Re: [openssl-users] Validation error on generated csr
Hi Erwann
What you have to do it hash your data, prepare an X509_SIG object, set
its algor to SHA1 (with NULL parameters), and fill the digest part
with your hash result. Then transform it into DER, and sign it with
CKM_RSA_PKCS mechanism.
Thanks a lot for the explanation. However, I can't find any
documentation about how to setup this X509_SIG object and then transfer
it into DER. The structure seems to look as follows:
typedef struct X509_sig_st
{
X509_ALGOR *algor;
ASN1_OCTET_STRING *digest;
} X509_SIG;
EVP_DigestFinal(ctx,buf,buf_len);
gives me a character buffer buf, containing the digest, but I seem to
have to encode this to ASN1_OCTET_STRING.
Can anybody quickly tell me the required functions or point me to an
example of how to do this?
Kind regards
Tim
On 03/15/2013 03:10 PM, Erwann Abalea wrote:
Bonjour,
Le 15/03/2013 14:07, Tim Tassonis a écrit :
Hi
I am trying to generate a csr in a c program by having the signing
part done by pkcs11 calls, and while I get no errors, the resulting
csr fails upon validation:
$ openssl req -verify -in wltx.csr
verify failure
2948:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too
long:.\cry
pto\asn1\asn1_lib.c:150:
2948:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object
header:.\c
rypto\asn1\tasn_dec.c:1306:
2948:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested
asn1 error:.\
crypto\asn1\tasn_dec.c:381:Type=X509_SIG
2948:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP
lib:.\crypto\asn
1\a_verify.c:215:
-BEGIN CERTIFICATE REQUEST-
MIICvjCCAagCAQAwezELMAkGA1UEBhMCQ0gxEzARBgNVBAcTClJhcHBlcnN3aWwx
[...]
BBXO9brFuXld13VuE2xg+VnJ8vo3L7/SCC5ufEJaeSUOvQ==
-END CERTIFICATE REQUEST-
What is RSA signed is the direct SHA1 of the request, without the X509
encapsulation.
Below is the function that generates the csr, it always succeds, but
as mentioned, the csr is still invalid
char *gen_csr(char *key_name, struct s_ekva **key_attrs)
{
[...]
inl=ASN1_item_i2d((void
*)req-req_info,buf_in,ASN1_ITEM_rptr(X509_REQ_INFO));
p = buf_in;
outl=EVP_PKEY_size(pkey);
buf_out = malloc(outl);
sign_mechanism.mechanism = CKM_SHA1_RSA_PKCS;
sign_mechanism.pParameter = NULL;
sign_mechanism.ulParameterLen = 0;
rv = p11-C_SignInit(session, sign_mechanism, prvkey);
if (rv != CKR_OK) {
return NULL;
}
rv = p11-C_Sign(session, p,inl, buf_out, outl);
if (rv != CKR_OK) {
return NULL;
}
You're feeding the PKCS#11 library with the request (the part to be
signed), while specifying a CKM_SHA1_RSA_PKCS mechanism. The library
doesn't know it's signing a CSR, and will SHA1 hash the data and RSA
sign it.
What you have to do it hash your data, prepare an X509_SIG object, set
its algor to SHA1 (with NULL parameters), and fill the digest part
with your hash result. Then transform it into DER, and sign it with
CKM_RSA_PKCS mechanism.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: [openssl-users] Validation error on generated csr
On Mon, Mar 18, 2013, Tim Tassonis wrote:
Hi Erwann
What you have to do it hash your data, prepare an X509_SIG object, set
its algor to SHA1 (with NULL parameters), and fill the digest part
with your hash result. Then transform it into DER, and sign it with
CKM_RSA_PKCS mechanism.
Thanks a lot for the explanation. However, I can't find any
documentation about how to setup this X509_SIG object and then
transfer it into DER. The structure seems to look as follows:
typedef struct X509_sig_st
{
X509_ALGOR *algor;
ASN1_OCTET_STRING *digest;
} X509_SIG;
EVP_DigestFinal(ctx,buf,buf_len);
gives me a character buffer buf, containing the digest, but I seem
to have to encode this to ASN1_OCTET_STRING.
Can anybody quickly tell me the required functions or point me to an
example of how to do this?
Well you can use the ASN1 code for this but for a single digest you can just
manually prepend the necessary encoding. The fips code does this to avoid
having to include the ASN1 module. The relavant data is in
fips/rsa/fips_rsa_sign.c in any FIPS branch (and the master branch).
For example for SHA1 it is:
static const unsigned char sha1_bin[] = {
0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
0x05,
0x00, 0x04, 0x14
};
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: [openssl-users] Validation error on generated csr
Hi Stephen
Thanks a lot, that did the trick, the verify now returns ok.
Kind regards
Tim
On 03/18/2013 02:26 PM, Dr. Stephen Henson wrote:
On Mon, Mar 18, 2013, Tim Tassonis wrote:
Hi Erwann
What you have to do it hash your data, prepare an X509_SIG object, set
its algor to SHA1 (with NULL parameters), and fill the digest part
with your hash result. Then transform it into DER, and sign it with
CKM_RSA_PKCS mechanism.
Thanks a lot for the explanation. However, I can't find any
documentation about how to setup this X509_SIG object and then
transfer it into DER. The structure seems to look as follows:
typedef struct X509_sig_st
{
X509_ALGOR *algor;
ASN1_OCTET_STRING *digest;
} X509_SIG;
EVP_DigestFinal(ctx,buf,buf_len);
gives me a character buffer buf, containing the digest, but I seem
to have to encode this to ASN1_OCTET_STRING.
Can anybody quickly tell me the required functions or point me to an
example of how to do this?
Well you can use the ASN1 code for this but for a single digest you can just
manually prepend the necessary encoding. The fips code does this to avoid
having to include the ASN1 module. The relavant data is in
fips/rsa/fips_rsa_sign.c in any FIPS branch (and the master branch).
For example for SHA1 it is:
static const unsigned char sha1_bin[] = {
0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02, 0x1a,
0x05,
0x00, 0x04, 0x14
};
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: [openssl-users] Validation error on generated csr
Bonjour,
Le 15/03/2013 14:07, Tim Tassonis a écrit :
Hi
I am trying to generate a csr in a c program by having the signing
part done by pkcs11 calls, and while I get no errors, the resulting
csr fails upon validation:
$ openssl req -verify -in wltx.csr
verify failure
2948:error:0D07207B:asn1 encoding routines:ASN1_get_object:header too
long:.\cry
pto\asn1\asn1_lib.c:150:
2948:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object
header:.\c
rypto\asn1\tasn_dec.c:1306:
2948:error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested
asn1 error:.\
crypto\asn1\tasn_dec.c:381:Type=X509_SIG
2948:error:0D0C5006:asn1 encoding routines:ASN1_item_verify:EVP
lib:.\crypto\asn
1\a_verify.c:215:
-BEGIN CERTIFICATE REQUEST-
MIICvjCCAagCAQAwezELMAkGA1UEBhMCQ0gxEzARBgNVBAcTClJhcHBlcnN3aWwx
[...]
BBXO9brFuXld13VuE2xg+VnJ8vo3L7/SCC5ufEJaeSUOvQ==
-END CERTIFICATE REQUEST-
What is RSA signed is the direct SHA1 of the request, without the X509
encapsulation.
Below is the function that generates the csr, it always succeds, but
as mentioned, the csr is still invalid
char *gen_csr(char *key_name, struct s_ekva **key_attrs)
{
[...]
inl=ASN1_item_i2d((void
*)req-req_info,buf_in,ASN1_ITEM_rptr(X509_REQ_INFO));
p = buf_in;
outl=EVP_PKEY_size(pkey);
buf_out = malloc(outl);
sign_mechanism.mechanism = CKM_SHA1_RSA_PKCS;
sign_mechanism.pParameter = NULL;
sign_mechanism.ulParameterLen = 0;
rv = p11-C_SignInit(session, sign_mechanism, prvkey);
if (rv != CKR_OK) {
return NULL;
}
rv = p11-C_Sign(session, p,inl, buf_out, outl);
if (rv != CKR_OK) {
return NULL;
}
You're feeding the PKCS#11 library with the request (the part to be
signed), while specifying a CKM_SHA1_RSA_PKCS mechanism. The library
doesn't know it's signing a CSR, and will SHA1 hash the data and RSA
sign it.
What you have to do it hash your data, prepare an X509_SIG object, set
its algor to SHA1 (with NULL parameters), and fill the digest part
with your hash result. Then transform it into DER, and sign it with
CKM_RSA_PKCS mechanism.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
