On 21/08/2017 16:22, Robert Moskowitz wrote:
On 08/21/2017 10:03 AM, Salz, Rich wrote:
If the root is going to be trusted, make its serial number be one. ☺
Otherwise use eight bytes of random as the serial number, if you
follow CABF guidelines.
Kind of where my thinking is going. But once
I had a frustrating day. I looked at the documentation at:
https://www.openssl.org/docs/man1.0.2/apps/x509.html
My Fedora24 reports that I am at version 1.0.2k
I made the following comand:
openssl x509 -req -days 3650 -extensions v3_intermediate_ca -inform $format\
-in $dir/csr/intermediate.
-outform in the following is invalid:
openssl ca -outform $format -config $cadir/openssl-root.cnf -extensions
v3_intermediate_ca\
-keyform $format -days 3650 -notext -md sha256 \
-in $dir/csr/intermediate.csr.$format -out
$dir/certs/intermediate.cert.$format
where format=der
Loo
On 08/21/2017 01:41 PM, Jeffrey Walton wrote:
openssl req -outform $format -config $cadir/openssl-root.cnf -set_serial
0x$(openssl rand -hex $sn)\
-inform $format -key private/ca.key.$format -subj "$DN"\
-new -x509 -days 7300 -sha256 -extensions v3_ca -out
certs/ca.cert.$format
u
> openssl req -outform $format -config $cadir/openssl-root.cnf -set_serial
> 0x$(openssl rand -hex $sn)\
> -inform $format -key private/ca.key.$format -subj "$DN"\
> -new -x509 -days 7300 -sha256 -extensions v3_ca -out
> certs/ca.cert.$format
>
> unable to load Private Key
> 14049243077
format=der
openssl pkey -inform $format -in private/ca.key.$format -text -noout
Private-Key: (256 bit)
priv:
48:b3:4e:c5:0a:0c:af:78:b9:a2:d4:b8:7e:18:78:
f2:39:9c:77:51:a3:1c:6f:df:31:20:e3:e4:9a:52:
3d:06
pub:
04:ce:ff:5d:d4:c7:b6:9c:c2:31:d9:38:fe:2b:9c:
70:3a:fd:22:6d:97:
On Mon, Aug 21, 2017 at 03:43:05PM +, Salz, Rich via openssl-users wrote:
> ➢ But if I use format=der I do not get prompted for the password.
>
> DER does not support encryption. The bug is that the command does not tell
> you this.
There is at least one standard encryption-capable ASN.
My proposal.
Keep k bits (k/8 octets) long serial numbers for all your certificates, chose a
block cipher operating on blocks of k bits, and operate this block cipher in
CTR mode, with a proper secret key and secret starting counter. That way, no
collision detection is necessary, you’ll be able
On 08/21/2017 11:52 AM, Salz, Rich wrote:
➢ OK. And why does DER not support encryption
Because it is not defined. If you want to encrypt keys, you need to use PKCS12
which might be too much for your application.
If a device has secure storage, it does not need to encrypt its private
key.
Probably I misunderstand the context, since PKCS#8 can be used to
encrypt EC private key info, some more info at
https://tools.ietf.org/html/rfc5915. Which doesn't help the OP if the
openssl CLI doesn't support it.
On Mon, Aug 21, 2017 at 8:52 AM, Salz, Rich via openssl-users
wrote:
> ➢ OK. And
➢ OK. And why does DER not support encryption
Because it is not defined. If you want to encrypt keys, you need to use PKCS12
which might be too much for your application.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On 08/21/2017 11:43 AM, Salz, Rich via openssl-users wrote:
➢ But if I use format=der I do not get prompted for the password.
DER does not support encryption. The bug is that the command does not tell you this.
OK. And why does DER not support encryption? Actually, I can see
working
➢ But if I use format=der I do not get prompted for the password.
DER does not support encryption. The bug is that the command does not tell you
this.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
If I use format=pem in the following:
openssl genpkey -outform $format -aes256 -algorithm ec -pkeyopt
ec_paramgen_curve:prime256v1 \
-pkeyopt ec_param_enc:named_curve -out private/ca.key.$format
the private key is password protected.
But if I use format=der
I do not get prompted for the
On 08/21/2017 10:03 AM, Salz, Rich wrote:
If the root is going to be trusted, make its serial number be one. ☺
Otherwise use eight bytes of random as the serial number, if you follow CABF
guidelines.
Kind of where my thinking is going. But once I make it '1', it might as
well be 1 byte ran
If the root is going to be trusted, make its serial number be one. ☺
Otherwise use eight bytes of random as the serial number, if you follow CABF
guidelines.
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On 08/21/2017 09:36 AM, Salz, Rich wrote:
➢ Thus how large does this random number have
It’s also to protect against predicting serial numbers and being able to
leverage that. It’s not just (nor really mainly) the MD5 digest attacks.
According to CABForum, you need 8 octets. No reason not
➢ Thus how large does this random number have
It’s also to protect against predicting serial numbers and being able to
leverage that. It’s not just (nor really mainly) the MD5 digest attacks.
According to CABForum, you need 8 octets. No reason not to use more if you can.
➢ page was talking
On 08/21/2017 09:20 AM, Salz, Rich via openssl-users wrote:
But in doing this, I can't figure out if there is a risk on serial
number size for a root CA cert as there is for any other cert.
I don’t understand what attack you are concerned about, but the size of the
serial number sho
But in doing this, I can't figure out if there is a risk on serial
number size for a root CA cert as there is for any other cert.
I don’t understand what attack you are concerned about, but the size of the
serial number should not matter for *any* certificate.
--
openssl-users mailing
I have worked out that:
openssl req -config openssl-root.cnf -set_serial 0x$(openssl rand -hex
19) -key private/ca.key.pem\
-subj "$DN"\
-new -x509 -days 7300 -sha256 -extensions v3_ca -out
certs/ca.cert.pem
allows you to override the serial number select process and thus contro
Hi there,
I have a question about certificate chain checkin when the chain
includes a root certificate.
The server I want to connect to with openssl s_client (Version 0.9.8zc)
sends this certificate chain:
0 s:Server's cert
i:Intermediate cert
1 s:Intermediate cert
i:Root 1 cert
2 s:Root
22 matches
Mail list logo
