Re: Create public/private key pair from trusted moduli?
Requiring a private key to be embedded into the binary is almost always a flawed design, because you're handing secret information to a computer controlled by someone you want to avoid having that data. Including 'trusted' moduli in the binary is also generally a flawed design, for the same reason. Including a public key/certificate in the binary allows for your CA to be known as trusted, though. What is the situation that you need to embed keys in your binary for? (if it's to keep people from using a binary with my service other than the one I provide, it won't work. Other answers might be better.) -Kyle H On Tue, Apr 8, 2008 at 7:32 PM, Julian [EMAIL PROTECTED] wrote: Hi, I am working on a client/server application. I am using RSA and need to ship keys in my binary, however I would rather generate key pairs on binary execution that get signed by the login server. Correct me if I am wrong but can I simply create my CA and keys and place the moduli of these keys inside the binary and then use the moduli to generate a public/private key pair that is trusted by the server? Basic idea here is to just hardcode the moduli in the binary. I have not seen any code performing this. Am I totally off? thanks in advance. julian __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
segv in big number code
Hi, I am running openssl 0.9.7 on an MP-RAS Unix box with 32 bit Intel hardware. Very occassionally (four times in eight months) I have seen a segmentation fault in the big number code, when CRYTPO_malloc calls malloc. I understand that heap corruption can arise from just about anywhere, but it is interesting that the backtrace is so similar each time. The back trace from the dump is pretty garbled, and actual parameter values were not available, but it looks like this: _real_malloc(?) malloc(num) default_malloc_ex(num,file,line) CRYPTO_malloc((int)sizeof(BN_ULONG)*(words+1), __FILE__,__LINE__) bn_expand_internal(b, words) bn_expand2(r, max+1) BN_uadd(X, X, n) BN_mod_inverse(Ri,R,tmod,ctx) BN_MONT_CTX_set((BN_MONT_CTX *)dh-method_mont_p, dh-p,ctx) dh-meth-generate_key(dh) DH_generate_key I know it's a long shot, but since I cannot recreate it, and since the dump is pretty much worthless, I am wondering if anyone has had a similar problem, and if so, is there a later version of openssl that fixes it? Thanks, Tom
Re: Create public/private key pair from trusted moduli?
Thanks Kyle, Here is my situation: I have a server which can sign certificates over tls(implemented in both client and peer). I generate a public/private key pair for each peer now. I need a way so Peer A Trusts Peer B because. So, I am trying to figure out the best way to do this, can server sign each peers certs and them trust each other? Thanks julian On Apr 8, 2008, at 11:04 PM, Kyle Hamilton wrote: Requiring a private key to be embedded into the binary is almost always a flawed design, because you're handing secret information to a computer controlled by someone you want to avoid having that data. Including 'trusted' moduli in the binary is also generally a flawed design, for the same reason. Including a public key/certificate in the binary allows for your CA to be known as trusted, though. What is the situation that you need to embed keys in your binary for? (if it's to keep people from using a binary with my service other than the one I provide, it won't work. Other answers might be better.) -Kyle H On Tue, Apr 8, 2008 at 7:32 PM, Julian [EMAIL PROTECTED] wrote: Hi, I am working on a client/server application. I am using RSA and need to ship keys in my binary, however I would rather generate key pairs on binary execution that get signed by the login server. Correct me if I am wrong but can I simply create my CA and keys and place the moduli of these keys inside the binary and then use the moduli to generate a public/private key pair that is trusted by the server? Basic idea here is to just hardcode the moduli in the binary. I have not seen any code performing this. Am I totally off? thanks in advance. julian __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PKCS#7 Api's help (Plz help me)
Hi Shankar: The functions in pkcs7.h look rather straightforward - I think the hint you need is to not sign the data outside of the PKCS7 functions (don't use RSA_sign), but instead, try using just the functions in pkcs7.h to do what you want. (I've never done what you're trying to do, so don't ask me for more help, however, the above is how I'd go about tackling your problem). Have fun. Patrick. shankar ks wrote: Hi Every body, Please help me for the following information . I am working on securtiy issues ,I have to sign, compress, encrypty the file as CMS package. In order to fullfill conditions I have to use pkcs7 API's ( in C - Program). Let me give you some brief on my work : I have a file , I need to sign that file ( I signed the file using RSA_sign) funtion. ). once the file is signed I need to envelope the file as a CMS package. So Could any one who has prior knowledege on usage of pkcs function , please help me how to do this signing and verification . If possible please give me the links where I can get data on these PKCS#7 funtions .. please help me , __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Unknown File Type
Hi, I got mysself a Thawte Freemail certificate. First, I downloaded it hitting the fetch button in __Firefox__. Firefox is keeping the keys and certificate in some PKCS#11 encrypted form. I used the Backup feature to obtain a *.p12 file. From this point on I can convert it using OpenSSL to PEM or anything else and I seem to understand what I do. But when I visit the Thawte site using __Lynx__ and hit the fetch button there, I get a file that I cannot find out of what type it is. Is there an OpenSSL tool to determine a files type? I'm suspicious that it is some *.p7X format as I can at least bring it to a PEM form entering openssl pkcs7 -in downloaded_file -inform der The command -print_certs yields nothing. I try to obtain further information using the Ruby OpenSSL suite. When I ask to decrypt the file I get an error wrong content type. As I already got an .p12 key suite and successfully use it to encrypt and sign mails, the research about what is going on here is of no practical use for me. Anyway I would like to understand what kind of file I'm dealing with. Could anyone give me a hint where to look at next? Thanks in advance, Bertram -- Bertram Scharpf Stuttgart, Deutschland/Germany http://www.bertram-scharpf.de __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PKCS#7 Api's help (Plz help me)
Hi Patrick , ThanQ for your information , my intention also to use pkcs funtions only , but the problem is I am not understanding how to use them. for that only i am asking for any application program that will do the signing and verification . and there is no clearity in those funtions which algorithems they are using for signing and verification . for suppose i gave some digested data (sha1) for signing , then i do not know which algorightms or cipher suits it is using internally. Best Regards --Shankar On 4/9/08, Patrick Patterson [EMAIL PROTECTED] wrote: Hi Shankar: The functions in pkcs7.h look rather straightforward - I think the hint you need is to not sign the data outside of the PKCS7 functions (don't use RSA_sign), but instead, try using just the functions in pkcs7.h to do what you want. (I've never done what you're trying to do, so don't ask me for more help, however, the above is how I'd go about tackling your problem). Have fun. Patrick. shankar ks wrote: Hi Every body, Please help me for the following information . I am working on securtiy issues ,I have to sign, compress, encrypty the file as CMS package. In order to fullfill conditions I have to use pkcs7 API's ( in C - Program). Let me give you some brief on my work : I have a file , I need to sign that file ( I signed the file using RSA_sign) funtion. ). once the file is signed I need to envelope the file as a CMS package. So Could any one who has prior knowledege on usage of pkcs function , please help me how to do this signing and verification . If possible please give me the links where I can get data on these PKCS#7 funtions .. please help me , __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- --Best Regards Shankar
PKCS#7 Api's help (Plz help me)
Hi Every body, Please help me for the following information . I am working on securtiy issues ,I have to sign, compress, encrypty the file as CMS package. In order to fullfill conditions I have to use pkcs7 API's ( in C - Program). Let me give you some brief on my work : I have a file , I need to sign that file ( I signed the file using RSA_sign) funtion. ). once the file is signed I need to envelope the file as a CMS package. So Could any one who has prior knowledege on usage of pkcs function , please help me how to do this signing and verification . If possible please give me the links where I can get data on these PKCS#7 funtions .. please help me , -- --Best Regards Shankar
SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS option...
Hi, The client is configured with SSLv3_client_method. *ctx = SSL_CTX_new(SSLv3_client_method());* Whenever the client tries to connect to server with any CBC ciphers like DES-CBC3-SHA, the SSL handshake is successful but when the client tries to send data to server,say 10 bytes, I see from ethereal that two application records are sent. But the server does not report reading that data. With cipher RC4-MD5, this is not seen. 10 bytes are sent in one application record and server reports the receiving of that particular data. Now when I set the *SSL_CTX_set_options* with*SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS *(or SSL_OP_ALL), data exchange with CBC ciphers are successful. What is happening here? Can someone please explain the theory behind *SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS *option? Thanks, Prabhu. S
Re: SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS option...
Prabhu S wrote: Hi, The client is configured with SSLv3_client_method. *ctx = SSL_CTX_new(SSLv3_client_method());* Whenever the client tries to connect to server with any CBC ciphers like DES-CBC3-SHA, the SSL handshake is successful but when the client tries to send data to server,say 10 bytes, I see from ethereal that two application records are sent. But the server does not report reading that data. With cipher RC4-MD5, this is not seen. 10 bytes are sent in one application record and server reports the receiving of that particular data. Now when I set the *SSL_CTX_set_options* with* SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS *(or SSL_OP_ALL), data exchange with CBC ciphers are successful. It's isn't exactly unsuccessful with the empty fragments. (They only apply for block ciphers, so you don't have it with RC4). What is happening here? Can someone please explain the theory behind *SSL_OP_DONT_INSERT_EMPTY_FRAGMENTS *option? See http://www.openssl.org/~bodo/tls-cbc.txt -jb -- Real computer scientists don't comment their code. The identifiers are so long they can't afford the disk space. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Blind input
Hi, I know this might not be the right mailing list for that, but maybe someone can help anyway since I guess this is just some simple thing. I'm trying to read a password from console in a C program and I want prevent the entered password from actually appearing on the console, just the way it happens with e.g. system passwords. How to realize that? Thanks and regards Till Elsner __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Blind input
I'm trying to read a password from console in a C program and I want prevent the entered password from actually appearing on the console, just the way it happens with e.g. system passwords. How to realize that? -- If on *NIX systems, use getpass function call. I think this will work. DISCLAIMER == This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
How to create X509 struct from char poiner to PEM certificate
I need to create X509 structure from a pointer to the memory area where it is stored I have found X509 *d2i_X509(X509 **px, const unsigned char **in, int len); but certificate there should be in DER format. Does anybody know a way to create if from PEM certificate? All i found is PEM_read_X509 and PEM_read_bio_X509 function that takes file poiner and bio as an input parameter. Which makes them unusable for me. -- View this message in context: http://www.nabble.com/How-to-create-X509-struct-from-char-poiner-to-PEM-certificate-tp16586194p16586194.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Blind input
Fantastic, thats exactly what I needed. Thanks a lot. Thanks ans regards Till Elsner Am 09.04.2008 um 16:16 schrieb Ambarish Mitra: I'm trying to read a password from console in a C program and I want prevent the entered password from actually appearing on the console, just the way it happens with e.g. system passwords. How to realize that? -- If on *NIX systems, use getpass function call. I think this will work. DISCLAIMER == This e-mail may contain privileged and confidential information which is the property of Persistent Systems Ltd. It is intended only for the use of the individual or entity to which it is addressed. If you are not the intended recipient, you are not authorized to read, retain, copy, print, distribute or use this message. If you have received this communication in error, please notify the sender and delete all copies of this message. Persistent Systems Ltd. does not accept any liability for virus infected mails. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Functions for converting PEM certificates to DER
I need it for a set of functions that would convert PEM certificates to DER and vise versa. I found openssl command line tool: x509 –in input.crt –inform PEM –out output.crt –outform DER and traced it's code: It is done by creating X509 object from a file and then converting it to the requred format: if (outformat == FORMAT_ASN1) i=i2d_X509_bio(out,x); else if (outformat == FORMAT_PEM) { if (trustout) i=PEM_write_bio_X509_AUX(out,x); else i=PEM_write_bio_X509(out,x); } The problem is that i can't use files in my project, all i have is byte pointers to the memory where certificates is stored. Did anybody have such problem already? Thanks for any advice. -- View this message in context: http://www.nabble.com/Functions-for-converting-PEM-certificates-to-DER-tp16586199p16586199.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Re: Apache 2 with ECC certificates
Reply-to: openssl-users@openssl.org X-Sender: Victor Duchovni [EMAIL PROTECTED] X-List-Manager: OpenSSL Majordomo [version 1.94.5] X-List-Name: openssl-users Content-Length: 4899 On Tue, Apr 08, 2008 at 08:43:51PM -0400, Big BDI wrote: Is something wrong with my certificates(Pasted below)? I generated them with ECCcertgen.sh bundled with openssl... Apache does not generate any errors. One of my test keypairs is pasted below (I used a secp521r1 curve, but I didn't change the comments. They still indicate secp160r1 or something like that). The cert does not have basicConstraints or keyUsage bits. It is an X509 cert, not an X509v3 cert. Otherwise it looks fine. Try this pair of CA cert/key and Server cert/key. Don't worry (for me), they are fresh random keys not used anywhere. Identically built certs work with TLS in pre-release Postfix 2.6. If these work better, perhaps the extentions are relevant. If so, you just need to craft a suitable extension section in the conf file. These use secp256r1 (aka prime256v1). Thank you for your suggestion, I was successful in getting Firefox to connect with the addition of v3 extensions. In order to get it working, ECCcertgen.sh and openssl.cnf was modified. In openssl.cnf, the [v3_ca] section of the file was copied and renamed to [v3_server] and modified slightly. Some of the fields may not belong, adjust them to your liking: Added to openssl.cnf: [ v3_server ] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints = critical,CA:false keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment nsCertType = server issuerAltName=issuer:copy Added to ECCcertgen.sh: -Make sure it points to your preferred openssl.cnf, openssl locations, and output dir locations. -Edit the curve type, files names, O, OU, CN, settings to your liking. Add -extensions v3_server \ to the server signing section -- $OPENSSL_CMD x509 -req -days $DAYS \ -extfile $OPENSSL_DIR/apps/openssl.cnf \ -extensions v3_server \ -in $CERTS_DIR/$TEST_SERVER_FILE.req.pem \ -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \ -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \ -out $CERTS_DIR/$TEST_SERVER_FILE.cert.pem -CAcreateserial Add it to the client signing section as well -- $OPENSSL_CMD x509 -req -days $DAYS \ -extfile $OPENSSL_DIR/apps/openssl.cnf \ -extensions v3_server \ -in $CERTS_DIR/$TEST_CLIENT_FILE.req.pem \ -CA $CERTS_DIR/$TEST_CA_FILE.cert.pem \ -CAkey $KEYS_DIR/$TEST_CA_FILE.key.pem \ -out $CERTS_DIR/$TEST_CLIENT_FILE.cert.pem -CAcreateserial After generating the new certs, Apache was running, finally! Thank you very much for your help. I had one last question; Will ECC support be added to mod_ssl in the future? Thanks again __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: How to create X509 struct from char poiner to PEM certificate
geragray wrote: I need to create X509 structure from a pointer to the memory area where it is stored I have found X509 *d2i_X509(X509 **px, const unsigned char **in, int len); but certificate there should be in DER format. Does anybody know a way to create if from PEM certificate? All i found is PEM_read_X509 and PEM_read_bio_X509 function that takes file poiner and bio as an input parameter. Which makes them unusable for me. One option is to use PEM_read_bio_X509 with a BIO_mem(). Have fun. Patrick. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Blind input
I think you can use the function getch() with option noecho. Faustin Original Message Subject: Blind input From: Till Elsner [EMAIL PROTECTED] To: openssl-users@openssl.org Date: mer 09 avr 2008 16:03:23 CEST Hi, I know this might not be the right mailing list for that, but maybe someone can help anyway since I guess this is just some simple thing. I'm trying to read a password from console in a C program and I want prevent the entered password from actually appearing on the console, just the way it happens with e.g. system passwords. How to realize that? Thanks and regards Till Elsner __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Re: Apache 2 with ECC certificates
On Wed, Apr 09, 2008 at 10:31:36AM -0400, Big BDI wrote: Thank you for your suggestion, I was successful in getting Firefox to connect with the addition of v3 extensions. Cool! Which releases of Firefox support ECC? [ v3_server ] subjectKeyIdentifier=hash authorityKeyIdentifier=keyid:always,issuer:always basicConstraints = critical,CA:false keyUsage = critical, nonRepudiation, digitalSignature, keyEncipherment, dataEncipherment nsCertType = server issuerAltName=issuer:copy nsCertType is obsolete. Instead use: [ v3_server ] basicConstraints= critical,CA:false keyUsage= digitalSignature, keyEncipherment extendedKeyUsage= serverAuth, clientAuth subjectKeyIdentifier= hash # this first authorityKeyIdentifier = keyid:always, issuer:always # and now this adding nsCertType only if actual browsers still appear to need it, but then include also the standard extendedKeyUsage extension. If you don't want the server cert to be usable as an HTTPS client cert, you can drop clientAuth. After generating the new certs, Apache was running, finally! Thank you very much for your help. I had one last question; Will ECC support be added to mod_ssl in the future? This is not really the apache developer mailing list, so unless the right Apache people are here, you may have to ask on their list... -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Functions for converting PEM certificates to DER
Find yourself a base64 encoding/decoding library. That's all you need. Here's the pseudo code: DER = base64-decode(PEM); PEM = base64-encode(DER); Well, and you need to add/remove the - BEGIN CERTIFICATE - lines. Good luck! yours, Julius On Wed, Apr 9, 2008 at 7:29 AM, geragray [EMAIL PROTECTED] wrote: I need it for a set of functions that would convert PEM certificates to DER and vise versa. I found openssl command line tool: x509 –in input.crt –inform PEM –out output.crt –outform DER and traced it's code: It is done by creating X509 object from a file and then converting it to the requred format: if (outformat == FORMAT_ASN1) i=i2d_X509_bio(out,x); else if (outformat == FORMAT_PEM) { if (trustout) i=PEM_write_bio_X509_AUX(out,x); else i=PEM_write_bio_X509(out,x); } The problem is that i can't use files in my project, all i have is byte pointers to the memory where certificates is stored. Did anybody have such problem already? Thanks for any advice. -- View this message in context: http://www.nabble.com/Functions-for-converting-PEM-certificates-to-DER-tp16586199p16586199.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- yours, Julius Davies 250-592-2284 (Home) 250-893-4579 (Mobile) http://juliusdavies.ca/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Installing openssl 0.9.8g in custom location on 64bit SLES 10
Hello, I'm trying to configure openssl 0.9.8g on a 64bit install of SLES 10. I'm using a script that works fine in 32 bit, but doesn't work correctly in 64 bit. The script installs openssl to /app/openssl/0.9.8g with the --shared option, and then adds /app/openssl/0.9.8g/lib to /etc/ld.so.conf and runs ldconfig. I point an open source Apache build (2.2.8) against this openssl install. In the 32 bit OS install, Apache runs fine. In the 64 bit install, apache errors on start with this error: Cannot load /app/Apache/e2e01/modules/mod_ssl.so into server: /app/Apache/e2e01/modules/mod_ssl.so: undefined symbol: SSL_CTX_set_info_callback Unfortuantly a google search on mod_ssl.so: undefined symbol: SSL_CTX_set_info_callback reveals little information. I suspect this problem has something to do with running openssl from a non standard location (whatever location is standard in SLES 10, I have no idea --installing to /usr/local/ssl causes the same problem), but I can't seem to track down what the problem is. Any help is appreciated, even if its just a link to a guide that I can follow. Thanks in advace, -Tim Spangler __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Installing openssl 0.9.8g in custom location on 64bit SLES 10
Have you checked shared libs with ldd ? # ldd /app/Apache/e2e01/modules/mod_ssl.so Also check if ssl and crypto are where they are supposed to be... # ldconfig -p | grep ssl # ldconfig -p | grep crypt Saju -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Tim Spangler Sent: Wednesday, April 09, 2008 12:48 PM To: openssl-users@openssl.org Subject: Installing openssl 0.9.8g in custom location on 64bit SLES 10 Hello, I'm trying to configure openssl 0.9.8g on a 64bit install of SLES 10. I'm using a script that works fine in 32 bit, but doesn't work correctly in 64 bit. The script installs openssl to /app/openssl/0.9.8g with the --shared option, and then adds /app/openssl/0.9.8g/lib to /etc/ld.so.conf and runs ldconfig. I point an open source Apache build (2.2.8) against this openssl install. In the 32 bit OS install, Apache runs fine. In the 64 bit install, apache errors on start with this error: Cannot load /app/Apache/e2e01/modules/mod_ssl.so into server: /app/Apache/e2e01/modules/mod_ssl.so: undefined symbol: SSL_CTX_set_info_callback Unfortuantly a google search on mod_ssl.so: undefined symbol: SSL_CTX_set_info_callback reveals little information. I suspect this problem has something to do with running openssl from a non standard location (whatever location is standard in SLES 10, I have no idea --installing to /usr/local/ssl causes the same problem), but I can't seem to track down what the problem is. Any help is appreciated, even if its just a link to a guide that I can follow. Thanks in advace, -Tim Spangler __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Entrust .ent files: PEM in disguise?
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Neale Pickett schrieb: Hello Neale, | People keep sending me .ent files (example at the bottom of this | message). They look to me a lot like Privacy-Enhanced Mail (remember | Privacy-Enhanced Mail?) files. I've got all my S/MIME stuff set up and | working with pgg under Emacs pgg, but I'm not making much headway | with these proprietary .ent files. The Body is not PKCS#7 / S/MIME, it is PEM (please see the RFC for it. The god part: you can write a program to convert PEM into PKCS#7 / S/MIME. The bad part: At the moment I don't know of any public available program / library that does that for you. (But there should be, PKCS#7 was officially started as a successor for PEM.) Goetz - -- DMCA: The greed of the few outweights the freedom of the many -BEGIN PGP SIGNATURE- Version: GnuPG v2.0.4-svn0 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFH/Qwu2iGqZUF3qPYRAnTwAJ9Myrtosw3wIi/9Bw2kdNaAsunyywCaA1GI sDyq8SATCkM1uZKVJIfCSYc= =35ss -END PGP SIGNATURE- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
getting started
Hi.. Kyle: thanks for your answer. I've been looking into it, and if OpenSSL works as I think it does, then it should be easy to put a BIO_s_mem between my TCP implementation's socket and OpenSSL. Now I'd just need to program USING OpenSSL... the internet's driving me crazy, there seems to be no complete minimal examples, or at the very least I haven't come across any. I have an http client class which can POST, GET, and little more. I need these requests and answers to go through SSL, in order to 1) mantain a session so I can know who's each person. 2) send a set of username-password in order to start that session. SSL might be overkill for what we're doing, really, but we thought it'd be the easiest way to mantain the session on the server's side. Besides it might be necessary to use it in other projects. If anyone knows of a good minimalistic example or howto somewhere, I'd appreciate it a lot best regards Tomás -- |_|0|_| |_|_|0| |0|0|0| (\__/) (='.'=)This is Bunny. Copy and paste bunny ()_() to help him gain world domination. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Apache 2 with ECC certificates
If you type about:config into the address bar in Firefox (I am using 2.0.0.13) and type ecdsa into the filter field, Firefox will display the ECC ciphers. Victor Duchovni wrote: Cool! Which releases of Firefox support ECC? -- Leonard F. Elia III, CISSP 757.864.5009 Sr. System Administrator ConITS - NASA Langley Research Center NCI Information Systems, Inc., Hampton VA __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Re: Re: Apache 2 with ECC certificates
Cool! Which releases of Firefox support ECC? I am certain Firefox (Windows XP Pro) 2.0.0.12 and .13(latest) support ECC certificates. In linux (debian etch 4.0), I was also using the same versions. According to http://dev.experimentalstuff.com:8082/mozilla/;, ECC has been enabled in firefox since version 2.0 beta 1(beta 1 needs a patch applied for full functionality). Thanks again! __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Create public/private key pair from trusted moduli?
Thanks Kyle, Here is my situation: I have a server which can sign certificates over tls(implemented in both client and peer). I generate a public/private key pair for each peer now. I need a way so Peer A Trusts Peer B because. So, I am trying to figure out the best way to do this, can server sign each peers certs and them trust each other? Yes. The usual way to do this is: 1) Peer connects to server. 2) Peer and server exchange whatever information is needed for server to confirm peer's identity. 3) Server issues peer a signed certificate that vouches for its identity. 4) Peer disconnects from server. 5) Peer connects to peer. 6) Peer presents certificate it got from server. 7) Other peer validates certificate and knows peer's identity as established with the server. (It must also determine that the peer *owns* the certificate as opposed to just having a copy of it!) This requires the peers to be able to recognize that a certificate was signed by the server and is properly owned by the peer they're talking to. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Create public/private key pair from trusted moduli?
Right, Gotcha! There is one flaw in this design however. Peers: A, B, E By this scenario all three peers would be able to communicate, not just A and B, but also E. On Apr 9, 2008, at 2:10 PM, David Schwartz wrote: Thanks Kyle, Here is my situation: I have a server which can sign certificates over tls(implemented in both client and peer). I generate a public/private key pair for each peer now. I need a way so Peer A Trusts Peer B because. So, I am trying to figure out the best way to do this, can server sign each peers certs and them trust each other? Yes. The usual way to do this is: 1) Peer connects to server. 2) Peer and server exchange whatever information is needed for server to confirm peer's identity. 3) Server issues peer a signed certificate that vouches for its identity. 4) Peer disconnects from server. 5) Peer connects to peer. 6) Peer presents certificate it got from server. 7) Other peer validates certificate and knows peer's identity as established with the server. (It must also determine that the peer *owns* the certificate as opposed to just having a copy of it!) This requires the peers to be able to recognize that a certificate was signed by the server and is properly owned by the peer they're talking to. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Create public/private key pair from trusted moduli?
On Wed, Apr 9, 2008 at 2:10 PM, David Schwartz [EMAIL PROTECTED] wrote: Thanks Kyle, Here is my situation: I have a server which can sign certificates over tls(implemented in both client and peer). I generate a public/private key pair for each peer now. I need a way so Peer A Trusts Peer B because. So, I am trying to figure out the best way to do this, can server sign each peers certs and them trust each other? Yes. The usual way to do this is: 1) Peer connects to server. 2) Peer and server exchange whatever information is needed for server to confirm peer's identity. 3) Server issues peer a signed certificate that vouches for its identity. 4) Peer disconnects from server. 5) Peer connects to peer. 6) Peer presents certificate it got from server. 7) Other peer validates certificate and knows peer's identity as established with the server. (It must also determine that the peer *owns* the certificate as opposed to just having a copy of it!) This requires the peers to be able to recognize that a certificate was signed by the server and is properly owned by the peer they're talking to. More specifically: Each peer has a copy of the CA's public certificate. That's what allows this to work. Each peer goes through this process: 1) peer creates a keypair 2) peer generates a CSR (certificate signing request) for its public key. 3) peer connects to server, submits CSR along with whatever information necessary to determine that the certificate should be issued. 4) Server signs the certificate with its private key, and sends signed certificate back to peer. peer and server disconnect. Then, on peer-peer connection: 1) peer(listener) presents its own certificate, requests peer(connector) certificate from same CA. 2) peer(connector) verifies peer(listener)'s certificate (and proof that it has the private key paired with the pubkey in that certificate), presents its own certificate. 3) peer(listener) verifies peer(connector)'s certificate (and proof that it has the private key paired with the pubkey in that certificate). Each peer has a copy of the CA certificate in its trusted root authorities store. When they receive a peer certificate, they verify the signature on that certificate as being from that CA, and then verify that the peer that it's talking with actually has the private key associated with that certificate. Then they look at the information in that certificate (expiration date, etc). This is what TLS with client authentication does. The 'key' that you need to include with your binary is actually the CA's certificate (which contains the CA's public key). You don't need to include any 'trusted' information in the client other than that, and you don't need to include any 'secret' information at all. -Kyle H __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Create public/private key pair from trusted moduli?
On Wed, Apr 9, 2008 at 2:21 PM, Julian [EMAIL PROTECTED] wrote: Right, Gotcha! There is one flaw in this design however. Peers: A, B, E By this scenario all three peers would be able to communicate, not just A and B, but also E. If E does not have a certificate signed by the CA, then A and B will refuse to talk to it. Who is E? Eve? Who is A? Alice? Who is B? Bob? If this is the case, then there's a party T (Trent, the trusted CA, the server that signs the certificates for A and B). If E doesn't have a certificate from T that they're okay, then during the certificate validation process A will see that E doesn't have the credential, and will close the connection before allowing any application traffic through. (B will do the same thing.) -Kyle H __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Create public/private key pair from trusted moduli?
Thanks, excellent description! On Apr 9, 2008, at 2:22 PM, Kyle Hamilton wrote: On Wed, Apr 9, 2008 at 2:10 PM, David Schwartz [EMAIL PROTECTED] wrote: Thanks Kyle, Here is my situation: I have a server which can sign certificates over tls(implemented in both client and peer). I generate a public/private key pair for each peer now. I need a way so Peer A Trusts Peer B because. So, I am trying to figure out the best way to do this, can server sign each peers certs and them trust each other? Yes. The usual way to do this is: 1) Peer connects to server. 2) Peer and server exchange whatever information is needed for server to confirm peer's identity. 3) Server issues peer a signed certificate that vouches for its identity. 4) Peer disconnects from server. 5) Peer connects to peer. 6) Peer presents certificate it got from server. 7) Other peer validates certificate and knows peer's identity as established with the server. (It must also determine that the peer *owns* the certificate as opposed to just having a copy of it!) This requires the peers to be able to recognize that a certificate was signed by the server and is properly owned by the peer they're talking to. More specifically: Each peer has a copy of the CA's public certificate. That's what allows this to work. Each peer goes through this process: 1) peer creates a keypair 2) peer generates a CSR (certificate signing request) for its public key. 3) peer connects to server, submits CSR along with whatever information necessary to determine that the certificate should be issued. 4) Server signs the certificate with its private key, and sends signed certificate back to peer. peer and server disconnect. Then, on peer-peer connection: 1) peer(listener) presents its own certificate, requests peer(connector) certificate from same CA. 2) peer(connector) verifies peer(listener)'s certificate (and proof that it has the private key paired with the pubkey in that certificate), presents its own certificate. 3) peer(listener) verifies peer(connector)'s certificate (and proof that it has the private key paired with the pubkey in that certificate). Each peer has a copy of the CA certificate in its trusted root authorities store. When they receive a peer certificate, they verify the signature on that certificate as being from that CA, and then verify that the peer that it's talking with actually has the private key associated with that certificate. Then they look at the information in that certificate (expiration date, etc). This is what TLS with client authentication does. The 'key' that you need to include with your binary is actually the CA's certificate (which contains the CA's public key). You don't need to include any 'trusted' information in the client other than that, and you don't need to include any 'secret' information at all. -Kyle H __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: Create public/private key pair from trusted moduli?
Right, Gotcha! There is one flaw in this design however. Peers: A, B, E By this scenario all three peers would be able to communicate, not just A and B, but also E. Do you want the server to have to approve A to talk specifically to B? Or do you just want A and B to be able to identify each other and make the decision of whether or not to speak? The scheme, as I described it, will allow A, B, and E, to confirm who they are speaking to. Someone with no identity will be rejected, and E cannot impersonate A or B. Is the idea is that the server must specifically approve the A-B link? In other words, it's not enough for A to know that it's talking to B and vice versa but each must specifically know that the server has approved its communication with the other? In that case, the server should give either peer a signed object that contains both parties' public keys. Whichever peer has that object can then send it to the other. Each peer can validate the other peer's public key and the object from the server, see a match to both its own key and the other party's key, and approve the connection. This may be needlessly complex. If the server is actually in communication with both A and B at the time, it can simply send each side the other side's IP address, port, and the other side's public key. No need for any special certificates or the like since there's already a secure channel to both peers. In that case, each side simply confirms that the other side knows the secret key corresponding to the public key the server gave it. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: Create public/private key pair from trusted moduli?
On Wed, Apr 9, 2008 at 3:52 PM, David Schwartz [EMAIL PROTECTED] wrote: Right, Gotcha! There is one flaw in this design however. Peers: A, B, E By this scenario all three peers would be able to communicate, not just A and B, but also E. Do you want the server to have to approve A to talk specifically to B? Or do you just want A and B to be able to identify each other and make the decision of whether or not to speak? The scheme, as I described it, will allow A, B, and E, to confirm who they are speaking to. Someone with no identity will be rejected, and E cannot impersonate A or B. Is the idea is that the server must specifically approve the A-B link? In other words, it's not enough for A to know that it's talking to B and vice versa but each must specifically know that the server has approved its communication with the other? In that case, the server should give either peer a signed object that contains both parties' public keys. Whichever peer has that object can then send it to the other. Each peer can validate the other peer's public key and the object from the server, see a match to both its own key and the other party's key, and approve the connection. This may be needlessly complex. If the server is actually in communication with both A and B at the time, it can simply send each side the other side's IP address, port, and the other side's public key. No need for any special certificates or the like since there's already a secure channel to both peers. In that case, each side simply confirms that the other side knows the secret key corresponding to the public key the server gave it. There's actually something else that can be done, and this is done by Kerberos and Active Directory Federation Services... You can have B contact the server and obtain a signed authorization certificate for its key that uses custom extensions to specify 'is authorized to connect to A' for a given timeframe, and have that be the certificate that B presents when connecting to A. Then, A looks for the 'authorized to connect to' list, finds itself in there, checks validity time, and makes the decision based on that. No need to share the public keys, nor is there a need to tell both sides about it if the signature can be verified. If you want the server to mediate access between peers without having to have your clients constantly connected to the server, that's a way to do it. -Kyle H __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]