Re: [openssl-users] test make_verify fails on brand new red hat enterprise 7 box
> > > So what does your certs/demo directory look like? Do you have the > necessary symbolic links (created during "make" somewhere I think). > Links are missing. The problem has something to do with the default path to openssl.conf. In my case it is based on the build prefix I used. If the path does not exist, make rehash will create links happily. If the dir exists but my build account does not have access permissions, make rehash is unhappy and refuses to create links. rm rehash.time make rehash Doing certs/demo 140097379800768:error:0200100D:system library:fopen:Permission denied:bss_file.c:175:fopen('/usr/local/.../openssl/ssl/openssl.cnf','rb') 140097379800768:error:2006D002:BIO routines:BIO_new_file:system lib:bss_file.c:184: 140097379800768:error:0E078002:configuration file routines:DEF_LOAD:system lib:conf_def.c:203: 140367544841920:error:0200100D:system library:fopen:Permission denied:bss_file.c:175:fopen('/usr/local/.../openssl/ssl/openssl.cnf','rb') 140367544841920:error:2006D002:BIO routines:BIO_new_file:system lib:bss_file.c:184: 140367544841920:error:0E078002:configuration file routines:DEF_LOAD:system lib:conf_def.c:203: WARNING: Skipping duplicate certificate dsa-ca.pem 140697328998080:error:0200100D:system library:fopen:Permission denied:bss_file.c:175:fopen('/usr/local/.../openssl/ssl/openssl.cnf','rb') 140697328998080:error:2006D002:BIO routines:BIO_new_file:system lib:bss_file.c:184: 140697328998080:error:0E078002:configuration file routines:DEF_LOAD:system lib:conf_def.c:203: WARNING: Skipping duplicate certificate dsa-pca.pem 139717812614848:error:0200100D:system library:fopen:Permission denied:bss_file.c:175:fopen('/usr/local/.../openssl/ssl/openssl.cnf','rb') 139717812614848:error:2006D002:BIO routines:BIO_new_file:system lib:bss_file.c:184: 139717812614848:error:0E078002:configuration file routines:DEF_LOAD:system lib:conf_def.c:203: WARNING: Skipping duplicate certificate pca-cert.pem I don't know why openssl handles both errors in a different way. In general the build does not care about the inaccessible config. That behavior suits me. Maybe the build should detect the problem with make rehash. Or force an OPENSSL_CONF value that will make it happy. Here's the workaround I applied to my build script. ... rm rehash.time make OPENSSL_CONF= rehash make test Problem nailed. Thank you for your help! -- Philippe Anctil -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] test make_verify fails on brand new red hat enterprise 7 box
I am compiling from openssl.org source. pwd .../openssl-1.0.2k/test grep -A 4 'test_verify:' Makefile test_verify: ../apps/openssl$(EXE_EXT) @echo "The following command should have some OK's and some failures" @echo "There are definitly a few expired certificates" ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem 2018-05-18 11:53 GMT-04:00 Viktor Dukhovni <openssl-us...@dukhovni.org>: > > > > On May 18, 2018, at 11:22 AM, Philippe Anctil <philippe.anc...@gmail.com> > wrote: > > > > Hi, > > > > I have been compiling openssl libraries on RHEL5 for a while without > issue. My build for 1.0.2k fails on a new RHEL7 server. I have narrowed > down the cause to the make_verify test. > > All tests pass when I build 1.0.2p. There is no "verify_test" in any > version > of 1.0.2 I can find, including 1.0.2k. Perhaps that test is part of Redhat > specific patches to OpenSSL. You'll need to solve this with whoever > authored > that test. > > -- > Viktor. > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- Philippe Anctil -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] test make_verify fails on brand new red hat enterprise 7 box
Hi, I have been compiling openssl libraries on RHEL5 for a while without issue. My build for 1.0.2k fails on a new RHEL7 server. I have narrowed down the cause to the make_verify test. make verify_test # from test dir The following command should have some OK's and some failures There are definitly a few expired certificates ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs/demo ../certs/demo/*.pem ../certs/demo/ca-cert.pem: C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test CA (1024 bit) error 20 at 0 depth lookup:unable to get local issuer certificate ../certs/demo/dsa-ca.pem: C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = CA error 20 at 0 depth lookup:unable to get local issuer certificate 140692788688576:error:0B06E06B:x509 certificate routines:X509_get_pubkey_parameters:unable to find parameters in chain:x509_vfy.c:2108: ../certs/demo/dsa-pca.pem: C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = PCA error 18 at 0 depth lookup:self signed certificate C = AU, ST = Some-State, O = Internet Widgits Pty Ltd, CN = PCA error 10 at 0 depth lookup:certificate has expired OK ../certs/demo/pca-cert.pem: C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test PCA (1024 bit) error 18 at 0 depth lookup:self signed certificate C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test PCA (1024 bit) error 10 at 0 depth lookup:certificate has expired OK make: *** [test_verify] Error 2 It seems to boil down to the following OPENSSL_CONF= LD_LIBRARY_PATH=.. ../apps/openssl verify -CApath ../certs/demo ../certs/demo/ca-cert.pem WARNING: can't open config file: ../certs/demo/ca-cert.pem: C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test CA (1024 bit) error 20 at 0 depth lookup:unable to get local issuer certificate echo $? 2 Doing the same on my RHEL5 box. OPENSSL_CONF= LD_LIBRARY_PATH=.. ../apps/openssl verify -CApath ../certs/demo ../certs/demo/ca-cert.pem WARNING: can't open config file: ../certs/demo/ca-cert.pem: C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test PCA (1024 bit) error 10 at 1 depth lookup:certificate has expired C = AU, ST = Queensland, O = CryptSoft Pty Ltd, CN = Test CA (1024 bit) error 10 at 0 depth lookup:certificate has expired OK echo $? 0 Any clue why openssl verify does not work on RHEL7? ca-cert.pem is issued by pca-cert.pem (matching Authority Key Identifier). Both are under ../certs/demo. Thanks. -- Philippe Anctil -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] BN_exp
Hi I wanted some input on a problem. I need to use bn_exp for some big calculation but I hit a limit where it take age to get a result (after two day I stopped the process). I tried for fun to run a bn_mod_exp and it took 2 seconds. The manpage state that; BN_exp() raises a to the p-th power and places the result in r ("r=a^p"). This function is faster than repeated applications of BN_mul(). BN_mod_exp() computes a to the p-th power modulo m ("r=a^p % m"). This function uses less time and space than BN_exp(). Is there a tip there to get the exp result from bn_mod_exp ? or to optimize bn_exp ? Thanks Philippe nb. Sorry if the question might have been answered in the past, I didn't find any way to search the mailing-list's archive. ___ openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Convert raw format ecdsa sha384 csr signature into ASN1 format
I have a 96 bytes long ecdsa signature created with sha384 algorithm by a smart card in raw format.It is composed of two 48 bytes long integers r and s. The ecdsa signature is in a buffer pointed to by sign_ptr. I'm converting the raw format signature into buf_out in ASN1 format with this function (in C): int convert_ecdsa_sha384_sign(char **buf_out, char *sign_ptr) { buf_out[0]=0x30;/* Type = Sequence of */ buf_out[2]=0x02;/* Type = Integer */ /* Verify if negative bit is set */ if (!(sign_ptr[0] 0x80)) { buf_out[3]=0x30;/* Length */ memcpy((buf_out[4]), sign_ptr, 48);/* Copy first integer */ } else { /* Negative bit is set. Add one padding byte */ buf_out[3]=0x31;/* Length */ buf_out[4]=0x00;/* Padding */ memcpy((buf_out[5]), sign_ptr, 48);/* Copy first integer */ sign_offset += 1; } buf_out[52+sign_offset]=0x02; /* Type = Integer */ /* Verify if negative bit is set */ if (!(sign_ptr[48] 0x80)) { buf_out[53+sign_offset]=0x30; /* Length */ memcpybuf_out[54]))+ sign_offset), sign_ptr + 48, 48);/* Copy second integer */ } else { /* Negative bit is set. Add one padding byte */ buf_out[53+sign_offset]=0x31; /* Length */ buf_out[54+sign_offset]=0x00; /* Padding */ memcpybuf_out[55]))+ sign_offset), sign_ptr + 48, 48); /* Copy second integer */ sign_offset += 1; } buf_out[1]= 100 + sign_offset;/* Total signature length */ return 1; I am wondering if there is an equivalent openssl function that can help me to do this in a more elegant way? I did look at many d2i functions (d2i_ASN1_, ASN1_item_d2i, ASN_d2i_func, etc.) but it is not clear which one suits.
RE: Tls1.2 Problem with client certificate and RSA_verify
Hi, An idea out of nowhere : did you investigate the bad gethostbyaddr issue ? There is reverse DNS done. how is your reverse dns set ? can you enter you host in hosts and see if does help ? Regards, From: owner-openssl-us...@openssl.org [owner-openssl-us...@openssl.org] on behalf of Albers, Thorsten [thorsten.alb...@vector.com] Sent: Friday, July 27, 2012 1:11 PM To: openssl-users@openssl.org Subject: Tls1.2 Problem with client certificate and RSA_verify Hi, I have a problem with the openssl s_server (v1.0.1c) when requesting a client certificate. I’m developing my own TLS 1.2 implementation (for embedded platforms), and I’m stuck with a problem with using the client certificate. I already implemented TLS 1.0 earlier, so it’s not completely new for me, and it worked fine even with client certificates. My current implementation can handle TLS 1.2 handshakes without client authentication, as well as TLS 1.0 with or without client authentication. When I try to connect to the openssl server, the handshake goes as far as the client having sent its messages up to (including) ‘change cipher spec’. But then the server sends an alarm (decrypt error). The openssl server console tells me some strange error: ACCEPT bad gethostbyaddr depth=1 CN = TestAndDevRootAuthority verify return:1 depth=0 CN = MyClient verify return:1 1696:error:0D07209B:asn1 encoding routines:ASN1_get_object:too long:.\crypto\asn1\asn1_lib.c:142: 1696:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object header:.\crypto\asn1\tasn_dec.c:1306: 1696:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error:.\crypto\asn1\tasn_dec.c:381:Type=X509_SIG 1696:error:1408807B:SSL routines:SSL3_GET_CERT_VERIFY:bad signature:.\ssl\s3_srvr.c:3049: 1696:error:140780E5:SSL routines:SSL23_READ:ssl handshake failure:.\ssl\s23_lib.c:131: ACCEPT I’m most confused by the ASN1 errors. I debugged the openssl server beginning at the function ssl3_get_cert_verify() and through some functions to pkey_rsa_verify(). Here I found a call of RSA_verify() that never called this function but always called CMS_RecipientInfo_type(). That seems to be so wrong, and I don’t understand why this function call is misguided. Why does is call the wrong function? Any ideas? I build the openssl.exe using the batch file to build openssl with Visual Studio 2010. I’d be pleased for any hint. Regards, Thorsten Albers
RE: Undefined symbol _OCSP_RESPID_free in libssl.1.0.0.dylib
a untested and opportunist proposal : might be libssl libcrypto cross depency. gcc is pointy with library order. try to replace -lssl -lcrypto with -lssl -lcrypto -lssl or with -lcrypto -lssl -lcrypto Can sounds weird but when there are cross dependency, library should be listed twice. Regards From: owner-openssl-us...@openssl.org [owner-openssl-us...@openssl.org] on behalf of Sachin Srivastava [sachin.srivast...@enterprisedb.com] Sent: Thursday, May 24, 2012 5:12 PM To: openssl-users@openssl.org Subject: Undefined symbol _OCSP_RESPID_free in libssl.1.0.0.dylib Hi all, I build openssl-1.0.1c on Snow Leopard (10.6.8) with 10.5 SDK used this as configure option: ./Configure darwin-i386-cc --prefix=/usr/local/i386 --shared -isysroot /Developer/SDKs/MacOSX10.5.sdk -mmacosx-version-min=10.5 make all make install now when I use the libs to compile a test program, I get an error, The sample program is (conftest.c): /* confdefs.h. */ #define PACKAGE_NAME PostgreSQL #define PACKAGE_TARNAME postgresql #define PACKAGE_VERSION 9.0.7 #define PACKAGE_STRING PostgreSQL 9.0.7 #define PACKAGE_BUGREPORT pgsql-b...@postgresql.orgmailto:pgsql-b...@postgresql.org #define PG_VERSION 9.0.7 #define PG_MAJORVERSION 9.0 #define USE_INTEGER_DATETIMES 1 #define DEF_PGPORT 5432 #define DEF_PGPORT_STR 5432 #define BLCKSZ 8192 #define RELSEG_SIZE 131072 #define XLOG_BLCKSZ 8192 #define XLOG_SEG_SIZE (16 * 1024 * 1024) #define ENABLE_THREAD_SAFETY 1 #define KRB5 1 #define PG_KRB_SRVNAM postgres #define USE_PAM 1 #define USE_LDAP 1 #define USE_BONJOUR 1 #define USE_SSL 1 #define USE_LIBXML 1 #define USE_LIBXSLT 1 #define HAVE_LIBM 1 #define HAVE_LIBREADLINE 1 #define HAVE_LIBZ 1 #define HAVE_SPINLOCKS 1 #define HAVE_LIBCRYPTO 1 #define HAVE_LIBSSL 1 #define HAVE_LIBPAM 1 #define HAVE_LIBXML2 1 #define HAVE_LIBXSLT 1 /* end confdefs.h. */ #include ctype.h #include stdlib.h #if ((' ' 0x0FF) == 0x020) # define ISLOWER(c) ('a' = (c) (c) = 'z') # define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) #else # define ISLOWER(c) (('a' = (c) (c) = 'i') || ('j' = (c) (c) = 'r') || ('s' = (c) (c) = 'z')) # define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) #endif #define XOR(e, f) (((e) !(f)) || (!(e) (f))) int main () { int i; for (i = 0; i 256; i++) if (XOR (islower (i), ISLOWER (i)) || toupper (i) != TOUPPER (i)) return 2; return 0; } And compile the above code as: gcc -o conftest -isysroot /Developer/SDKs/MacOSX10.5.sdk -mmacosx-version-min=10.5 -headerpad_max_install_names -arch i386 -Wall -Wmissing-prototypes -Wpointer-arith -Wdeclaration-after-statement -Wendif-labels -Wformat-security -fno-strict-aliasing -fwrapv -I/usr/local/include/libxml2 -I/usr/local/include -L/usr/local/lib conftest.c -lxslt -lxml2 -lpam -lssl -lcrypto -lgssapi_krb5 -lz -ledit -lm When I run the contest executable as ./conftest dyld: Symbol not found: _OCSP_RESPID_free Referenced from: /usr/local/lib/libssl.1.0.0.dylib Expected in: /usr/local/lib/libssl.1.0.0.dylib in /usr/local/lib/libssl.1.0.0.dylib Trace/BPT trap Any help regarding the above is really helpful. The same was working when I was using OpenSSL 0.9.8. Also If I use 10.6 SDK then I get no errors. -- -- Regards, Sachin Srivastava EnterpriseDB, India
Overridden custom rpath
Hello, I am having difficulty compiling openssl 1.0.0a with a custom rpath RHEL 5.5. My objective is to compile with the relative rpath ../lib64. ./config -Wl,-rpath,../lib64 --prefix=/usr/local/app/openssl --install_prefix=~/tmp/openssl-install shared After compilation, I check what library is used by openssl with ldd. I see it point to a previous installation in /usr/local/app/openssl. With strings, I see a path in front of mine: /usr/local/app/openssl/lib64:../lib64 To get rid of the undesired rpath, I need to remove the following from Makefile: LIBRPATH='$(INSTALLTOP)/$(LIBDIR)' Is there a way to control LIBRPATH without editing Makefile? Why does another rpath get added in front of mine anyway? Thank you!
Padding issue with Java and OpenSSL
Hi, I'm successfully using Java to encrypt data and OpenSSL to decrypt it. The issue I'm having is that the decrypted file is left with the padding bytes at the end. I can't figure out what I'm doing wrong. -Parameters- Algorithm: AES Mode: CFB Padding: PKCS5 Input file is 65373 bytes, the resulting cipher text after Java has encrypted it is 65376 bytes. Using OpenSSL to decrypt results in a file size of 65376 bytes. I can clearly see the padding bytes at the end of the file (0x03 0x03 0x03). If I use OpenSSL to encrypt the same file, it results in a file of 65373 bytes. I expected 65376 since 65373 is not a multiple of 128. Shouldn't OpenSSL be padding the file? Is Java or OpenSSL not doing its job correctly? I'm I supposed to strip these bytes myself? I'm using openssl on the command line, is there an option to pass to openssl enc ? Thanks! Philippe __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Problem with HTTPS requests
I am trying to write a Perl program on a linux server to submit a request to a web server. The code runs fine when I request an http page, but I get an error when I try to get an https page. See sample code. I activated the debug mode, see output below. I am using the post method because I ultimately want to send arguments, but this is just a test and it does not need the arguments. There are no proxy servers required on my server. Any idea what is wrong? Thanks Philippe Sample Code-- #!/usr/local/bin/perl $ENV{HTTPS_DEBUG} = 1; require LWP::UserAgent; $ua = LWP::UserAgent-new; $in{id} = 1; $response = $ua-post(https://www.viaklix.com/Admin/login.asp;, \%in); print $response-content; exit; End Sample Code-- Output-- SSL_connect:before/connect initialization SSL_connect:SSLv2/v3 write client hello A SSL_connect:SSLv3 read server hello A SSL_connect:SSLv3 read server certificate A SSL_connect:SSLv3 read server done A SSL_connect:SSLv3 write client key exchange A SSL_connect:SSLv3 write change cipher spec A SSL_connect:SSLv3 write finished A SSL_connect:SSLv3 flush data SSL_connect:SSLv3 read finished A 500 Server closed connection without sending any data back End Output-- Versions of the software on my server: Perl: 5.8.8 (perl -v) Openssl: 0.9.8b (openssl version) LWP::UserAgent: 5.8.10 Net::SSLeay: 1.32 Crypt::SSLeay: 0.57
OAEP for signatures and PSS
Hi @ll, is it a security problem to use RSA-OAEP padding for RSA signatures? Is RSA-PSS new to OpenSSL and how can I use it? What's the security difference(s) between RSA-OAEP and RSA-PSS? Thanks. Philippe -- OAEP: Optimal Asymmetric Encoding Padding PSS: Probabilistic Signature Scheme __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: OAEP for signatures and PSS
Can I use PSS with openssl on command line, like OAEP? I cannot find any options. Thanks. Philippe * Steven Beeckman wrote: Hi Philippe, the PKCS #1 v2.1 standard [1] uses OAEP padding for encryption (I think the 'E' stands for 'encryption'). PSS adds probabilistic padding to the message to be signed. More information is available in papers by Bellare and Rogaway [2,3]. Regards, Steven [1] http://www.rsa.com/rsalabs/node.asp?id=2125 [2] http://citeseer.ist.psu.edu/bellare96exact.html [3] http://citeseer.ist.psu.edu/bellare94optimal.html On 6/8/07, Philippe Stellwag [EMAIL PROTECTED] wrote: Hi @ll, is it a security problem to use RSA-OAEP padding for RSA signatures? Is RSA-PSS new to OpenSSL and how can I use it? What's the security difference(s) between RSA-OAEP and RSA-PSS? Thanks. Philippe -- OAEP: Optimal Asymmetric Encryption Padding PSS: Probabilistic Signature Scheme __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RSA library and block size
* Marek Marcola wrote: That means, that padding didn't solve the problem of known-plaintext-, chosen-plaintext-, chosen-cyphertext- or adaptive-chosen-plaintext-attacks? What about OAEP padding? Can I use the public key as secret key and backwards? Then I can use OAEP for signing with the secret public key :-) and use the public secret key in Linux-PAM for verify the signature. The advantage therefor is that I can use OAEP random(?) padding to get of the _same_ plaintext different chiffertexts. If you want to use OAEP in signing then you can first add OAEP to your data with RSA_padding_add_PKCS1_OAEP() and next use RSA_private_encrypt() with padding flag equal to RSA_NO_PADDING. When verifying you first call RSA_public_decrypt() with padding flag equal to RSA_NO_PADDING and next remove OAEP padding with RSA_padding_check_PKCS1_OAEP() to get real data. Oh yes, this looks like what I want. But, isn't it better to use a probabilistic encryption (signing) system. The problem of Elgamal is, that (1) encryption/signing needs more CPU time as by RSA and (2) the length of ciphertext is ˜ the double length of the plaintext. Thanks. Philippe__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RSA library and block size
* Marek Marcola [EMAIL PROTECTED] wrote: Maybe I do not understand this correctly, but if you want to encrypt some data with RSA 1024 bit key then you will get 128 bytes of output ciphertext. It is not important what padding scheme you will use (or even no padding at all) you should get 128 bytes output from modular exponentation process. So you will not be able to store this on your token. Or I really miss something :-) Okay, I have to use a RSA 928 bit key, then I will get 116 bytes of output ciphertext. Ok, but in this case token can be copied without problem. Yes, I know. That's a big problem, but I _must_ use this token! Or maybe token has some unique information (like serial number stored in not writable memory) which can be inserted in user authentication data (which is signed) to limit copying. Yes, this token has a not-writeable serial number, which are stored in ROM. And yes - because of the copying-problem - I centrally want to sign every user authentication data (stored in 116 byte writeable EEPROM) with one RSA (private) key. Decentrally (in form of an Linux-PAM module), I want store the public key, which can verify this signed user authentication data. But moreover, I not want to sign a cryptographic hash value of this information, I want to encode (sign) the complete plaintext information: [CUT=user001 authentication data on token] my_system_user_name group_of_my_system_user_name 2010-12-31 [CUT] [CUT=signed authentication data of user001 (116 byte) uses PKCS#1] 0x 4fb4 f1b3 d6b8 55ab 0a1d dd75 07e8 8039 O.Uu...9 0x0010 07b6 6d77 b54d 370c eee9 ab7c 0fdf 760c ..mw.M7|..v. 0x0020 5425 00c8 80ba 74ff 4168 2aa1 d47f 0c4a T%t.Ah*J 0x0030 085c 4d00 4baf 8e67 9cc7 a345 276c b790 .\M.K..g...E'l.. 0x0040 d829 1dbf 26ba ea23 57b2 40a6 c265 33b8 .)..[EMAIL PROTECTED] 0x0050 5add 948f 4cca 3d20 f7c8 490b 6de2 923b Z...L.= ..I.m..; 0x0060 3afc f44b 3b0b 8bb6 cfcf b3e1 3af3 d03e :..K;...:.. 0x0070 61e0 8e22 a.. [/CUT] Is that another problem, not to sign the hash value of this information? In this case I think this is not a problem because this is data signing process. In PKCS1 when you sign data with private key there is NO random information generated. All message that is encrypted with private key is known. For example if you want to sign some message you calculate its digest (hash, SHA1 for example), next you build ASN.1 DigestInfo structure, and pad this with PCKS1. But this padding only adds in front of DigestInfo known block and you get something like that: 0x0001.FF00DigestInfo and this is encrypted with private key. As you see, there is no random information in this case. That means, that padding didn't solve the problem of known-plaintext-, chosen-plaintext-, chosen-cyphertext- or adaptive-chosen-plaintext-attacks? What about OAEP padding? In my point of view, if I use padding (e.g. PKCS#1 v1.5) every chiffertext of the _same_ plaintext looks _different_?!?! Regards, Philippe __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RSA library and block size
* Philippe Stellwag [EMAIL PROTECTED] wrote: That means, that padding didn't solve the problem of known-plaintext-, chosen-plaintext-, chosen-cyphertext- or adaptive-chosen-plaintext-attacks? What about OAEP padding? Can I use the public key as secret key and backwards? Then I can use OAEP for signing with the secret public key :-) and use the public secret key in Linux-PAM for verify the signature. The advantage therefor is that I can use OAEP random(?) padding to get of the _same_ plaintext different chiffertexts. In my point of view, if I use padding (e.g. PKCS#1 v1.5) every chiffertext of the _same_ plaintext looks _different_?!?! Of course, only when using OAEP the chiffertext of the _same_ plaintext looks _different_!!! Best regards, Philippe __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RSA library and block size
Hi at all, is it possible to change the OpenSSL RSA functions so that I can use a different - may be a variable - block size. At the moment the block size on the OpenSSL RSA functions depends on the length of the RSA key pair and the kind of padding (following PKCS#1 v1.5, which means 11 byte random data): key lenght block size available space 2024 bit256 byte245 byte 1024 bit128 byte105 byte 768 bit 96 byte 85 Normally, on symmetric encryption the block size _must_ be the same as the key lenght. But on asymmetric encryption methods - I think - the block size not depends on that restriction, or is there another point, which forces such a fixed block size? Many thanks in advance! Best regards, Philippe __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RSA library and block size
* Marek Marcola wrote: * Philippe Stellwag wrote: is it possible to change the OpenSSL RSA functions so that I can use a different - may be a variable - block size. At the moment the block size on the OpenSSL RSA functions depends on the length of the RSA key pair and the kind of padding (following PKCS#1 v1.5, which means 11 byte random data): key lenght block size available space 2024 bit256 byte245 byte 1024 bit128 byte105 byte 768 bit 96 byte 85 Normally, on symmetric encryption the block size _must_ be the same as the key lenght. Not exactly, for example: AES128: key: 16bytes, block: 16bytes AES192: key: 24bytes, block: 16bytes AES256: key: 32bytes, block: 16bytes DES3 : key: 24bytes, block: 8bytes and of course des which has key_len == block_len: DES : key: 8bytes, block: 8bytes Okay, thanks for that correction! But on asymmetric encryption methods - I think - the block size not depends on that restriction, or is there another point, which forces such a fixed block size? Amount of data which may be encrypted with RSA depends on algorithm. If you have private key (d,n) and public key (e,n) where n=p*q, where p and q are prime numbers. Encryption of plain P: C = P^e mod n Decryption of cipher C: P = C^d mod n As you see, you get always result as number from 0 to n-1 (modulo operation) and n is RSA key size. To be more specific, RSA operation is performed inside multiplicative group. Okay, that means that plain P (interpreted as an integer figure) must be smaller than n, so that it is between the multiplicative group, like the following example: n=3*5 phi(n)=(3-1)*(5-1)=8 e=3 d=(4*8+1)/3=11 (4 is choosen by me = see Euler) P=2 (should work) C=2^3 mod 15=8 P=8^11 mod 15=2 (that's it) P=41 (not between the multiplicative group (because 15) and so not unique = shouldn't work) C=41^3 mod 15=11 P=11^11 mod 15=(believe me (-:)=11 (not the same integer as 41, but the same in the multiplicative group: 41 mod 15 = 11 mod 15) Okay, that's clear! But can I use e.g. a 1024 bit key pair with a block size of 116 byte, that is not depending on the problem shown above, isn't it?! What is the security reason, why not to do this? I have a small-sized EEPROM with 116 bytes and I try to use a key pair with 928 bit length (= 116 byte block size and 105 byte for unencrypted user data). Thanks a lot for that posting! Philippe __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RSA library and block size
* David Schwartz wrote: But can I use e.g. a 1024 bit key pair with a block size of 116 byte, that is not depending on the problem shown above, isn't it?! What is the security reason, why not to do this? That would seriously weaken the security properties. http://en.wikipedia.org/wiki/RSA Read the section on padding schemes. An attacker than can predict the plaintext can break the encryption. A 116 byte plaintext may not be sufficiently unpredictable to preserve the level of security you expect from a 1,024 bit key. (RSA is 100% deterministic.) Oh yes, RSA is a deterministic encryption method. To protect RSA from a known- plaintext-attack, a random padding string is used, right? How secure is it or do you say, for 116 byte disc space I have to use a probabilistic encryption system, like ElGamal. But OpenSSL cannot ElGamal encryption. Hmm... RSA cannot be used securely except by experts (because it has too many internal weaknesses that must be carefully worked around by the surrounding system). I strongly urge you to either use a pre-designed scheme around RSA or to employ an expert. There are simply too many ways you can go wrong. What do you suggest? I want to store some encrypted data on this 116 byte sized disc. I want to use an asymmetric encryption system with only one key pair for many such 116 byte discs, used by many people. Think on two-factor- authentication with a smartcard without cryptographic functions (a passive storage). Hmm, I think I have to use some probabilistic (asymmetric) encryption method... Thanks a lot! Philippe __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RSA library and block size
* Marek Marcola wrote: [...] Or maybe you can send your data in two smaller RSA encrypted messages ? I just want to store some authentication data - a username, group and date - on a token, which only offers a passive storage (116 byte EEPROM) without any cryptografic functions, to save a secret (normally a private key) from outside access. So this authentication data must be encrypted to prevent unauthorized modification, because every - maybe unauthorized - person can read and write on this token. This token should used for a two-factor-autentication process with an additional password or pin. So, I want to use one private RSA key the centrally sign this data. Decentral, I intend to verify the RSA signature with the concerning public key. Is the verification process successfully done, than the information stored on the token are valid. The problem is that deterministic encryption methods (like RSA) offers the possibility of an {known, choosen}-plaintext-attack, because the users (partial) know their own authentication data! My questions are very simple: Is the RSA crypto-system with random padding (e.g. default PKCS#1 v1.5 or OAEP) strong enough to implement such a solution or is my concept totally insecure and I should use e.g. an ElGamal encryption system? Best regards, Philippe __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: RSA vs ECC: relative bruteforceability?
This website might also interest you if you want to get some ideas about relative security of cryptosystems : http://www.keylength.com/ I'm told that EC (elliptic curve) crypto with 256 bit keys may be as strong as the RSA with 16000 bit keys. Sounds incredible to me. Could someone please comment on this? Thank you in advance. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
PIN request on Certitficate Revocation
Hi, i have setup a small CA and i use the Aladin etoken Pro USB CA to host the root private key. the revocation operation (openssl ca -revoke cert.pem ...) request the User PIN. Does someone know why the PIN is required for this operation? Does anybody know if it is possible to revoke certificate per batch to avoid entering PIN for each certificate? something similar to certificate signature per batch (openssl ca -engine pkcs11 -keyfile id_45 -keyform engine -batch -infiles cert*.pem) Thanks for your help Philippe. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Certificate signing with etoken / pkcs11_engine / opensc
Hi i have the following environement: - openssl 9.8.a - openct/opensc/pkcs11_engine - etoken USB Pro 64 - Fedora Core 5 My Target is to setup a small PKI using openssl ca and to use the etoken to host the root private key. So i have initialize the token: $ opensc-tool --list-reader Readers known about: Nr.Driver Name 0 openct Aladdin eToken PRO 64k 1 openct OpenCT reader (detached) 2 openct OpenCT reader (detached) 3 openct OpenCT reader (detached) 4 openct OpenCT reader (detached) $ pkcs15-init --create-pkcs15 $ pkcs15-init --store-pin --auth-id 01 --label xxx $ pkcs15-init --store-private-key key.pem --id 45 --auth-id 01 $ pkcs15-tool --list-keys -auth-id 01 Private RSA Key [Private Key] Com. Flags : 3 Usage : [0x4], sign Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract, local ModLength : 2048 Key ref : 16 Native : yes Path: 3f005015 Auth ID : 01 ID : 45 I have build a CSR using the req command of openssl Then i try to sign this CSR using the private key inside the otken $ openssl OpenSSL engine dynamic -pre SO_PATH:/usr/lib/engines/engine_pkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib/opensc-pkcs11.so (dynamic) Dynamic engine loading support [Success]: SO_PATH:/usr/lib/engines/engine_pkcs11.so [Success]: ID:pkcs11 [Success]: LIST_ADD:1 [Success]: LOAD [Success]: MODULE_PATH:/usr/lib/opensc-pkcs11.so Loaded: (pkcs11) pkcs11 engine OpenSSL ca -engine pkcs11 -key id_45 -in req.pem -out cert.pem -config tools/conf/openssl.cnf Using configuration from tools/conf/openssl.cnf engine pkcs11 set. unable to load CA private key 32293:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:454: 32293:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:425: error in ca Any idea on the issue ? Is it the right way to build a ca command using an engine? Thanks Philippe. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Certificate signing with etoken / pkcs11_engine / opensc
The command was wrong. here is the good one: OpenSSL ca -engine pkcs11 -keyfile id_45 -keyform engine -in req.pem -out cert.pem -config tools/conf/openssl.cnf By Philippe. Selon [EMAIL PROTECTED]: Hi i have the following environement: - openssl 9.8.a - openct/opensc/pkcs11_engine - etoken USB Pro 64 - Fedora Core 5 My Target is to setup a small PKI using openssl ca and to use the etoken to host the root private key. So i have initialize the token: $ opensc-tool --list-reader Readers known about: Nr.Driver Name 0 openct Aladdin eToken PRO 64k 1 openct OpenCT reader (detached) 2 openct OpenCT reader (detached) 3 openct OpenCT reader (detached) 4 openct OpenCT reader (detached) $ pkcs15-init --create-pkcs15 $ pkcs15-init --store-pin --auth-id 01 --label xxx $ pkcs15-init --store-private-key key.pem --id 45 --auth-id 01 $ pkcs15-tool --list-keys -auth-id 01 Private RSA Key [Private Key] Com. Flags : 3 Usage : [0x4], sign Access Flags: [0x1D], sensitive, alwaysSensitive, neverExtract, local ModLength : 2048 Key ref : 16 Native : yes Path: 3f005015 Auth ID : 01 ID : 45 I have build a CSR using the req command of openssl Then i try to sign this CSR using the private key inside the otken $ openssl OpenSSL engine dynamic -pre SO_PATH:/usr/lib/engines/engine_pkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib/opensc-pkcs11.so (dynamic) Dynamic engine loading support [Success]: SO_PATH:/usr/lib/engines/engine_pkcs11.so [Success]: ID:pkcs11 [Success]: LIST_ADD:1 [Success]: LOAD [Success]: MODULE_PATH:/usr/lib/opensc-pkcs11.so Loaded: (pkcs11) pkcs11 engine OpenSSL ca -engine pkcs11 -key id_45 -in req.pem -out cert.pem -config tools/conf/openssl.cnf Using configuration from tools/conf/openssl.cnf engine pkcs11 set. unable to load CA private key 32293:error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt:evp_enc.c:454: 32293:error:0906A065:PEM routines:PEM_do_header:bad decrypt:pem_lib.c:425: error in ca Any idea on the issue ? Is it the right way to build a ca command using an engine? Thanks Philippe. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Low cost token
Hi, I am looking for a low cost token to securely handled cryptographic operations related to CA (Secure hosting of the root private key, Certificates and CRL signing). Any of you has succesfuly used with openssl exising tokens like ikey2032 (safenet), Rosetta Series II USB Token (spyrus), CryptoIdentity 2048 USB Token (chirson)... ? Any other token that i can use ? Thanks for your help. Philippe. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Specifiy Public Key Size?
Hummm Victor ? You can cipher and decipher what you want as well as with a RSA public and private keys ;-) If you cipher with the public key you have to use the private associate key of course and vice versa. Best regards, Philippe Victor Duchovni wrote: On Thu, Dec 08, 2005 at 03:33:40PM -0600, Chevalier, Victor T. wrote: I want to create a public key that is the same strength as the private key. Game over, the above demonstrates sufficiently deep confusion about RSA, that you must not proceed any further until you see why it is absurd. I need the public key to match the size constraints, as I am using then to encrypt and decrypt and when I try to use the public key the bioerr spits out RSA Public and private keys are not used to encrypt arbitrary data, there are many complex traps to avoid because RSA is a commutative group. You use RSA private keys to sign carefully constructed message digests that avoid the various chosen plain-text attacks on RSA. You use RSA public keys to encrypt randomly generated session keys that in turn encrypt the message contents. All this specificed in carefully designed PKCS#N standards that describe correct standard use-cases of RSA cryptography. When I run my code using openssl I am trying to decrypt using my public key, I get: 3500:error:0406506C:rsa routines:RSA_EAY_PRIVATE_DECRYPT:data greater than modlen:rsa_eay.c:308 I want to decrypt with the public key. The public key is not suitable for decryption, it is only suitable for signature verification. Decryption is only possible with the private key and only if chosen-plaintext/chose-ciphertext attacks are carefully avoided. -- - It's nice to be important, but it's more important to be nice - __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Problem with Self-Signed certificate and wpa_supplicant
Hello All. I've been trying to setup WPA security on my network. As such, I have been generating my own root and server certificate, and signing my client certificates with said root certificate. However, for some reason, whenever I try to use the certificates with wpa_supplicant, I get the following errors: TLS: Certificate verification failed, error 18 (self signed certificate) depth 0 for '/C=CA/O=Radialink/CN=RADIUS' SSL: (where=0x4008 ret=0x230) SSL: SSL3 alert: write (local SSL3 detected an error):fatal:unknown CA SSL: (where=0x1002 ret=0x) SSL: SSL_connect:error in SSLv3 read server certificate B SSL: SSL_connect: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed whenever I try to authenticate. I am reasonably certain there is no problem with my FreeRADIUS configuration, however, I suspect there might be a problem with my root certificate based on this error. Is anybody able to shed any light on this for me? Thanks, Phil. Full output from wpa_supplicant: --- Initializing interface 'ath0' conf '/etc/wpa_supplicant.conf' driver 'madwifi' Configuration file '/etc/wpa_supplicant.conf' - '/etc/ wpa_supplicant.conf' Reading configuration file '/etc/wpa_supplicant.conf' Priority group 0 id=0 ssid='ap3-senaoabg' Initializing interface (2) 'ath0' EAPOL: SUPP_PAE entering state DISCONNECTED EAPOL: KEY_RX entering state NO_KEY_RECEIVE EAPOL: SUPP_BE entering state INITIALIZE EAP: EAP entering state DISABLED EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 Own MAC address: 00:0b:6b:33:11:e6 wpa_driver_madwifi_set_wpa: enabled=1 wpa_driver_madwifi_del_key: keyidx=0 wpa_driver_madwifi_del_key: keyidx=1 wpa_driver_madwifi_del_key: keyidx=2 wpa_driver_madwifi_del_key: keyidx=3 wpa_driver_madwifi_set_countermeasures: enabled=0 wpa_driver_madwifi_set_drop_unencrypted: enabled=1 Setting scan request: 0 sec 10 usec Wireless event: cmd=0x8b06 len=8 RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added Starting AP scan (specific SSID) Scan SSID - hexdump_ascii(len=12): 61 70 33 2d 73 65 6e 61 6f 61 62 67 ap3-senaoabg Wireless event: cmd=0x8b1a len=25 Wireless event: cmd=0x8b19 len=12 Received 668 bytes of scan results (3 BSSes) Scan results: 3 Selecting BSS from priority group 0 0: 00:02:6f:20:b6:6b ssid='Wireless Network' wpa_ie_len=28 rsn_ie_len=0 skip - SSID mismatch 1: 00:02:6f:20:b6:6c ssid='ap3-senaoabg' wpa_ie_len=24 rsn_ie_len=0 selected Trying to associate with 00:02:6f:20:b6:6c (SSID='ap3-senaoabg' freq=2412 MHz) Cancelling scan request Automatic auth_alg selection: 0x1 WPA: using IEEE 802.11i/D3.0 WPA: Selected cipher suites: group 16 pairwise 16 key_mgmt 1 WPA: using GTK CCMP WPA: using PTK CCMP WPA: using KEY_MGMT 802.1X WPA: Own WPA IE - hexdump(len=24): dd 16 00 50 f2 01 01 00 00 50 f2 04 01 00 00 50 f2 04 01 00 00 50 f2 01 No keys have been configured - skip key clearing wpa_driver_madwifi_set_drop_unencrypted: enabled=1 wpa_driver_madwifi_associate Setting authentication timeout: 5 sec 0 usec EAPOL: External notification - portControl=Auto Wireless event: cmd=0x8b1a len=25 Wireless event: cmd=0x8b15 len=20 Wireless event: new AP: 00:02:6f:20:b6:6c Association event - clear replay counter Associated to a new BSS: BSSID=00:02:6f:20:b6:6c No keys have been configured - skip key clearing Associated with 00:02:6f:20:b6:6c EAPOL: External notification - portEnabled=0 EAPOL: External notification - portValid=0 EAPOL: External notification - portEnabled=1 EAPOL: SUPP_PAE entering state CONNECTING EAPOL: txStart EAPOL: SUPP_BE entering state IDLE EAP: EAP entering state INITIALIZE EAP: EAP entering state IDLE Setting authentication timeout: 10 sec 0 usec Wireless event: cmd=0x8c02 len=35 Custom wireless event: 'ASSOC|00:02:6f:20:b6:6c' RTM_NEWLINK, IFLA_IFNAME: Interface 'ath0' added RX EAPOL from 00:02:6f:20:b6:6c Setting authentication timeout: 70 sec 0 usec EAPOL: Received EAP-Packet frame EAPOL: SUPP_PAE entering state RESTART EAP: EAP entering state INITIALIZE EAP: EAP entering state IDLE EAPOL: SUPP_PAE entering state AUTHENTICATING EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request method=1 id=0 EAP: EAP entering state IDENTITY EAP: EAP-Request Identity data - hexdump_ascii(len=0): EAP: using real identity - hexdump_ascii(len=8): 70 68 69 6c 69 70 70 65 philippe EAP: EAP entering state SEND_RESPONSE EAP: EAP entering state IDLE EAPOL: SUPP_BE entering state RESPONSE EAPOL: txSuppRsp EAPOL: SUPP_BE entering state RECEIVE WPA: EAPOL frame too short, len 9, expecting at least 99 RX EAPOL from 00:02:6f:20:b6:6c EAPOL: Received EAP-Packet frame EAPOL: SUPP_BE entering state REQUEST EAPOL: getSuppRsp EAP: EAP entering state RECEIVED EAP: Received EAP-Request method=1 id=0 EAP: EAP entering state RETRANSMIT EAP
QcStatements
I am trying to generate a certificate with QcStatements. I add in openssl.cnf this line qcStatements = critical,DER:30:21:30:08:06:06:04:00:8E:46:01:01:30:08:06:06:04:00:8E:46:01:01:30:0B:06:06:04:00:8E:46:01:03:02:01:OA DER encoded Qstatements with qcEuCompliance, QcEuLimitValue and QcEuRetentionPeriod When i want to sign my certificate, i have this error Error Loading extension section x509v3_ext_QualifClasse3+ 21798:error:0E06D06C:configuration file routines:NCONF_get_string:no value:conf_lib.c:329:group=CA_QualifClasse3+ name=email_in_dn 21798:error:22071071:X509 V3 routines:string_to_hex:illegal hex digit:v3_utl.c:434: 21798:error:22074074:X509 V3 routines:V3_GENERIC_EXTENSION:extension value error:v3_conf.c:264:value=30:21:30:08:06:06:04:00:8E:46:01:01:30:08:06:06:04:00:8E:46:01:01:30:0B:06:06:04:00:8E:46:01:03:02:01:OA unable to write 'random state' When i try to sign with a shorter QCstatements only with QCEuCompliance, its works fine. Have you an idea ? Thanks in advance. __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
unknown pbe algorithm
Trying to open certain privat key PEM files with the PEM_read_RSAPrivateKey() command in my application, openssl produces the above error, but only on versions higher than 0.96c. With V0.96c it works fine. Does anybody knows why this happens ? Philippe Fischer Hochschule für Technik und Wirtschaft des Saarlandes __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Error when signing a certificate
Hi, I got the same error the first time I ran OpenSSL. I don't know if it's the same error for you, but for me it was just an error in my config file.. Look for the foolowing line in the [ CA_default ] part of the config file: private_key= $dir/private/privkey.pem # CA private key Make sure there is a space between .pem and the comment. It worked for me... Hope it'll help you ! Regards, Philippe On Thu, 2002-04-11 at 15:38, Charles Hamel wrote: Hi , I am trying to do a SSL certificate to use TLS/SSL encryption with Qpopper. I read the doc and I created a certificate request succesfully but it seems that when I try to sign it, it crash with a serious error, here's the output: [bob@domain ]# openssl ca -in req.pem -out signed_req.pem Using configuration from /usr/share/ssl/openssl.cnf ./demoCA/private/cakey.pem: No such file or directory trying to load CA private key 14403:error:02001002:system library:fopen:No such file or directory:bss_file.c:245:fopen('./demoCA/private/cakey.pem','r') 14403:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:247: I am running OpenSSL 0.9.6b-8 on RH7.2. Thanks for your help! Charles -- Philippe Camus - Unix Administrator In-Fusio http://www.in-fusio.com/ The mobile game connection Le Millenium 12 Quai de Queyries 33072 Bordeaux Cedex France Tel : +33 (0) 557 773 800 Ext.3846 Fax : +33 (0) 556 400 548 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Bug? or it's me the bug :)
Hi. I got the following: [root@cheetah:/root] # openssl x509 -in new.cert.csr -out new.cert.cert -req -signkey new.cert.key -days 365 17542:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:662:Expecting: CERTIFICATE REQUEST Do you have an idea of what could be wrong? Thanks __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Generating a certificate for IIS
I want to be my own CA and after a lot of reading (archives, google, etc.) I came up with the following. I used the nice contrib tools ssl.ca-0.1 to create a server certificate. Then I used IIS to generate a request file (renamed it default.csr). I signed it, with sign-server-cert.sh renamed the result as default.cer and I get the following error message inside IIS when I want to use the resulting file. The pending certificate for this response file was not found. This request may be canceld. You cannont install selected response certificate using this Wizard. Is there a way to generate a certificate for IIS with OpenSSL ? I'v looked in a lot of archives, in google, etc. and I can't find more information. Thanks for any leads Phil __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Client Certificate
Hi, I'd like to communicate from a client system which is also a server having a server certificate. Is it possible to use that server certificate as a client certificate (since the remote system requires a client certificate). Thanks for help. Philippe Gautier Centralweb - Centre de Production Les Espaluns - 83160 La Valette Tel : 04 98 01 82 68 / +33 4 98 01 82 68 Centralweb Siège Social Velizy Espace - Le Coli 13, av. Morane Saulnier 78140 Velizy Tel. : 01 30 70 09 09 / +33 1 30 70 09 09 Fax. : 01 39 45 90 71 / +33 1 39 45 90 71 __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
An old thread - PEM pass phrase for smime signature
Hi, Sorry to restart this thread and debate. I am using the smime feature of openssl. I want to automate some things, but I am stuck with the "Enter PEM pass phrase" prompt when I sign mails. I know that using an uncrypted private key might be helpful, but I whish to avoid this possibility. What I am thinking of is some way to read this password in a file (perhaps in an hashed form, that doesn't really matter for my use of it). Does anybody know how to do it or is there any sample code and/or patch available to get it work this way ? __ OpenSSL Project http://www.openssl.org User Support Mailing List[EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]