Re: Similar issuer dn mod_ssl client authentication issue
Okay, openssl works, but mod_ssl doesn't. Is this a real problem? Instead try hacking mod_ssl code ... Could I ask for a bug/improvement so that mod_ssl could finally work? Michele MAsè On Thu, May 23, 2013 at 1:22 AM, Dave Thompson dthomp...@prinpay.comwrote: From: owner-openssl-us...@openssl.org On Behalf Of Michele Mase' Sent: Tuesday, 21 May, 2013 04:16 I was wrong! Does it work with client=Firefox using client certs under both CAs? I would expect at least one to fail. Note that s_server -verify doesn't *require* client cert, it only *allows* it; how did you check Firefox is actually using your client cert(s)? I've tested it with both smart card I went back and set up a (modified) test and ... I was wrong! The lookup as such does use the canonical DN and returns only one, sometimes the wrong one. But I didn't realize X509_STORE_get1_issuer hiddenly caches *all* the matches and tries them, and (given you have AKI) *does* select the correct one. So actually your earlier tries should have worked, or at least not failed for this reason. The certificates you attached are CA roots and have no AKI. snip pardon, my mistake, I forgot to send the clients certs :( As attachment, there are the client certificates I used. And those do indeed have AKI (correctly matching the roots). I don't know what exclusive mode means here. virtualhost1 has the ca's bundle made with all certificates + ca1 (for smart card1) virtualhost2 has the ca's bundle made with all certificates + ca2, (for smart card2); the or (exclusive) means you can try virtualhost1 with smart card1 or virtualhost2 with scard2 Okay. RFC3280 - is it correct? snip 4.1.2.4 about case-insensitive and space-insignificant Actually, 3280 has been superseded by 5280, which has more complicated rules to handle internationalization using Unicode and IDN, but for this simple (ASCII) case boils down to the same thing. But, as above and contrary to what I said before, openssl *should* work for this case after all, which means you don't need the CA to change, which is probably good. (I think it's still confusing to people to have almost-identical DNs, but since most people won't even know how to look at a certificate, that's less of a problem.) s_server.out is the output of the openssl s_server command. The only error this shows is that one client cert (and card) -- I assume client2006.pem -- is rejected for cert expired. Which it is; the notAfter is Oct 12 23:59:59 2011 GMT. In order to convince the ca's supplier to change the old scard I should: 1) Show him the rfc 2) Inform all scard users to stop using the old scard 3) Give all scard users the new scard Are there some better argumentations to persuade the sa's supplier? If it were necessary I'd say probably yes, but as above I don't think it's necessary. Try using cards (certs) that are under the old 2006 root but NOT expired, and (now) I'll bet they do work. Sorry for the unnecessary alarm and confusion. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Determine CMS/PKCS7 type
On Wed, May 22, 2013, Phillip Hellewell wrote: I'm in the process of refactoring my code to use the new CMS API instead of PKCS7. In my code before I was able to determine the type of pkcs7, and even distinguish between a signed data (.p7m), signature (.p7s) and cert chain (.p7b), using this function: PKCS7Type determine_pkcs7_type(PKCS7* p7) { int nid = OBJ_obj2nid(p7-type); switch( nid ) { case NID_pkcs7_data: return PKCS7Type_Data; case NID_pkcs7_enveloped: case NID_pkcs7_encrypted: return PKCS7Type_EncData; case NID_pkcs7_digest: return PKCS7Type_Digest; case NID_pkcs7_signed: if( p7-d.sign-contents OBJ_obj2nid(p7-d.sign-contents-type) == NID_pkcs7_data p7-d.sign-contents-d.data != NULL ) return PKCS7Type_SignedData; if( sk_PKCS7_SIGNER_INFO_num(p7-d.sign-signer_info) 0 ) return PKCS7Type_Signature; if( sk_X509_num(p7-d.sign-cert) 0 || sk_X509_CRL_num(p7-d.sign-crl) 0 ) return PKCS7Type_Certs; return PKCS7Type_UNKNOWN; } return PKCS7Type_UNKNOWN; } Now I am trying to do the same thing with CMS, but the struct contents are encapsulated from me (yes yes, that is good I know), so I'm currently at a loss as to how to differentiate the types, see below: PKCS7Type determine_pkcs7_type(CMS_ContentInfo* cms) { int nid = OBJ_obj2nid(CMS_get0_type(cms)); switch( nid ) { case NID_pkcs7_data: return PKCS7Type_Data; case NID_id_smime_ct_compressedData: return PKCS7Type_CompData; case NID_pkcs7_enveloped: case NID_pkcs7_encrypted: return PKCS7Type_EncData; case NID_pkcs7_digest: return PKCS7Type_Digest; case NID_pkcs7_signed: { // HELP!! How can I tell if this is a signed data, or just a signature (i.e., a .p7s with no data), or it is a cert chain (i.e., a .p7b with just certs) } } return PKCS7Type_UNKNOWN; } You can use CMS_get0_SignerInfos(), CMS_get1_certs() and CMS_get1_crls(). The latter two need to be freed up after use. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CMS_get0_signers() badly named?
On Wed, May 22, 2013, Phillip Hellewell wrote: Looking at the implementation of CMS_get0_signers(), it looks like it creates a new stack of X509 that I will have to free. Isn't the convention to use a 1 if the return values needs to be freed, and 0 if not? So shouldn't this function be named CMS_get1_signers()? (Note that CMS_get1_crls() is correctly named with a 1.) Probably too late to change it now though, huh? It's midway between 1 and 0 ;-) The STACK needs to be freed buty not each individual member. So you call sk_X509_free and NOT sk_X509_pop_free(). Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Determine CMS/PKCS7 type
Thanks! Those functions and the CMS_get0_content() are what I was missing. Here's what I've got now. PKCS7Type determine_pkcs7_type(CMS_ContentInfo* cms) { int nid = OBJ_obj2nid(CMS_get0_type(cms)); switch( nid ) { case NID_pkcs7_data: return PKCS7Type_Data; case NID_id_smime_ct_compressedData: return PKCS7Type_CompData; case NID_id_smime_ct_authData: return PKCS7Type_AuthData; case NID_pkcs7_enveloped: case NID_pkcs7_encrypted: return PKCS7Type_EncData; case NID_pkcs7_digest: return PKCS7Type_Digest; case NID_pkcs7_signed: { ASN1_OCTET_STRING** data = CMS_get0_content(cms); if( data *data ) return PKCS7Type_SignedData; STACK_OF(CMS_SignerInfo)* signer_infos = CMS_get0_SignerInfos(cms); if( signer_infos sk_CMS_SignerInfo_num(signer_infos) 0 ) return PKCS7Type_Signature; // TODO: Call CMS_get1_certs() and CMS_get1_crls(); return PKCS7Type_UNKNOWN if # certs + # crls == 0. return PKCS7Type_Certs; } } Thanks, Phillip On Thu, May 23, 2013 at 5:29 AM, Dr. Stephen Henson st...@openssl.orgwrote: On Wed, May 22, 2013, Phillip Hellewell wrote: I'm in the process of refactoring my code to use the new CMS API instead of PKCS7. In my code before I was able to determine the type of pkcs7, and even distinguish between a signed data (.p7m), signature (.p7s) and cert chain (.p7b), using this function: PKCS7Type determine_pkcs7_type(PKCS7* p7) { int nid = OBJ_obj2nid(p7-type); switch( nid ) { case NID_pkcs7_data: return PKCS7Type_Data; case NID_pkcs7_enveloped: case NID_pkcs7_encrypted: return PKCS7Type_EncData; case NID_pkcs7_digest: return PKCS7Type_Digest; case NID_pkcs7_signed: if( p7-d.sign-contents OBJ_obj2nid(p7-d.sign-contents-type) == NID_pkcs7_data p7-d.sign-contents-d.data != NULL ) return PKCS7Type_SignedData; if( sk_PKCS7_SIGNER_INFO_num(p7-d.sign-signer_info) 0 ) return PKCS7Type_Signature; if( sk_X509_num(p7-d.sign-cert) 0 || sk_X509_CRL_num(p7-d.sign-crl) 0 ) return PKCS7Type_Certs; return PKCS7Type_UNKNOWN; } return PKCS7Type_UNKNOWN; } Now I am trying to do the same thing with CMS, but the struct contents are encapsulated from me (yes yes, that is good I know), so I'm currently at a loss as to how to differentiate the types, see below: PKCS7Type determine_pkcs7_type(CMS_ContentInfo* cms) { int nid = OBJ_obj2nid(CMS_get0_type(cms)); switch( nid ) { case NID_pkcs7_data: return PKCS7Type_Data; case NID_id_smime_ct_compressedData: return PKCS7Type_CompData; case NID_pkcs7_enveloped: case NID_pkcs7_encrypted: return PKCS7Type_EncData; case NID_pkcs7_digest: return PKCS7Type_Digest; case NID_pkcs7_signed: { // HELP!! How can I tell if this is a signed data, or just a signature (i.e., a .p7s with no data), or it is a cert chain (i.e., a .p7b with just certs) } } return PKCS7Type_UNKNOWN; } You can use CMS_get0_SignerInfos(), CMS_get1_certs() and CMS_get1_crls(). The latter two need to be freed up after use. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CMS_get0_signers() badly named?
On Thu, May 23, 2013 at 5:33 AM, Dr. Stephen Henson st...@openssl.orgwrote: On Wed, May 22, 2013, Phillip Hellewell wrote: Looking at the implementation of CMS_get0_signers(), it looks like it creates a new stack of X509 that I will have to free. It's midway between 1 and 0 ;-) The STACK needs to be freed buty not each individual member. So you call sk_X509_free and NOT sk_X509_pop_free(). Ah, I see. Hey, we should come up with a new prefix like 0_5 for that (j/k). So just to confirm: CMS_get0_signers(): free with sk_X509_free() CMS_get1_certs(): free with sk_X509_pop_free() CMS_get1_crls(): free with sk_X509_CRL_pop_free() Phillip
Display CSR w/ subjectAltName
I want to be able to view CSR's with subjectAltName's but I can't figure out any way to make it happen. I have poured over the man pages and googled it to death already. Ubuntu OpenSSL 0.9.8k-7ubuntu8.14 if that matters openssl req -noout -text -in SOME_FILE.csr gives me the contents of the CSR but not the subjectAltNames embedded in the CSR. Added -nameopt multiline which is cool but still no ultimate joy Can someone throw me a bone here? -- Craig White ~ craig.wh...@ttiltd.com 1.800.869.6908 ~~ www.ttiassessments.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
CMS doesn't like an old Security Catalog file
Attached is a really old (circa 2000) file called ieexcep.cat. Windows recognizes it as a Security Catalog Information. It is a weird file because it is like a mix of a cert chain (.p7b) and a signature (.p7s). The d2i_PKCS7_bio() succeeds on it, but d2i_CMS_bio() does not. This is the only file I have that PKCS7 will parse but not CMS. Is there a specific reason why CMS cannot / should not work on this file? Is it safe to say that although it is valid PKCS7, it is not valid CMS, or is it not really a valid PKCS7 either? The reason I bring all this up is I was hoping to refactor all my code to use CMS instead of PKCS7; I would rather not have to do both (i.e., try CMS, then try PKCS7 if CMS doesn't work). Thanks, Phillip ieexcep.cat Description: Binary data
Re: [openssl-users] Display CSR w/ subjectAltName
Are you sure there's a SAN extension in the displayed CSR? Dump the entire content with asn1parse. -- Erwann ABALEA Le 23/05/2013 17:41, Craig White a écrit : I want to be able to view CSR's with subjectAltName's but I can't figure out any way to make it happen. I have poured over the man pages and googled it to death already. Ubuntu OpenSSL 0.9.8k-7ubuntu8.14 if that matters openssl req -noout -text -in SOME_FILE.csr gives me the contents of the CSR but not the subjectAltNames embedded in the CSR. Added -nameopt multiline which is cool but still no ultimate joy Can someone throw me a bone here? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl-users] Display CSR w/ subjectAltName
On Thu, May 23, 2013 at 06:12:39PM +0200, Erwann Abalea wrote: Le 23/05/2013 17:41, Craig White a ?crit : I want to be able to view CSR's with subjectAltName's but I can't figure out any way to make it happen. I have poured over the man pages and googled it to death already. openssl req -noout -text -in SOME_FILE.csr gives me the contents of the CSR but not the subjectAltNames embedded in the CSR. Are you sure there's a SAN extension in the displayed CSR? Dump the entire content with asn1parse. It almost certainly does not: $ openssl req -in req+key.pem -text Certificate Request: Data: Version: 0 (0x0) Subject: Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:eb:de:7c:00:c2:58:59:59:1b:29:8a:6a:0b:d1: 72:5b:aa:14:2b:2f:7e:47:a3:77:73:de:9e:55:f0: 00:98:d5:1b:a2:3f:74:cf:4f:9a:6a:5a:1c:95:f2: 55:e8:01:72:cb:ca:37:66:2a:cf:64:0d:3e:ac:1c: 65:47:fe:22:ca ASN1 OID: prime256v1 Attributes: Requested Extensions: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Subject Alternative Name: DNS:example.com Signature Algorithm: ecdsa-with-SHA1 30:45:02:20:04:ff:c2:5b:cf:0a:a0:4f:2e:a8:12:e3:8d:68: eb:b9:1e:ce:b0:a5:a6:e0:69:50:c8:84:f6:51:a6:8d:c9:90: 02:21:00:8e:bd:37:19:9c:ff:7a:69:2d:5a:bf:50:d5:4b:f9: 63:6b:a6:44:c7:40:55:f5:c1:52:0b:b4:4b:90:4f:a7:2b -BEGIN CERTIFICATE REQUEST- MIIBAjCBqgIBADAAMFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAE6958AMJYWVkb KYpqC9FyW6oUKy9+R6N3c96eVfAAmNUboj90z0+aaloclfJV6AFyy8o3ZirPZA0+ rBxlR/4iyqBIMEYGCSqGSIb3DQEJDjE5MDcwHQYDVR0lBBYwFAYIKwYBBQUHAwEG CCsGAQUFBwMCMBYGA1UdEQQPMA2CC2V4YW1wbGUuY29tMAkGByqGSM49BAEDSAAw RQIgBP/CW88KoE8uqBLjjWjruR7OsKWm4GlQyIT2UaaNyZACIQCOvTcZnP96aS1a v1DVS/lja6ZEx0BV9cFSC7RLkE+nKw== -END CERTIFICATE REQUEST- Generated via: #! /bin/bash umask 077 tmp=$(mktemp .req+key.XX) dst=req+key.pem openssl req -new -sha1 -subj / $tmp \ -newkey param:(openssl ecparam -name prime256v1) \ -nodes -keyout /dev/stdout \ -config (printf [req]\n%s\n[dn]\n[exts]\n%s\n \ $(printf %s\n%s\n \ distinguished_name=dn \ req_extensions=exts) \ $(printf %s\n%s\n \ extendedKeyUsage=serverAuth,clientAuth \ subjectAltName=DNS:example.com \ )) mv $tmp $dst -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Display CSR w/ subjectAltName
On 23.05.2013, at 17:41, Craig White wrote: openssl req -noout -text -in SOME_FILE.csr gives me the contents of the CSR but not the subjectAltNames embedded in the CSR. The SAN extension should appear in the Requested Extensions: section of the output. -- Stefan H. Holek ste...@epy.co.at http://pki-tutorial.readthedocs.org | http://pgpdump.net __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl-users] Display CSR w/ subjectAltName
hmmm… I guess it may not be there but it's there in the cert that I signed with my CA self which is using the same csr Is there something wrong with the way I am generating them? openssl req -new -nodes \ -out $CERTPATH/http.csr \ -keyout $CERTPATH/http.key \ -days 3650 \ -config $CONFIG openssl ca \ -config $CONFIG \ -policy policy_anything \ -out $CERTPATH/http.pem \ -infiles $CERTPATH/http.csr Craig On May 23, 2013, at 9:12 AM, Erwann Abalea wrote: Are you sure there's a SAN extension in the displayed CSR? Dump the entire content with asn1parse. -- Erwann ABALEA Le 23/05/2013 17:41, Craig White a écrit : I want to be able to view CSR's with subjectAltName's but I can't figure out any way to make it happen. I have poured over the man pages and googled it to death already. Ubuntu OpenSSL 0.9.8k-7ubuntu8.14 if that matters openssl req -noout -text -in SOME_FILE.csr gives me the contents of the CSR but not the subjectAltNames embedded in the CSR. Added -nameopt multiline which is cool but still no ultimate joy Can someone throw me a bone here? -- Craig White ~ craig.wh...@ttiltd.com 1.800.869.6908 ~~ www.ttiassessments.com Using Assessments to Create Agile Organizations Webinar https://www4.gotomeeting.com/register/480934271 March 21, 2013, 12pm EDT Transform your company into a thriving, agile organization that is able to respond immediately to changing customer demands. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CMS doesn't like an old Security Catalog file
On Thu, May 23, 2013, Phillip Hellewell wrote: Attached is a really old (circa 2000) file called ieexcep.cat. Windows recognizes it as a Security Catalog Information. It is a weird file because it is like a mix of a cert chain (.p7b) and a signature (.p7s). The d2i_PKCS7_bio() succeeds on it, but d2i_CMS_bio() does not. This is the only file I have that PKCS7 will parse but not CMS. Is there a specific reason why CMS cannot / should not work on this file? Is it safe to say that although it is valid PKCS7, it is not valid CMS, or is it not really a valid PKCS7 either? The reason I bring all this up is I was hoping to refactor all my code to use CMS instead of PKCS7; I would rather not have to do both (i.e., try CMS, then try PKCS7 if CMS doesn't work). This an incompatibility between CMS and PKCS#7 where the encapsulated type is not data. Under PKCS#7 the type appears in encoded form, under CMS the encoding is embedded in the content octets of an OCTET STRING. This is very rarely encountered in practice. The only time I've ever come across it is in Windows authenticode signatures. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS enabled OpenSSL fails to load libeay32.dll in Windows CE 6
Hi William, Thanks a lot. Found the problem , it was loading another libeay32.dll which does not have fips. I changed the name of my library now it finds the symbol. Thanks again, -Abhijit On Thu, May 23, 2013 at 3:22 AM, William A. Rowe Jr. wr...@rowe-clan.net wrote: On Tue, 21 May 2013 16:12:45 +0530 Abhijit Ray Chaudhury abhijit.ray.chaudh...@gmail.com wrote: Hi, I have compiled openssl-fips and openssl in Windows CE 6. But when I run fips_premain_dso.exe libeay32.dll in target environment I get following error: = 217450134:error:2507606A:DSO support routines:WIN32_BIND_FUNC:could not bind to the requested symbol name:.\crypto\dso\dso_win32.c:296:symname(FINGERPRINT_premain) 217450134:error:2506C06A:DSO support routines:DSO_bind_func:could not bind to the requested symbol name:.\crypto\dso\dso_lib.c:294: = Which means GetProcAddress is failing for symbol name FINGERPRINT_premain. But if I do dumpbin /exports libeay32.dll, I can see the symbol FINGERPRINT_premain exported. You are correct (from dumpbin), which leads me to question whether you hadn't run the fips_premain_dso.exe binary in the CE 6 emulation environment, but perhaps ran a win32 flavor of fips_premain_dso. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CMS doesn't like an old Security Catalog file
On Thu, May 23, 2013 at 10:34 AM, Dr. Stephen Henson st...@openssl.org wrote: This is very rarely encountered in practice. The only time I've ever come across it is in Windows authenticode signatures. Thanks Steve. I think I can make a good argument to my managers that it's not worth bothering to support it. Phillip __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl-users] Display CSR w/ subjectAltName
On 5/23/2013 6:21 PM, Craig White wrote: hmmm… I guess it may not be there but it's there in the cert that I signed with my CA self which is using the same csr Is there something wrong with the way I am generating them? openssl req -new -nodes \ -out $CERTPATH/http.csr \ -keyout $CERTPATH/http.key \ -days 3650 \ -config $CONFIG Depends what is in your config! In the config I use for such I have (other lines omitted for clarity): [req] # Other stuff req_extensions = v3_req [ v3_req ] # Other stuff subjectAltName = @alt_names [alt_names] # Remember to repeat the CN as one of the ALT Names, # Someone published an RFC that said to ignore the CN if there are #any ALT names and some idiots implemented this misprint #literally. # The lines that start with DNS are for DNS names, that is web #servers etc., there are other words to use for other name #types, and those type indicators become part of the request #(and the certificate if it copies the alt names) DNS.0 = www.example.com DNS.1 = example.com DNS.2 = web.example.com openssl ca \ -config $CONFIG \ -policy policy_anything \ -out $CERTPATH/http.pem \ -infiles $CERTPATH/http.csr Does the config file used by your CA say to copy the Alt names extension from the requests? Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: CMS doesn't like an old Security Catalog file
On 5/23/2013 6:34 PM, Dr. Stephen Henson wrote: On Thu, May 23, 2013, Phillip Hellewell wrote: Attached is a really old (circa 2000) file called ieexcep.cat. Windows recognizes it as a Security Catalog Information. It is a weird file because it is like a mix of a cert chain (.p7b) and a signature (.p7s). The d2i_PKCS7_bio() succeeds on it, but d2i_CMS_bio() does not. This is the only file I have that PKCS7 will parse but not CMS. Is there a specific reason why CMS cannot / should not work on this file? Is it safe to say that although it is valid PKCS7, it is not valid CMS, or is it not really a valid PKCS7 either? The reason I bring all this up is I was hoping to refactor all my code to use CMS instead of PKCS7; I would rather not have to do both (i.e., try CMS, then try PKCS7 if CMS doesn't work). This an incompatibility between CMS and PKCS#7 where the encapsulated type is not data. Under PKCS#7 the type appears in encoded form, under CMS the encoding is embedded in the content octets of an OCTET STRING. This is very rarely encountered in practice. The only time I've ever come across it is in Windows authenticode signatures. While the CMS documents from IETF no longer considers this non-IETF use case of the general PKCS#7 structures, it would by really nice if the OpenSSL API did not duplicate this use case restriction in its APIs and command line tools. Remember that most IETF documents focus on the subset of the standards used with the PKIX profile, which never was the only profile in existence. While it is nice that the CMS APIs and tools default to the IETF style contents is always type data, it would be really nice if this was just a default, thus removing the need to juggle two gratuitously incompatible APIs. If there is no place in the current CMS functions to pass/receive the extra parameters needed for non-IETF uses, it would be nice to define some extended entrypoints that do take the extra arguments, these could then form a common backend for the old CMS and PKCS7 APIs and for anything new added in the future. Some other arguments that would be nice to add to such generalized functions: - As of verification timestamp (not constrained to a 32 bit time_t or to an integral number of seconds) - Already computed hashes argument for signatures in streaming applications that process and discard the signed contents from memory before loading the signature bytes (like verifying a signed e-mail with a 200MB attachment while using less than 10MB RAM). - Contersignature verification as a separate step (allowing the application to to modify later parameters according to the verified countersignature). - Allow data type option bit when verifying either kind of signature. - Verifying separate SignerInfos separately. - Required key usage(s) parameter for both signing and verification. - Arbitrary authenticated attributes when signing. - Combining multiple SignerInfos into a single SignedData result. - Adding and removing certificates and unauthenticated attributes in an existing SignedData object. - Arbitrary time stamp when signing (not constrained to a 32 bit time_t or to an integral number of seconds) - Anything else permitted by any edition of the PKCS#7 or CMS specifications, regardless of presence in latest edition. Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl-users] Display CSR w/ subjectAltName
On May 23, 2013, at 10:28 AM, Jakob Bohm wrote: On 5/23/2013 6:21 PM, Craig White wrote: hmmm… I guess it may not be there but it's there in the cert that I signed with my CA self which is using the same csr Is there something wrong with the way I am generating them? openssl req -new -nodes \ -out $CERTPATH/http.csr \ -keyout $CERTPATH/http.key \ -days 3650 \ -config $CONFIG Depends what is in your config! In the config I use for such I have (other lines omitted for clarity): [req] # Other stuff req_extensions = v3_req [ v3_req ] # Other stuff subjectAltName = @alt_names [alt_names] # Remember to repeat the CN as one of the ALT Names, # Someone published an RFC that said to ignore the CN if there are #any ALT names and some idiots implemented this misprint #literally. # The lines that start with DNS are for DNS names, that is web #servers etc., there are other words to use for other name #types, and those type indicators become part of the request #(and the certificate if it copies the alt names) DNS.0 = www.example.com DNS.1 = example.com DNS.2 = web.example.com openssl ca \ -config $CONFIG \ -policy policy_anything \ -out $CERTPATH/http.pem \ -infiles $CERTPATH/http.csr Does the config file used by your CA say to copy the Alt names extension from the requests? I think you have hit the nail on the head. The subjectAltName(s) aren't getting included in requests but are being included in certificates which are drawn from the same config file. I was assuming that it would work but it isn't. I moved the subjectAltName definition to various sections included v3_req and changed it to this… subjectAltName = email:copy, DNS:copy, @alt_names but still no go - subjectAltName is not making it into the csr. Finally tried $ openssl req -new -nodes \ -out $CERTPATH/http.csr \ -keyout $CERTPATH/http.key \ -days 3650 \ -config $CONFIG \ -extensions v3_req but still not in the csr. Obviously I am missing something important in my reading of the documentation. Thanks Craig__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: [openssl-users] Display CSR w/ subjectAltName
From: owner-openssl-us...@openssl.org On Behalf Of Craig White Sent: Thursday, 23 May, 2013 15:31 On May 23, 2013, at 10:28 AM, Jakob Bohm wrote: snip I think you have hit the nail on the head. The subjectAltName(s) aren't getting included in requests but are being included in certificates which are drawn from the same config file. I was assuming that it would work but it isn't. The same file, but 'req' and 'ca' (mostly?) use different sections. I moved the subjectAltName definition to various sections included v3_req and changed it to this. subjectAltName = email:copy, DNS:copy, @alt_names but still no go - subjectAltName is not making it into the csr. Finally tried $ openssl req -new -nodes \ -out $CERTPATH/http.csr \ -keyout $CERTPATH/http.key \ -days 3650 \ -config $CONFIG \ -extensions v3_req but still not in the csr. Obviously I am missing something important in my reading of the documentation. req -new -reqexts should put into a CSR. req -new -x509 -extensions should put into a selfsigned cert. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl-users] Display CSR w/ subjectAltName
got it now… the script I was using was directing it to a different openssl.cnf than the one I was editing. I obviously moved a copy of the entire directory to play with a copy and not the real CA. Thanks all Craig On May 23, 2013, at 10:28 AM, Jakob Bohm wrote: On 5/23/2013 6:21 PM, Craig White wrote: hmmm… I guess it may not be there but it's there in the cert that I signed with my CA self which is using the same csr Is there something wrong with the way I am generating them? openssl req -new -nodes \ -out $CERTPATH/http.csr \ -keyout $CERTPATH/http.key \ -days 3650 \ -config $CONFIG Depends what is in your config! In the config I use for such I have (other lines omitted for clarity): [req] # Other stuff req_extensions = v3_req [ v3_req ] # Other stuff subjectAltName = @alt_names [alt_names] # Remember to repeat the CN as one of the ALT Names, # Someone published an RFC that said to ignore the CN if there are #any ALT names and some idiots implemented this misprint #literally. # The lines that start with DNS are for DNS names, that is web #servers etc., there are other words to use for other name #types, and those type indicators become part of the request #(and the certificate if it copies the alt names) DNS.0 = www.example.com DNS.1 = example.com DNS.2 = web.example.com openssl ca \ -config $CONFIG \ -policy policy_anything \ -out $CERTPATH/http.pem \ -infiles $CERTPATH/http.csr Does the config file used by your CA say to copy the Alt names extension from the requests? Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org -- Craig White ~ craig.wh...@ttiltd.com 1.800.869.6908 ~~ www.ttiassessments.com Using Assessments to Create Agile Organizations Webinar https://www4.gotomeeting.com/register/480934271 March 21, 2013, 12pm EDT Transform your company into a thriving, agile organization that is able to respond immediately to changing customer demands. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Using HMAC through EVP interface?
Can one use HMAC through EVP? If so, can someone point me to an example? It seems that when the OpenSSL module is in FIPS mode, it doesn't like programs using HMAC_*() functions directly: OpenSSL internal error, assertion failed: Low level API call to digest SHA1 forbidden in FIPS mode! Thanks.
Re: Using HMAC through EVP interface?
On 24 May 2013 03:21, no_spam...@yahoo.com wrote: Can one use HMAC through EVP? If so, can someone point me to an example? It seems that when the OpenSSL module is in FIPS mode, it doesn't like programs using HMAC_*() functions directly: OpenSSL internal error, assertion failed: Low level API call to digest SHA1 forbidden in FIPS mode! Thanks. Yes you can. You use the sign/verify interface. See the following page which includes info on MAC codes: http://wiki.opensslfoundation.com/index.php/EVP_Signing_and_Verifying You need to use an EVP_PKEY type of EVP_PKEY_HMAC. See Working with EVP_PKEYs on this page: http://wiki.opensslfoundation.com/index.php/EVP Matt __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Using HMAC through EVP interface?
On 24 May 2013 05:45, Matt Caswell fr...@baggins.org wrote: On 24 May 2013 03:21, no_spam...@yahoo.com wrote: Can one use HMAC through EVP? If so, can someone point me to an example? It seems that when the OpenSSL module is in FIPS mode, it doesn't like programs using HMAC_*() functions directly: OpenSSL internal error, assertion failed: Low level API call to digest SHA1 forbidden in FIPS mode! Thanks. Yes you can. You use the sign/verify interface. See the following page which includes info on MAC codes: http://wiki.opensslfoundation.com/index.php/EVP_Signing_and_Verifying You need to use an EVP_PKEY type of EVP_PKEY_HMAC. See Working with EVP_PKEYs on this page: http://wiki.opensslfoundation.com/index.php/EVP Just to clarify that answer a bit further - you must use EVP_DigestSign* for MAC support, not EVP_Sign*. Also verifying is slightly different (effectively you recalculate the MAC, and then check it rather than using EVP_DigestVerify*). There is an example on the page I linked to above. Matt __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Printing OpenSSL console error message in syslog
Hi, Is there a way in which I get have all OpenSSL error messages being printed in the syslog instead of console? Can I set some option or something else in OpenSSL for that? I am using OpenSSL 1.0.1c with fips 2.0.2. Thanks Rahul
Re: Using HMAC through EVP interface?
Does this call not work in FIPS mode? unsigned char *HMAC(const EVP_MD *evp_md, const void *key, int key_len, const unsigned char *d, int n, unsigned char *md, unsigned int *md_len); On Fri, May 24, 2013 at 10:24 AM, Matt Caswell fr...@baggins.org wrote: On 24 May 2013 05:45, Matt Caswell fr...@baggins.org wrote: On 24 May 2013 03:21, no_spam...@yahoo.com wrote: Can one use HMAC through EVP? If so, can someone point me to an example? It seems that when the OpenSSL module is in FIPS mode, it doesn't like programs using HMAC_*() functions directly: OpenSSL internal error, assertion failed: Low level API call to digest SHA1 forbidden in FIPS mode! Thanks. Yes you can. You use the sign/verify interface. See the following page which includes info on MAC codes: http://wiki.opensslfoundation.com/index.php/EVP_Signing_and_Verifying You need to use an EVP_PKEY type of EVP_PKEY_HMAC. See Working with EVP_PKEYs on this page: http://wiki.opensslfoundation.com/index.php/EVP Just to clarify that answer a bit further - you must use EVP_DigestSign* for MAC support, not EVP_Sign*. Also verifying is slightly different (effectively you recalculate the MAC, and then check it rather than using EVP_DigestVerify*). There is an example on the page I linked to above. Matt __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org