c in my code (and it is a c program, so no
extern), and I have the latest versions of libeay32.dll, libssl32.dll, and
ssleay32.dll in the sys32 folder, where my dll is.  My dll is being called
by a windows executable, so I don't know if that could have anything to do
with it, since I have no real control over that.

 

Does anyone know of any other reasons I could be getting this error? 

RE: Trouble with Windows DLL

[Charles Mills]

Is libssl32.dll possibly the poster's DLL that he refers to in his note?

 The code for uplink looks to me like it looks for _Applink ONLY in the
.exe

It *HAS* to be a .exe? OpenSSL has logic that depends on what type of
executable is calling it? If I had a .exe that worked with OpenSSL I could
not necessarily turn it into a .DLL that exported services to calling
programs?

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Wednesday, October 24, 2012 12:19 PM
To: openssl-users@openssl.org
Subject: RE: Trouble with Windows DLL

From: owner-openssl-us...@openssl.org On Behalf Of Mitchell, Daniel F
Sent: Tuesday, 23 October, 2012 15:05

I am trying to use openssl in a Windows DLL.  However, on the first 
openssl call I make after these:

CRYPTO_malloc_init();

OpenSSL_add_all_algorithms();

I get the no OPENSSL_Applink error.  I read the FAQ, and I have 
compiled with /MD, I have included applink.c in my code (and it is a c 
program, so no extern), and I have the latest versions of libeay32.dll, 
libssl32.dll, and ssleay32.dll in the sys32 folder,

Aside: The openssl libraries on Windows are libeay32 and ssleay32.
I don't know what libssl32 is.

where my dll is.  My dll is being called by a windows executable, so I 
don't know if that could have anything to do with it, since I have no 
real control over that.

This probably doesn't work. The code for uplink looks to me like it looks
for _Applink ONLY in the .exe. 

If you supply your library to be *static* linked with the app it should
work, but you get all the features of static linking, good and bad -- bigger
.exe (rarely matters nowadays); possible name conflicts; can't update
separately.

Otherwise you must avoid all openssl calls that use uplink/applink;
basically this is anything that uses a FILE* opened by your program.
If you handle the file I/O yourself -- for example, read a DER cert file
into memory and call d2i_X509 instead of opening the file and calling
d2i_X509_fp, OR you have openssl *open* the files by explicitly calling
BIO_new_file or equivalent and using the BIO* instead of using any FILE*, it
should be okay.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Wild card SSL; use on multiple Apache servers

[Charles Mills]

Nor does *.domain.com work for domain.com, correct?

Just out of curiosity, do you perceive a trust constrain there (for any
real-world situation)?

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Wednesday, October 24, 2012 11:38 AM
To: openssl-users@openssl.org
Subject: RE: Wild card SSL; use on multiple Apache servers

From: owner-openssl-us...@openssl.org On Behalf Of Alan Buxey
Sent: Wednesday, 24 October, 2012 03:00
To: aurfal...@gmail.com; openssl-users@openssl.org
Subject: Re: Wild card SSL; use on multiple Apache servers

The wildcard is for a particular domain (* is value for any host within 
it) . If your other server is in a different domain, then it won't 
work.

Right. Because the CA only verified your control of the domain that it
issued the cert for; if you get a cert for fredsmith.com and could use it on
a server that impersonates www.amazon.com you could steal billions of
dollars from millions of people.

And an added point which is not obvious to some people, it's only
implemented for one level. *.domain.com works for www.domain.com
ftp.domain.com silly.domain.com but NOT www.foo.domain.com . Even though
this wouldn't actually violate the trust constraint in any situation I can
imagine.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: How can I pass data to a running instance of OpenSSL CLI on Windows within a batch file?

[Charles Mills]

Msdn.com is excellent. Good advice, few flames.
--
Sent from my mobile phone. Please excuse my brevity.

Charles

Jeremy Farrell jeremy.farr...@oracle.com wrote:

If you start openssl.exe, that's the mode it's in by default - waiting for 
commands from stdin, writing the output from those commands to stdout. Isn't 
that what you're looking for?



If you're looking for advice on the programming details of attaching to its 
stdin and stdout and sending/receiving that data from another program, you'd 
probably be better asking on a general Windows programming list where there'll 
be more people with that sort of expertise.



Regards,

  jjf



From: Funnell, Leon [mailto:leon.funn...@catlin.com]
Sent: Monday, October 22, 2012 10:52 AM
To: openssl-users@openssl.org
Subject: How can I pass data to a running instance of OpenSSL CLI on Windows 
within a batch file?



We have Windows application which passes data to OpenSSL.exe to encrypt as a 
Windows command, then scrapes the encrypted data back from the output.  The 
Windows app can call external Windows commands but we cannot call APIs or 
extend the functionality programmatically.   Functionally it works, but it 
doesn’t scale as each time you call OpenSSL.exe it takes about a second and 
spikes the CPU.  The application we are using is required to process 6000 
records every hour.



I have two tests set up:

1.   A batch file which runs 6000 times, repeatedly running the following 
command:

Openssl.exe aes-256-cbc -a -e -k eiccmkjd94jfgniw03ljkdlfutcnv320 –in test.txt



2.   A text file with the following line repeated 6000 times, which I paste 
into the OpenSSL CLI:

aes-256-cbc -a -e -k eiccmkjd94jfgniw03ljkdlfutcnv320 –in test.txt



When I use the batch file which invokes OpenSSL.exe 6000 times, it takes 
several hours to complete and spikes the CPU significantly.  It seems to be the 
initialisation of the OpenSSL.exe program rather than the encryption however, 
as if I paste in the text file to the OpenSSL.exe CLI it completes in several 
seconds and takes very little CPU.



What I need is a way of running OpenSSL.exe as a process which I can pass 
parameters to on STDIN, and output parameters to STDOUT.  I would like to be 
able to call another batch file or program with the unencrypted data as the 
input parameter which would then pass this to the running “service”, retrieve 
the  encrypted data result from this “service” and pass it as the output.



Can anyone enlighten me on a potential solution for this?



Thanks and Regards,



Leon Funnell



This e-mail is confidential and intended solely for the use of the 
individual(s) to whom it is addressed. If you are not the intended recipient, 
be advised that you have received this e-mail in error and that any use, 
dissemination, forwarding, printing, copying of, or any action taken in 
reliance upon it, is strictly prohibited and may be illegal.

Catlin Underwriting Agencies Limited and Catlin Insurance Company (UK) Ltd. are 
authorised and regulated by the Financial Services Authority.

The registered office of Catlin Underwriting Agencies Limited (incorporated and 
registered in England and Wales with company number 1815126) and Catlin 
Insurance Company (UK) Ltd. (incorporated and registered in England and Wales 
with company number 5328622) is 20 Gracechurch Street, London, EC3V 0BG.

Catlin Risk Solutions Limited is an Appointed Representative of Catlin 
Underwriting Agencies Limited.

RE: Building an exportable OpenSSL application

[Charles Mills]

OK. Misunderstood the earlier answer.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Thursday, October 18, 2012 12:26 AM
To: openssl-users@openssl.org
Subject: RE: Building an exportable OpenSSL application

 From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
 Sent: Wednesday, 17 October, 2012 09:47
snip
[Using ShiningLight Windows build]
  If you link with lib/VC/* (or lib/MinGW/*) you get implicit dynamic 
  linking. If you link with
  lib/VC/static/* you get static linking.
 
 Thanks. Did not exactly understand that point. I am in fact using 
 lib/VC/*.
 I may change that to MinGW so that the intention is more obvious.
 
I wouldn't advise that. The (two) VC directories are built for VC++ and the
MinGW directory is built for MinGW. MinGW (unlike Cygwin) tries to be mostly
pretty much compatible with VC++ but I wouldn't rely on it being totally so.
Better to use as designed.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Generating rsakey using openssl as lib

[Charles Mills]

I can't give you a total solution but

 Well, I've called SSLeay_version(SSLEAY_VERSION) from lib, and I've got
 OpenSSL 0.9.8a 11 Oct 2005. 

 That's confirm it's a version problem. My question now is, what shall I
make
 for removing all Openssl versions from my pc. After no OpenSSL installed
or
 compiled, then I will start from beginning with version 1.0.1.

Exactly! Welcome to the club. A good number of the products one trials or
purchases over the years install their own copy of the OpenSSL DLLs
*somewhere*. Use the Windows Start search function and key in ssleay32.dll
and/or libeay32.dll and see how many hits you get! You could start by
uninstalling or deleting any products you are sure you are not using. (Don't
just delete them all!) Perhaps that will solve the problem.

Else, you are *probably* going to get the correct DLL if you put it right in
the same folder with your .exe. Copy your DLLs from wherever you built them
to wherever you are building your application. It's a little complicated
with VS because of the multiple folders: project, Debug, and Release -- but
play around and you should be able to get it right.

You are in my experience on the right track using SSLeay_version(). I would
leave it in my code and printf the results on every execution. You never
know when someone is going to install *something* and mess you up.

Good luck!

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Leonardo Laface de
Almeida
Sent: Thursday, October 18, 2012 5:57 AM
To: openssl-users@openssl.org
Subject: RES: Generating rsakey using openssl as lib 

Hi,

That doesn't prove it's finding the *correct* openssl. Most (and
usual) kinds of SSL connections work on older versions. Do you get
TLSv1.1 or TLSv1.2 connections, or at least request them properly even 
if your server doesn't agree? That would prove version 1.0.1.


My lib is server for SSL connections.
From SSL_get_version(ssl) after SSL_accept(ssl) I got the string:
TLSv1. 
I got this connection using a web browser.  

This means it is TLS 1.0, write?


Does your app run briefly and exit, or does/can it wait or do something 
that takes a reasonably long time? If the latter, get ProcessExplorer 
from technet.microsoft.com/en-us/sysinternals
and use it to examine your running application process to check the 
full paths of the DLLs used. (Or there are other tools that can do 
this, but ProcessExplorer is the one I am familar with.)

The application runs and doesn't exit. The App starts trying to load mylib. 
Without those functions (EVP_PKEY_CTX*), the App loads mylib and uses
properly all exported functions. With those functions, the App can't load
mylib. Then, no function from lib can be called.
I can debug mylib and App. From both the behavior is the same. 


 I've downloaded the openssl*.tar file and extracted to 
 C:/Openssl. Then,
 I've used Visual Studio 2010 for cross-compiling. 
 I followed the instructions in INSTALL.W32 file (pretty good, 
 by the way).
 
 Then, I've copied the following directories from C:\Openssl\ to
 C:\My_LIB_proj\lib\Openssl\:
 
 include
 lib
 
 Then, I've imported the libeay32.lib and ssleay32.lib as usual in c
 programming. I've also included 
 C:\My_LIB_proj\lib\Openssl\include to
 included paths.
 
 Is something missing?
 

That should be good for compiling and linking your app. 
Unless VS has changed recently, just adding an import .lib 
to a project is used for linking but does *not* make it run 
with the matching .dll, although other settings may do that.
(I'm back on 2003, and MS changes this kind of stuff a lot.)
Are you running your app in VS, or from CMD or similar? 
That may also affect the search rules.
Note: this is not cross-compiling, just normal compiling.

I'm using QT Creator for both, App and Mylib. In linux, I will use the same
IDE. 

Lib Configuration:

win32:LIBS += -L$$PWD/lib/Openssl/lib -llibeay32
win32:LIBS += -L$$PWD/lib/Openssl/lib -lssleay32

INCLUDEPATH += $$PWD/lib/Openssl/lib
DEPENDPATH += $$PWD/lib/Openssl/lib

INCLUDEPATH += $$PWD/lib/Openssl/include
DEPENDPATH += $$PWD/lib/Openssl/include

Note: $$PWD - is path to C:/mylib/

For testing, I have pointed mylib to C:/Openssl/lib (instead of
C:/MyLib/lib/Openssl/lib). I've got the same behavior as above.

---
Well, I've called SSLeay_version(SSLEAY_VERSION) from lib, and I've got
OpenSSL 0.9.8a 11 Oct 2005. 

That's confirm it's a version problem. My question now is, what shall I make
for removing all Openssl versions from my pc. After no OpenSSL installed or
compiled, then I will start from beginning with version 1.0.1.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Building an exportable OpenSSL application

[Charles Mills]

Thanks much. Knew all of that from a technology point of view and from other
platforms but did not know the proper Windows/UNIX terms.

I was worried by the assertion that static linking to .lib's and the use of
DLLs was inconsistent.

 at runtime the OS finds those .dll's 
 using moderately complicated search rules, which can be an issue 
 if you have multiple versions in different places

Yes, and I found that various products I have licensed or trialed over the
past few years have each installed their own OpenSSL DLLs of various
versions in various places. SSLeay_version(SSLEAY_VERSION) is a big help in
figuring out which DLL is actually getting used.

 If you link with lib/VC/* (or lib/MinGW/*) you get 
 implicit dynamic linking. If you link with 
 lib/VC/static/* you get static linking.

Thanks. Did not exactly understand that point. I am in fact using lib/VC/*.
I may change that to MinGW so that the intention is more obvious.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Tuesday, October 16, 2012 5:53 PM
To: openssl-users@openssl.org
Subject: RE: Building an exportable OpenSSL application

 From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
 Sent: Tuesday, 16 October, 2012 11:41

  If you are linking to OpenSSL DLLs, then your application 
 isn't statically
  linked against OpenSSL.  .lib files can simply be 
 references to exports in .dll files.
 
 This is an important point. Can we be absolutely clear? My 
 picture of how
 this works is that the .lib files contain small stubs so that 
 while the
 application code has the illusion of making a static call to
 SSL_whatever() in reality that is a tiny stub that actually 
 calls code in a
 DLL. There is no functional code in the .lib, only stubs 
 that link to
 functional code in the DLLS. Am I wrong? This is a critical point.
 
Yes, plus. To be exact, there are really three ways:

- traditional (since like 1950) static linking, with .lib on Windows 
or .a on Unix containing actual code and static data. The linker 
copies referenced code and data to your Windows .exe or Unix executable.

- implicit dynamic linking, with .lib on Windows containing stubs 
that point to code (and sometimes data, but that's usually poor 
practice) in a .dll. This type of .lib is called an import library.
The linker pulls the stubs into your .exe and and also includes a 
list of the .dll files; at runtime the OS finds those .dll's 
using moderately complicated search rules, which can be an issue 
if you have multiple versions in different places, although 
in my (limited) experience the simple solution of putting .dll's 
in the same directory as the .exe always works. On Unix similar 
but there's no import library; you link directly against .so .sl 
etc, and the linker puts the imports in the executable. 

- explicit dynamic linking: instead just calling XYZ_whatever, 
the source code of the app calls OS routines to get pointers to 
the routines in the dynamic library and then calls using those 
pointers. For Windows the routines are LoadLibrary or a variant 
and GetProcAddress; for Unix they are dlopen and dlsym. This is 
more work, but has the advantage your program can continue if 
the desired dyn lib or routine is not available, instead of dying.

To add to the confusion, implicit and explicit dynlibs are 
sometimes called static and dynamic, but even a static dynlib 
is still dynamic as far as execution is concerned.

 BTW, thanks for the Shining Light Windows build. It's what I am using.
 
Note the Shining Light builds provide all options. If you link 
with lib/VC/* (or lib/MinGW/*) you get implicit dynamic linking.
If you link with lib/VC/static/* you get static linking. 
Or you can code explicitly and use the .dll's directly.

In most cases dynamic linking is preferable, usually implicit, and 
it sounds like for you especially so, but all options work.


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Building an exportable OpenSSL application

[Charles Mills]

I have a Windows-only OpenSSL application developed in VS 2010. I have now
been tasked with creating parallel regular and exportable (from the US)
distributions of the application.

I UNDERSTAND YOU CAN'T GIVE LEGAL ADVICE. I'M ONLY LOOKING FOR TECHNICAL
INPUT HERE.

The application statically links to libeay32XX.lib and ssleay32XX.lib. The
application starts out by calling applink(). The distribution includes
libeay32.dll and ssleay32.dll.

Am I correct in the following premises?

- All of the actual encryption algorithms are in libeay32.dll? (And
ssleay32.dll?) As I describe my architecture above, my distributed main
executable does not contain actual encryption algorithms; they're only in
the DLL(s)?

- It should be possible to create and distribute a weak encryption only
build of libeay32.dll?

Personal confession/personal advice time: I have 44 years of experience as a
programmer, 40 of it as a successful commercial product developer, but no
knowledge of make beyond a grasp of the purpose and concept. (Most of
those 44 years are on a platform with no tradition of make; the remainder
are exclusively with the MS VS IDE and its predecessors. Make fun of me if
you wish.) Question: assuming I am correct that I need to build my own
version of libeay32.dll, do you think it's a shorter path to learn make, or
to try to do it with MS VS 2010? I am guessing the former. Is there
somewhere a ready to roll MS VS project that builds the DLLs?

Is there a configure (is that the right term?) option for weak encryption
only? I see the no-specific cipher flag but is there a no-strong-ciphers
sort of option? I know that SSL_CTX_set_cipher_list() supports the LOW and
EXP keywords so OpenSSL must know what are the so-called export ciphers.

Would appreciate any additional miscellaneous tips.

Charles 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Building an exportable OpenSSL application

[Charles Mills]

 If you are linking to OpenSSL DLLs, then your application isn't statically

 linked against OpenSSL.  .lib files can simply be references to exports in
.dll files.

This is an important point. Can we be absolutely clear? My picture of how
this works is that the .lib files contain small stubs so that while the
application code has the illusion of making a static call to
SSL_whatever() in reality that is a tiny stub that actually calls code in a
DLL. There is no functional code in the .lib, only stubs that link to
functional code in the DLLS. Am I wrong? This is a critical point.

BTW, thanks for the Shining Light Windows build. It's what I am using.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Thomas J. Hruska
Sent: Tuesday, October 16, 2012 8:02 AM
To: openssl-users@openssl.org
Subject: Re: Building an exportable OpenSSL application

On 10/16/2012 7:25 AM, Charles Mills wrote:
 I have a Windows-only OpenSSL application developed in VS 2010. I have 
 now been tasked with creating parallel regular and exportable 
 (from the US) distributions of the application.

 I UNDERSTAND YOU CAN'T GIVE LEGAL ADVICE. I'M ONLY LOOKING FOR 
 TECHNICAL INPUT HERE.

 The application statically links to libeay32XX.lib and ssleay32XX.lib. 
 The application starts out by calling applink(). The distribution 
 includes libeay32.dll and ssleay32.dll.

If you are linking to OpenSSL DLLs, then your application isn't statically
linked against OpenSSL.  .lib files can simply be references to exports in
.dll files.


 Am I correct in the following premises?

 - All of the actual encryption algorithms are in libeay32.dll? (And
 ssleay32.dll?) As I describe my architecture above, my distributed 
 main executable does not contain actual encryption algorithms; they're 
 only in the DLL(s)?

 - It should be possible to create and distribute a weak encryption only
 build of libeay32.dll?

Anyone could simply install different binaries and delete yours.


 Personal confession/personal advice time: I have 44 years of 
 experience as a programmer, 40 of it as a successful commercial 
 product developer, but no knowledge of make beyond a grasp of the 
 purpose and concept. (Most of those 44 years are on a platform with no 
 tradition of make; the remainder are exclusively with the MS VS IDE 
 and its predecessors. Make fun of me if you wish.) Question: assuming 
 I am correct that I need to build my own version of libeay32.dll, do 
 you think it's a shorter path to learn make, or to try to do it with 
 MS VS 2010? I am guessing the former. Is there somewhere a ready to roll
MS VS project that builds the DLLs?

No there isn't.  Well, okay, there is some ancient VS workspace but no one
uses it.  It is better to follow the README.WIN32 instructions.


 Is there a configure (is that the right term?) option for weak encryption
 only? I see the no-specific cipher flag but is there a
no-strong-ciphers
 sort of option? I know that SSL_CTX_set_cipher_list() supports the LOW and
 EXP keywords so OpenSSL must know what are the so-called export ciphers.

A better approach is to dynamically link against OpenSSL and then call 
that function with the export cipher list in your export build.  That 
way, you can easily replace just the OpenSSL DLLs as new versions come 
out AND it keeps people from replacing your DLLs with other DLLs and 
causing unintended side effects.  It seems cleaner to me anyway.


 Would appreciate any additional miscellaneous tips.

 Charles

-- 
Thomas Hruska
Shining Light Productions

Home of BMP2AVI and Win32 OpenSSL.
http://www.slproweb.com/
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: top 10 mistakes when using libopenssl?

[Charles Mills]

Oh-oh. I'm not calling OpenSSL_add_all_algorithms() or anything real
similar.

I call SSL_library_init() and SSL_load_error_strings() and set up the
Locking callback but that's it.

It seems to work. Both my client code and my server code interoperate with
non-OpenSLL TLS implementation without error, and report the use of strong
SSL/TLS cipher suites.

What am I missing?

Charles
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Sunday, October 14, 2012 3:56 AM
To: openssl-users@openssl.org
Subject: Re: top 10 mistakes when using libopenssl?

On Sat, Oct 13, 2012, Ken Goldman wrote:

 On 10/10/2012 8:08 PM, Kyle Hamilton wrote:
 Suggestions from my experience:
 
 If you include the library, #1 for novices has to be:
 
 1 - Using strlen() to get the length of encrypted data.
 
 

I'd add...

Forgetting to call OpenSSL_add_all_algorithms or similar.


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: top 10 mistakes when using libopenssl?

[Charles Mills]

Whew! g

Thanks.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Monday, October 15, 2012 9:51 AM
To: openssl-users@openssl.org
Subject: Re: top 10 mistakes when using libopenssl?

On Mon, Oct 15, 2012, Charles Mills wrote:

 Oh-oh. I'm not calling OpenSSL_add_all_algorithms() or anything real 
 similar.
 
 I call SSL_library_init() and SSL_load_error_strings() and set up the 
 Locking callback but that's it.
 

SSL_library_init() counts as similar to OpenSSL_add_all_algorithms() so
that's fine.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: OpenSSL cert authority with no database

[Charles Mills]

I hit this EXACT problem.

 

The *wrong* ways to solve it are to keep deleting the database or deleting
records from the database.

 

The right way to solve it is to revoke certificates that you want to
re-issue. I just happen to have a (Windows - sorry if you're not Windows)
.BAT file to do just that, and as a side benefit, it maintains a CRL that
you can play with. (You do intend to support CRLs, right?)

 

rem revoke a certificate and re-issue the CRL

rem unable to write 'random state' seems to be normal

rem pass the name of the PEM file to be revoked as the only argument

 

openssl.exe ca -revoke %1 -config myConfig.cnf -keyfile myRoot.key.pem
-passin pass:the_password

 

openssl.exe ca -gencrl -out myRevocations.crl -config myConfig.cnf -keyfile
myRoot.key.pem -passin pass:the_password

 

pause Check status of certificate revocation and CRL generation (CRL
*success* outputs no messages)

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Derek Cole
Sent: Thursday, October 11, 2012 3:14 PM
To: openssl-users@openssl.org
Subject: OpenSSL cert authority with no database

 

Hello,

Is there a way to sign certificates with your own CA, and NOT have to use a
database file to keep track of them? For development purposes, I end up
creating the same cert multiple times, and trying to sign it which will
cause me to get the TXT_DB error number 2
sometimes, which does not allow the signing of the cert to proceed.

Thanks!

RE: Best practice for client cert name checking

[Charles Mills]

Thanks.

My boss is not technical. I am the CTO of this product. Our customers are
your basic commercial customers. Yes, I picture that they would be their own
CA. Why pay Verisign if you don't have a bunch of people sitting at their
PCs trying to buy widgets from your Web site, and wondering if they can
trust it. Yes, I support a local CRL file.

I think our customers' situation is likely a LOT like yours: relatively few
machines, possibly distant and possibly on the public Internet. It's
basically an unattended box to unattended box product, so the problem is
identifying machines, not people.

Yes, IP addresses change. Obviously if someone is changing IP addresses a
lot they would have to change the whitelist a lot. 

I've got other fish to fry at the moment, but I kind of like the idea of
offering if and only if the 'names' on the whitelist are IP addresses then
one (possibly wildcarded in the low-order node) must compare equal to the
incoming IP address, and the incoming IP address must also compare equal to
a (possibly wildcarded) name in the certificate.

This would *help* (everything is a help, right, nothing is absolute) with
the problem of a client certificate that got away into the wild, right?

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Wednesday, October 10, 2012 12:48 PM
To: openssl-users@openssl.org
Subject: RE: Best practice for client cert name checking

 From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
 Sent: Monday, 08 October, 2012 07:47

 Dave, any thoughts on my original question? My thread kind of got 
 hi-jacked.

Not much, but since you ask:

 -Original Message-
 From: Charles Mills [mailto:charl...@mcn.org]
 Sent: Saturday, October 06, 2012 9:52 AM
 To: openssl-users@openssl.org
 Subject: Best practice for client cert name checking
 
 I have recently written a product that incorporates SSL/TLS server 
 code that processes client certificates. I designed what I thought 
 made sense at the time but now I am wondering if what I did was best.
 
Whatever you, or your users/boss/customers/etc., need.

The technical question is do you use -- that is, have your clients use --
public CAs (like Verisign etc.) or a CA that you control (operate or
contract with)?
If the latter, maybe you can limit issuance so that any cert issued by this
CA and not revoked is a good client.
(Although for openssl revocation checking to be accurate, either you must
have some method to update CRLs often enough or you must implement OCSP.) 

 In the product's configuration file the sysadmin may optionally 
 include a whitelist of client names. If the sysadmin does so, then the 
 server requests a client certificate. At least one of the names 
 (subject O= and Alternative names, including wildcards) in the 
 certificate must match one of the names in the whitelist or I reject 
 the session.
 
For public certs you may want CN (Common Name) as well as or even instead of
O (Organization). 

 Something I saw recently got me to wondering whether I should have 
 made some sort of provision for checking IP addresses: perhaps 
 verifying that the client IP address appeared in the Alternative names 
 in the client certificate as well as in the whitelist? Or perhaps that 
 the IP address matched an alternative name and the subject name 
 appeared in the whitelist?
 
I wouldn't. In much of today's internet IP addresses are not very stable at
identifying machines, and even less so people.
But it's up to your users/etc what they need, or want.

FWIW, I work in a back-end environment where the systems that connect are
relatively few and very stable, though distant, so we just have our own CA
which issues certs to only valid clients. Your situation is likely
different.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Firefox unhappy with my self signed Cert

[Charles Mills]

How do you specify the name (URL) of the Web site in Firefox? Do you use
exactly the same name as you use with the test client (and the name in the
certificate)?

 

Firefox is saying the certificate is for myserver but you are specifying a
different name when you open the site. The name has to be exactly the same
as one of the names (including alternates) in the certificate. (You can
wildcard the last node in the alternate names.) myserver is not the same as
myserver.com

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Derek Cole
Sent: Thursday, October 11, 2012 4:03 PM
To: openssl-users@openssl.org
Subject: Firefox unhappy with my self signed Cert

 

Hello,

I sort of posted about this earlier, but I think this is  a more concise
question (as the previous replies were helpful for me to start debugging the
problem).

i have a server that is running a custom app that can accept a SSL
connection. I generate a cert on each server, that is signed by my own CA. I
tested whether this worked or not by using the openssl s_client and s_server
commands, and it actually worked to connect to the server using those
commands. I started the server with a PEM file that contained the signed
cert request,  as well as the private key for that cert request. This
allowed me to start the server with

openssl s_server -accept 443 -cert myfile.cert

and on the client side

openssl s_client -connect myserver:443 -CAfile my_server_cert.pem

This gave me a verify code of zero, so I thought I was good to go.

I installed my_server_cert.pem as a trusted authority in firefox, however,
it still prompts that it is an Untrusted Connection and has the button to
add security exception. When I click this button, I noticed that under
Certificate Status it says Wrong Site and This iste attempts to identify
itself iwth invalid information


I'd prefer my clients to not have this pop-up when they are connecting to my
servers. From the server  side, when I debug the app, I see I get the sslv3
alert bad certificate error at first, and then the next connection's are
SSL_accepted() as the client requests cert status and such, until i'm
finally done adding the security exception, and my final SSL_accept()
finally gets a return of 1 which  I was hoping for.

Is this just a firefox bug or what? I have noticed too, that I am able to
launch my custom app, and use openssl s_client -connect to connect to that
same server, same certs, and it gives me verify code zero.


Thanks for any insight.

RE: Firefox unhappy with my self signed Cert

[Charles Mills]

 The wildcard is the lowest-level component of a DNS name, which is at the
left as written; in

You're right (left?) of course. I was somehow picturing it incorrectly in my
mind. I quick went and looked at my wildcard comparison code and it is
correct (whew!). 

In my other thread about checking client IP addresses I was picturing a
lowest-level/RIGHTmost wildcard on the IP address: e.g. 192.168.1.*

That's lowest level conceptually but I guess not what the standard or
convention provides for.

BTW, a good quick discussion of wildcard certificate names:
http://support.godaddy.com/help/article/567/what-is-a-wildcard-ssl-certifica
te (They'd love to sell you one; this is not an endorsement.)

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Thursday, October 11, 2012 5:13 PM
To: openssl-users@openssl.org
Subject: RE: Firefox unhappy with my self signed Cert

From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
Sent: Thursday, 11 October, 2012 19:40

Some minor points:

How do you specify the name (URL) of the Web site in Firefox? 
Do you use exactly the same name as you use with the test client (and 
the name in the certificate)?

OP's test client was openssl s_client, which does NOT check hostname, so
that one doesn't matter. URL in Firefox/etc and name in cert do.

Firefox is saying the certificate is for myserver but you are 
specifying a different name when you open the site. The name has to be 
exactly the same as one of the names (including alternates) in the 
certificate. (You can wildcard the last node in the alternate
names.) myserver is not the same as myserver.com

You can use wildcard in either Subject or SubjectAlternativeNames. 
The wildcard is the lowest-level component of a DNS name, which is at the
left as written; in abstract that might be considered last 
but I think most people wouldn't call it that.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Best practice for client cert name checking

[Charles Mills]

Dave, any thoughts on my original question? My thread kind of got hi-jacked.

Charles

-Original Message-
From: Charles Mills [mailto:charl...@mcn.org] 
Sent: Saturday, October 06, 2012 9:52 AM
To: openssl-users@openssl.org
Subject: Best practice for client cert name checking

I have recently written a product that incorporates SSL/TLS server code that
processes client certificates. I designed what I thought made sense at the
time but now I am wondering if what I did was best.

In the product's configuration file the sysadmin may optionally include a
whitelist of client names. If the sysadmin does so, then the server requests
a client certificate. At least one of the names (subject O= and Alternative
names, including wildcards) in the certificate must match one of the names
in the whitelist or I reject the session.

Something I saw recently got me to wondering whether I should have made some
sort of provision for checking IP addresses: perhaps verifying that the
client IP address appeared in the Alternative names in the client
certificate as well as in the whitelist? Or perhaps that the IP address
matched an alternative name and the subject name appeared in the whitelist?

Comments?

Charles 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Best practice for client cert name checking

[Charles Mills]

Aren't you talking here about the client's validation of the server's 
credentials? That's useful information, but my question was about server 
validation of client certificates ...

Charles

-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of Jeffrey Walton
Sent: Monday, October 08, 2012 11:13 AM
To: OpenSSL Users List
Subject: Re: Best practice for client cert name checking

On Mon, Oct 8, 2012 at 9:25 AM, Mark H. Wood mw...@iupui.edu wrote:
 On Mon, Oct 08, 2012 at 07:42:04AM +, Marco Molteni (mmolteni) wrote:
 try searching for certificate pinning. If you are familiar with 
 ssh, it is the same concept of the StrictHostKeyChecking option 
 (although obviously SSH and TLS are completely distinct protocols and 
 by default SSH doesn't use X.509 certs).

 The idea is: with a standard TLS connection, acting as TLS client, 
 you connect to an host for the first time and you receive its 
 certificate. The standard TLS verifications are successful (meaning: 
 the certificate really belongs to the host and it has been issued by 
 a CA you trust). When the connection is closed, a normal TLS client will 
 forget the certificate.

 On the other hand, certificate pinning remembers the certificate. 
 Pinning means storing locally such certificate and associate it to 
 the hostname you connected to. If the next time you connect the 
 certificate has changed, a system supporting certificate pinning will warn 
 you.

 I believe this is what the Certificate Patrol plugin for Firefox is 
 doing, if you want to see it in action.
This plug-in pins certificates (not public keys), and creates a lot of spurious 
noise on some sites (for example, Google and Gmail). It desensitizes the user.

I've been running experiments on Google and Gmail for the last couple of years. 
If you are pinning for those sites, you definitely want to pin public keys.

Jeff
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Best practice for client cert name checking

[Charles Mills]

Trying to achieve client authentication.

Should I have said certificate signed by a CA known to the server?

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Ben Laurie
Sent: Saturday, October 06, 2012 10:38 AM
To: openssl-users@openssl.org
Subject: Re: Best practice for client cert name checking

On Sat, Oct 6, 2012 at 2:52 PM, Charles Mills charl...@mcn.org wrote:
 I have recently written a product that incorporates SSL/TLS server 
 code that processes client certificates. I designed what I thought 
 made sense at the time but now I am wondering if what I did was best.

 In the product's configuration file the sysadmin may optionally 
 include a whitelist of client names. If the sysadmin does so, then the 
 server requests a client certificate. At least one of the names 
 (subject O= and Alternative names, including wildcards) in the 
 certificate must match one of the names in the whitelist or I reject the
session.

 Something I saw recently got me to wondering whether I should have 
 made some sort of provision for checking IP addresses: perhaps 
 verifying that the client IP address appeared in the Alternative names 
 in the client certificate as well as in the whitelist? Or perhaps that 
 the IP address matched an alternative name and the subject name appeared
in the whitelist?

 Comments?

You don't say what you're trying to achieve! But whatever it is, none of the
above makes a lot of sense - anyone can make a cert with whatever subject
and alternate names they want...
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Best practice for client cert name checking

[Charles Mills]

I have recently written a product that incorporates SSL/TLS server code that
processes client certificates. I designed what I thought made sense at the
time but now I am wondering if what I did was best.

In the product's configuration file the sysadmin may optionally include a
whitelist of client names. If the sysadmin does so, then the server requests
a client certificate. At least one of the names (subject O= and Alternative
names, including wildcards) in the certificate must match one of the names
in the whitelist or I reject the session.

Something I saw recently got me to wondering whether I should have made some
sort of provision for checking IP addresses: perhaps verifying that the
client IP address appeared in the Alternative names in the client
certificate as well as in the whitelist? Or perhaps that the IP address
matched an alternative name and the subject name appeared in the whitelist?

Comments?

Charles 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Best practice for client cert name checking

[Charles Mills]

Thanks. I'm a relative newbie to this whole topic. Can you point me to a 
resource that describes pin in the sense you use it below? The word is too 
common for the Google to be much help.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of Jeffrey Walton
Sent: Saturday, October 06, 2012 4:40 PM
To: openssl-users@openssl.org
Subject: Re: Best practice for client cert name checking

On Sat, Oct 6, 2012 at 9:52 AM, Charles Mills charl...@mcn.org wrote:
 I have recently written a product that incorporates SSL/TLS server 
 code that processes client certificates. I designed what I thought 
 made sense at the time but now I am wondering if what I did was best.

 In the product's configuration file the sysadmin may optionally 
 include a whitelist of client names. If the sysadmin does so, then the 
 server requests a client certificate. At least one of the names 
 (subject O= and Alternative names, including wildcards) in the 
 certificate must match one of the names in the whitelist or I reject the 
 session.

 Something I saw recently got me to wondering whether I should have 
 made some sort of provision for checking IP addresses: perhaps 
 verifying that the client IP address appeared in the Alternative names 
 in the client certificate as well as in the whitelist? Or perhaps that 
 the IP address matched an alternative name and the subject name appeared in 
 the whitelist?
You have a pre-existing relationship. There is no need to confer trust to a 
third party (the CAs). There's no need to use naming and location services 
(DNS) since its a weak assurance at best.

To improve the security posture, pin the certificate or public keys.
Because the relationship already exists, you already know what the public keys 
are. No need to trust a third party, and no need to depend upon DNS, no need to 
tolerate other infrastructure failures.

Problems with PKI in general:
www.cs.auckland.ac.nz/~pgut001/pubs/pkitutorial.pdf
History of PKI and CA failures: http://wiki.cacert.org/Risk/History
Reasons to Pin in mobile:
http://lists.owasp.org/pipermail/owasp-mobile-security-project/2012-August/000345.html

Google also Pins their public keys on the desktop. Its the reason Chrome did 
not suffer Diginotar's failure.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Documentation for TXT_DB errors?

[Charles Mills]

I hear you (whoever you are!).

It's a playpen CA. I'm a software developer. These certificates will never be 
allowed out into the wild.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of lists
Sent: Thursday, October 04, 2012 11:43 AM
To: openssl-users@openssl.org
Subject: Re: Documentation for TXT_DB errors?

On 10/03/2012 05:49 AM, Dave Thompson wrote:
 I deleted index.txt and reset serial.txt to 00 and that 
 solved the problem.

 Hope that was not a terrible idea.

In my opinion, reusing serials is a *very bad* idea in general.
It is definitely deprecated and maybe forbidden in some legal context (I work 
in Italy, no officially appointed CA would reuse serials here).
Think about the existence of an OpenSSL function named 
X509_issuer_and_serial_hash.
It exists exactly because serials are intended to be unique and combining them 
with the CA (the hash is for leveraging the output) makes easy to have a unique 
identifier for certificates in a system; I personally use it.
Just to present another example, OCSP can be queried by a serial number (of the 
certified that is to be verified).

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: OpenSSL running on Windows XP/2003/7

[Charles Mills]

http://www.openssl.org/related/binaries.html 

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of engineermike
Sent: Friday, October 05, 2012 9:37 AM
To: openssl-users@openssl.org
Subject: OpenSSL running on Windows XP/2003/7

 

Hello,

  I've been asked to create a certificate following a video that was made
with step by step instructions.  The video is using OpenSSL on a windows
machine.  I can't seem to locate the program for a windows machine.  Can
someone send me a link to the version of the program that will run on
Windows?

Thanks in advance

Mike

RE: Documentation for TXT_DB errors?

[Charles Mills]

Dave, as always, thanks.

 Unlike most(?) other modules in openssl, txt_db does NOT use the ERR_
module with its error strings

I love OpenSSL and I'm not going to tell you how to run your organization
but better documentation would probably mean both wider acceptance and fewer
dumb questions from folks like me!

 Does any line in index.txt have col 3 (serial) 1C?

No. Here is a cut and paste of the entire left hand side of index.txt.

R   130821124505Z   120822123411Z   0B  unknown /CN=C
R   130822123506Z   120822124611Z   0C  unknown /CN=C
V   130822124721Z   0D  unknown /CN=Charles Mills 
R   130822125501Z   120823201015Z   0E  unknown /CN=C
R   130822135246Z   120822185456Z   0F  unknown /CN=C
R   130822185636Z   120822190409Z   10  unknown /CN=C
R   130822190502Z   120823201600Z   11  unknown /CN=C
R   130823201708Z   120824133410Z   12  unknown /CN=C
R   130824133506Z   120824145025Z   13  unknown /CN=C
R   130824134844Z   120824135333Z   14  unknown /CN=C
V   130824135429Z   15  unknown /CN=Charles Mills 
V   130824152620Z   16  unknown /CN=Charles Mills 
R   130830225706Z   120830235325Z   17  unknown /CN=C
R   13083117Z   120831231148Z   18  unknown /CN=C
R   130831233626Z   120904174701Z   19  unknown /CN=C
R   130905130939Z   120905182554Z   1A  unknown /CN=C
R   130912152715Z   120912155806Z   1B  unknown /CN=C
R   120919161159Z   121001143321Z   93E150296A86E7C7

 you should have 27 or 28 (respectively) lines in index.txt

Early on in my use of OpenSSL, when I (a.) understood even less than I do
now and (b.) issued lots of practice certificates I solved the duplicate
certificate problem by repeatedly deleting and re-creating index.txt. My
bad. Perhaps I should both delete it ONE more time and reset serial to 00?
This is a total playpen situation. I have no pretense of being any sort of
real CA at this time.

 The usual name for the serial file is just serial no .txt

Definitely serial.txt. Not sure how that happened. Something in the Win32
pre-built distribution that I got?

 If the file doesn't exist this can't work. Was the error nonexistent file,
or something else, and if so what?

Non-existent file. Was not sure if revoke started from the file or from the
index.

 Did you configure that on?

Config file in use says

unique_subject  = no

 Further, there is no requirement the subject DN be unique.

Wow, I ran into lots of trouble with that issue. That's how I got into
re-creating the index file (which I now know was wrong, but nonetheless that
is why I did it). Any idea why I would have had certificate requests
rejected as duplicates then?

 Aside: I'm pretty sure you don't need the .nnn i.e. .2 here, since openssl
treats subjectAltName as one

Hmmm. It's working so I don't think I'll touch it. I know it took a lot of
hacking to get it to work. Again, may I repeat my plea for documentation?
Why do open source projects attract plenty of coders but not tech writers?
Aren't there tech writers who would love to make a contribution to open
source?

thanks and take care,

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Monday, October 01, 2012 6:02 PM
To: openssl-users@openssl.org
Subject: RE: Documentation for TXT_DB errors?

 From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
 Sent: Monday, 01 October, 2012 10:12

 Is there specific documentation anywhere for TXT_DB errors?
 
AFAIK only $sourcetree/crypto/txt_db/txt_db.h
Unlike most(?) other modules in openssl, txt_db does NOT use the ERR_ module
with its error strings capability; bummer.

 I'm not a total newbie at this but I am not an expert. I have issued 
 server certificates before but now I am stuck on a TXT_DB error 2.
 
2 is DB_ERROR_INDEX_CLASH .

 serial.txt exists and contains 1C. index.txt exists and contains 17
 (decimal) lines.
 
Does any line in index.txt have col 3 (serial) 1C? All certs from a CA (at
least under a given CA key+cert if you chain with AKI, as is generally best
practice but optional in openssl) must have unique serials, and openssl 'ca'
enforces this with an in-memory index on data in file (normally and a bit
misleadingly) index.txt, in addition to using file serial which if not
interfered with assigns sequential thus unique values.

If serial(.txt?) started from 00 or 01, and only 'ca' updated it, and you
didn't delete any lines from index.txt or replace that with a copy/version
that is missing lines (like a backup), you should have 27 or 28
(respectively) lines in index.txt, for each serial value through hex 1B in
sequence.

The usual name for the serial file is just serial no .txt. 
I assume either this is a typo or you changed the config so that serial.txt
is actually being used. If not, look at the file that is actually being
used

RE: Documentation for TXT_DB errors?

[Charles Mills]

I deleted index.txt and reset serial.txt to 00 and that solved the problem.

Hope that was not a terrible idea.

I understand that I have lost the ability to revoke any previous
certificates.

I won't edit index.txt again.

Charles

-Original Message-
From: Charles Mills [mailto:charl...@mcn.org] 
Sent: Tuesday, October 02, 2012 9:03 AM
To: 'openssl-users@openssl.org'
Subject: RE: Documentation for TXT_DB errors?

Dave, as always, thanks.

 Unlike most(?) other modules in openssl, txt_db does NOT use the ERR_
module with its error strings

I love OpenSSL and I'm not going to tell you how to run your organization
but better documentation would probably mean both wider acceptance and fewer
dumb questions from folks like me!

 Does any line in index.txt have col 3 (serial) 1C?

No. Here is a cut and paste of the entire left hand side of index.txt.

R   130821124505Z   120822123411Z   0B  unknown /CN=C
R   130822123506Z   120822124611Z   0C  unknown /CN=C
V   130822124721Z   0D  unknown /CN=Charles Mills 
R   130822125501Z   120823201015Z   0E  unknown /CN=C
R   130822135246Z   120822185456Z   0F  unknown /CN=C
R   130822185636Z   120822190409Z   10  unknown /CN=C
R   130822190502Z   120823201600Z   11  unknown /CN=C
R   130823201708Z   120824133410Z   12  unknown /CN=C
R   130824133506Z   120824145025Z   13  unknown /CN=C
R   130824134844Z   120824135333Z   14  unknown /CN=C
V   130824135429Z   15  unknown /CN=Charles Mills 
V   130824152620Z   16  unknown /CN=Charles Mills 
R   130830225706Z   120830235325Z   17  unknown /CN=C
R   13083117Z   120831231148Z   18  unknown /CN=C
R   130831233626Z   120904174701Z   19  unknown /CN=C
R   130905130939Z   120905182554Z   1A  unknown /CN=C
R   130912152715Z   120912155806Z   1B  unknown /CN=C
R   120919161159Z   121001143321Z   93E150296A86E7C7

 you should have 27 or 28 (respectively) lines in index.txt

Early on in my use of OpenSSL, when I (a.) understood even less than I do
now and (b.) issued lots of practice certificates I solved the duplicate
certificate problem by repeatedly deleting and re-creating index.txt. My
bad. Perhaps I should both delete it ONE more time and reset serial to 00?
This is a total playpen situation. I have no pretense of being any sort of
real CA at this time.

 The usual name for the serial file is just serial no .txt

Definitely serial.txt. Not sure how that happened. Something in the Win32
pre-built distribution that I got?

 If the file doesn't exist this can't work. Was the error nonexistent file,
or something else, and if so what?

Non-existent file. Was not sure if revoke started from the file or from the
index.

 Did you configure that on?

Config file in use says

unique_subject  = no

 Further, there is no requirement the subject DN be unique.

Wow, I ran into lots of trouble with that issue. That's how I got into
re-creating the index file (which I now know was wrong, but nonetheless that
is why I did it). Any idea why I would have had certificate requests
rejected as duplicates then?

 Aside: I'm pretty sure you don't need the .nnn i.e. .2 here, since openssl
treats subjectAltName as one

Hmmm. It's working so I don't think I'll touch it. I know it took a lot of
hacking to get it to work. Again, may I repeat my plea for documentation?
Why do open source projects attract plenty of coders but not tech writers?
Aren't there tech writers who would love to make a contribution to open
source?

thanks and take care,

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Monday, October 01, 2012 6:02 PM
To: openssl-users@openssl.org
Subject: RE: Documentation for TXT_DB errors?

 From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
 Sent: Monday, 01 October, 2012 10:12

 Is there specific documentation anywhere for TXT_DB errors?
 
AFAIK only $sourcetree/crypto/txt_db/txt_db.h
Unlike most(?) other modules in openssl, txt_db does NOT use the ERR_ module
with its error strings capability; bummer.

 I'm not a total newbie at this but I am not an expert. I have issued 
 server certificates before but now I am stuck on a TXT_DB error 2.
 
2 is DB_ERROR_INDEX_CLASH .

 serial.txt exists and contains 1C. index.txt exists and contains 17
 (decimal) lines.
 
Does any line in index.txt have col 3 (serial) 1C? All certs from a CA (at
least under a given CA key+cert if you chain with AKI, as is generally best
practice but optional in openssl) must have unique serials, and openssl 'ca'
enforces this with an in-memory index on data in file (normally and a bit
misleadingly) index.txt, in addition to using file serial which if not
interfered with assigns sequential thus unique values.

If serial(.txt?) started from 00 or 01, and only 'ca' updated it, and you
didn't

Documentation for TXT_DB errors?

[Charles Mills]

Is there specific documentation anywhere for TXT_DB errors?

I'm not a total newbie at this but I am not an expert. I have issued server
certificates before but now I am stuck on a TXT_DB error 2. 

serial.txt exists and contains 1C. index.txt exists and contains 17
(decimal) lines.

Unless I am confused the CN I am trying to issue for is unique. A revoke for
the_cn_name.PEM fails. However some of the additional DNS in the certificate
are not unique. Is that a problem? In other words, I am trying to issue
foo.PEM for CN=foo. foo.PEM does not exist and O=foo does not appear in
index.txt. But I am trying to issue the certificate with DNS.2=bar. I may
already have outstanding unrevoked certificates with DNS.2=bar. Is that a
problem?

What should I be looking for that accounts for TXT_DB error 2 in this
situation? Is there authoritative documentation I should be reading?

Thanks much,

Charles 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: facing problem in installation of openssl-0.9.7d

[Charles Mills]

Well, as the messages say, you specified /WX - treat any warning as a fatal
error. You got a warning -- /G5 is deprecated - and, just as you asked, VC
treated it as a fatal error.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Ahmad
Sent: Wednesday, September 26, 2012 2:46 AM
To: openssl-users@openssl.org
Subject: facing problem in installation of openssl-0.9.7d

 

I am having some error when i try to install openssl-0.9.7d.
from the VC++ environment at a prompt  when i run this command

  nmake -f ms\ntdll.mak

I get following errors 

1 file(s) copied.
cl /Fotmp32dll\cryptlib.obj  -Iinc32 -Itmp32dll /MD /W3 /WX /G5 /Ox
/O2
/Ob2 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN
-DL_ENDI
AN -DDSO_WIN32 -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM /Fdout32dll
-DOPENSSL_
NO_KRB5 -D_WINDLL  -DOPENSSL_BUILD_SHLIBCRYPTO -c .\crypto\cryptlib.c
cl : Command line warning D9002 : ignoring unknown option '/G5'
cryptlib.c
C:\Program Files\Microsoft Visual Studio 10.0\VC\INCLUDE\errno.h(92) : error
C22
20: warning treated as error - no 'object' file generated
C:\Program Files\Microsoft Visual Studio 10.0\VC\INCLUDE\errno.h(92) :
warning C
4005: 'EADDRINUSE' : macro redefinition
tmp32dll\e_os.h(156) : see previous definition of 'EADDRINUSE'
NMAKE : fatal error U1077: 'C:\Program Files\Microsoft Visual Studio
10.0\VC\BI
N\cl.EXE' : return code '0x2'
Stop.


How can these errors be solved ? Please help in this issue.

Regards,

-- 
Ahmad

RE: error iin x509v3.h compiled with visual studio

[Charles Mills]

What is the code in x509v3.h in the vicinity of lines 180 to 200?

 

My line 192 does not have a ')' in it.

 

Do you get any errors *preceding* the errors in x509v3.h?

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of david preetham
Sent: Tuesday, September 25, 2012 6:02 AM
To: openssl-users@openssl.org
Subject: error iin x509v3.h compiled with visual studio

 

 am trying to build wpa_supplicant which is referencing openssl header file
x509v3.h on Visual studio 2005. while i am building compiler hitting
x509v3.h header file and finding hell lot of errors. Can anybody please help
me. 

1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1
.0\src\tls\x509v3.h(192) : error C2059: syntax error : '('

1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1
.0\src\tls\x509v3.h(200) : error C2059: syntax error : 'type'

1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1
.0\src\tls\x509v3.h(204) : error C2059: syntax error : '}'

1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1
.0\src\tls\x509v3.h(205) : error C2059: syntax error : '}'

1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1
.0\src\tls\x509v3.h(211) : error C2061: syntax error : identifier
'GENERAL_NAME'

1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1
.0\src\tls\x509v3.h(212) : error C2059: syntax error : '}'

1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1
.0\src\tls\x509v3.h(231) : error C2059: syntax error : '('

1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1
.0\src\tls\x509v3.h(232) : error C2059: syntax error : '}'

1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1
.0\src\tls\x509v3.h(249) : error C2061: syntax error : identifier
'DIST_POINT_NAME'

...continues..

 

regards,

David Preetham

Re: error iin x509v3.h compiled with visual studio

[Charles Mills]

I'll send you my exact VS 2010 .h sequence tomorrow.
--
Sent from my mobile phone. Please excuse my brevity.

Charles

Dr. Stephen Henson st...@openssl.org wrote:

On Tue, Sep 25, 2012, david preetham wrote:

 am trying to build wpa_supplicant which is referencing openssl header file
 x509v3.h on Visual studio 2005. while i am building compiler hitting
 x509v3.h header file and finding hell lot of errors. Can anybody please
 help me.

 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1.0\src\tls\x509v3.h(192)
 : error C2059: syntax error : '('

 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1.0\src\tls\x509v3.h(200)
 : error C2059: syntax error : 'type'

 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1.0\src\tls\x509v3.h(204)
 : error C2059: syntax error : '}'

 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1.0\src\tls\x509v3.h(205)
 : error C2059: syntax error : '}'

 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1.0\src\tls\x509v3.h(211)
 : error C2061: syntax error : identifier 'GENERAL_NAME'

 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1.0\src\tls\x509v3.h(212)
 : error C2059: syntax error : '}'

 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1.0\src\tls\x509v3.h(231)
 : error C2059: syntax error : '('

 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1.0\src\tls\x509v3.h(232)
 : error C2059: syntax error : '}'
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_supplicant-1.0\src\tls\x509v3.h(249)
 : error C2061: syntax error : identifier 'DIST_POINT_NAME'
 ...continues..


This is caused by clashes between the OpenSSL and some Windows header files.
There are some #undefs in various OpenSSL header files which should work
around this in crypto/x509.h for example:

#undef X509_NAME
#undef X509_CERT_PAIR
#undef X509_EXTENSIONS

but they may not be being picked up in this case or there may be some new
ones.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
_

OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org

RE: error iin x509v3.h compiled with visual studio

[Charles Mills]

The following compiles without error in MS VS 2010 C++. Yes, I know string
is in there twice: no reason, it just is.

#include targetver.h

// Watch out! winsock2 and friends has to be ahead of most things
#include Ws2tcpip.h
// Ws2tcpip always needs Ws2_32.lib. You can put it here or in the linker
input
#pragma comment (lib, Ws2_32.lib)
#include Mswsock.h

#include stdio.h
#include tchar.h
#include string
#include iostream
#include fstream
#include list
#include process.h/* _beginthread, _endthread */
#include conio.h

#include Windows.h
// #include Shlwapi.h for PathRemoveFileSpec; requires Shlwapi.lib
#include Shlwapi.h
#pragma comment (lib, Shlwapi.lib)

#include string

// SSL
#include openssl\ssl.h
#include openssl\crypto.h
#include openssl\err.h
#include openssl\rand.h
#include openssl\x509v3.h

targetver.h is #include SDKDDKVer.h which is too long to paste here and
hopefully not the active ingredient. Probably VS version dependent anyway.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Tuesday, September 25, 2012 5:23 PM
To: openssl-users@openssl.org
Subject: Re: error iin x509v3.h compiled with visual studio

On Tue, Sep 25, 2012, david preetham wrote:

  am trying to build wpa_supplicant which is referencing openssl header 
 file x509v3.h on Visual studio 2005. while i am building compiler 
 hitting x509v3.h header file and finding hell lot of errors. Can 
 anybody please help me.
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(192)
 : error C2059: syntax error : '('
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(200)
 : error C2059: syntax error : 'type'
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(204)
 : error C2059: syntax error : '}'
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(205)
 : error C2059: syntax error : '}'
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(211)
 : error C2061: syntax error : identifier 'GENERAL_NAME'
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(212)
 : error C2059: syntax error : '}'
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(231)
 : error C2059: syntax error : '('
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(232)
 : error C2059: syntax error : '}'
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(249)
 : error C2061: syntax error : identifier 'DIST_POINT_NAME'
 ...continues..
 

This is caused by clashes between the OpenSSL and some Windows header files.
There are some #undefs in various OpenSSL header files which should work
around this in crypto/x509.h for example:

#undef X509_NAME
#undef X509_CERT_PAIR
#undef X509_EXTENSIONS

but they may not be being picked up in this case or there may be some new
ones.


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: error iin x509v3.h compiled with visual studio

[Charles Mills]

Oh! Also, 

1. whenever I have problems with VS I *always* suspect precompiled header
issues. Try turning off pre-compiled headers, do a Clean, and a Rebuild, and
see if the problems go away.

2. Watch out for Unicode issues. This project is compiled Use multi-byte
character set which is MS-speak for not Unicode.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Charles Mills
Sent: Tuesday, September 25, 2012 9:33 PM
To: openssl-users@openssl.org
Subject: RE: error iin x509v3.h compiled with visual studio

The following compiles without error in MS VS 2010 C++. Yes, I know string
is in there twice: no reason, it just is.

#include targetver.h

// Watch out! winsock2 and friends has to be ahead of most things
#include Ws2tcpip.h
// Ws2tcpip always needs Ws2_32.lib. You can put it here or in the linker
input
#pragma comment (lib, Ws2_32.lib)
#include Mswsock.h

#include stdio.h
#include tchar.h
#include string
#include iostream
#include fstream
#include list
#include process.h/* _beginthread, _endthread */
#include conio.h

#include Windows.h
// #include Shlwapi.h for PathRemoveFileSpec; requires Shlwapi.lib
#include Shlwapi.h
#pragma comment (lib, Shlwapi.lib)

#include string

// SSL
#include openssl\ssl.h
#include openssl\crypto.h
#include openssl\err.h
#include openssl\rand.h
#include openssl\x509v3.h

targetver.h is #include SDKDDKVer.h which is too long to paste here and
hopefully not the active ingredient. Probably VS version dependent anyway.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Tuesday, September 25, 2012 5:23 PM
To: openssl-users@openssl.org
Subject: Re: error iin x509v3.h compiled with visual studio

On Tue, Sep 25, 2012, david preetham wrote:

  am trying to build wpa_supplicant which is referencing openssl header 
 file x509v3.h on Visual studio 2005. while i am building compiler 
 hitting x509v3.h header file and finding hell lot of errors. Can 
 anybody please help me.
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(192)
 : error C2059: syntax error : '('
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(200)
 : error C2059: syntax error : 'type'
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(204)
 : error C2059: syntax error : '}'
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(205)
 : error C2059: syntax error : '}'
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(211)
 : error C2061: syntax error : identifier 'GENERAL_NAME'
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(212)
 : error C2059: syntax error : '}'
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(231)
 : error C2059: syntax error : '('
 
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(232)
 : error C2059: syntax error : '}'
 1D:\Interworking\wpa_supplicant-1.0.tar\wpa_supplicant-1.0\wpa_suppli
 1cant-1.0\src\tls\x509v3.h(249)
 : error C2061: syntax error : identifier 'DIST_POINT_NAME'
 ...continues..
 

This is caused by clashes between the OpenSSL and some Windows header files.
There are some #undefs in various OpenSSL header files which should work
around this in crypto/x509.h for example:

#undef X509_NAME
#undef X509_CERT_PAIR
#undef X509_EXTENSIONS

but they may not be being picked up in this case or there may be some new
ones.


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Digital certificate with more than 1 year validity

[Charles Mills]

Looking at my bat files, yes, I say –days 3650 on an openssl x509 –req

 

Charles

From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of Charles Mills
Sent: Tuesday, September 18, 2012 8:08 PM
To: openssl-users@openssl.org; openssl-users@openssl.org
Subject: Re: Digital certificate with more than 1 year validity

 

I do it all the time. -days 3650 as I recall.
-- 
Sent from my mobile phone. Please excuse my brevity.

Charles 

Wim Lewis w...@omnigroup.com wrote:


On 17 Sep 2012, at 9:13 PM, Santhosh AP wrote:
 Kindly help us to create digital certificate having more than 365 day’s 
 validity. At present we are using OpenSSL 0.9.7a Feb 19 2003 version. Kindly 
 confirm is it possible to cross the certificate validity more than 1 year, if 
 it’s possible how to do it.

I don't think there is anything preventing you from specifying a longer 
validity period, either on the command line to the 'ca' command or in the 
relevant ca section of the config file. (Some documentation says to specify it 
when creating the CSR, but this is wrong: the CSR does not carry that 
information as far as I know. The validity period is chosen by the CA when it 
creates the certificate.)

RE: Memory issues with ssl handshake

[Charles Mills]

Try plugging your code to exit after the first OpenSSL function, then after
the second, and so forth, and see if you can get down to the simplest case.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Thomas
Sent: Monday, September 17, 2012 11:36 AM
To: Michel
Cc: openssl-users@openssl.org
Subject: Re: Memory issues with ssl handshake

Hi again,

I've changed the code to reuse the SSL contexts but in terms of memory
consumption/release it did not change much - if anything at all. By the way,
is there a way to unload a certificate once it has been loaded into a SSL
context via SSL_CTX_use_certificate() ? I didn't find anything in the docs
and simply specifying NULL as cert parameter caused a crash in OpenSSL.

The only places left that cause memory leaks are reported inside OpenSSL as
in

at 0x68EAC8B: malloc (in /usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==27041==by 0x6C472DB: default_malloc_ex (mem.c:79)
==27041==by 0x6C4795F: CRYPTO_malloc (mem.c:306)
==27041==by 0x6C73940: bn_expand_internal (bn_lib.c:336)
==27041==by 0x6C73AE0: bn_expand2 (bn_lib.c:451)
==27041==by 0x6C73BB2: BN_set_bit (bn_lib.c:730)
==27041==by 0x6C7E16E: BN_MONT_CTX_set (bn_mont.c:514)
==27041==by 0x6C7E402: BN_MONT_CTX_set_locked (bn_mont.c:552)
==27041==by 0x6C95B56: RSA_eay_mod_exp (rsa_eay.c:782)
==27041==by 0x6C96422: RSA_eay_private_decrypt (rsa_eay.c:565)
==27041==by 0x6C97EDF: RSA_private_decrypt (rsa_lib.c:303)
==27041==by 0x6942918: ssl3_get_client_key_exchange (s3_srvr.c:2038)
==27041==by 0x6946693: ssl3_accept (s3_srvr.c:529)
==27041==by 0x69513CA: ssl3_read_bytes (s3_pkt.c:941)
==27041==by 0x694C688: ssl3_read_internal (s3_lib.c:3274)
==27041==by 0x69642E8: SSL_read (ssl_lib.c:954)

Sometimes these are flagged still reachable and sometimes indirectly
lost, usually both types are reported as I get a large amount of these
traces. One thing I noticed is that all goes well if I cause the code to run
sequentially (e.g. cause requests to come one ater another). Yet it starts
eating up memory like crazy if I cause several (HTTPS) requests to come at
once.

I'm at a loss here. Valgrind insists the leaks happen in OpenSSL code. 
I'll be happy to supply more information if anyone has an idea of how to
approach this.

Regards,
  Thomas

On 09/13/2012 12:30 PM, Michel wrote:
 Hi again Thomas,

 Do you really need to free your context each time you free your TLS 
 session ?
 I believe it is not needed and at least not usual.
 If you need several *DIFFERENT* contexts, implying different TLS 
 configurations/setup, wich, I think, is not so common, you can keep 
 them 'alive' during all your app 'run', even in multi-threaded 
 programs.
 It would allow you to access some activity informations like the ones 
 documented in :
 http://www.openssl.org/docs/ssl/SSL_CTX_sess_number.html

 Hope this helps,
 Regards

 Le 13/09/2012 10:39, Thomas a écrit :
 Hi Michel,

 Thanks for trying to help, I really appreciate it :-)

 Does your app setup and free a context each time a client is 
 connecting ?

 The context is created only when a client requests a HTTPS connection 
 and is destroyed together with the SSL session once the connection 
 goes down. It is rather related to connections then to clients since 
 one client can open several connections but I think you implied one 
 connection per client and then the answer is 'yes'.

 I will try freeing the session before the context and come back with 
 the results.

 Regards,
  Thomas


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Digital certificate with more than 1 year validity

[Charles Mills]

I do it all the time. -days 3650 as I recall.
--
Sent from my mobile phone. Please excuse my brevity.

Charles

Wim Lewis w...@omnigroup.com wrote:


On 17 Sep 2012, at 9:13 PM, Santhosh AP wrote:
 Kindly help us to create digital certificate having more than 365 day’s 
 validity. At present we are using OpenSSL 0.9.7a Feb 19 2003 version. Kindly 
 confirm is it possible to cross the certificate validity more than 1 year, if 
 it’s possible how to do it.

I don't think there is anything preventing you from specifying a longer 
validity period, either on the command line to the 'ca' command or in the 
relevant ca section of the config file. (Some documentation says to specify it 
when creating the CSR, but this is wrong: the CSR does not carry that 
information as far as I know. The validity period is chosen by the CA when it 
creates the certificate.)

This is more of a openssl-users question than a openssl-dev question, so I've 
cc:'d that list; it's probably best if replies go there.


_

OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org

RE: openssl on a home LAN

[Charles Mills]

It's true.

 

I think you are a Web developer and need to generate certificates for your
Web site was mentioned.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Gayathri Sundar
Sent: Thursday, September 13, 2012 6:01 AM
To: openssl-users@openssl.org
Subject: Re: openssl on a home LAN

 

Charles,

 

I think he wanted to use SSL for data transfer between 2 computers. What you
have used is the PKI infrastructure.

Infact even for SSL there are sample client and server codes in the examples
folder, but that does not hook into your application.

 

Thanks

--Gayathri

On Wed, Sep 12, 2012 at 1:29 PM, Steven Madwin smad...@adobe.com wrote:

Hi John,

 

As an aside to what Gayathri said, I'm not a developer, but I have used
OpenSSL to create a complete PKI universe for testing. Using the
pre-compiled, downloadable installer I've been able to create Root
certificates, Intermediate CA certificates, and end-entity certificates of
all shapes and sizes (e.g. DSA, RSA, EC with varying key sizes). I've also
used it to manage revocation checking by creating CRLs and running it as an
(admittedly, a very light weight) OCSP server. I even used it once to create
an SSL certificate for an internal server :)

 

My point is, although the primary use seems to be incorporating the OpenSSL
libraries into your compiled code so you can take advantage of its
cryptographic capabilities, even someone who is not a computer scientist can
use OpenSSL from the command line to do a lot of work. What it really boils
down to is what is it that you are looking to do?

 

Steve

 

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of John A. Wallace
Sent: Wednesday, September 12, 2012 9:58 AM
To: openssl-users@openssl.org
Subject: RE: openssl on a home LAN

 

Hi, Gayathri,

 

I appreciate the clarification. It was helpful, yes. I think my confusion
stemmed from the fact that in the past while installing one or another
program, I found it to say that OpenSSL must be installed on your system
for this program to work properly. Okay, I think I got it now, the light
has made it into my obstinate, thick skull.  Clarity is a beautiful thing,
thank you.

 

John

 

 

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Gayathri Sundar
Sent: Wednesday, September 12, 2012 10:07 AM
To: openssl-users@openssl.org
Subject: Re: openssl on a home LAN

 

Hi John,

 

I definitely do not agree with charles's email, but what I think he meant
is, you need to write programs to use OpenSSL. Its an installable library,
which you need to invoke from your application using its exposed APIs and
recompile your code, link OpenSSL library and execute for it to work. Its
not a SSL solution if that is what your looking for.

 

Just installing OpenSSL is not going to give u SSL.

 

Thanks

--Gayathri

On Tue, Sep 11, 2012 at 8:36 PM, John A. Wallace jw72...@verizon.net
wrote:

Charlie, 

 

Frankly, you condescending manner is starting to annoy me, considerably.
Furthermore, your name is not on this page as one of the moderators of this
group:   http://www.openssl.org/about/.  

 

Moreover, I don't believe I need your permission to hang out here.  You
need to read the link I provided you all the way to the end, it says that
this group is for 

 

1.   Developers

2.   OpenSSL usage

3.   Installation problems

 

Now inasmuch as my question pertained to OpenSSL Usage, i.e., number 2
above, well I think that makes my asking it a legitimate question for this
group. If you don't like it, you can just learn to use your reading program
and ignore me. Thank you very much.   J

 

John

 

 

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Charles Mills
Sent: Tuesday, September 11, 2012 3:22 PM


To: openssl-users@openssl.org
Subject: RE: openssl on a home LAN

 

Right. Are you an application developer? In other words, do you write
computer programs? Does the following mean anything to you?

 

int main(int argc, char *argv[])

{

printf(hello world\n);

return 0;

}

 

Or alternatively, are you a Web site operator? Do you host a Web site that
others access?

 

If the answer to both of these questions is No, then you are welcome to hang
out here but the answer to your original question, whether there is any
point in using openssl is No.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of John A. Wallace
Sent: Tuesday, September 11, 2012 12:07 PM
To: openssl-users@openssl.org
Subject: RE: openssl on a home LAN

 

Hi.  I am not trying to be mean or something, but you may want to take a
look at this page:

 

http://www.openssl.org/support/community.html

 

Focusing on the part that describes this list, one can read this about its
purpose:

 

Application Development, OpenSSL Usage, Installation Problems, etc.

 

That looks

RE: certificate validation issues with openssl 1.0.0 and expired certificates in cafile

[Charles Mills]

Would it make sense to delete the expired certificate from the Windows
store? Duplicate expired/non expired CA certificates sounds to me like a
problem waiting to happen.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Ashok C
Sent: Thursday, September 13, 2012 12:49 AM
To: openssl-users@openssl.org
Subject: Re: certificate validation issues with openssl 1.0.0 and expired
certificates in cafile

 

Sending again as the previous email did not appear in list.
Is there some problem with the mailing list?

--
Ashok

On Wed, Sep 12, 2012 at 2:59 PM, Ashok C ash@gmail.com wrote:

Hi,

I don't think this question was answered. Could you please reply?

--
Ashok

 

On Tue, Jul 31, 2012 at 11:13 PM, Klaus Darilion
klaus.mailingli...@pernau.at wrote:

Hi!

I wrote a small program which dumps all root certificates from Windows
certificate store into a file. Then I use openssl to connect to Google and
validate its certificate:

openssl s_client -connect www.google.com:443 -CAfile dump.crt

When using openssl0.9.8k or openssl0.9.8x everything works as expected.

When using openssl1.0.0g or openssl 1.0.1c the certificate validation fails
with:
  Verify return code: 10 (certificate has expired)

CONNECTED(016C)
depth=2 C = US, O = VeriSign, Inc., OU = Class 3 Public Primary
Certification Authority
verify error:num=10:certificate has expired
notAfter=Jan  7 23:59:59 2004 GMT
verify return:0
---
Certificate chain
 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=www.google.com
   i:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
 1 s:/C=ZA/O=Thawte Consulting (Pty) Ltd./CN=Thawte SGC CA
   i:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification
Authority

When analyzing the cafile with the dumped certificates from Windows
certificate store, I found out that there are two certificates for Verisign
with identical subject, whereas one is expired, the other not.

X.509 Certificate Information:
Version: 1
Serial Number (hex): 00e49efdf33ae80ecfa5113e19a4240232
Issuer: C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary
Certification Authority
Validity:
Not Before: Mon Jan 29 00:00:00 UTC 1996
Not After: Wed Jan 07 23:59:59 UTC 2004
Subject: C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary
Certification Authority
Subject Public Key Algorithm: RSA

X.509 Certificate Information:
Version: 1
Serial Number (hex): 70bae41d10d92934b638ca7b03ccbabf
Issuer: C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary
Certification Authority
Validity:
Not Before: Mon Jan 29 00:00:00 UTC 1996
Not After: Tue Aug 01 23:59:59 UTC 2028
Subject: C=US,O=VeriSign\, Inc.,OU=Class 3 Public Primary
Certification Authority
Subject Public Key Algorithm: RSA


Thus, it seems that openssl 0.9.8 just ignores the expired certificate and
searches if there is another valid one whereas openssl 1.0.0 stop with the
first expired certificate.

Is the new behavior the intended behavior? Is it possible to have the old
behavior also in new openssl versions?

Thanks
Klaus

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

 

 

RE: openssl on a home LAN

[Charles Mills]

A thousand pardons. You totally misapprehend my intent. I guess that's a
classic hazard of e-mail, isn't it?

 

You're right, I make no pretense of being a moderator. It's a forum, and I'm
just a citizen trying to help you out by answering the question you asked in
the forum.

 

I won't bother you again.

 

P.S. The name is Charles.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of John A. Wallace
Sent: Tuesday, September 11, 2012 6:37 PM
To: openssl-users@openssl.org
Subject: RE: openssl on a home LAN

 

Charlie, 

 

Frankly, you condescending manner is starting to annoy me, considerably.
Furthermore, your name is not on this page as one of the moderators of this
group:   http://www.openssl.org/about/.  

 

Moreover, I don't believe I need your permission to hang out here.  You
need to read the link I provided you all the way to the end, it says that
this group is for 

 

1.   Developers

2.   OpenSSL usage

3.   Installation problems

 

Now inasmuch as my question pertained to OpenSSL Usage, i.e., number 2
above, well I think that makes my asking it a legitimate question for this
group. If you don't like it, you can just learn to use your reading program
and ignore me. Thank you very much.   J

RE: Memory issues with ssl handshake

[Charles Mills]

Not sure if it help at all but FWIW I am using Windows pre-built OpenSSL
dll's with server  client certificates, CAs, DH keys, and a CRL, and I am
seeing no memory leaks whatsoever in Visual Studio 2010.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Thomas Eckert
Sent: Wednesday, September 12, 2012 7:59 AM
To: openssl-users@openssl.org
Subject: Memory issues with ssl handshake

Hi,

Valgrind gives me a *lot* of messages like this

==19021== 2,056 bytes in 2 blocks are indirectly lost in loss record 186 of
190
==19021==at 0x68EAC8B: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==19021==by 0x6C472DB: default_malloc_ex (mem.c:79)
==19021==by 0x6C4795F: CRYPTO_malloc (mem.c:306)
==19021==by 0x6C73940: bn_expand_internal (bn_lib.c:336)
==19021==by 0x6C73AE0: bn_expand2 (bn_lib.c:451)
==19021==by 0x6C73BB2: BN_set_bit (bn_lib.c:730)
==19021==by 0x6C7E16E: BN_MONT_CTX_set (bn_mont.c:514)
==19021==by 0x6C7E402: BN_MONT_CTX_set_locked (bn_mont.c:552)
==19021==by 0x6C97053: RSA_eay_public_decrypt (rsa_eay.c:693)
==19021==by 0x6C97F1F: RSA_public_decrypt (rsa_lib.c:309)
==19021==by 0x6C98BEB: int_rsa_verify (rsa_sign.c:182)
==19021==by 0x6C98F57: RSA_verify (rsa_sign.c:284)
==19021==by 0x6949E16: ssl3_get_key_exchange (s3_clnt.c:1562)
==19021==by 0x694BF5F: ssl3_connect (s3_clnt.c:335)
==19021==by 0x6964AB9: SSL_connect (ssl_lib.c:933)
==19021==by 0x6953FDD: ssl23_connect (s23_clnt.c:693)
==19021==by 0x6963FBC: SSL_do_handshake (ssl_lib.c:2368)
==19021==by 0x8060D14: ssl_connect (ssl.c:1078)

Compared to the above they vary only in one line, e.g.

==19021== 1,024 bytes in 2 blocks are indirectly lost in loss record 181 of
190
==19021==at 0x68EAC8B: malloc (in 
/usr/lib/valgrind/vgpreload_memcheck-x86-linux.so)
==19021==by 0x6C472DB: default_malloc_ex (mem.c:79)
==19021==by 0x6C4795F: CRYPTO_malloc (mem.c:306)
==19021==by 0x6C73940: bn_expand_internal (bn_lib.c:336)
==19021==by 0x6C73AE0: bn_expand2 (bn_lib.c:451)
==19021==by 0x6C73D53: BN_copy (bn_lib.c:506)
==19021==by 0x6C7DFCA: BN_MONT_CTX_set (bn_mont.c:421)
==19021==by 0x6C7E402: BN_MONT_CTX_set_locked (bn_mont.c:552)
==19021==by 0x6C97053: RSA_eay_public_decrypt (rsa_eay.c:693)
==19021==by 0x6C97F1F: RSA_public_decrypt (rsa_lib.c:309)
==19021==by 0x6C98BEB: int_rsa_verify (rsa_sign.c:182)
==19021==by 0x6C98F57: RSA_verify (rsa_sign.c:284)
==19021==by 0x6949E16: ssl3_get_key_exchange (s3_clnt.c:1562)
==19021==by 0x694BF5F: ssl3_connect (s3_clnt.c:335)
==19021==by 0x6964AB9: SSL_connect (ssl_lib.c:933)
==19021==by 0x6953FDD: ssl23_connect (s23_clnt.c:693)
==19021==by 0x6963FBC: SSL_do_handshake (ssl_lib.c:2368)
==19021==by 0x8060D14: ssl_connect (ssl.c:1078)

The application in question is a http proxy and is leaking memory heavily.
Actually, Valgrind also reports many entries as still reachable instead of
indirectly lost but even those regions are mentioned by Valgrind like the
above two blocks.

I doubt OpenSSL has such blatant memory leaks but I have been searching for
the leaks for some time now and just cannot find anything - also due to the
fact that Valgrind reports all the leaks like above, which is not really
helpful. I do realize that for detailed help I would need to give some code
on how the connections are set up but that code is pretty large. So best
would be some hint as to where to look for or what regions of code to
supply.

Looking for hints as to what is going wrong I went through some of the
OpenSSL functions mentioned above and after leaving my code and entering
OpenSSL code the only thing being passed around the functions is the actual
SSL object - and no buffers of any kind. So I suppose the source of the
problem lies in setting up the object, it's context or what ever is stuck to
it.

The first thing I checked on was how the SSL connections are torn down in my
application:
ERR_remove_state(0);
SSL_CTX_free(ssl-ctx);
SSL_free(ssl);
The first line was added only after starting the search for the leaks and
I'm still not sure if that line doesn't break anything.

I did find some minor leaks in my code along the way (e.g. a forgotten
ASN1_INTEGER_free()) but they were neither easy to find - because Valgrind
also reported them like the above two blocks, meaning in the wrong place! -
nor did they change much.

Does anyone have some tips for me ?

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: openssl on a home LAN

[Charles Mills]

Thanks. Take care. Good luck with your home LAN.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of John A. Wallace
Sent: Wednesday, September 12, 2012 9:51 AM
To: openssl-users@openssl.org
Subject: RE: openssl on a home LAN

 

No problem and no hard feelings. Take care and have a good day. Thanks.

 

 

John

 

 

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Charles Mills
Sent: Wednesday, September 12, 2012 11:14 AM
To: openssl-users@openssl.org
Subject: RE: openssl on a home LAN

 

A thousand pardons. You totally misapprehend my intent. I guess that's a
classic hazard of e-mail, isn't it?

 

You're right, I make no pretense of being a moderator. It's a forum, and I'm
just a citizen trying to help you out by answering the question you asked in
the forum.

 

I won't bother you again.

 

P.S. The name is Charles.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of John A. Wallace
Sent: Tuesday, September 11, 2012 6:37 PM
To: openssl-users@openssl.org
Subject: RE: openssl on a home LAN

 

Charlie, 

 

Frankly, you condescending manner is starting to annoy me, considerably.
Furthermore, your name is not on this page as one of the moderators of this
group:   http://www.openssl.org/about/.  

 

Moreover, I don't believe I need your permission to hang out here.  You
need to read the link I provided you all the way to the end, it says that
this group is for 

 

1.   Developers

2.   OpenSSL usage

3.   Installation problems

 

Now inasmuch as my question pertained to OpenSSL Usage, i.e., number 2
above, well I think that makes my asking it a legitimate question for this
group. If you don't like it, you can just learn to use your reading program
and ignore me. Thank you very much.   J

RE: openssl on a home LAN

[Charles Mills]

Do you write computer programs, or are you a home user of personal
computers?

 

If you don't write computer programs, then using OpenSSL at the level
addressed by this mailing list is not what you are looking for.

 

Some of the products you might buy might use OpenSSL under the covers, but
you would get support generally directly from the companies that produce
those products, not this mailing list.

 

Not trying to be mean or off-putting. If I have missed the mark please let
me know.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of John A. Wallace
Sent: Tuesday, September 11, 2012 9:36 AM
To: openssl-users@openssl.org
Subject: openssl on a home LAN

 

I am trying to figure out whether there is any point in using openssl on a
home LAN between two computers. Would that improve on security in any way?
Would I be limited in the types of OS connections? I mean, could I connect
Windows with Linux? Also, if I want to make such a connection between two OS
running in virtual machines, could that be done too? Thanks.

RE: openssl on a home LAN

[Charles Mills]

Right. Are you an application developer? In other words, do you write
computer programs? Does the following mean anything to you?

 

int main(int argc, char *argv[])

{

printf(hello world\n);

return 0;

}

 

Or alternatively, are you a Web site operator? Do you host a Web site that
others access?

 

If the answer to both of these questions is No, then you are welcome to hang
out here but the answer to your original question, whether there is any
point in using openssl is No.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of John A. Wallace
Sent: Tuesday, September 11, 2012 12:07 PM
To: openssl-users@openssl.org
Subject: RE: openssl on a home LAN

 

Hi.  I am not trying to be mean or something, but you may want to take a
look at this page:

 

http://www.openssl.org/support/community.html

 

Focusing on the part that describes this list, one can read this about its
purpose:

 

Application Development, OpenSSL Usage, Installation Problems, etc.

 

That looks clear to me in that this list would provide support for the type
of question I just asked, or did I misunderstand you? J

 

Thanks.

 

 

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Charles Mills
Sent: Tuesday, September 11, 2012 12:52 PM
To: openssl-users@openssl.org
Subject: RE: openssl on a home LAN

 

Do you write computer programs, or are you a home user of personal
computers?

 

If you don't write computer programs, then using OpenSSL at the level
addressed by this mailing list is not what you are looking for.

 

Some of the products you might buy might use OpenSSL under the covers, but
you would get support generally directly from the companies that produce
those products, not this mailing list.

 

Not trying to be mean or off-putting. If I have missed the mark please let
me know.

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of John A. Wallace
Sent: Tuesday, September 11, 2012 9:36 AM
To: openssl-users@openssl.org
Subject: openssl on a home LAN

 

I am trying to figure out whether there is any point in using openssl on a
home LAN between two computers. Would that improve on security in any way?
Would I be limited in the types of OS connections? I mean, could I connect
Windows with Linux? Also, if I want to make such a connection between two OS
running in virtual machines, could that be done too? Thanks.

RE: Parsing X509 certificate subjectAltName

[Charles Mills]

bool Comm::isAltNameMatch(X509 *certificate, const char *nodeName)

{

// there is alternative code on page 136 of O'Reilly OpenSSL

 

unsigned char *pBuffer = NULL;

int length = 0;

GENERAL_NAMES *subjectAltNames;

bool b;

subjectAltNames = (GENERAL_NAMES*)
X509_get_ext_d2i(certificate, NID_subject_alt_name, NULL, NULL);

 

if ( subjectAltNames )

{

int numberOfAlts;

int i;

// get number of names. Supposed to be at
least one, but don't count on it

 

numberOfAlts = sk_GENERAL_NAME_num
(subjectAltNames);

// loop through all of the alternate names

for ( i = 0; i  numberOfAlts; i++)

{

// get a handle to
alternative name  i 

const GENERAL_NAME *pName =
sk_GENERAL_NAME_value (subjectAltNames, i);

// what did we get?

switch (pName-type)

{

case GEN_DNS:

case GEN_URI:

case GEN_IPADD:

 
ASN1_STRING_to_UTF8(pBuffer, pName-d.ia5);

b =
isWildcardedCNcompare(reinterpret_castchar *(pBuffer), nodeName);

 
OPENSSL_free(pBuffer);

if ( b )
return true;

break;

case GEN_OTHERNAME:

case GEN_EMAIL:

case GEN_X400:

case GEN_DIRNAME:

case GEN_EDIPARTY:

case GEN_RID:

default:

break;

}

   }

}

 

// fall through or no alt names

return false;

}

 

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Kenneth Goldman
Sent: Tuesday, September 11, 2012 2:14 PM
To: openssl-users@openssl.org
Subject: Parsing X509 certificate subjectAltName

 

I'm 90% deep into parsing an X509 certificate, but I can't find sample code
for the last piece. 

I found the extension, and located the ASN1_OBJECT with nid 85, OID
2.5.29.17, the subjectAltName.  From the dumpasn output, I see that this is
an octet string of a sequence, etc. 

I have to pull out the three OIDs   '2.23.133.2. [1, 2, and 3]' which are
presumably in the ASN1_OBJECT.   

Can anyone point me to sample code or a hint? 

~~ 

515   3: . . . . . OBJECT IDENTIFIER subjectAltName (2 5 29 17) 
   : . . . . . . (X.509 extension) 
01 01 FF 
520   1: . . . . . BOOLEAN TRUE 
04 4A 30 48 A4 46 30 44 31 42 30 14 06 05 67 81 05 02 01 13 0B 69 64
3A 
523  74: . . . . . OCTET STRING, encapsulates { 
30 48 A4 46 30 44 31 42 30 14 06 05 67 81 05 02 01 13 0B 69 64 3A 35
37 
525  72: . . . . . . SEQUENCE { 
A4 46 30 44 31 42 30 14 06 05 67 81 05 02 01 13 0B 69 64 3A 35 37 34
35 
527  70: . . . . . . . [4] { 
30 44 31 42 30 14 06 05 67 81 05 02 01 13 0B 69 64 3A 35 37 34 35 34
33 
529  68: . . . . . . . . SEQUENCE { 
31 42 30 14 06 05 67 81 05 02 01 13 0B 69 64 3A 35 37 34 35 34 33 30
30 
531  66: . . . . . . . . . SET { 
30 14 06 05 67 81 05 02 01 13 0B 69 64 3A 35 37 34 35 34 33 30 30 
533  20: . . . . . . . . . . SEQUENCE { 
06 05 67 81 05 02 01 
535   5: . . . . . . . . . . . OBJECT IDENTIFIER '2 23 133 2 1' 
13 0B 69 64 3A 35 37 34 35 34 33 30 30 
542  11: . . . . . . . . . . . PrintableString 'id:57454300' 
   : . . . . . . . . . . . } 
30 18 06 05 67 81 05 02 02 13 0F 4E 50 43 54 34 32 78 2F 4E 50 43 54
35 
555  24: . . . . . . . . . . SEQUENCE { 
06 05 67 81 05 02 02 
557   5: . . . . . . . . . . . OBJECT IDENTIFIER '2 23 133 2 2' 
13 0F 4E 50 43 54 34 32 78 2F 4E 50 43 54 35 30 78 
564  15: . . . . . . . . . . . PrintableString 'NPCT42x/NPCT50x' 
   : . . . . . . . . . . . } 
30 10 06 05 67 81 05 02 03 13 07 69 64 3A 30 33 39 31 
581  16: . . . . . . . . . . SEQUENCE { 
06 05 67 81 05 02 03 
583   5: . . . . . . . . . . . OBJECT IDENTIFIER '2 23 133 2 3' 
13 07 69 64 3A 30 33 39 31 
590   7: . . . . . . . . . . . 

RE: Parsing X509 certificate subjectAltName

[Charles Mills]

Thanks!

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dr. Stephen Henson
Sent: Tuesday, September 11, 2012 3:46 PM
To: openssl-users@openssl.org
Subject: Re: Parsing X509 certificate subjectAltName

On Tue, Sep 11, 2012, Charles Mills wrote:

 
 {
 
 case GEN_DNS:
 
 case GEN_URI:
 
 case GEN_IPADD:
 
  
 ASN1_STRING_to_UTF8(pBuffer, pName-d.ia5);
 
 b = 
 isWildcardedCNcompare(reinterpret_castchar *(pBuffer), nodeName);
 
  

Don't do that with the GEN_IPADD: it isn't an IA5String it is an OCTETSTRING
representing the IP address in a format described by RFC3280 et al.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Does this mailinglist work?

[Charles Mills]

Yes, it works. It may be moderated. Please be patient.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Carlo Wood
Sent: Monday, September 10, 2012 10:34 AM
To: openssl-users@openssl.org
Subject: Does this mailinglist work?

I just sent a long mail... but it doesn't seem to appear on the list :/

-- 
Carlo Wood ca...@alinoe.com
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: crash when calling ERR_print_errors_fp()

[Charles Mills]

Try ERR_print_errors_fp(stderr) -- eliminates issues with your file. If that
works, then it's your file pointer.

Note Dave's point about flushing the file.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Thursday, September 06, 2012 4:46 PM
To: openssl-users@openssl.org
Subject: RE: crash when calling ERR_print_errors_fp()

From: owner-openssl-us...@openssl.org On Behalf Of Mithun Kumar
Sent: Thursday, 06 September, 2012 16:29

When i give file pointer as input to API(ERR_print_errors_fp()) nothing 
is getting written to the FILE during a SSL handshake failure. Any 
inputs why things are failing.

If you are on Windows and app doesn't have OpenSSL_applink, OpenSSL won't
(can't) write to the file, but it should give a message on stderr and should
not crash.

http://www.openssl.org/support/faq.html#PROG2 at the end.

On all systems make sure the fp is open (for write) before, and is flushed
or closed after.


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: PEM_read_bio_RSA_PUBKEY

[Charles Mills]

 Is it possible that PEM_read_bio_RSA_PUBKEY uses BIO_gets internally

Sometimes the best answer to that sort of question -- sadly, perhaps, but
true nonetheless -- is to look at the source code. Not so hard to read as I
had at first supposed.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Carolin Latze
Sent: Tuesday, September 04, 2012 5:03 AM
To: openssl-users@openssl.org
Subject: RE: PEM_read_bio_RSA_PUBKEY

Hi,

I went on reading about this error and figured out that the socket bio
does not support the BIO_gets method. Is it possible that
PEM_read_bio_RSA_PUBKEY uses BIO_gets internally and is therefore not
really compatible with a socket bio?

In order to verify that I created a buffer BIO (BIO_f_buffer()) on top of
the socket bio for the read function. And this just works. Is this the
desired way to do this? I can live with it, but since it was not
documented (or maybe I just missed it), I did not expect it.

best regards and thanks a lot again for the help
Carolin

 Hi Dave

 thanks a lot for the explanation. That makes a lot clearer to me. I
added
 some code to read out possible errors and there is none on the write
method. However there is a strange one on read:

 error code pubkey: 537297017 in bio_lib.c line 297.
 error data:
 error string: error:20068079:BIO routines:BIO_gets:unsupported method
error code pubkey: 151441516 in pem_lib.c line 696.
 error data:
 error string: error:0906D06C:PEM routines:PEM_read_bio:no start line

 For me that sounds as if it does not fine the - BEGIN PUBKEY 
line. So I checked with wireshark and it is there. The PEM string is
distributed over 3 packets but it is continuous data (there is no other
data in those packets). So where does this error come from? Any ideas? I
cannot do anything about the method here, right?

 BTW I checked that this error is really triggered by the read function
and
 not by any BIO function before that function.

 best regards
 Carolin

 From: owner-openssl-us...@openssl.org On Behalf Of Carolin Latze Sent:
 Monday, 03 September, 2012 13:39
 I try to send an RSA public from one entity to another using socket
 BIOs. I use PEM_write_bio_RSA_PUBKEY and PEM_read_bio_RSA_PUBKEY to do
that. I also tried with PEM_{write|read}_bio_RSAPublicKey. Both have the
 same behaviour in my case. The write function seems to work just fine.
 I
 am able to see the public key on the wire (using wireshark). However,
 the read function just crashes. It looks as if it reads an endless
amount of data and I have no idea why. Are those function
 actually meant
 to send data over a socket bio?
 The PEM routines are meant to send or store over practically any
 channel. The DER routines are meant to send/store over any 8-bit clean
channel, which many socket protocols also do. (TCP/IP itself and a plain
socket does, but some protocols built on top of TCP/IP like SMTP and
HTTP don't, while some like FTP do.)
 Either pair should work, but mixing them should not. The RSAPublicKey
 routines use the raw PKCS#1 format, and the RSA_PUBKEY routines use
the generic X.509 PublicKeyInfo format which *contains* the PKCS#1.
Although semantically equivalent, these are not the same thing.
 But if you get this (or pretty much anything else) wrong, the read
 routine shouldn't crash. It should return null with error information
stored in the error queue; this is not the same as either crashing or
reading endlessly. In fact reading endlessly wouldn't crash either by my
definition so I can't guess what you mean actually happens.
 This is how I call them:
 on party A:
 RSA rsa;
 init rsa, generate keys
 PEM_write_bio_RSA_PUBKEY(sockbio,rsa);
 on party B:
 rsa = RSA_new();
 PEM_read_bio_RSAPublicKey(sockbio,rsa,0,0);
 Something wrong with the way I call the functions?
 If you are mismatching RSA_PUBKEY to RSAPublicKey see above.
 Even if not, you definitely should check for error on the read
 routine and at least display something. The write routine is
 much less likely to fail, but even so as general good practice
 you should check it too.
 Nit: personally in C I would write NULL rather than 0
 for a null pointer -- just so it's visible to humans,
 although it makes no difference to the compiler.
 Unfortunately C++ doesn't support this until recently.
 __
 OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org




 __
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org





__
OpenSSL 

C API to determine OpenSSL version?

[Charles Mills]

Is there a C-callable function that an application may call to determine the
version of the OpenSSL library with which it is linked?

Thanks,

Charles 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: C API to determine OpenSSL version?

[Charles Mills]

Never mind. Found it:

http://www.openssl.org/docs/crypto/SSLeay_version.html

Hard to search for. Google SSL version and you get a lot of irrelevant
hits.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Charles Mills
Sent: Tuesday, September 04, 2012 2:23 PM
To: openssl-users@openssl.org
Subject: C API to determine OpenSSL version?

Is there a C-callable function that an application may call to determine the
version of the OpenSSL library with which it is linked?

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Verify depth / get chain length

[Charles Mills]

When I come through my verify_callback routine, I get called successively with 
descending certificate depths: the first time through 
X509_STORE_CTX_get_error_depth() is 1 and the second time it is 0. So it would 
seem to me that the depth/length of the whole chain is available as the value 
of X509_STORE_CTX_get_error_depth() on the first pass through the 
verify_callback.

Or perhaps I have misunderstood the question.

Charles
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] 
On Behalf Of Sven Anders
Sent: Monday, September 03, 2012 12:57 AM
To: openssl-users@openssl.org
Subject: Verify depth / get chain length

Hello,

I'm using the OpenSSL library for a HTTP proxy. I want to verify the server's 
certificates and I use the verify-callback for this.
This works without problems.

My question is:

Is it possible to get the depth of the whole certificates chain in the verify 
function? I know, that I can get the current depth of the certificate that is 
currently checked, but can I get the depth/length of the whole chain?

If this is not possible, is it possible to call a callback before the 
verify-callback to get the depth?

Regards
 Sven Anders

-- 
 Sven Anders and...@anduras.de () UTF-8 Ribbon Campaign
 /\ Support plain text e-mail  
ANDURAS intranet security AG  Messestrasse 3 - 94036 Passau - Germany
 Web: www.anduras.de - Tel: +49 (0)851-4 90 50-0 - Fax: +49 (0)851-4 90 50-55

Those who would give up essential Liberty, to purchase a little temporary 
Safety, deserve neither Liberty nor Safety.
  - Benjamin Franklin

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

SSL_CTX_set_default_verify_paths and Windows?

[Charles Mills]

Is there documentation for SSL_CTX_set_default_verify_paths()? It's declared
here http://www.openssl.org/docs/ssl/ssl.html but there's no description and
no link that I see.

I have an application working on Windows using explicit PEM certificate
files: SSL_CTX_load_verify_locations(SslCtx, myCert.pem, NULL);

My interest is in the possibility of using the built-in certificate store
in Windows. Is that possible with OpenSSL? Is
SSL_CTX_set_default_verify_paths() relevant? Is there an overview document
somewhere?

Thanks much,
Charles 


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Creating a SSH Key pair - public and private for my Windows 2008 server app so it can communicate with a partner sftp site

[Charles Mills]

You can do this with the openssl.exe utility.

I am less than an expert but the doc is here:
http://www.openssl.org/docs/apps/openssl.html  

Take a look at openssl.exe req -newkey

Charles
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of ML Harmon
Sent: Friday, August 31, 2012 1:26 AM
To: openssl-users@openssl.org
Subject: Creating a SSH Key pair - public and private for my Windows 2008
server app so it can communicate with a partner sftp site

I have a Windows 2008 server that runs an application I use to transfer
files to my business partner's site via sftp.
I need to generate a SSH key pair with openssl and then send my partner the
public key while I keep the private key.
I don't know how to do this with openssl, can someone help me?
 

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Creating a SSH Key pair - public and private for my Windows 2008 server app so it can communicate with a partner sftp site

[Charles Mills]

Hmm. That does seem odd.

Use openssl genrsa to generate the private key.
Use openssl rsa -pubout to generate the public key from the private key.

Charles

From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of ML Harmon
Sent: Friday, August 31, 2012 12:10 PM
To: openssl-users@openssl.org
Subject: Re: Creating a SSH Key pair - public and private for my Windows
2008 server app so it can communicate with a partner sftp site

I was good with openssl until this link.
 
http://www.openssl.org/docs/HOWTO/keys.txt
 
It says openssl creates one file for both the public and private keys. That
doesn't make sense to me.
See my above link.
With OpenSSL, the private key contains the
public key information as well, so a public key doesn't need to be
generated separately.
 
So how to I send my business partner the public key and I keep the private
key if they are both in one file?
So I am missing something here, I expected 2 files for my key a public and
private.
 



 
On Fri, Aug 31, 2012 at 11:39 AM, Charles Mills charl...@mcn.org wrote:
You can do this with the openssl.exe utility.

I am less than an expert but the doc is here:
http://www.openssl.org/docs/apps/openssl.html

Take a look at openssl.exe req -newkey

Charles
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of ML Harmon
Sent: Friday, August 31, 2012 1:26 AM
To: openssl-users@openssl.org
Subject: Creating a SSH Key pair - public and private for my Windows 2008
server app so it can communicate with a partner sftp site

I have a Windows 2008 server that runs an application I use to transfer
files to my business partner's site via sftp.
I need to generate a SSH key pair with openssl and then send my partner the
public key while I keep the private key.
I don't know how to do this with openssl, can someone help me?
 
__
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Creating a SSH Key pair - public and private for my Windows 2008 server app so it can communicate with a partner sftp site

[Charles Mills]

Ah well. I tried to help.

 which is .exe only on Windows

The OP said he was on Win 2K8.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Friday, August 31, 2012 3:58 PM
To: openssl-users@openssl.org
Subject: RE: Creating a SSH Key pair - public and private for my Windows
2008 server app so it can communicate with a partner sftp site

 From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
 Sent: Friday, 31 August, 2012 12:39
 To: openssl-users@openssl.org
 Subject: RE: Creating a SSH Key pair - public and private for my 
 Windows 2008 server app so it can communicate with a partner sftp site
 
 You can do this with the openssl.exe utility.
 
 I am less than an expert but the doc is here:
 http://www.openssl.org/docs/apps/openssl.html
 
 Take a look at openssl.exe req -newkey
 
Not really. req -newkey creates a keypair AND a CSR.
A CSR is useless for SSH which uses no certificates.

openssl commandline (which is .exe only on Windows) can generate a keypair
with the traditional per-algorithm utilities like genrsa and gendsa (or
dsaparam -genkey), or since 1.0.0 with the generic (and extensible) genpkey
. 

But in both cases it creates files in OpenSSL-supported formats which may
not be suitable for SSH software.
In particular, the common OpenSSH implementation uses OpenSSL format for
privatekey, but for publickey uses a format (basically base64 of several
bignums) which OpenSSL doesn't know. The OpenSSH ssh-keygen utility can
create this publickey format, or an RFC interchange format with PEM wrapper,
from the OpenSSL privatekey, but ssh-keygen can also generate the keypair in
the first place avoiding any explicit use of OpenSSL. Other SSH software
I've seen usually doesn't use OpenSSL formats for either key.

Usually it's best to use the keygen features of the SSH program(s). If that
isn't available, but some kind of key-import is, we need to know exactly
what format(s) that key-import accepts. Or on Windows possibly it uses the
MS keystore, in which case the MS utilities (inetcpl and friends) can read
PKCS12 (aka PFX) which OpenSSL commandline can create (in a second step).
But OP still needs to send his publickey in a format the partner accepts,
and I've never seen any SSH software that accepts OpenSSL format publickey.
They commonly do accept the traditional and/or RFC format, which could be
created with about a page of C or somewhat less perl; I recall someone
posted code for that in the list a few years ago, if you want to search for
it.


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: SSL_CTX_set_default_verify_paths and Windows?

[Charles Mills]

Dave, thanks much.

OK, SSL_CTX_set_default_verify_paths() won't do anything for me.

 There is definitely an engine for MS CAPI

I ran into some references to capi and e_capi researching this question on
the Google but I could not find any big picture.

 Or of course you could just read the certs from MS truststore and put them
in a file or dir in OpenSSL format

That sounds like the way I will go if the customers want this. I'm not
enough of an expert to undertake the extension. I think I might be able to
do it as a pipe and not have to actually write the files to disk. Maybe.

You know what would be a cool feature for OpenSSL (yeah, LOL, I'm sure you
know a thousand)? If there were an API whereby one could set a callback
routine that would get a particular type of data (certificate, key, CA cert,
CRL, etc.) when OpenSSL needed it. Then it would be pretty trivial to read
the data from some privately known store such as the Windows truststore.

Thanks again. Amazing package. Enjoying working with it for the first time.

Charles

-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson
Sent: Friday, August 31, 2012 3:58 PM
To: openssl-users@openssl.org
Subject: RE: SSL_CTX_set_default_verify_paths and Windows?

 From: owner-openssl-us...@openssl.org On Behalf Of Charles Mills
 Sent: Friday, 31 August, 2012 12:00
 To: openssl-users@openssl.org
 Subject: SSL_CTX_set_default_verify_paths and Windows?
 
 Is there documentation for SSL_CTX_set_default_verify_paths()? 
 It's declared here http://www.openssl.org/docs/ssl/ssl.html
 but there's no description and no link that I see.

UTSL (although in this case you must go through several layers). 
_set_default_verify is effectively _load_verify_locations using env vars
SSL_CERT_FILE SSL_CERT_DIR if they exist and otherwise
X509_get_default_cert_{file,dir}() which return a compiled-in file and
directory normally file cert.pem and subdir certs under OPENSSLDIR,
which is configurable at build time and can be seen with commandline openssl
version -d .
If you're using the ShiningLight builds (as I am) they seem to make
OPENSSLDIR /usr/local/ssl, a directory that doesn't normally exist on
Windows systems (it does on many Unixes).

It is still a file and/or directory in OpenSSL format, not MS.

 
 I have an application working on Windows using explicit PEM 
 certificate
 files: SSL_CTX_load_verify_locations(SslCtx, myCert.pem, NULL);
 
 My interest is in the possibility of using the built-in 
 certificate store
 in Windows. Is that possible with OpenSSL? Is
 SSL_CTX_set_default_verify_paths() relevant? Is there an overview 
 document somewhere?

1. OpenSSL X509_STORE logic (like several others) is extensible, i.e. you
write code implementing the same interface and plug it in. I'm sure it's
possible to write a store that fetches from MS instead of from a file or
directory like the builtin ones do.

But this looks like a pretty big job. Someone else may already have done
this, but if so I haven't heard or seen of it.

2. OpenSSL has an ENGINE feature that was originally created to handle
hardware devices mostly doing low-level crypto operations (a digest, a
symmetric encrypt or decrypt, a publickey encrypt or decrypt, etc.) It has
gradually been adding more functions, rather like a scifi movie monster
feeding on nuclear bomb radiation. 
There is definitely an engine for MS CAPI, and I thought I had heard mention
that the engine interface was adding at least some truststore function. But
looking in 1.0.1c I don't see any trace of such, so maybe I misunderstood or
maybe it isn't cooked yet.

Or of course you could just read the certs from MS truststore and put them
in a file or dir in OpenSSL format. The only downside of that I see is that
you won't honor new inserts (or possibly
deletes) unless and until you repeat the process.


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org