Re: [openssl-users] Programmatically check private key and public key cert?

2018-01-11 Thread Viktor Dukhovni 


> On Jan 11, 2018, at 10:28 AM, pratyush parimal  
> wrote:
> 
> After googling, it seems that I may be able to verify that by comparing the 
> modulus
> from the key and the cert. Does anyone know if that's sufficient, and how to 
> do it
> programmatically?

It may be useful to note that ECDSA keys don't have a modulus, that's 
RSA-specific,
so a more general approach is to compare public keys.  A more broadly 
applicatble
command-line test is:

   #! /bin/sh
   certfile=$1; shift
   keyfile=$1; shift

   certid=$(openssl x509 -in "$certfile" -noout -pubkey |
openssl pkey -pubin -outform DER |
openssl dgst -sha256 -binary |
hexencode -ve '/1 "%02x"')
   keyid=$(openssl pkey -in "$keyfile" -pubout -outform DER |
   openssl dgst -sha256 -binary |
   hexencode -ve '/1 "%02x"')
   if [ "$certid" != "$keyid" ]; then
  echo "Certificate in $certfile does not match key in $keyfile" >&2
  exit 1
   fi

Karl Denninger  already explained how key/cert 
correspondence
can be checked when loading the key and cert into an SSL_CTX.

The certificate should have appropriate an appropriate keyUsage and/or
extendedKeyUsage for the purpose at hand (TLS Server Authentication?).

-- 
Viktor.

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Programmatically check private key and public key cert?

2018-01-11 Thread Karl Denninger 
On 1/11/2018 09:28, pratyush parimal wrote:
> Hi,
>
> Hope everyone is having a good new year so far!
>
> I'm trying to find a way to make sure that a
> private-key/public-key-cert pair I'm given, will absolutely work when
> I stick  them into my SSL_CTX* object and try to use that for ssl.
> Short of trying to simulate a test ssl connection over localhost for
> testing them out, is there a way to ensure that?
>
> After googling, it seems that I may be able to verify that by
> comparing the modulus from the key and the cert. Does anyone know if
> that's sufficient, and how to do it programmatically?
If you call SSL_CTX_check_private_key() on your context it will return
"0" if the private key and certificate you have loaded do not match (and
thus won't work.)  If you get a "1" back then provided you have a set of
ciphers declared (or the defaults) that are compatible on both ends so
the code can negotiate a cipher set then it should work.

There is no guaranteed way to know if a connection will work from some
other piece of code you don't control, however, because it's entirely
possible for the other end to try to insist on (or only be able to
support) a protocol you have disallowed (e.g. SSLv3) or for there to be
no intersection between the cipher sets allowed by both sides and the
certificate and key constraints (never mind certificate validation, if
you are checking it.)

>
> I was also wondering if I should just try to perform an
> encrypt-decrypt sequence using the pair I have, and use the success of
> that as confirmation that my ssl connection will work later, as far as
> the certs are concerned. Would that be the right way to go about it?
>
IMHO see above.

-- 
Karl Denninger
k...@denninger.net 
/The Market Ticker/
/[S/MIME encrypted email preferred]/


smime.p7s
Description: S/MIME Cryptographic Signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Programmatically check private key and public key cert?

2018-01-11 Thread pratyush parimal 
Hi,

Hope everyone is having a good new year so far!

I'm trying to find a way to make sure that a private-key/public-key-cert
pair I'm given, will absolutely work when I stick  them into my SSL_CTX*
object and try to use that for ssl. Short of trying to simulate a test ssl
connection over localhost for testing them out, is there a way to ensure
that?

After googling, it seems that I may be able to verify that by comparing the
modulus from the key and the cert. Does anyone know if that's sufficient,
and how to do it programmatically?

I was also wondering if I should just try to perform an encrypt-decrypt
sequence using the pair I have, and use the success of that as confirmation
that my ssl connection will work later, as far as the certs are concerned.
Would that be the right way to go about it?

What do you guys think?
Thanks in advance!
- Pratyush
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users