Re: [openssl-users] Unable to decrypt CMS object encrypted with EC prime256v1 certificate

2016-07-05 Thread Dr. Stephen Henson 
On Fri, Jul 01, 2016, Stephan M?hlstrasser wrote:

> Hi,
> 
> we are testing OpenSSL interoperability with a third-party
> application, and we cannot decrypt a CMS object that is encrypted by
> the third-party application with a prime256v1 elliptic-curve
> certificate.
> 
> I have attached the following files:
> 
> demo_signer_ec_secp256r1.cms.der: DER-encoded CMS object
> demo_signer_ec_secp256r1.cert.pem: recipient certificate
> demo_signer_ec_secp256r1.pkey.pem. recipient private key (no password)
> 
> I try to decrypt the CMS object with the following command using
> OpenSSL 1.0.2:
> 
> $ openssl version
> OpenSSL 1.0.2h  3 May 2016
> $ openssl cms -decrypt -in demo_signer_ec_secp256r1.cms.der  -inform
> DER -recip  demo_signer_ec_secp256r1.cert.pem  -inkey
> demo_signer_ec_secp256r1.pkey.pem
> Error decrypting CMS using private key
> 
> When I use OpenSSL 1.1.0 beta from today's HEAD of the master
> branch, I see an additional error message:
> 
> $ openssl version
> OpenSSL 1.1.0-pre6-dev  xx XXX 
> $ openssl cms -decrypt -in demo_signer_ec_secp256r1.cms.der  -inform
> DER -recip  demo_signer_ec_secp256r1.cert.pem  -inkey
> demo_signer_ec_secp256r1.pkey.pem
> Error decrypting CMS using private key
> 140735294530304:error:0D06E0A4:asn1 encoding
> routines:asn1_do_adb:unsupported any defined by
> type:crypto/asn1/tasn_utl.c:238:
> 

The final error is bogus: fixed in current master.

> Is the CMS object broken, or is this a problem in OpenSSL?
> 

Well the OpenSSL version does interop OK with the Bouncy Castle version of
ECDH and CMS. I've checked through your test message and the problem is that
the AES unwrapping algorithm checks fail meaning it can't proceed any further.
That could be down to a CMS problem, an ECDH issue or a problem with the wrap
algorithm either in the version you are testing or OpenSSL.

Is it possible to get any debugging information from the other version you are
using: for example the content encryption key it is expecting or the ECDH
shared secret?

Have you tried generating an message with OpenSSL and decrypting it with the
other version?

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] stunnel 5.34 released

2016-07-05 Thread MichaƂ Trojnara 
Dear Users,

I have released version 5.34 of stunnel.
This release includes a major security bugfix.

The ChangeLog entry:

Version 5.34, 2016.07.05, urgency: HIGH
* Security bugfixes
  - Fixed malfunctioning "verify = 4".
* New features
  - Bind sockets with SO_EXCLUSIVEADDRUSE on WIN32.
  - Added three new service-level options: requireCert, verifyChain,
and verifyPeer for fine-grained certificate verification control.
  - Improved compatibility with the current OpenSSL 1.1.0-dev tree.

Home page: https://www.stunnel.org/
Download:  https://www.stunnel.org/downloads.html

SHA-256 hashes:
78668a84a5a01188dddfcecb37d8c69a4c725dc3b476fbbd294e86741a55
stunnel-5.34.tar.gz
abddf49a02e810bf618884f6ac8fde2c1e59bda73c65c4fd9a82b724524b4d9f
stunnel-5.34-installer.exe
6ae4aa536b9083da69b5e8905c85f4655db9ebfc95b79c8a67adbf309181c10d
stunnel-5.34-android.zip

Best regards,
Mike



signature.asc
Description: OpenPGP digital signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] DSA with OpenSSL-1.1

2016-07-05 Thread Philip Bellino 
Well, since we will never go to 1.1, I guess we don't have to worry about it.


From: openssl-users  on behalf of Kurt 
Roeckx 
Sent: Saturday, July 2, 2016 5:53:20 AM
To: openssl-users@openssl.org
Subject: Re: [openssl-users] DSA with OpenSSL-1.1

On Fri, Jul 01, 2016 at 05:17:35PM +0100, Matt Caswell wrote:
>
> "ALL:!COMPLEMENTOFDEFAULT:!eNULL"

Maybe we should use "-" instead of "!"?


Kurt

--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[E-Banner]


MRV Communications is a global supplier of packet and optical solutions that 
power the world's largest networks. Our products combine innovative hardware 
with intelligent software to make networks smarter, faster and more efficient.



The contents of this message, together with any attachments, are intended only 
for the use of the person(s) to whom they are addressed and may contain 
confidential and/or privileged information. If you are not the intended 
recipient, immediately advise the sender, delete this message and any 
attachments and note that any distribution, or copying of this message, or any 
attachment, is prohibited.
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Padding OAEP

2016-07-05 Thread c.hol...@ades.at 

Hi!

I had a look into Apache Santuario. A XML-Security-Framework using OpenSSL.
For my eyes it looks like only OAEP with MGF SHA1 is supported out of 
the OpenSSL-box.


Other digests need to be handeled manually.
In Santuario they wrote an own RSA_padding_check_PKCS1_OAEP with 2 new 
parameters for MGF and digest.


Chris
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users