[openssl-users] When to use a key or password

2016-07-07 Thread Warron French

Is there any good rule of thumb for when to use:


*-k * versus

*-K *

*
*

Also, what does the term IV refer to in reference to *-iv IV*?


Thanks in advance,

Warron

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


Re: [openssl-users] EVP_get_digestbyobj fails for ecdsa-with-SHA256

2016-07-07 Thread Chris Bare
Ok, that makes sense with what I'm seeing. I just tried changing this:
const EVP_MD* md = EVP_get_digestbyobj(sig_alg_oid);
to this:
const EVP_MD* md = EVP_get_digestbyname("SHA256");

and it all worked correctly.
so given that I have an OID for ecdsa-with-SHA256, is there a function that
will return just the digest algorithm?
I'm trying to be as flexible as possible, so I don't want to hard code this
or have my own limited lookup table.

On Thu, Jul 7, 2016 at 2:54 PM, Jakob Bohm  wrote:

> On 07/07/2016 20:08, Chris Bare wrote:
>
>> EVP_get_digestbyobj fails for ecdsa-with-SHA256
>>
>> ecdsa-with-SHA256 is not a digest algorithm, it is a signature
> algorithm with a specific choice of digest algorithm (SHA256).
>
> In OpenSSL 1.0.2 and older there is a very old compatibility
> feature which allows accessing a few old signature+digest
> algorithm pairs via a digest algorithm object.
>
> Specifically:
>
> RSA with md2, md4, md5, mdc2, ripemd, SHA-0, SHA-1, SHA224,
>  SHA256, SHA384 and SHA512
> DSA with SHA-0 and SHA1
> ECDSA with with SHA1
>
> This has been deprecated for a long time, but the compatibility
> code makes your code below work for the above algorithm pairs.
>
> The reason this compatibility code is deprecated is that it
> causes the RSA algorithm to be referenced every time someone
> tries to reference just the hash algorithm object for one of
> the digest algorithms listed above.
>
> I'm trying to perform a standard signature verification using the EVP_*
>> functions.
>> I think my code is correct, because it all runs fine if the digest is
>> RSA-SHA256.
>> I have an ASN1_OBJECT that specifics the signature/disgest type.
>> Here is my code that dumps out all the intermediate steps called by
>> EVP_get_digestbyobj:
>>
>> ASN1_OBJECT * ;
>>
>> OBJ_obj2txt(name, 256, sig_alg_oid, 1);
>> printf ("NAME %s", name);
>> printf ("NID = %d", OBJ_obj2nid(sig_alg_oid));
>> printf ("sn = %s", OBJ_nid2sn(OBJ_obj2nid(sig_alg_oid)));
>> printf ("OBJ_NAME_get = %p",
>> OBJ_NAME_get(OBJ_nid2sn(OBJ_obj2nid(sig_alg_oid)),OBJ_NAME_TYPE_MD_METH));
>> const EVP_MD* md = EVP_get_digestbyobj(sig_alg_oid);
>> if(md == NULL)
>> printf ("EVP_get_digestbyobj failed");
>>
>> When I call this with the RSA-SHA256 I get:
>> NAME 1.2.840.113549.1.1.11
>> NID = 668
>> sn = RSA-SHA256
>> OBJ_NAME_get = 0x7fe8846f1ee0
>>
>> and the rest of the steps succeeed.
>> Then when I call the same code (in the same program, so I'm sure the
>> openssl library is correctly initialized) with
>> ecdsa-with-SHA256, I get:
>> NAME 1.2.840.10045.4.3.2
>> NID = 794
>> sn = ecdsa-with-SHA256
>> OBJ_NAME_get = (nil)
>> EVP_get_digestbyobj failed
>>
>> So it looks like my sig_alg_oid is good, but OBJ_NAME_get fails.
>>
>> I am using openssl 1.0.2d-0ubuntu1.5 in ubuntu 15.10
>>
>> Am I doing something wrong, or could this be a bug in the library?
>> Any suggestions appreciated.
>>
>
> Enjoy
>
> Jakob
> --
> Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
> Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
> This public discussion message is non-binding and may contain errors.
> WiseMo - Remote Service Management for PCs, Phones and Embedded
>
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>



-- 
Chris Bare
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


Re: [openssl-users] EVP_get_digestbyobj fails for ecdsa-with-SHA256

2016-07-07 Thread Jakob Bohm

On 07/07/2016 20:08, Chris Bare wrote:

EVP_get_digestbyobj fails for ecdsa-with-SHA256


ecdsa-with-SHA256 is not a digest algorithm, it is a signature
algorithm with a specific choice of digest algorithm (SHA256).

In OpenSSL 1.0.2 and older there is a very old compatibility
feature which allows accessing a few old signature+digest
algorithm pairs via a digest algorithm object.

Specifically:

RSA with md2, md4, md5, mdc2, ripemd, SHA-0, SHA-1, SHA224,
 SHA256, SHA384 and SHA512
DSA with SHA-0 and SHA1
ECDSA with with SHA1

This has been deprecated for a long time, but the compatibility
code makes your code below work for the above algorithm pairs.

The reason this compatibility code is deprecated is that it
causes the RSA algorithm to be referenced every time someone
tries to reference just the hash algorithm object for one of
the digest algorithms listed above.
I'm trying to perform a standard signature verification using the 
EVP_* functions.
I think my code is correct, because it all runs fine if the digest is 
RSA-SHA256.

I have an ASN1_OBJECT that specifics the signature/disgest type.
Here is my code that dumps out all the intermediate steps called by 
EVP_get_digestbyobj:


ASN1_OBJECT * ;

OBJ_obj2txt(name, 256, sig_alg_oid, 1);
printf ("NAME %s", name);
printf ("NID = %d", OBJ_obj2nid(sig_alg_oid));
printf ("sn = %s", OBJ_nid2sn(OBJ_obj2nid(sig_alg_oid)));
printf ("OBJ_NAME_get = %p", 
OBJ_NAME_get(OBJ_nid2sn(OBJ_obj2nid(sig_alg_oid)),OBJ_NAME_TYPE_MD_METH));

const EVP_MD* md = EVP_get_digestbyobj(sig_alg_oid);
if(md == NULL)
printf ("EVP_get_digestbyobj failed");

When I call this with the RSA-SHA256 I get:
NAME 1.2.840.113549.1.1.11
NID = 668
sn = RSA-SHA256
OBJ_NAME_get = 0x7fe8846f1ee0

and the rest of the steps succeeed.
Then when I call the same code (in the same program, so I'm sure the 
openssl library is correctly initialized) with

ecdsa-with-SHA256, I get:
NAME 1.2.840.10045.4.3.2
NID = 794
sn = ecdsa-with-SHA256
OBJ_NAME_get = (nil)
EVP_get_digestbyobj failed

So it looks like my sig_alg_oid is good, but OBJ_NAME_get fails.

I am using openssl 1.0.2d-0ubuntu1.5 in ubuntu 15.10

Am I doing something wrong, or could this be a bug in the library?
Any suggestions appreciated.


Enjoy

Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S.  https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark.  Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


[openssl-users] EVP_get_digestbyobj fails for ecdsa-with-SHA256

2016-07-07 Thread Chris Bare
EVP_get_digestbyobj fails for ecdsa-with-SHA256

I'm trying to perform a standard signature verification using the EVP_*
functions.
I think my code is correct, because it all runs fine if the digest is
RSA-SHA256.
I have an ASN1_OBJECT that specifics the signature/disgest type.
Here is my code that dumps out all the intermediate steps called by
EVP_get_digestbyobj:

ASN1_OBJECT * ;

OBJ_obj2txt(name, 256, sig_alg_oid, 1);
printf ("NAME %s", name);
printf ("NID = %d", OBJ_obj2nid(sig_alg_oid));
printf ("sn = %s", OBJ_nid2sn(OBJ_obj2nid(sig_alg_oid)));
printf ("OBJ_NAME_get = %p",
OBJ_NAME_get(OBJ_nid2sn(OBJ_obj2nid(sig_alg_oid)),OBJ_NAME_TYPE_MD_METH));
const EVP_MD* md = EVP_get_digestbyobj(sig_alg_oid);
if(md == NULL)
printf ("EVP_get_digestbyobj failed");

When I call this with the RSA-SHA256 I get:
NAME 1.2.840.113549.1.1.11
NID = 668
sn = RSA-SHA256
OBJ_NAME_get = 0x7fe8846f1ee0

and the rest of the steps succeeed.
Then when I call the same code (in the same program, so I'm sure the
openssl library is correctly initialized) with
ecdsa-with-SHA256, I get:
NAME 1.2.840.10045.4.3.2
NID = 794
sn = ecdsa-with-SHA256
OBJ_NAME_get = (nil)
EVP_get_digestbyobj failed

So it looks like my sig_alg_oid is good, but OBJ_NAME_get fails.

I am using openssl 1.0.2d-0ubuntu1.5 in ubuntu 15.10

Am I doing something wrong, or could this be a bug in the library?
Any suggestions appreciated.

-- 
Chris Bare
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


Re: [openssl-users] Error building 1.0.1t with no-srp

2016-07-07 Thread Matt Caswell


On 06/07/16 16:55, Scott Neugroschl wrote:
> I’m building 1.0.1t with the no-srp option.When I do, I get
> thefollowing error
> 
>  
> 
> making all in ssl...
> 
> make[1]: Entering directory `/users/scottn/openssl-1.0.1t/ssl'
> 
> make[1]: *** No rule to make target `../include/openssl/srp.h', needed
> by `tls_srp.o'.  Stop.
> 
>  
> 
> Anyone else build without SRP?  Anyone have suggestions?

It works for me with 1.0.1t. Did you run "make depend"?

Matt


-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


Re: [openssl-users] Unable to decrypt CMS object encrypted with EC prime256v1 certificate

2016-07-07 Thread Stephan Mühlstrasser

Am 06.07.16 um 23:35 schrieb Dr. Stephen Henson:

...

Yes, the other version cannot decrypt the CMS object generated by
OpenSSL. I did some tests with Bouncy Castle, and it also cannot
decrypt the CMS object.

What might be interesting is that on the other hand Windows
CryptoAPI is able to decrypt the CMS object (tested on Windows 10).



Just to clarify: you're saying that neither this third party version nor
BouncyCastler can decrypt the OpenSSL generated CMS objects?


No, I didn't want to say that. BouncyCastle is unable to decrypt the 
third-party CMS object that I sent as an attachment in the initial email 
of this thread.


OpenSSL and BouncyCastle interoperate just fine, I can encrypt and 
decrypt CMS messages in both directions without problems.


--
Stephan
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users


Re: [openssl-users] Unable to decrypt CMS object encrypted with EC prime256v1 certificate

2016-07-07 Thread Stephan Mühlstrasser

Am 07.07.16 um 00:16 schrieb Dr. Stephen Henson:

On Wed, Jul 06, 2016, Stephan M?hlstrasser wrote:



While doing research on this, we found one thing that looks
suspicious in the CMS objects generated by OpenSSL 1.0.2. When
dumping the CMS object with dumpasn1, the key wrap algorithm is
encoded as follows:

SEQUENCE {
 OBJECT IDENTIFIER '1 3 132 1 11 3'
 SEQUENCE {
   OBJECT IDENTIFIER aes256-wrap (2 16 840 1 101 3 4 1 45)
   NULL
   }
 }



That's strange: I just tried OpenSSL 1.0.2 and the master branch and I don't
get a NULL in either case.


I apologize, you are right. I tracked this down to the fact that the CMS 
object was created with an OpenSSL 1.0.2 beta version. Sorry for the 
confusion.



Also that algorithm isn't something you'd get by default with OpenSSL. Has it
been modified in some way?


It has not been modified. The algorithm is set with the 
EVP_PKEY_CTX_ctrl_str() function:


EVP_PKEY_CTX_ctrl_str(ctx, "ecdh_kdf_md", "sha256");

--
Stephan
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users