Re: FIPS compliance question regarding openssl distributions

[Steve Marquess]

Kyle Hamilton wrote:

 ...

 Note that compliance cannot be truly determined programmatically.
 So, it's also a good idea to generate multiple hashes (sha-1,
 sha-256, ripemd160, etc) over the fipscanister and associated files,
 print them out, and commit to them (physically sign them) as a
 statement of compliance with the build process.


Actually the one digest the CMVP cares about in this context is 
HMAC-SHA-1, with the HMAC key etaonrishdlcupfm.


-Steve M.

--
Steve Marquess
The OpenSSL Software Foundation, Inc.
1829 Mount Ephraim Road
Adamstown, MD 21710
USA
+1 877-673-6775
marqu...@opensslfoundation.com

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: FIPS compliance question regarding openssl distributions

[Dr. Stephen Henson]

On Mon, Mar 07, 2011, Kyle Hamilton wrote:

 In order to achieve compliance, you must follow the instructions in the 
 Security Policy to the letter.
 
 This means that you must:
 - download and read the security policy
 - download the openssl-fips-1.2.0.tar.gz
 - verify its integrity according to the security policy
 - follow the precise instructions to build it, from the security policy
 
 You should also go to NIST and look at its certificate, to verify that it 
 hasn't been revoked.
 
 To use it, you must obtain sources for the latest 0.9.8 release and 
 compile/link it against the fipscanister.  You may be able to do this from 
 your ports tree -- the instructions and requirements apply only to 
 fipscanister.o and several of its companion files.  As long as the 
 requirements of the security policy are upheld, the implementation will be 
 compliant.
 
 Note that compliance cannot be truly determined programmatically.  So, it's 
 also a good idea to generate multiple hashes (sha-1, sha-256, ripemd160, etc) 
 over the fipscanister and associated files, print them out, and commit to 
 them (physically sign them) as a statement of compliance with the build 
 process.

Note that version openssl-fips-1.2.2.tar.gz is the current version. It has a
few bug fixes and enhancements over the 1.2.0 version. Specifically fixes for
Win64+ASM and support for cross compilation.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Certificate Access Question

[Harshvir Sidhu]

Hi,
   I dont think this question is related to openssl, but just checking if
someone has done something like this.
   I have a service that runs under UserA, and my desktop user is UserB.
   When I install certificates using UserB, then i am not able to access
them in UserA, for the obvious reason that personal certificates go in
Registry, for trusted root there is an option to install on Local computer,
which i can access, but client certificate is not accessible.
   I tried using MMC to install certificates for Service user account, but
still its not working.


   Any suggestion on how can i do this using Windows Certificate Store,
another option will be to use certificate as files, but i want to use
Certificate store. Thanks.

// Harshvir

Issue with d2i_PKCS7_bio

[pradeepreddy]

Hi,

I am trying to retrieve the PKCS7 record from bio with d2i_PKCS7_bio
(void)BIO_flush(membio);
PKCS7 *p7rec;
p7rec = d2i_PKCS7_bio(membio, NULL);

Following is the back trace:

*** glibc detected *** ./scep_client: free(): invalid next size (fast):
0x08065768 ***
=== Backtrace: =
/lib/libc.so.6[0xb7740121]
/lib/libc.so.6[0xb7741812]
/lib/libc.so.6(cfree+0x6d)[0xb774490d]
/usr/lib/libcrypto.so.0.9.8(CRYPTO_free+0x2e)[0xb75c4856]
/usr/lib/libcrypto.so.0.9.8(sk_free+0x33)[0xb762ed4d]
/usr/lib/libcrypto.so.0.9.8(sk_pop_free+0x5d)[0xb762ed12]
/usr/lib/libcrypto.so.0.9.8[0xb7646c47]
/usr/lib/libcrypto.so.0.9.8[0xb7646cf5]
/usr/lib/libcrypto.so.0.9.8(ASN1_item_ex_d2i+0x23f)[0xb764e70b]
/usr/lib/libcrypto.so.0.9.8[0xb764f3cf]
/usr/lib/libcrypto.so.0.9.8[0xb764f05c]
/usr/lib/libcrypto.so.0.9.8(ASN1_item_ex_d2i+0x75d)[0xb764ec29]
/usr/lib/libcrypto.so.0.9.8[0xb764f3cf]
/usr/lib/libcrypto.so.0.9.8[0xb764f05c]
/usr/lib/libcrypto.so.0.9.8(ASN1_item_ex_d2i+0x75d)[0xb764ec29]
/usr/lib/libcrypto.so.0.9.8[0xb764f287]
/usr/lib/libcrypto.so.0.9.8[0xb764f05c]
/usr/lib/libcrypto.so.0.9.8(ASN1_item_ex_d2i+0x75d)[0xb764ec29]
/usr/lib/libcrypto.so.0.9.8[0xb764f3cf]
/usr/lib/libcrypto.so.0.9.8[0xb764ef83]
/usr/lib/libcrypto.so.0.9.8(ASN1_item_ex_d2i+0x75d)[0xb764ec29]
/usr/lib/libcrypto.so.0.9.8(ASN1_item_d2i+0x38)[0xb764e48e]
/usr/lib/libcrypto.so.0.9.8(ASN1_item_d2i_bio+0x4b)[0xb7641d3c]
/usr/lib/libcrypto.so.0.9.8(d2i_PKCS7_bio+0x19)[0xb7665c1b]

-- 
View this message in context: 
http://old.nabble.com/Issue-with-d2i_PKCS7_bio-tp31097898p31097898.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.

__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

convert x509 cert into string and store certs in cache

[ikuzar]

Hello,
I have to work with a pre-existing code which simulated handshake, data
encryption etc ...
certificate struct is defined like in the source code I reuse :

templateclass StrType struct certificate : shared {
StrType  uri;
StrType  sn;
StrType  data;

certificate(const char *str, size_t clen=0) {
 string s_uri,s_sn,s_data;
 parseCertificate(str, s_uri,s_sn,s_data);
 uri = s_uri.c_str();
 sn =  s_sn.c_str();
 data = s_data.c_str();
}

...
etc
};

my questions :
1) What does DER format means ? is it equivalent to a string format ?
In the following function, we have a parameter named out : int
i2d_X509(X509 *x, unsigned char **out); this function convert X509 internal
data into DER format. Result is stored in out That's why I am wondering if
DER = string ... ?
2) is it possible to verify ( by hand ) certificate in string format ?
3) what kind of data structure ( vector, etc..) is the best way to store
certificate with string format ?
4) is a bad idea to handle everywhere certificates in string format ?

Thanks for your help.

Re: convert x509 cert into string and store certs in cache

[Bruce Stephens]

ikuzar razuk...@gmail.com writes:

[...]

 my questions :
 1) What does DER format means ?

Distinguished Encoding Rules.  It's an encoding for ASN.1.  See X.690.

 is it equivalent to a string format ?

It's a binary serialisation.  So it's a string in the sense that it
can be sent over protocols, saved in files, etc., but it's not a C
NUL-terminated string that you'd want to look at.

 [...]
 2) is it possible to verify ( by hand ) certificate in string format ?

Not really.  With some effort you could verify some simple things like
its length.

 3) what kind of data structure ( vector, etc..) is the best way to
 store certificate with string format ?

Anything which can store bytes and a length.  So vectorunsigned char
or std::string would be fine.  I guess many programs which do networking
will have some suitable class (or convention for what to use) for a
sequence of bytes, so likely you'd use that.

 4) is a bad idea to handle everywhere certificates in string format ?

Depends.  If you want to use OpenSSL's functions then you'll want an
X509.  If that's uncommon, then storing the encoded form might well make
more sense.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: convert x509 cert into string and store certs in cache

[Patrick Patterson]

Hey there:

On 2011-03-08, at 10:03 AM, ikuzar wrote:
 my questions :
 1) What does DER format means ? is it equivalent to a string format ? 
 In the following function, we have a parameter named out : int 
 i2d_X509(X509 *x, unsigned char **out); this function convert X509 internal 
 data into DER format. Result is stored in out That's why I am wondering if 
 DER = string ... ?

DER is the Distinguished Encoding Rules - it is a binary format that is 
designed to be a concise and machine independent representation of the ASN.1 
structure of whatever is encoded that way. It is MOST DEFINITELY NOT a string.

 2) is it possible to verify ( by hand ) certificate in string format ?

I have no idea even what you are referring to... what does convert to a 
string mean - you need to validate/verify the certificate according to the 
rules outlined in IETF RFC5260, and that involves verifying the signature, and 
this involves dealing with the certificate in the same format it was signed in 
(which, I believe, is the binary DER encoding). 

 3) what kind of data structure ( vector, etc..) is the best way to store 
 certificate with string format ?

PEM of course. 

 4) is a bad idea to handle everywhere certificates in string format ? 
 
VERY, VERY bad... 

Have fun!

---
Patrick Patterson
Chief PKI Architect
Carillon Information Security Inc.
http://www.carillon.ca





__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Re: Certificate Access Question

[carlyoung]

 

I used PKCS#12 files and CryptUIWizImport with these flags: 

DWORD   flags = 
 CRYPTUI_WIZ_NO_UI |
 CRYPTUI_WIZ_IMPORT_TO_LOCALMACHINE | 
 CRYPTUI_WIZ_IMPORT_ALLOW_CERT | 
 CRYPTUI_WIZ_IMPORT_NO_CHANGE_DEST_STORE;  BODY {
font-family:Arial, Helvetica, sans-serif;font-size:12px; }  

and it all works for me. 
 On Tue 08/03/11 2:20 PM , Harshvir Sidhu hvssi...@gmail.com sent:
Hi,
I dont think this question is related to openssl, but just
checking if someone has done something like this.
I have a service that runs under UserA, and my desktop user is
UserB.
When I install certificates using UserB, then i am not able to
access them in UserA, for the obvious reason that personal
certificates go in Registry, for trusted root there is an option to
install on Local computer, which i can access, but client certificate
is not accessible.
I tried using MMC to install certificates for Service user
account, but still its not working. 
Any suggestion on how can i do this using Windows Certificate
Store, another option will be to use certificate as files, but i want
to use Certificate store. Thanks. 

// Harshvir

Re: Certificate Access Question

[Harshvir Sidhu]

I checked this function, its for installing Certificate without User
Interaction. But my problem starts after Certificate Installation, that
certificate installed by one user is not accessible to another user.
Thanks.
On Tue, Mar 8, 2011 at 10:06 AM, carlyo...@keycomm.co.uk wrote:

 I used PKCS#12 files and CryptUIWizImport with these flags:

 DWORD   flags =
 CRYPTUI_WIZ_NO_UI |
 CRYPTUI_WIZ_IMPORT_TO_LOCALMACHINE |
 CRYPTUI_WIZ_IMPORT_ALLOW_CERT |
 CRYPTUI_WIZ_IMPORT_NO_CHANGE_DEST_STORE;

 and it all works for me.


 *On Tue 08/03/11 2:20 PM , Harshvir Sidhu hvssi...@gmail.com sent:
 *

 Hi,
I dont think this question is related to openssl, but just checking if
 someone has done something like this.
I have a service that runs under UserA, and my desktop user is UserB.
When I install certificates using UserB, then i am not able to access
 them in UserA, for the obvious reason that personal certificates go in
 Registry, for trusted root there is an option to install on Local computer,
 which i can access, but client certificate is not accessible.
I tried using MMC to install certificates for Service user account, but
 still its not working.


Any suggestion on how can i do this using Windows Certificate Store,
 another option will be to use certificate as files, but i want to use
 Certificate store. Thanks.

 // Harshvir

Re: convert x509 cert into string and store certs in cache

[ikuzar]

Ok, things are more clear now.
I am going to explain below what I HAVE TO do :
a) I have to store certificates in a map which is a shared memory. ( I have
to do this, I have no choice, because I have to continue what guy before me
had started ). So I think it's better to store x509 structure which
represents the certificate instead of string. I think it is a good idea.
isn't it ?
b) I must be able to extract uri, serial_number from x509 structure and
store them into a STRING variable. Is there a way to exact URI and SN ? (
see source code above ).
c) is it possible to send x509 structure (certificate) to peer ? ( apart
from handshake ) I 'd like to write something like: SSL_write(ssl, X509*
cert)


2011/3/8 Patrick Patterson ppatter...@carillonis.com

 Hey there:

 On 2011-03-08, at 10:03 AM, ikuzar wrote:
  my questions :
  1) What does DER format means ? is it equivalent to a string format ?
  In the following function, we have a parameter named out : int
 i2d_X509(X509 *x, unsigned char **out); this function convert X509 internal
 data into DER format. Result is stored in out That's why I am wondering if
 DER = string ... ?

 DER is the Distinguished Encoding Rules - it is a binary format that is
 designed to be a concise and machine independent representation of the ASN.1
 structure of whatever is encoded that way. It is MOST DEFINITELY NOT a
 string.

  2) is it possible to verify ( by hand ) certificate in string format ?

 I have no idea even what you are referring to... what does convert to a
 string mean - you need to validate/verify the certificate according to the
 rules outlined in IETF RFC5260, and that involves verifying the signature,
 and this involves dealing with the certificate in the same format it was
 signed in (which, I believe, is the binary DER encoding).

  3) what kind of data structure ( vector, etc..) is the best way to store
 certificate with string format ?

 PEM of course.

  4) is a bad idea to handle everywhere certificates in string format ?
 
 VERY, VERY bad...

 Have fun!

 ---
 Patrick Patterson
 Chief PKI Architect
 Carillon Information Security Inc.
 http://www.carillon.ca





 __
 OpenSSL Project http://www.openssl.org
 User Support Mailing Listopenssl-users@openssl.org
 Automated List Manager   majord...@openssl.org

FIPS 1.2.2 build for Windows Vista

[Collins, Jerry]

Hello,
  My company recently decided to upgrade to the latest FIPS release
1.2.2.  I've read the Security and User Manual.  According to them, the
only command we can give is ms\do_fips no-asm.  

While this runs, I see several problems. 
  1) The build now builds dlls.  In the past we did not use DLLs and
would prefer not to change at this point.
  2) The build process doesn't build the libeayfips32.lib or the
libeaycompat32.lib.  As far as I can tell, these are still required.

I've taken a look at the scripts and can see references to the libraries
in the VC-32.pl script.  Unfortunately, I've no real experience with
perl and can't follow the flow to see if this script is being called,
and if so, with the proper parameters.  I can't even tell how perl
handles parameters.  

I'm building on a Windows Vista (32 bit) system, using Visual Studio
2008 and the Window 7 SDK.  

Any help will be greatly appreciated.

Thanks,
Jerry 

Gerald Collins
CSC Corporation.
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

BN_copy on 64 bits Environment

[Lucas Martins]

Hello,

I'm working on a software that uses libcrypto and the OpenSSL engine
interface for a HSM.

We developed an OpenSSL engine that was working fine until we try it on a 64
bit operational system. For some reason, the function BN_copy isn't working
in a 64 bits environment.

The code is running on a Virtual Machine (VMPlayer) with SUSE 10 64 bits.
The host machine is an Intel Core 2 Duo with Ubuntu 10.04 32 bits.

The BN_copy is called inside the engine and it's used to copy the expoent
(e) of a public key (loaded from HSM) to a new BIGNUM. Like the following
code:

BIGNUM* bn = BN_new();
if(!(bn = BN_copy(bn, key-pkey.rsa-e))
   error

Always returns 0.

I'd like to know if anyone can identify why this isn't working on 64 bits,
and if there is any compilation flag that I should be aware of when trying
to compile the OpenSSL libcrypto and our engine for 64 bits.

I'm using the following configuration to compile the libcrypto:

$ ./config no-asm no-shared -fPIC

no-shared and no-asm* are used becouse I'm compilling the libcrypto staticly
with the engine.


*no-asm was a solution found to static link libcrypto with my code. (
http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=1521)

thank you,
Lucas Gonçalves Martins

RE: convert x509 cert into string and store certs in cache

[Dave Thompson]

   From: owner-openssl-us...@openssl.org On Behalf Of ikuzar
   Sent: Tuesday, 08 March, 2011 13:02

   I am going to explain below what I HAVE TO do :
   a) I have to store certificates in a map which is a shared memory. 
 ( I have to do this, I have no choice, because I have to continue 
 what guy before me had started ). So I think it's better to store 
 x509 structure which represents the certificate instead of string. 
 I think it is a good idea. isn't it ?

If the purpose of putting this data in shared memory is to share it, 
and assuming you mean the typedef X509 aka struct x509_st, no.
Many openssl API structs, including that one, consist mostly of 
pointers to data stored elsewhere in memory -- which in any other 
process is invalid and will produce garbage or crashes.

If you only need to share the map but not its contents, which would 
be silly, you could have X509's in your private memory, and just 
put pointers in the shared map, and no other process can use them, 
but if the map is keyed it could see the keys, and know that e.g. 
your process has *some* cert for server#3 or server.domain.name.

   b) I must be able to extract uri, serial_number from x509 
 structure and store them into a STRING variable. Is there a way 
 to exact URI and SN ? ( see source code above ).

You can definitely get serial. Warning: nowadays serials usually 
aren't sequential (i.e. not 1,2,3,...) and aren't so much numbers 
as longish bitstrings encoded as numbers. Best to treat it as 
opaque, and if you need a UI display it as hex bytes.
In particular, it's not safe to treat serial directly 
as a C string, as the code in your earlier post seems to; 
if you want a C string and even more so if you want 
human-legible text, do hex or base64 or somesuch.

What URI? policy? CRLdist? OCSP? Something else?
If you can identify it you should be able to get it.
And a (valid) URI will actually be good char-string data.
Although if it's encoded as BMP(2byte) or Universal(4), 
you need appropriate 'wide' char/string support; any given 
C can't have both, and it's not guaranteed to have either.

But the combination of URI and serial doesn't make sense; 
they don't relate to each other at all. *Issuer* plus serial 
is commonly (but not always) used to identify a certificate.
Issuer is never a URI. It is *sometimes* a domainname, which 
can be PART of a URL which is one kind of URI, but that is 
not the same thing as being a URI. If issuer is what you want, 
yes you can get it, and even in a nice-for-humans (but not 
necessarily programs) text string form, look for oneline.

   c) is it possible to send x509 structure (certificate) 
 to peer ? ( apart from handshake ) I 'd like to write something 
 like: SSL_write(ssl, X509* cert)

No for the same reason as above; the x509_st itself has pointers 
only valid within one process memory. This is exactly why 'wire' 
encodings exist, and the usual one for X.509 (including SSL) is DER.
Openssl also prefers DER or PEM-wrapped-DER for local storage, 
but here other methods are *possible*.


__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

RE: Installing a .cer file in IE

[Dave Thompson]

 From: owner-openssl-us...@openssl.org On Behalf Of Jaquez Jr, Hector L.
 Sent: Monday, 07 March, 2011 20:07
 To: openssl-users@openssl.org
 Subject: RE: Installing a .cer file in IE
 
 Yes created a CSR file using openssl.  If I recall I did 
 create a key as well.  However, when I received the CER file 

You certainly either generated a keypair or already had one, 
because it is impossible to create a CSR without the privatekey.

Note that openssl 'req' can either create a CSR for an existing 
keypair, or generate a new keypair AND a CSR for it together.
(It can also create a selfsigned cert and not a CSR at all.)
If you did the keypair-and-CSR-together option, you might have 
paid attention only to the CSR part and not the keypair part.

 I thought all I would have to do is import it to IE.  So all 
 I need to do is use the command below to get this to import correctly?
 
Use the command below substituting your actual filenames to create 
a PKCS12, and then import the PKCS12 to IE.

 From: Dave Thompson
 Sent: Monday, March 07, 2011 4:38 PM

   openssl pkcs12 -export -in mycer -inkey mykey -out myp12



__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager   majord...@openssl.org

Change Cipher Spec Issue

[Banupriya K]

Hi All,

I have enable SSL_OP_NO_TICKET options so ssl send only change cipher spec, 
encrypted message handshake. 

But when i receive the same message the client SSL CTX doesn't return STATE_OK 
it stays in read finished state only, hence when i have a check 
ssl_in_init_finished() doesnt return success response

Can anyone tell me the reason why ssl_in_init_finished is not returning success.

Thanks  Regards,
Banupriya K