Re: [openssl-users] Generate ECC key with password protection
On 1/13/2017 2:02 PM, Viktor Dukhovni wrote: parameter setting error 139854491113288:error:06089094:digital envelope routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:404: In that case, your OpenSSL library is broken, or was built without EC support. Perhaps you're running the wrong openssl(1) binary. Perhaps++. The command ran on a 1.0.2 platform. EC key creation is supported in 1.0.2: openssl version OpenSSL 1.0.1e-fips 11 Feb 2013 The C API's seem to support EC. Perhaps the openssl binary does not? RHEL 6.7 is still at 1.0.1. Can I create the key and certificates on the 1.0.2 platform and use them with the C API on 1.0.1? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generate ECC key with password protection
On Fri, Jan 13, 2017 at 03:26:08PM -0500, Ken Goldman wrote: > On 1/13/2017 2:02 PM, Viktor Dukhovni wrote: > > > parameter setting error > > > 139854491113288:error:06089094:digital envelope > > > routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:404: > > > > In that case, your OpenSSL library is broken, or was built without > > EC support. Perhaps you're running the wrong openssl(1) binary. > > Perhaps++. The command ran on a 1.0.2 platform. > > > EC key creation is supported in 1.0.2: > > openssl version > OpenSSL 1.0.1e-fips 11 Feb 2013 > > The C API's seem to support EC. Perhaps the openssl binary does not? > > RHEL 6.7 is still at 1.0.1. > > Can I create the key and certificates on the 1.0.2 platform and use them > with the C API on 1.0.1? RedHat has in various past releases deliberately disabled EC support. More recently they've enabled just the NIST P-256,384,521 curves. So your software may be neutered by the vendor, however, you seem to be using 1.0.1, while I was testing 1.0.2. With 1.0.1 I get: $ openssl version -a; openssl genpkey -out cakeyecc.pem -outform PEM -pass pass: -aes256 -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1 -pkeyopt ec_param_enc:named_curve -text; cat cakeyecc.pem OpenSSL 1.0.1v-dev xx XXX built on: Fri Jan 13 15:35:13 2017 platform: darwin64-x86_64-cc options: bn(64,64) rc4(ptr,char) des(idx,cisc,16,int) idea(int) blowfish(idx) compiler: cc -I. -I.. -I../include -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -arch x86_64 -O3 -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM OPENSSLDIR: "/Volumes/gitvol/viktor/ssl/OpenSSL_1_0_1/ssl" parameter setting error 140735936984072:error:06089094:digital envelope routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:394: cat: cakeyecc.pem: No such file or directory With 1.0.1, EC support in genpkey(1) is incomplete. To encrypt use a pipeline: $ openssl ecparam -name prime256v1 -genkey -noout | openssl pkey -aes256 -text Enter PEM pass phrase: Verifying - Enter PEM pass phrase: -BEGIN ENCRYPTED PRIVATE KEY- MIHeMEkGCSqGSIb3DQEFDTA8MBsGCSqGSIb3DQEFDDAOBAiDn5ZQFVqU2wICCAAw HQYJYIZIAWUDBAEqBBBMxK5x8CNp29AxpTpdjjZzBIGQFcjJotTUgue5zv1ZUiJE Fmp3LFInp0+mJmiSMM/WZUM2aALAG3xikB5xn0ENmtluiLVM+Osa5PZVj5WAisgN DBmHRYqFoxOQPc9L8DN8dr0PDM/d7KZe3Vr4FAlkG86R/aFOOn8yBX2DepDDmvuc aYn6abZZWe9uISi+Gk0r3Hna6cKz0K5M6ecGim6oBRg2 -END ENCRYPTED PRIVATE KEY- Private-Key: (256 bit) priv: 00:fc:ee:5b:91:0d:7b:11:c1:a3:6b:b6:45:e3:88: 12:80:08:27:77:1b:3c:ad:59:4f:cd:10:42:f7:6e: 53:4a:e9 pub: 04:82:74:1c:da:70:65:e0:2d:3f:3b:8b:e4:10:e1: b0:60:b0:f8:59:9a:99:7d:a7:70:52:13:be:02:8d: c4:a0:56:9b:7f:79:ae:b8:ca:61:52:8c:74:06:59: 72:10:77:6e:53:62:df:47:ef:af:64:47:97:73:cb: a6:f0:eb:a2:24 ASN1 OID: prime256v1 -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] troubleshooting a puzzling issue
In message <8df59ee9-2677-47d3-b9f6-69904b3ea...@inria.fr> on Fri, 13 Jan 2017 16:46:59 +0100, Thierry Parmentelatsaid: thierry.parmentelat> so I do see md5 in the list of digests Ok thierry.parmentelat> thierry.parmentelat> what else should I be looking at ? thierry.parmentelat> is there a way to get some sort of error code or something that would at least hint at a direction.. I found that M2Crypto has an Err package, so add this to your script: if v <= 0: print(M2Crypto.Err.get_error()); else: print("v = {}".format(v)) -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generate ECC key with password protection
On Fri, Jan 13, 2017 at 06:18:51PM +, Viktor Dukhovni wrote: > Easier to read the documentation and use the appropriate value. https://www.openssl.org/docs/man1.1.0/apps/genpkey.html -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generate ECC key with password protection
Thanks for the help. Am I getting closer? On 1/13/2017 9:44 AM, Viktor Dukhovni wrote: Also, take a look at test/certs/mkcert.sh: I looked at that, but what is $bits? The curve name. You're sure fond of leaving off the leading "-" in option names. You'll also really want the "ec_param_enc" option when you get the rest of the syntax right. OK, sorry, hyphen-o-phobia. I gather now that there are two -pkeyopt: ec_paramgen_curve ec_param_enc I tried prime256v1 for each, and also named_curve and explicit for the second, in many combinations. It's also not 100% clear whether I specify -pkeyopt each time, or once and then pairs of opt:value. In all combinations, I now get: openssl genpkey -out cakeyecc.pem -outform pem -pass pass: -aes256 -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1 ec_param_enc:explicit -text parameter setting error 140171547424584:error:06089094:digital envelope routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:404: -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generate ECC key with password protection
On Fri, Jan 13, 2017 at 01:06:10PM -0500, Ken Goldman wrote: > I gather now that there are two -pkeyopt: Yes. > ec_paramgen_curve > ec_param_enc > > I tried prime256v1 for each, and also named_curve and explicit > for the second, in many combinations. Easier to read the documentation and use the appropriate value. > It's also not 100% clear whether I specify -pkeyopt each time, or once and > then pairs of opt:value. Each time. > In all combinations, I now get: > > openssl genpkey -out cakeyecc.pem -outform pem -pass pass: -aes256 > -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1 ec_param_enc:explicit > -text The explicit "-outform PEM" argument is not needed, but harmless: $ openssl genpkey -out cakeyecc.pem -outform PEM -pass pass: \ -aes256 -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1 \ -pkeyopt ec_param_enc:named_curve -text $ cat cakeyecc.pem -BEGIN ENCRYPTED PRIVATE KEY- MIHeMEkGCSqGSIb3DQEFDTA8MBsGCSqGSIb3DQEFDDAOBAhn8FHW0643QQICCAAw HQYJYIZIAWUDBAEqBBCtTYP4h4/2PTEfN1fVJnpHBIGQ3RHX/KUQwncg9MK5aF7H p0qQplxOKtfCOYp0iqx15IQCEv5N4SXIIKnRjvaKPHgFQN0d8x1Et0pBOaYLqIre zwch3VGRvvHH//qhXiYGay9xzZXraGwFFatNt9R8gyBKR7zMn/BQVWUtA8woCB// D/R9GGYJVr3afeay4Vr4U/kHtRUkTrkGZxRZvM2EIAsr -END ENCRYPTED PRIVATE KEY- Private-Key: (256 bit) priv: 39:32:f7:c6:cf:fa:57:7f:9f:b0:d7:87:92:c0:93: 36:33:9e:19:75:0c:58:f7:a0:ec:29:01:1f:c2:17: 6a:9f pub: 04:a2:2a:47:02:a3:ed:6c:e0:af:85:9f:f3:9e:f9: e7:e4:19:5a:49:05:09:2e:1e:40:d8:89:88:5a:2c: fc:dc:59:5b:27:9f:9d:00:78:d7:3d:16:68:b9:81: 42:db:db:02:98:42:08:d9:2f:6f:e5:1d:a4:70:4f: 1a:4e:2b:69:2f ASN1 OID: prime256v1 NIST CURVE: P-256 As you can see the combination of "-aes256" and "-text" is unwise. The "-text" form is not encrypted. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generate ECC key with password protection
On 1/13/2017 1:21 PM, Viktor Dukhovni wrote: On Fri, Jan 13, 2017 at 06:18:51PM +, Viktor Dukhovni wrote: Still no success. I think this is exactly what you suggested, and something I had already tried. openssl genpkey -out cakeyecc.pem -outform PEM -pass pass: -aes256 -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1 -pkeyopt ec_param_enc:named_curve -text parameter setting error 139854491113288:error:06089094:digital envelope routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:404: Easier to read the documentation and use the appropriate value. https://www.openssl.org/docs/man1.1.0/apps/genpkey.html Yikes. That's not in the 1.0.2 documentation at https://www.openssl.org/docs/man1.0.2/apps/genpkey.html Could it be that 1.0.2 doesn't support creation of EC keys? Or, if the syntax is different, where can I find it? -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generate ECC key with password protection
On Fri, Jan 13, 2017 at 01:49:14PM -0500, Ken Goldman wrote: > On 1/13/2017 1:21 PM, Viktor Dukhovni wrote: > > On Fri, Jan 13, 2017 at 06:18:51PM +, Viktor Dukhovni wrote: > > Still no success. I think this is exactly what you suggested, and something > I had already tried. > > openssl genpkey -out cakeyecc.pem -outform PEM -pass pass: -aes256 > -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1 -pkeyopt > ec_param_enc:named_curve -text > > parameter setting error > 139854491113288:error:06089094:digital envelope > routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:404: In that case, your OpenSSL library is broken, or was built without EC support. Perhaps you're running the wrong openssl(1) binary. > https://www.openssl.org/docs/man1.0.2/apps/genpkey.html > > Could it be that 1.0.2 doesn't support creation of EC keys? EC key creation is supported in 1.0.2: $ openssl version -a; openssl genpkey -out cakeyecc.pem -outform PEM -pass pass: -aes256 -algorithm ec -pkeyopt ec_paramgen_curve:prime256v1 -pkeyopt ec_param_enc:named_curve -text; cat cakeyecc.pem OpenSSL 1.0.2j 26 Sep 2016 built on: reproducible build, date unspecified platform: NetBSD-x86_64 options: bn(64,64) md2(int) rc4(8x,int) des(idx,cisc,16,int) blowfish(ptr2) compiler: gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DOPENSSL_THREADS -DDSO_DLFCN -DHAVE_DLFCN_H -O2 -I/usr/include -Wa,--noexecstack -DTERMIOS -DL_ENDIAN -DMD32_REG_T=int -O2 -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM OPENSSLDIR: "/usr/pkg/etc/openssl" -BEGIN ENCRYPTED PRIVATE KEY- MIHeMEkGCSqGSIb3DQEFDTA8MBsGCSqGSIb3DQEFDDAOBAj2P6Eun6xu+QICCAAw HQYJYIZIAWUDBAEqBBCLkrjwPqdzyGUnq+FZmAXKBIGQYc6Ug3yc5JbhkUmNmtPm 8An/0hE1ErvedRQFk0yyfUTiX/cHcuTkm5S5ZJlE4jtDJRidc3TxX59yTa6blZbp EilWzrACBO0POWeUsN0SnYAwHfaQ7dRKfoK0xmZJMRclzd9C62f64e/0Q2v1xdvj oMyg7aiK2fa1DdXdkDeB0j3Cnpo4x24ZY1De870LOkd/ -END ENCRYPTED PRIVATE KEY- Private-Key: (256 bit) priv: 63:c2:97:81:a3:bc:4f:10:cc:ca:68:70:bf:a3:fa: da:e3:fd:7d:d2:9f:88:b9:4b:bf:11:ac:4b:9c:b5: d4:c2 pub: 04:96:5d:78:a2:7b:60:b3:9c:67:7d:d7:19:68:4e: 4e:7b:a4:75:46:31:b1:f6:76:28:86:fe:9a:56:9c: bc:3c:4b:37:0b:3b:0c:24:ed:2b:d1:8f:85:92:0f: 6e:48:9d:49:2c:7b:e7:7c:df:94:8a:9d:4b:f8:bc: 25:82:cb:50:22 ASN1 OID: prime256v1 NIST CURVE: P-256 The documentation of genpkey(1) was improved in 1.1.0, perhaps some of the improvements should be backported. Pull requests welcome. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generate ECC key with password protection
Thanks, getting closer ... On 1/12/2017 5:47 PM, Viktor Dukhovni wrote: My latest attempt is this. It gives me a usage error. Any hints? openssl genpkey -out cakeyecc.pem -outform pem -pass pass: aes-256-cbc -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 -text The "aes-256-cbc" argument is wrong. Try "-aes256". BTW, I got aes-256-cbc from https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations and > openssl list-cipher-commands Also, take a look at test/certs/mkcert.sh: I looked at that, but what is $bits? I got prime256v1, the curve I want, from openssl ecparam -list_curves My next tries: openssl genpkey -out cakeyecc.pem -outform pem -pass pass: -aes256 -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 -text openssl genpkey -out cakeyecc.pem -outform pem -pass pass: -aes256 -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 pkeyopt ec_param_enc:named_curve -text openssl genpkey -out cakeyecc.pem -outform pem -pass pass: -aes256 -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 pkeyopt ec_param_enc:explicit -text I get: Error generating key 140529942484808:error:100C708B:elliptic curve routines:PKEY_EC_KEYGEN:no parameters set:ec_pmeth.c:294: It's probably this LOC, but what am I missing? if (ctx->pkey == NULL && dctx->gen_group == NULL) { ECerr(EC_F_PKEY_EC_KEYGEN, EC_R_NO_PARAMETERS_SET); return 0; } -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generate ECC key with password protection
On 13/01/17 14:32, Ken Goldman wrote: > Thanks, getting closer ... > > On 1/12/2017 5:47 PM, Viktor Dukhovni wrote: >>> My latest attempt is this. It gives me a usage error. Any hints? >>> >>> openssl genpkey -out cakeyecc.pem -outform pem -pass pass: >>> aes-256-cbc -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 -text >> >> The "aes-256-cbc" argument is wrong. Try "-aes256". > > BTW, I got aes-256-cbc from > > https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations > > and > openssl list-cipher-commands > >> >> Also, take a look at test/certs/mkcert.sh: > > I looked at that, but what is $bits? > > I got prime256v1, the curve I want, from > > openssl ecparam -list_curves > > My next tries: > > openssl genpkey -out cakeyecc.pem -outform pem -pass pass: -aes256 > -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 -text Try it with a "-" in front of "pkeyopt"!!! Matt > > openssl genpkey -out cakeyecc.pem -outform pem -pass pass: -aes256 > -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 pkeyopt > ec_param_enc:named_curve -text > > openssl genpkey -out cakeyecc.pem -outform pem -pass pass: -aes256 > -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 pkeyopt > ec_param_enc:explicit -text > > I get: > > Error generating key > 140529942484808:error:100C708B:elliptic curve routines:PKEY_EC_KEYGEN:no > parameters set:ec_pmeth.c:294: > > It's probably this LOC, but what am I missing? > > if (ctx->pkey == NULL && dctx->gen_group == NULL) { > ECerr(EC_F_PKEY_EC_KEYGEN, EC_R_NO_PARAMETERS_SET); > return 0; > } > > -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] troubleshooting a puzzling issue
> On Jan 13, 2017, at 5:28 AM, Thierry Parmentelat >wrote: > > I have two certificates, one being signed by the other > the attached code is a python code that uses M2Crypto to check for that fact Your current problem is failure to post the two certificates along with the anecdotal description. You're also not reporting which versions of the various O/S distributions you were using, and more importantly which versions of OpenSSL were linked into Python's M2Crypto. Real answers require real data. -- -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] Generate ECC key with password protection
On Fri, Jan 13, 2017 at 09:32:01AM -0500, Ken Goldman wrote: > > The "aes-256-cbc" argument is wrong. Try "-aes256". > > BTW, I got aes-256-cbc from > > https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations > > and > openssl list-cipher-commands When cipher names are used as options, they need a leading "-". > > Also, take a look at test/certs/mkcert.sh: > > I looked at that, but what is $bits? The curve name. > openssl genpkey -out cakeyecc.pem -outform pem -pass pass: -aes256 > -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 -text You're sure fond of leaving off the leading "-" in option names. You'll also really want the "ec_param_enc" option when you get the rest of the syntax right. > openssl genpkey -out cakeyecc.pem -outform pem -pass pass: -aes256 > -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 pkeyopt > ec_param_enc:named_curve -text So this one is much closer, but now has two missing "-"s in "pkeyopt". -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] troubleshooting a puzzling issue
Hey I am facing a problem that I have narrowed down to this: I have two certificates, one being signed by the other the attached code is a python code that uses M2Crypto to check for that fact and it turns out, on some boxes x509_verify() returns 1 as expected, while on some others I am getting -1 --- I apologize that I am not able to write a pure C code that would reproduce the issue (I’m afraid that me trying to achieve that would just lead to more artificial problems than be actually helpful in any way :) the m2crypto guys tell me they are essentially just passing stuff along to openssl’s function X509_verify as described here https://www.openssl.org/docs/man1.1.0/crypto/X509_verify.html --- and this says, I quote: X509_verify(), X509_REQ_verify() and X509_CRL_verify() return 1 if the signature is valid and 0 if the signature check fails. If the signature could not be checked at all because it was invalid or some other error occurred then -1 is returned. So my question here is, how do I go about figuring out what ‘some other error’ might be in my case ? I was wondering, for example, if it could just be a missing library or something along this line, as my understanding is that the range of algorithms, ciphers, and other hashes can be configured at build-time what tools can I use to look in this direction ? --- So far it looks like the problems happens on fedora installations, while the code behaves as expected on macos and ubuntus I have not yet been able to assess that on a wide variety of installations yet Thanks for any hint #!/usr/bin/env python import M2Crypto p1 = """-BEGIN CERTIFICATE- MIICOjCCAaOgAwIBAgIBAzANBgkqhkiG9w0BAQQFADAXMRUwEwYDVQQDEwxvbmVs YWIuaW5yaWEwHhcNMTQwODE4MTMzMDQ5WhcNMTkwODE3MTMzMDQ5WjArMSkwJwYD VQQDFCBvbmVsYWIuaW5yaWEudGhpZXJyeV9wYXJtZW50ZWxhdDCBnTANBgkqhkiG 9w0BAQEFAAOBiwAwgYcCgYEAqK1lKNf61lAGYAXzG6xKnFQkfv3ViG0GP2Krp1zD 7d/93IkmsXVEjLfGhEJQjRjzRc9/gFdATP703cDzp4Ag2eR2wdQz0e6SXOBd2sLu W3LqTwor1XMmp5f0QCOg5OSKXwozE3Tlt0+ewBNvAE8HWwZFjou5CFnrFMVZPjqf hpUCASOjgYMwgYAwDAYDVR0TAQH/BAIwADBwBgNVHREEaTBnhjZ1cm46cHVibGlj aWQ6SUROK29uZWxhYjppbnJpYSt1c2VyK3RoaWVycnlfcGFybWVudGVsYXSGLXVy bjp1dWlkOjhlZTVhYWJlLTVhMTYtNGFjNS1hMThmLTdjYTE0NWFmMjg1YTANBgkq hkiG9w0BAQQFAAOBgQCcjZnVO9vXmX/4a0kY34g87rxsk/9zOV7LqmSoCd66Qf5y mRIJ/WCpCKJHQA2PU/LWBGS+Iv/E2z3cYrah02TkCGYB7Nzps5n40jQVI93UC4k7 uN73t6fwXwzM6i238LfbQUpTmqOL022mw06jbNhDl2ohhiXVKoCCQMG+7EyQjg== -END CERTIFICATE- """ p2 = """-BEGIN CERTIFICATE- MIICFzCCAYCgAwIBAgIBAzANBgkqhkiG9w0BAQQFADARMQ8wDQYDVQQDEwZvbmVs YWIwHhcNMTMxMjIzMTUwMDE0WhcNMTgxMjIyMTUwMDE0WjAXMRUwEwYDVQQDEwxv bmVsYWIuaW5yaWEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL7irzhKl2iR hRcO88n+R88zqdPKUNGKTcKErKpb8XNb5legIXAPKQvrB5dANuz02ptBs1FHeCqF S+D6kond4F9DZrQm6Z2RRZltZfOs78JtY56KvjYkbnKfBkgmQLIDDLTrZV6xBt33 lblKwvzXCuQA5qP7Vu+Jvqyf5Oxo1MQFAgMBAAGjeTB3MA8GA1UdEwEB/wQFMAMB Af8wZAYDVR0RBF0wW4YqdXJuOnB1YmxpY2lkOklETitvbmVsYWI6aW5yaWErYXV0 aG9yaXR5K3Nhhi11cm46dXVpZDozNzgzNzdlZi0wMGFlLTQ0N2YtOGZkOC0xZTNm ZWJjNmQ5NzkwDQYJKoZIhvcNAQEEBQADgYEANuSaNpw3Z/+01bZPi7V9YFzyetUk wj+aX0oj5xqECryLwemSc386caYxoNLxRiJinh1rfls45G1Nsm7lKHQTheWK55vC sqHK3lDFu4m9LqnHct1bOO/tx3lNxR4PrcoiMWBUhHCzjOx6xKI1llbDP7G4Y76o gHZYoVJPwm30wuE= -END CERTIFICATE- """ c1 = M2Crypto.X509.load_cert_string(p1) c2 = M2Crypto.X509.load_cert_string(p2) k2 = c2.get_pubkey() v = c1.verify(k2) print("v = {}".format(v)) -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] troubleshooting a puzzling issue
Thanks Viktor for your feedback Well, the 2 certificates are embedded in the python code as PEM; I am attaching them again here as plain files if that helps p1 Description: Binary data p2 Description: Binary data In terms of versioning, on one box that exhibits the issue of returning -1, I have this: # cat /etc/fedora-release Fedora release 24 (Twenty Four) both openssl and m2crypto installed from fedora’s stock repos: # rpm -q m2crypto openssl-libs m2crypto-0.23.0-2.fc24.x86_64 openssl-libs-1.0.2j-3.fc24.x86_64 # uname -a Linux r2labsfa.pl.sophia.inria.fr 4.8.15-300.fc25.x86_64 #1 SMP Thu Dec 15 23:10:23 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux I hope it clarifies — thanks for looking into this — Thierry > On 13 Jan 2017, at 15:26, Viktor Dukhovniwrote: > > >> On Jan 13, 2017, at 5:28 AM, Thierry Parmentelat >> wrote: >> >> I have two certificates, one being signed by the other >> the attached code is a python code that uses M2Crypto to check for that fact > > Your current problem is failure to post the two certificates along with > the anecdotal description. You're also not reporting which versions of > the various O/S distributions you were using, and more importantly which > versions of OpenSSL were linked into Python's M2Crypto. > > Real answers require real data. > > -- > -- > Viktor. > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] troubleshooting a puzzling issue
Hey Richard here’s what I see # openssl help openssl:Error: 'help' is an invalid command. Standard commands asn1parse caciphers cms crl crl2pkcs7 dgst dh dhparam dsa dsaparam ec ecparam enc engineerrstr gendh gendsagenpkey genrsa nseq ocsp passwdpkcs12 pkcs7 pkcs8 pkey pkeyparam pkeyutl prime rand req rsa rsautls_client s_server s_timesess_id smime speed spkac tsverifyversion x509 Message Digest commands (see the `dgst' command for more details) md2 md4 md5 rmd160 sha sha1 Cipher commands (see the `enc' command for more details) aes-128-cbc aes-128-ecb aes-192-cbc aes-192-ecb aes-256-cbc aes-256-ecb base64bf bf-cbcbf-cfbbf-ecbbf-ofb camellia-128-cbc camellia-128-ecb camellia-192-cbc camellia-192-ecb camellia-256-cbc camellia-256-ecb cast cast-cbc cast5-cbc cast5-cfb cast5-ecb cast5-ofb des des-cbc des-cfb des-ecb des-ede des-ede-cbc des-ede-cfb des-ede-ofb des-ede3 des-ede3-cbc des-ede3-cfb des-ede3-ofb des-ofb des3 desx idea idea-cbc idea-cfb idea-ecb idea-ofb rc2 rc2-40-cbcrc2-64-cbcrc2-cbc rc2-cfb rc2-ecb rc2-ofb rc4 rc4-40rc5 rc5-cbc rc5-cfb rc5-ecb rc5-ofb seed seed-cbc seed-cfb seed-ecb seed-ofb zlib so I do see md5 in the list of digests what else should I be looking at ? is there a way to get some sort of error code or something that would at least hint at a direction.. thanks — Thierry > On 13 Jan 2017, at 16:37, Richard Levittewrote: > > In message <41a36a7f-ff5d-4190-9178-e9ff11aff...@inria.fr> on Fri, 13 Jan > 2017 11:28:40 +0100, Thierry Parmentelat said: > > thierry.parmentelat> I am facing a problem that I have narrowed down to this: > thierry.parmentelat> > thierry.parmentelat> I have two certificates, one being signed by the other > thierry.parmentelat> the attached code is a python code that uses M2Crypto to > check for that fact > thierry.parmentelat> > thierry.parmentelat> and it turns out, on some boxes x509_verify() returns 1 > as expected, while on some others I am getting -1 > thierry.parmentelat> > thierry.parmentelat> > thierry.parmentelat> --- > thierry.parmentelat> I apologize that I am not able to write a pure C code > that would reproduce the issue (I’m afraid that me trying to achieve that > would just lead to more artificial problems than be actually helpful in any > way :) > thierry.parmentelat> > thierry.parmentelat> the m2crypto guys tell me they are essentially just > passing stuff along to openssl’s function > thierry.parmentelat> X509_verify > thierry.parmentelat> as described here > thierry.parmentelat> > https://www.openssl.org/docs/man1.1.0/crypto/X509_verify.html > > Considering both certs in the attached script use the signature > algorithm md5WithRSAEncryption, you could get that kind of error with > an OpenSSL installation where MD5 has been disabled. 'openssl help' > will show you what's enabled, or 'openssl list -disabled' (with > OpenSSL 1.1.0) to see what's disabled. > > There are other things that can give you a -1 as well... > > Cheers, > Richard > > -- > Richard Levitte levi...@openssl.org > OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] troubleshooting a puzzling issue
In message <41a36a7f-ff5d-4190-9178-e9ff11aff...@inria.fr> on Fri, 13 Jan 2017 11:28:40 +0100, Thierry Parmentelatsaid: thierry.parmentelat> I am facing a problem that I have narrowed down to this: thierry.parmentelat> thierry.parmentelat> I have two certificates, one being signed by the other thierry.parmentelat> the attached code is a python code that uses M2Crypto to check for that fact thierry.parmentelat> thierry.parmentelat> and it turns out, on some boxes x509_verify() returns 1 as expected, while on some others I am getting -1 thierry.parmentelat> thierry.parmentelat> thierry.parmentelat> --- thierry.parmentelat> I apologize that I am not able to write a pure C code that would reproduce the issue (I’m afraid that me trying to achieve that would just lead to more artificial problems than be actually helpful in any way :) thierry.parmentelat> thierry.parmentelat> the m2crypto guys tell me they are essentially just passing stuff along to openssl’s function thierry.parmentelat> X509_verify thierry.parmentelat> as described here thierry.parmentelat> https://www.openssl.org/docs/man1.1.0/crypto/X509_verify.html Considering both certs in the attached script use the signature algorithm md5WithRSAEncryption, you could get that kind of error with an OpenSSL installation where MD5 has been disabled. 'openssl help' will show you what's enabled, or 'openssl list -disabled' (with OpenSSL 1.1.0) to see what's disabled. There are other things that can give you a -1 as well... Cheers, Richard -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] troubleshooting a puzzling issue
In messageon Fri, 13 Jan 2017 09:26:35 -0500, Viktor Dukhovni said: openssl-users> openssl-users> > On Jan 13, 2017, at 5:28 AM, Thierry Parmentelat wrote: openssl-users> > openssl-users> > I have two certificates, one being signed by the other openssl-users> > the attached code is a python code that uses M2Crypto to check for that fact openssl-users> openssl-users> Your current problem is failure to post the two certificates along with openssl-users> the anecdotal description. You're also not reporting which versions of openssl-users> the various O/S distributions you were using, and more importantly which openssl-users> versions of OpenSSL were linked into Python's M2Crypto. openssl-users> openssl-users> Real answers require real data. E... there's a script attached to the original post. It contains all the data you need, including two certs. Cheers, Richard -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] troubleshooting a puzzling issue
On Fri, Jan 13, 2017 at 04:17:14PM +0100, Thierry Parmentelat wrote: > Thanks Viktor for your feedback > > Well, the 2 certificates are embedded in the python code as PEM; I am > attaching them again here as plain files if that helps The leaf certificate is signed with RSA+MD5: $ openssl x509 -in /tmp/p1 -noout -text | egrep -v '^ *..:' Certificate: Data: Version: 3 (0x2) Serial Number: 3 (0x3) Signature Algorithm: md5WithRSAEncryption Issuer: CN=onelab.inria Validity Not Before: Aug 18 13:30:49 2014 GMT Not After : Aug 17 13:30:49 2019 GMT Subject: CN=onelab.inria.thierry_parmentelat Subject Public Key Info: Public Key Algorithm: rsaEncryption Public-Key: (1024 bit) Modulus: Exponent: 35 (0x23) X509v3 extensions: X509v3 Basic Constraints: critical X509v3 Subject Alternative Name: URI:urn:publicid:IDN+onelab:inria+user+thierry_parmentelat, URI:urn:uuid:8ee5aabe-5a16-4ac5-a18f-7ca145af285a Signature Algorithm: md5WithRSAEncryption > In terms of versioning, on one box that exhibits the issue of returning -1, I > have this: > > # cat /etc/fedora-release > Fedora release 24 (Twenty Four) Redhat is removing support for MD5 signatures from their OpenSSL builds. From a recent email from them to the OpenSSL team: We (Red Hat Enterprise Linux developers) decided to disable support for verification of signatures with MD4, MD5, and SHA0 hashes in openssl library in Red Hat Enterprise Linux 6 and newer and in Fedora. ... Your 5 year MD5 certificate is getting stale, time to use something a bit more current. Also its rather small exponent (35) is very unwise. While not quite as bad as 3, it may be open to attack. -- Viktor. -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] troubleshooting a puzzling issue
; it explains it all :) Thanks so much for your time looking into this, it is very helpful — Thierry > On 13 Jan 2017, at 16:47, Viktor Dukhovniwrote: > > On Fri, Jan 13, 2017 at 04:17:14PM +0100, Thierry Parmentelat wrote: > >> Thanks Viktor for your feedback >> >> Well, the 2 certificates are embedded in the python code as PEM; I am >> attaching them again here as plain files if that helps > > The leaf certificate is signed with RSA+MD5: > >$ openssl x509 -in /tmp/p1 -noout -text | egrep -v '^ *..:' >Certificate: > Data: > Version: 3 (0x2) > Serial Number: 3 (0x3) > Signature Algorithm: md5WithRSAEncryption > Issuer: CN=onelab.inria > Validity > Not Before: Aug 18 13:30:49 2014 GMT > Not After : Aug 17 13:30:49 2019 GMT > Subject: CN=onelab.inria.thierry_parmentelat > Subject Public Key Info: > Public Key Algorithm: rsaEncryption > Public-Key: (1024 bit) > Modulus: > Exponent: 35 (0x23) > X509v3 extensions: > X509v3 Basic Constraints: critical > X509v3 Subject Alternative Name: > URI:urn:publicid:IDN+onelab:inria+user+thierry_parmentelat, > URI:urn:uuid:8ee5aabe-5a16-4ac5-a18f-7ca145af285a > Signature Algorithm: md5WithRSAEncryption > >> In terms of versioning, on one box that exhibits the issue of returning -1, >> I have this: >> >> # cat /etc/fedora-release >> Fedora release 24 (Twenty Four) > > Redhat is removing support for MD5 signatures from their OpenSSL > builds. From a recent email from them to the OpenSSL team: > >We (Red Hat Enterprise Linux developers) decided to disable >support for verification of signatures with MD4, MD5, and SHA0 >hashes in openssl library in Red Hat Enterprise Linux 6 and >newer and in Fedora. ... > > Your 5 year MD5 certificate is getting stale, time to use something > a bit more current. Also its rather small exponent (35) is very > unwise. While not quite as bad as 3, it may be open to attack. > > -- > Viktor. > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users