Verifying certificate integrity
Is there any way for me to verify that the contents of the certificates that I am loading are okay? In addition, can I check to see if the chained certificate holds an RSA certificate? -- Nadav Golombick __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: PKCS12_parse() fails (0.9.8.)
Title: Message Can someone give me a hand with this problem? :) -Original Message-From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Milan TomicSent: Monday, July 18, 2005 1:20 PMTo: openssl-users@openssl.orgSubject: PKCS12_parse() fails (0.9.8.) PKCS12_parse() fails (returns 0) in my case, although PKCS12_verify_mac() succeed (return 1). I have tried to export cert key into .pfx file in two ways: - using Internet Explorer GUI, - using java's keytool. but still the same. What should I do? :(
Re: d2i_RSAPublicKey doesn't work
Edward Chan wrote: If you're referring to http://www.openssl.org/support/faq.html 3. How do I read or write a DER encoded buffer using the ASN1 functions? ... The opposite assumes we already have len bytes in buf: unsigned char *p; p = buf; p7 = d2i_PKCS7(NULL, p, len); At this point p7 contains a valid PKCS7 structure of NULL if an error occurred. If an error occurred ERR_print_errors(bio) should give more information. The reason for the temporary variable 'p' is that the ASN1 functions increment the passed pointer so it is ready to read or write the next structure. This is often a cause of problems: without the temporary variable the buffer pointer is changed to point just after the data that has been read or written. This may well be uninitialized data and attempts to free the buffer will have unpredictable results because it no longer points to the same address. -- I see where it says you need to create the temp var. So changed my code to do that, but I still get a null ptr returned. Code is now: U8* tmp = buf; RSA* pub = d2i_RSAPublicKey(0, (const U8**)tmp, *len); and what about i2d_RSAPublicKey ? Nils __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
how to smime decrypt if certificate is lost?
Hi, If I do still have the public key and private key, I hope I still can use openssl to decrypt a message even if I lost the certificate originally used to encrypt to. Unfortunately, my attempts fail so far: openssl smime -decrypt -in encrypted.eml -recip privKeyAndPubkeyInOtherCert.pem Enter pass phrase for privKeyAndPubkeyInOtherCert.pem: Error decrypting PKCS#7 structure 2116:error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificate:pk7_doit.c:430: 2116:error:21072077:PKCS7 routines:PKCS7_decrypt:decrypt error:pk7_smime.c:451: If I just take the private key, it gets worse: openssl smime -decrypt -in encrypted.eml -recip privKeyOnly.pem unable to load certificate 2504:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecting: TRUSTED CERTIFICATE I guess it is partially explained why this happens (issuer-name, certificate-id pair) in http://marc.theaimsgroup.com/?l=openssl-usersm=110056304510836w=2 Is there a way to decrypt that eml with openssl anyway short of Derek's ugly hack where he rebuilds a cert with same certificate-id/Issuer from the public key? Kind-of force openssl to use a decryption key irrespective of all other rules it normally implements ...? Many thanks for any hints in advance! Ralf __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PKCS12_parse() fails (0.9.8.)
Milan Tomic wrote: PKCS12_parse() fails (returns 0) in my case, although PKCS12_verify_mac() succeed (return 1). I have tried to export cert key into .pfx file in two ways: - using Internet Explorer GUI, - using java's keytool. but still the same. What should I do? :( does ERR_print_errors give you more information ? Nils __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: how to smime decrypt if certificate is lost?
Ralf Hauser wrote: Hi, If I do still have the public key and private key, I hope I still can use openssl to decrypt a message even if I lost the certificate originally used to encrypt to. Unfortunately, my attempts fail so far: openssl smime -decrypt -in encrypted.eml -recip privKeyAndPubkeyInOtherCert.pem Enter pass phrase for privKeyAndPubkeyInOtherCert.pem: Error decrypting PKCS#7 structure 2116:error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificate:pk7_doit.c:430: 2116:error:21072077:PKCS7 routines:PKCS7_decrypt:decrypt error:pk7_smime.c:451: If I just take the private key, it gets worse: openssl smime -decrypt -in encrypted.eml -recip privKeyOnly.pem unable to load certificate 2504:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecting: TRUSTED CERTIFICATE I guess it is partially explained why this happens (issuer-name, certificate-id pair) in http://marc.theaimsgroup.com/?l=openssl-usersm=110056304510836w=2 Is there a way to decrypt that eml with openssl anyway short of Derek's ugly hack where he rebuilds a cert with same certificate-id/Issuer from the public key? Kind-of force openssl to use a decryption key irrespective of all other rules it normally implements ...? Many thanks for any hints in advance! Ralf I'm pretty sure that you won't be able to do this using openssl smime... On the other hand it should be possible to create a hacked openssl smime which ignores certificates and tries to decode the the message with a hardcoded private key. But I don't know how much work this will be... :-/ Hope this helps Ted ;) -- PGP Public Key Information Download complete Key from http://www.convey.de/ted/tedkey_convey.asc Key fingerprint = 31B0 E029 BCF9 6605 DAC1 B2E1 0CC8 70F4 7AFB 8D26 smime.p7s Description: S/MIME Cryptographic Signature
Re: Investigating a leak
On 7/19/05, Rich Salz [EMAIL PROTECTED] wrote: Doing this now, but since my app is a server, it never really reaches the end, and the leaks build up during its lifetime, which I'd rather hoped could be more than a day or so. As it is now, the process' virtual memory size quickly reaches 3.5 GB, and then malloc() starts failing. Something wrong is happening. Lots of folks are running apache/openssl servers for days, weeks, etc., at a time. If you're seeing memory leaks like you describe, then it is far more likely that the like is either in your code, or there's a bug in the way you're calling OpenSSL. Do you get the same growth when openssl isn't used? Make sure you xxx_free every object you xxx_new. /r$ Hi, I was looking at the code ... could it be that the memory leak is in the main server loop? Sometimes, the ssl_accept may return 0, but with an error code like SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE, which just means that could not complete the handshake, but not really an error (just call ssl_accept again ... ). But in you main server thread, you just do a continue, thus looping again ... and creating a brand new ssl structure and socket ... you should loop() { create the tcp socket loop () { ssl_accept from the tcp socket till non-zero } } Take a look at the examples that come with openssl. Regards, Cesc __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
smime encryption
Hi all, For implementing AS2, where is the best place to look for resources on how to encrypt and decrypt using SMIME via the openssl libraries? Thanks Pj. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Ralf Hauser Sent: Tuesday, 19 July 2005 4:33 PM To: openssl-users@openssl.org Subject: how to smime decrypt if certificate is lost? Hi, If I do still have the public key and private key, I hope I still can use openssl to decrypt a message even if I lost the certificate originally used to encrypt to. Unfortunately, my attempts fail so far: openssl smime -decrypt -in encrypted.eml -recip privKeyAndPubkeyInOtherCert.pem Enter pass phrase for privKeyAndPubkeyInOtherCert.pem: Error decrypting PKCS#7 structure 2116:error:21070073:PKCS7 routines:PKCS7_dataDecode:no recipient matches certificate:pk7_doit.c:430: 2116:error:21072077:PKCS7 routines:PKCS7_decrypt:decrypt error:pk7_smime.c:451: If I just take the private key, it gets worse: openssl smime -decrypt -in encrypted.eml -recip privKeyOnly.pem unable to load certificate 2504:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:644:Expecting: TRUSTED CERTIFICATE I guess it is partially explained why this happens (issuer-name, certificate-id pair) in http://marc.theaimsgroup.com/?l=openssl-usersm=110056304510836w=2 Is there a way to decrypt that eml with openssl anyway short of Derek's ugly hack where he rebuilds a cert with same certificate-id/Issuer from the public key? Kind-of force openssl to use a decryption key irrespective of all other rules it normally implements ...? Many thanks for any hints in advance! Ralf __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- No virus found in this incoming message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.9.1/51 - Release Date: 18/07/2005 -- No virus found in this outgoing message. Checked by AVG Anti-Virus. Version: 7.0.323 / Virus Database: 267.9.1/51 - Release Date: 18/07/2005 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Investigating a leak
That'd do it. But if you're doing the loop in that sequence, and if you have set non-blocking on the sockets, then instead of polling for the connection you can use select or poll (depending on your platform) to wait for incoming connection activity, then enter ssl_accept in blocking mode which would probably cut down on those fake errors. Wouldn't this be a better sequence? If you are worried about inserting another call in the sequence... Being in blocking mode at this stage shouldn't adversely affect performance as the connection thread would only be in a polling loop during this period anyway in this code example. Being in a time-limited wait during select only aids performance as it allows the client serving threads access to the time-slice for the process which would otherwise be tied up in the polling loop. The new select() call could adversely impact performance if you have to service a continual stream of new client connections that prevent the select() from blocking at all, but that is unlikely in the real world. Regards, Simon - -- Simon Edwards -Original Message- From: Cesc [mailto:[EMAIL PROTECTED] Sent: 19 July 2005 09:58 To: openssl-users@openssl.org Subject: Re: Investigating a leak On 7/19/05, Rich Salz [EMAIL PROTECTED] wrote: Doing this now, but since my app is a server, it never really reaches the end, and the leaks build up during its lifetime, which I'd rather hoped could be more than a day or so. As it is now, the process' virtual memory size quickly reaches 3.5 GB, and then malloc() starts failing. Something wrong is happening. Lots of folks are running apache/openssl servers for days, weeks, etc., at a time. If you're seeing memory leaks like you describe, then it is far more likely that the like is either in your code, or there's a bug in the way you're calling OpenSSL. Do you get the same growth when openssl isn't used? Make sure you xxx_free every object you xxx_new. /r$ Hi, I was looking at the code ... could it be that the memory leak is in the main server loop? Sometimes, the ssl_accept may return 0, but with an error code like SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE, which just means that could not complete the handshake, but not really an error (just call ssl_accept again ... ). But in you main server thread, you just do a continue, thus looping again ... and creating a brand new ssl structure and socket ... you should loop() { create the tcp socket loop () { ssl_accept from the tcp socket till non-zero } } Take a look at the examples that come with openssl. Regards, Cesc __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] This message has been scanned for viruses by MailController - www.MailController.altohiway.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Investigating a leak
Why don't you move the ssl handshake to the thread code? Let the main loop accept tcp sockets, then create the thread with the tcp socket as the argument you pass to the thread run method ... perform then the ssl_accept loop (blocking or non-blocking, up to you) in the thread ... Just a suggestion. Cesc On 7/19/05, Simon Edwards [EMAIL PROTECTED] wrote: That'd do it. But if you're doing the loop in that sequence, and if you have set non-blocking on the sockets, then instead of polling for the connection you can use select or poll (depending on your platform) to wait for incoming connection activity, then enter ssl_accept in blocking mode which would probably cut down on those fake errors. Wouldn't this be a better sequence? If you are worried about inserting another call in the sequence... Being in blocking mode at this stage shouldn't adversely affect performance as the connection thread would only be in a polling loop during this period anyway in this code example. Being in a time-limited wait during select only aids performance as it allows the client serving threads access to the time-slice for the process which would otherwise be tied up in the polling loop. The new select() call could adversely impact performance if you have to service a continual stream of new client connections that prevent the select() from blocking at all, but that is unlikely in the real world. Regards, Simon - -- Simon Edwards -Original Message- From: Cesc [mailto:[EMAIL PROTECTED] Sent: 19 July 2005 09:58 To: openssl-users@openssl.org Subject: Re: Investigating a leak On 7/19/05, Rich Salz [EMAIL PROTECTED] wrote: Doing this now, but since my app is a server, it never really reaches the end, and the leaks build up during its lifetime, which I'd rather hoped could be more than a day or so. As it is now, the process' virtual memory size quickly reaches 3.5 GB, and then malloc() starts failing. Something wrong is happening. Lots of folks are running apache/openssl servers for days, weeks, etc., at a time. If you're seeing memory leaks like you describe, then it is far more likely that the like is either in your code, or there's a bug in the way you're calling OpenSSL. Do you get the same growth when openssl isn't used? Make sure you xxx_free every object you xxx_new. /r$ Hi, I was looking at the code ... could it be that the memory leak is in the main server loop? Sometimes, the ssl_accept may return 0, but with an error code like SSL_ERROR_WANT_READ or SSL_ERROR_WANT_WRITE, which just means that could not complete the handshake, but not really an error (just call ssl_accept again ... ). But in you main server thread, you just do a continue, thus looping again ... and creating a brand new ssl structure and socket ... you should loop() { create the tcp socket loop () { ssl_accept from the tcp socket till non-zero } } Take a look at the examples that come with openssl. Regards, Cesc __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] This message has been scanned for viruses by MailController - www.MailController.altohiway.com __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
MD5 not returning hash for string ending with .
Hi, I don't know if anyone earlier posted similar message earlier..If so apologise me for repetition. I am trying a simple program to get MD5 hash of any string.The program is as follows: // try.c #include stdio.h #include openssl/md5.h int main() { unsigned char var[]=k.; unsigned char *op; op = MD5(var,strlen(var),NULL); printf(\nHash= %s\tLen= %d,op, strlen(op)); return 0; } I compiled it with: gcc -lcrypto -o try try.c The above code is returning empty hash with 0 length. But with strings like ., k.a this code is working properly. Can anyone throw light on it? Thanks in advance, Kaustubh Start your day with Yahoo! - make it your home page http://www.yahoo.com/r/hs __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
SSL_write SSL_ERROR_SYSCALL problem
Hi developers, The problem is as follows: I want to send ie. 24297 bytes using SSL_write() function. But this function returns -1, SSL_get_error tells() this is SSL_ERROR_WANT_WRITE. Immediately I call SSL_write() second time (with same params) as stated in documentation. After that second call SSL_write() returns again -1 which is SSL_ERROR_SYSCALL. I hoped to receive SSL_ERROR_WANT_WRITE again and again untill all data in the buffer will be sent out. When I enable partial wirte, then second call to this functions also gives me SSL_ERROR_SYSCALL. How to solve this problem ? Can anybody give me a clue to understand this problem ? Best regards, Mariusz Ciepły. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Investigating a leak
That'd do it. But if you're doing the loop in that sequence, and if you have set non-blocking on the sockets, then instead of polling for the connection you can use select or poll (depending on your platform) to wait for incoming connection activity, then enter ssl_accept in blocking mode which would probably cut down on those fake errors. Wouldn't this be a better sequence? Eww, no. Suppose the connection is aborted before you manage to call SSL_accept. The call could block indefinitely. It is almost always a mistake to use 'select' or 'poll' with blocking socket operations. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Test
mail server test please ignore __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: MD5 not returning hash for string ending with .
You are again using strlen(): hexprint(op, strlen(op)); -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of kaustubh mendki Sent: Tuesday, July 19, 2005 3:03 PM To: Ken Goldman Cc: openssl-users@openssl.org Subject: Re: MD5 not returning hash for string ending with . Hi Ken, Yes, hash can contain printable as well as nonprintable chars.As I mentioned this code was working with other strings and giving correct hash length(16).To eliminate this issue, i converted these chars to hex. Now code look like this: #include stdio.h #include openssl/md5.h void hexprint(unsigned char *data, int len) { int i; for(i = 0;i len;i++) {/* %02x for lowercase, %02X for uppercase hexidecimal letters */ printf(%02x, data[i]); } } int main() { unsigned char var[]=k.; unsigned char *op; op = MD5(var,strlen(var),NULL); hexprint(op, strlen(op)); return 0; } Atleast this should work ..but its not working either for string k.. For any other string working perfectly. Wonder if its a bug! Thanks, Kaustubh --- Ken Goldman [EMAIL PROTECTED] wrote: Date: Tue, 19 Jul 2005 04:30:03 -0700 (PDT) From: kaustubh mendki [EMAIL PROTECTED] I am trying a simple program to get MD5 hash of any string.The program is as follows: #include stdio.h #include openssl/md5.h int main() { unsigned char var[]=k.; unsigned char *op; op = MD5(var,strlen(var),NULL); printf(\nHash= %s\tLen= %d,op, strlen(op)); return 0; } I compiled it with: gcc -lcrypto -o try try.c The above code is returning empty hash with 0 length. But with strings like ., k.a this code is working properly. Can anyone throw light on it? Hashes are not printable C strings. They are byte arrays. Thus, printf and strlen will both fail. -- Ken Goldman [EMAIL PROTECTED] 914-784-7646 __ Do you Yahoo!? Yahoo! Mail - You care about security. So do we. http://promotions.yahoo.com/new_mail __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
MSVC 2005 compilation problem
Hello developers, How to correclty build openssl-0.9.8 using MS Visual 2005. Most of the functions are deprecated by the C++ runtime and compiler stops with error codes. How to compile it correctly ? Thank you, Mariusz Ciepły. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: MSVC 2005 compilation problem
Hello, I have not tried to build Openssl with Withbey (MSVC 2005), but i think you have the same problem as i suffered when i compiled the code for Windows Mobile 2003 (see openssl-dev list, a topic a week ago). To use functions as strlen or old string related functions you may use #define STRSAFE_NO_DEPRECATE (edit the code) or -D DSTRSAFE_NO_DEPRECATE directly in the makefile ntdll.mak Perhaps there are many other functions form C/C++ that suffer from the same, i recommend you to search the code of windows sdk (i mean the header files) in order to find preprocessor directives with the pattern: #ifndef XX_NO_DEPRECATE to find all the directives you need to include in the makefile in order to compile the code with the last Windows SDK and last IDE I hope it will help :) bye Daniel Díaz Sánchez [EMAIL PROTECTED] Hello developers, How to correclty build openssl-0.9.8 using MS Visual 2005. Most of the functions are deprecated by the C++ runtime and compiler stops with error codes. How to compile it correctly ? Thank you, Mariusz Ciep³y. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- -- dds __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: d2i_RSAPublicKey doesn't work
That part of the code remains the same, and continues to work fine. By the way, my last code snippet should have been: U8* tmp = buf; RSA* pub = d2i_RSAPublicKey(0, (const U8**)tmp, len); I mistakenly typed *len instead of len. Anyways, after I call i2d_RSAPublicKey, calling d2i_RSAPublicKey does not seem to work. It always returns me a null ptr. But I know the RSA object is fine. I can use it in RSA_public_encrypt() and RSA_private_decrypt(). Any ideas? Anybody else experiencing this problem? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Nils Larsch Sent: Tuesday, July 19, 2005 12:36 AM To: openssl-users@openssl.org Subject: Re: d2i_RSAPublicKey doesn't work Edward Chan wrote: If you're referring to http://www.openssl.org/support/faq.html 3. How do I read or write a DER encoded buffer using the ASN1 functions? ... The opposite assumes we already have len bytes in buf: unsigned char *p; p = buf; p7 = d2i_PKCS7(NULL, p, len); At this point p7 contains a valid PKCS7 structure of NULL if an error occurred. If an error occurred ERR_print_errors(bio) should give more information. The reason for the temporary variable 'p' is that the ASN1 functions increment the passed pointer so it is ready to read or write the next structure. This is often a cause of problems: without the temporary variable the buffer pointer is changed to point just after the data that has been read or written. This may well be uninitialized data and attempts to free the buffer will have unpredictable results because it no longer points to the same address. -- I see where it says you need to create the temp var. So changed my code to do that, but I still get a null ptr returned. Code is now: U8* tmp = buf; RSA* pub = d2i_RSAPublicKey(0, (const U8**)tmp, *len); and what about i2d_RSAPublicKey ? Nils __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: info about a certificate request
Martin Matusiak wrote: I was wondering how to print info about a certificate request.. if I create a self signed certificate by passing the -x509 flag, I can use $ openssl x509 -in pubkey.pem -noout -text to print information about it. How can I do the same for a certificate request? The reason I ask is that I need to replicate certificate request creation (most likely in java, adapting existing code) and I need some way of verfying that the requests I generate are of the correct format. Assuming something like this: openssl req -new -nodes -keyout key.pem req.pem You can inspect the request like this: openssl req -in req.pem -text -noout __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Parsing Email Addresses
Hi, I'm new to OpenSSL, and I'm hoping someone can tell me the easiest/best way to parse an email address from a X.509 V3 client email cert. Any suggestions would be appreciated. Thanks, Thomas __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
test BN_sqr failed
I'm new to openssl. When I run make report I get Square test failed!. What exactly should I be looking for to determine why the test failed? Thanks John Majikes
Re: Certificate Revocation List (CRL) management recommendations?
Sorry to prolong this thread, but does the function X509_CRL_verify() actually check to see if the CRL has expired? If not what function performs this verification? I'm confused as to the actually mechanics of using the default_crl_days in code. -David Brock- Bernhard Froehlich wrote: Jorey Bump wrote: Bernhard Froehlich wrote: The idea behind a CRL is to have the possibility to publicly revoke a certificate before it expires (so setting default_crl_days equal to default days is not very sensible, you should just work without a CRL in such a case). Is this as simple as commenting out default_crl_days? I've noticed that a certificate with a longer default_days will be treated as expired when default_crl_days is reached. Yet, I don't see the CRL period in the signed certificate when I view it with the -text option. I'm afraid I don't understand the underlying CRL checking mechanism. Does the server (web, mail, etc.) check the CRL, or the client? No, you have to comment out crlDistributionPoints (and maybe some similar entries like nsCaRevocationUrl). If a crlDistributionPoint is coded into the certificate a verifying entity should download a new CRL every default_crl_days days, and if it is not possible to download the CRL (maybe because you forgot to publish the current version) the verification should fail! Otherwise an evil guy would swamp the CRL distribution point with DoS-attacks and could use a revoked cert till its expiry date. It's been mentioned elsewhere that the CRLs of major CAs can grow to be several MB, but I can't say that I've ever noticed such activity on either my servers or clients (not that I was looking for it, but I do actively monitor connections). As I see it CRLs are not often used, maybe just because of that reason. But from your description I'd guess that the size of the CRL should not be a problem in your environment. The disadvantage of a CRL is that it has to be accessible and kept up-to-date or the verification will fail. So using a CRL will require a stable net, stable webserver and someone (possibly a cron job or something like that) generating new CRLs in regular intervals. I can probably do that, although at the moment it would seem more manageable to push the CRL out to the small number of clients when necessary. On the other hand, it seems that simply replacing a certificate on the server is as effective as revoking it and publishing a CRL (assuming, of course, that noone has acquired the key/cert and is using it to masquerade as my server). In this case, a CRL would be most valuable in protecting the integrity of my root CA certificate (which could also be replaced and redistributed, I guess). OK, if someone acquired your CA's key you're deep in the dirt, regardless wether you use CRLs or not, since the evil one can build his/her own CRLs with the signature of your CA. ;) Wether you can do without a CRL is hard to say without knowing your detailed security requirements. If there are only few servers to distribute new certificates to, setting a shorter expiry date may do a similar job. On the other hand, if you are using the certificates for client access to important data you might like to be able to revoke a lost certificate within few days or even hours, in which case even a CRL might not be fast enough and you'd have to set up an OCSP server... Yes, I've glanced at OCSP, and it seems to be the most sensible approach. But is it widely supported? Is the OCSP server included with OpenSSL robust? Is it recommended to set up OCSP servers on port 80 to accommodate corporate firewalls? I have no current plans for issuing client certificates, but the need may arise in the future. I don't know very much about OCSP since I haven't used it till now. As I understand it it's a webserver-plugin (cgi or perl or something like that) that looks up a certificate's serial number in its local CRL and returns (essentially) TRUE or FALSE. [...] Ted ;) __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]