Re: PKCS7 encoding large content buffers
On Mon, Nov 28, 2005, Brian Daugherty wrote: > hi, > > I need to PKCS7 sign and verify a several megabyte buffer. > This raises lots of fun issues with streaming and memory management. > > From what I've been able to learn so far using a detached > PKCS7 structure along with PKCS7_dataInit() and PKCS7_dataFinal() > calls to stream the large content buffer is the way to go for > calculating the signature. > > One of the requirements I have is that the detached content and > the PKCS7 signatures must both be stored in a single file. This > means I'll have my PKCS7 signed structure in DER format trailed by > the signed contents. Creating the file is straightforward. Reading > it in for verification it is something I'm confused about. > > Is there a way for to determine the actual length of the > PKCS7_SIGNED data so I can find the offset of the contents? > > What I want is to call d2i_pkcs7_bio() to retreive the PKCS7_SIGNED > data, then use its size to skip ahead to the correct offset and > start the signature validation. If it helps at all both the > PKCS7_SIGNED data and the signed content will already be loaded into > memory (however there's not enough memory to allocate space for the > ASN1 parsing of both). > Ideally the thing should be handleable in BER format if the OpenSSL ASN1 code streamed data properly. Unfortunately I haven't been able to get enough people interested in that so far... Anyway calling i2d_PKCS7() on the PKCS7 structure will return its length which you can then use as an offset. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Non-blocking IO
Perry L. Jones wrote: can some one please point me to an example of non-blocking IO reading with openssl. Thanks, Perry __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] Yes, The source code for the O'Reilly book on OpenSSL is freely downloadable from ora.com in it, is an example on how to use non-blocking ssl and managing the various states of connection using ssl_read and ssl_write. Hope That Helps Joe S. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
PKCS7 encoding large content buffers
hi, I need to PKCS7 sign and verify a several megabyte buffer. This raises lots of fun issues with streaming and memory management. From what I've been able to learn so far using a detached PKCS7 structure along with PKCS7_dataInit() and PKCS7_dataFinal() calls to stream the large content buffer is the way to go for calculating the signature. One of the requirements I have is that the detached content and the PKCS7 signatures must both be stored in a single file. This means I'll have my PKCS7 signed structure in DER format trailed by the signed contents. Creating the file is straightforward. Reading it in for verification it is something I'm confused about. Is there a way for to determine the actual length of the PKCS7_SIGNED data so I can find the offset of the contents? What I want is to call d2i_pkcs7_bio() to retreive the PKCS7_SIGNED data, then use its size to skip ahead to the correct offset and start the signature validation. If it helps at all both the PKCS7_SIGNED data and the signed content will already be loaded into memory (however there's not enough memory to allocate space for the ASN1 parsing of both). thanks, brian __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Certificates
Mark wrote: Hi Goetz, Hello Mark, You point at it in the context before the handshake. You can either point at a dir full of digest named ones or a specific root cert file. Strangely I tried the former which did not work. The latter method appears to work fine (it connected and exchanged data anyway). did you a c_rehash ? with being the path to the directory with the CA file(s) ? Yes. Strange. Naturally you have to set the directory in openssl with the -CApath command line option and the SSL_CTX_load_verify_locations(ctx, NULL, CApath) function call... I used SSL_CTX_load_verify_locations(ctx, NULL, CApath) but did not use the -CApath option anywhere. Where should that be used? In the OpenSSL binary... But since you are using an own program, this doesn't matter. Could you do an c_rehash openssl verify -CApath cert_to_check If this doesn't work, but a cat /*.pem >ca.pem openssl verify -CAfile ca.pem cert_to_check works, there is something really strange with your system ... Bye Goetz -- DMCA: The greed of the few outweighs the freedom of the many smime.p7s Description: S/MIME Cryptographic Signature
Re: Question on a good attribute for local information
Phil Dibowitz wrote: > Bear Giles wrote: > >>Issuer DN and serial number are unique. > > > Yes, but we have a central identity system that uses GUIDs to ... > everything. We want to do it for cerificates as well. We want said GUID > to be in the certificate. > > Serial number is typically used for renewals, I don't want to step on that. > > Any suggestions for attributes for that? > > We'll only be dealing with our internal CA, so I have control over all > of that. > No references on places to look? Suggestions on extensions to use? For reference, the original question was: We'd like to tie all of our certificates to a unique identifier in a DB... is there an attribute out there, perhaps in the PKIX extensions or x509v3 extensions or somewhere else that would be a reasonable place for this? -- Phil Dibowitz P: 310-360-2330 C: 213-923-5115 Unix Admin, Ticketmaster.com signature.asc Description: OpenPGP digital signature
How to create a multiprocess HTTPS connection pool? Is it even possible?
Hello, Does anyone know whether it's possible to create a multi-process HTTPS connection pool for unix? It is possible to create a multi-process HTTP connection pool using Unix domain sockets to pass open file descriptors across processes. The problem is that the state of a HTTPS connection is not referenceable by only the file descriptor. I have a few ideas... One idea: (1) Get open file descriptor from pool (unix domain sockets) (2) Call SSL_connect (3) Use it... (4) Call SSL_shutdown (5) Return open file descriptor to pool (unix domain sockets) HTTPS servers will probably just close the socket after the SSL_shutdown. Is there any reason to think they would call SSL_accept instead? This wouldn't work, would it? Another idea: (1) Get open file descriptor from pool (unix domain sockets) (2) Get associated SSL* and SSL_CTX* from shared memory (3) The file descriptor number from from (1) may be different from the file descriptor number in (2) even though they both refer to the same underlying file descriptor. Somehow change the SSL's BIO to use the new file descriptor number without disrupting any of internal state. (4) Use it... (5) Return SSL* and SSL_CTX* to shared memory (6) Return open file descriptor to pool. (unix domain sockets) The big concern here is that the SSL and SSL_CTX structs must only reference shared memory. Is there a way to override malloc/free in the openssl library so that only shared memory would be used in the SSL and SSL_CTX structs? (I'm assuming I would write my own variable length, reclaiming shared memory-backed allocator) Also, can the file descriptor number in the the SSL connection's underlying BIO be changed without side-effect? Any other ideas? Thanks Josh __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Questions about OCSP
On Mon, Nov 28, 2005, Stefan Vatev wrote: > > Hi guys, > I had to look in-depth the ocsp stuff of openssl and some > questions arise. Well, in ocsp.c I don't get why after > trying OCSP_basic_verify(bs, verify_other, store, > verify_flags) and the result is negative openssl ties to > verify the signer's certificate again, but without the > stack of certs (which to be verified) and all flags set to > zero. I really don't understand this piece of code :( > I have to admit that I wasn't sure why that was there either :-) Checking through CVS it looks like it is some legacy code from the initial support for -VAfile which is now handled differently and that isn't needed any more. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Checking connection status
Hello, I have an SSL connection and I want to check that its status is still OK before reading or writing. I have seen SSL_state used I think for this purpose but can't find any documentation on it. If this a function I should uses or is there a better what to ensure my SSL socket is still good? Thanks, Perry __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Questions about OCSP
On Mon, Nov 28, 2005, Stefan Vatev wrote: > > Another question bothering me what is written in the ocsp > documentation. This is done when all other verification > checks failed: > " > Otherwise the root CA of the OCSP responders CA is checked > to see if it is trusted for OCSP signing. If it is the OCSP > verify succeeds. > " > > My question is whether this check is openssl-specific or is > RFC-based, because I've been searching for it in RFC2560 > with no success. > This is covered by 2.2 and the possibility of "a Trusted Responder whose public key is trusted by the requester". The RFC leaves the criteria under which the public key will be trusted by the requester open. It is one way under which a "global responder" can be trusted. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Questions about OCSP
Hi guys, I had to look in-depth the ocsp stuff of openssl and some questions arise. Well, in ocsp.c I don't get why after trying OCSP_basic_verify(bs, verify_other, store, verify_flags) and the result is negative openssl ties to verify the signer's certificate again, but without the stack of certs (which to be verified) and all flags set to zero. I really don't understand this piece of code :( Another question bothering me what is written in the ocsp documentation. This is done when all other verification checks failed: " Otherwise the root CA of the OCSP responders CA is checked to see if it is trusted for OCSP signing. If it is the OCSP verify succeeds. " My question is whether this check is openssl-specific or is RFC-based, because I've been searching for it in RFC2560 with no success. Any comments are welcomed :) Stefan - Всички говорят безплатно. Каквото изговориш до 6-ти януари, се презарежда по твоята vivatel сметка на 7-ми януари. http://www.vivatel.bg/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Usage of BIO pairs
Hello again list, I have already posted about the project I am working on, which in a general way is to provide an application with OpenSSL functionality while keeping control over the network access. I have made some good progress in this work using BIO pairs, as I had been advised. However I now have an occasional crash that I can't easily debug (mainly because the application itself is written in a slightly exotic language - the trace I get is truncated far before the actual problem). The only example of BIO pair usage I have come accross so far is the test in ssltest.c. I would appreciate if someone could point me to another example of BIO pair usage in which the client and server are under different threads of control. I thank you all for your time, -- Alain Damiral, Université Catholique de Louvain - student alain.damiral'at'student.info.ucl.ac.be __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Resend: Java Sun JDK 1.4.1_07 client connecting to SSL server using OpenSSL 9.8a problems
On Mon, Nov 28, 2005, [EMAIL PROTECTED] wrote: > > Is this the right newsgroup to send this question? > Since the Sun Java SSL/TLS implementation has nothing to do with OpenSSL no it isn't... Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
ssltest & TLS_RSA_WITH_AES_128_SHA
I cannot figure out how to get ssltest to negotiate TLS_RSA_WITH_AES_128_SHA. I tried several combinations of the -cipher command but it always negotiates AES256 instead of AES128. I am using 0.9.8a test/ssltest -time -num 1000 -tls1 -cipher AES128-SHA Using BIO pair (-bio_pair) Available compression methods: NONE client authentication TLSv1, cipher TLSv1/SSLv3 AES256-SHA, 512 bit RSA 1000 handshakes of 1024 bytes done Approximate total server time: 8.17 s Approximate total client time: 8.20 s __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Resend: Java Sun JDK 1.4.1_07 client connecting to SSL server using OpenSSL 9.8a problems
Is this the right newsgroup to send this question? Thanks. Can someone help us out why we are having the connection problem? Searched the internet for answer and it seems to me that the problem is in the protocol level. In the Java client running under Sun JVM windows version we have the following code. SSLSocketFactory sslsocketfactory = (SSLSocketFactory)SSLSocketFactory.getDefault(); SSLSocket sslSocket = (SSLSocket)sslsocketfactory.createSocket(); String protocols[] = {"SSLv3", "TLSv1"}; sslSocket.setEnabledProtocols(protocols); InetAddress anInetAddress = InetAddress.getByName(host); SocketAddress aSocketAddress = new InetSocketAddress(anInetAddress, port); sslSocket.connect(aSocketAddress, timeout); sslSocket.startHandshake(); Getting following error/exceptions: (1) Exception when the following using the default protocol Sun uses String protocols[] = {"SSLv3", "TLSv1"}; sslSocket.setEnabledProtocols(protocols); javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275) (2) Exception when using the code above setting protocol to SSLv3", "TLSv1"}and using bouncy castle. (a) java.lang.NoClassDefFoundError at javax.crypto.Cipher.a(DashoA6275) at javax.crypto.Cipher.getInstance(DashoA6275) at com.sun.net.ssl.internal.ssl.SunJSSE_i.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SunJSSE_bk.(DashoA12275) at com.sun.net.ssl.internal.ssl.SunJSSE_bj.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SunJSSE_be.(DashoA12275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275) (b) javax.net.ssl.SSLException: Received fatal alert: bad_record_mac at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.a(DashoA12275) at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.b(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.b(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275) Thank you in advance! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Windows 2000 Professional does not consider valid certificates from Openssl 0.9.8
On Mon, Nov 28, 2005, Jos Luis Gmez wrote: > Hello, > I have installed Openssl 0.9.8 in a Linux box. Then I've created my own > CA (CA.sh -newca). > Then, I create a certificate for a Windows machine, with CA.sh -newreq, > then CA.sh -sign to sign it. Then I convert them into PKCS12 format to > export to a Windows 2000 Professional machine. This p12 contains the > personal key and the server certificate: > /usr/local/ssl/misc# openssl pkcs12 -export -in newcert.pem -inkey > newkey.pem -certfile demoCA/cacert.pem -out /tmp/client.p12 > > (some howtos explain that the key is in newreq.pem, but I've checked > they are actually, at least for this version, in newkey.pem; actually if > I try the former command with newreq.pem it complains about the missing > private key). > > Once under Windows, I import the file p12 under Root Certificate > Authorities; Windows 2000 considers valid such CA certificate for all > purposes. > > Then, I import the p12 again as it contains the client key, under > Personal certificates. But when I double click in it, it says that the > certificate is invalid or the CA does not have authority to issue > certificates. Hence I cannot use IPSEC with this certificate, as IPSEC > complains of not having any valid certificate. > > I've installed previously the High Encription package in Windows 2000 > Professional box, so I don't understand the problem. The service pack is > SP4, which, I think, it's the last available version. > > Any help? > Don't use CA.sh use CA.pl instead. Don't import the PKCS#12 file under root authorities. Instead import cacert.pem and it should be added as a trusted root. Then when you later import the PKCS#12 file it should verify correctly. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Windows 2000 Professional does not consider valid certificates from Openssl 0.9.8
Hello, I have installed Openssl 0.9.8 in a Linux box. Then I've created my own CA (CA.sh -newca). Then, I create a certificate for a Windows machine, with CA.sh -newreq, then CA.sh -sign to sign it. Then I convert them into PKCS12 format to export to a Windows 2000 Professional machine. This p12 contains the personal key and the server certificate: /usr/local/ssl/misc# openssl pkcs12 -export -in newcert.pem -inkey newkey.pem -certfile demoCA/cacert.pem -out /tmp/client.p12 (some howtos explain that the key is in newreq.pem, but I've checked they are actually, at least for this version, in newkey.pem; actually if I try the former command with newreq.pem it complains about the missing private key). Once under Windows, I import the file p12 under Root Certificate Authorities; Windows 2000 considers valid such CA certificate for all purposes. Then, I import the p12 again as it contains the client key, under Personal certificates. But when I double click in it, it says that the certificate is invalid or the CA does not have authority to issue certificates. Hence I cannot use IPSEC with this certificate, as IPSEC complains of not having any valid certificate. I've installed previously the High Encription package in Windows 2000 Professional box, so I don't understand the problem. The service pack is SP4, which, I think, it's the last available version. Any help? Thanks, JL begin:vcard fn;quoted-printable:Jos=C3=A9 Luis G=C3=B3mez n;quoted-printable;quoted-printable:G=C3=B3mez;Jos=C3=A9 Luis email;internet:[EMAIL PROTECTED] x-mozilla-html:TRUE version:2.1 end:vcard
problem on modification!
Hi! Now I have a small project which is compiled in Unix, but I want to make some modify to let it run on windows platform, would you please give me some advice on how to do it? thank you in advance! best regards! Sun Yingming请使用 MSN Messenger 与联机的朋友进行交流 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: ssl_connect timer???
Hi, > with a UA using SSL_connect and due to some reason if > SSL_get_error returns > SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE. For non > blocking BIOs I belive the operation of > SSL_connect with endpoint will still be going on in this case Try using SSL_CTX_set_mode(ctx, SSL_MODE_AUTO_RETRY); Mark. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Certificates
Hi Goetz, > >> You point at it in the context before the handshake. You can either > >> point at a dir full of digest named ones or a specific > root cert file. > > > > Strangely I tried the former which did not work. The latter method > > appears to work fine (it connected and exchanged data anyway). > > did you a c_rehash ? > > with being the path to the directory > with the CA file(s) ? Yes. > Naturally you have to set the directory in openssl with > the -CApath command line option and the > SSL_CTX_load_verify_locations(ctx, NULL, CApath) > function call... I used SSL_CTX_load_verify_locations(ctx, NULL, CApath) but did not use the -CApath option anywhere. Where should that be used? Cheers, Mark __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
ssl_connect timer???
Hi For the scenario where the Proxy server is establishing a TLS connection with a UA using SSL_connect and due to some reason if SSL_get_error returns SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE. For non blocking BIOs I belive the operation of SSL_connect with endpoint will still be going on in this case (correct me if I am wrong). Then how long this operation (retrying for SSL_connect) should go on? Does SSL_connect has any kind of internal timer where in it will retry connecting(SSL_connect) till timeout and after that SSL_connect returns failure? Please provide some inputs. thanks and regards Seema *** FSS-Private *** "DISCLAIMER: This message is proprietary to Flextronics Software Systems Limited (FSS) and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. FSS accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus." __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Fw: SSL_get_error return??Resending !!
Hi Can anyone please give some inputs on my question posted before? For the scenario where the Proxy server is establishing a TLS connection with a UA and if UA fails to send “Change Cipher Spec, Encrypted Handshake Message.” resulting in SSL_connect failure. In this case what does SSL_get_error return ? Should SSL_get_error return SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE? considering that its a fatal error causing handshake failure? I have checked some of the sites/manuals I could not get any direct refernce for SSL_get_error return values for such scenario. Please provide your inputs. thanks and regards Seema - Forwarded by Seema Jagatap/BLR/HSS on 11/28/2005 02:19 PM - Seema Jagatap/BLR/HSS To 11/16/2005 12:36 PM cc FSS-Private Subject SSL_get_error return?? Hi For the scenario where the Proxy server is establishing a TLS connection with a UA and if UA fails to send “Change Cipher Spec, Encrypted Handshake Message.” resulting in SSL_connect failure. In this case what does SSL_get_error return ? Should SSL_get_error return SSL_ERROR_WANT_READ/SSL_ERROR_WANT_WRITE? considering that its a fatal error causing handshake failure? I have checked some of the sites/manuals I could not get any direct refernce for SSL_get_error return values for such scenario. Please provide your inputs. thanks and regards Seema *** FSS-Private *** *** FSS-Private *** "DISCLAIMER: This message is proprietary to Flextronics Software Systems Limited (FSS) and is intended solely for the use of the individual to whom it is addressed. It may contain privileged or confidential information and should not be circulated or used for any purpose other than for what it is intended. If you have received this message in error, please notify the originator immediately. If you are not the intended recipient, you are notified that you are strictly prohibited from using, copying, altering, or disclosing the contents of this message. FSS accepts no responsibility for loss or damage arising from the use of the information transmitted by this email including damage from virus."