Re: Questions about using Elliptic Curve ciphers in OpenSSL
Yes, absolutely. As I said in my first post, these are throwaway key pairs, not for production use, just a short time for testing to get things working. Thanks, Jason On Feb 16, 2020, at 4:49 PM, Kyle Hamilton wrote: Be aware that you just posted your certificate's private key, and thus you should regenerate a new keypair/certificate to use. Otherwise, anyone who can manipulate traffic to your machine can execute a man-in-the-middle attack. -Kyle H On Fri, Feb 14, 2020, 07:40 Jason Schultz mailto:jetso...@hotmail.com>> wrote: Thank you for your response Thulasi, this helped. I'm posting this back to the OpenSSL users list in case it helps anyone else, and in case anyone can help with my additional questions. While waiting for responses, I've been able to find out how my certificate and keys were generated. I'd like to walk through that to hopefully verify I'm handling things correctly. First, here is how my EC parameters file was generated: openssl ecparam -name prime256v1 -genkey -out myecparamsfile.pem And the resulting file: M640A-SAIL:/etc/ssl # openssl ecparam -in myecparamsfile.pem -text ASN1 OID: prime256v1 NIST CURVE: P-256 -BEGIN EC PARAMETERS- BggqhkjOPQMBBw== -END EC PARAMETERS- # openssl ecparam -in myecparamsfile.pem -text ASN1 OID: prime256v1 NIST CURVE: P-256 -BEGIN EC PARAMETERS- BggqhkjOPQMBBw== -END EC PARAMETERS- Is this good so far? Do I need the -genkey? Then I take this file and use it when I generate my certificate and private key pair, here is the openssl command I used: openssl req -nodes -sha256 -newkey ec:/etc/ssl/private/myecparamsfile.pem -keyout mykeyout.pem -new -out mycertfileout.pem -config /etc/ssl/openssl.cnf -x509 -days 365 -outform pem Generating a EC private key writing new private key to 'mykeyout.pem' And the resulting key: # cat mykeyout.pem -BEGIN PRIVATE KEY- MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgbfUwVhomun9Q5IAY xTOAn+sDoXZ+k4UWkvUyfshPBJ6hRANCAAQsakFVUTV4JmfVJH31XOvHVhhBodnV 8evYCJSd2Jgo4uOomCSh3oekKL+Tia+LOmynygfvmneOX2YadoNr9uzH -END PRIVATE KEY- # openssl ec -noout -text -in mykeyout.pem read EC key Private-Key: (256 bit) priv: 6d:f5:30:56:1a:26:ba:7f:50:e4:80:18:c5:33:80: 9f:eb:03:a1:76:7e:93:85:16:92:f5:32:7e:c8:4f: 04:9e pub: 04:2c:6a:41:55:51:35:78:26:67:d5:24:7d:f5:5c: eb:c7:56:18:41:a1:d9:d5:f1:eb:d8:08:94:9d:d8: 98:28:e2:e3:a8:98:24:a1:de:87:a4:28:bf:93:89: af:8b:3a:6c:a7:ca:07:ef:9a:77:8e:5f:66:1a:76: 83:6b:f6:ec:c7 ASN1 OID: prime256v1 NIST CURVE: P-256 And certificate: M740A-PMM1:/etc/ssl # openssl x509 -text -in mycertfileout.pem Certificate: Data: Version: 3 (0x2) Serial Number: e2:2f:c6:e4:bf:f1:de:20 Signature Algorithm: ecdsa-with-SHA256 Issuer: C=US, ST=NY, L=Loc, O=Org, OU=test, CN=My Name/emailAddress=t...@example.com Validity Not Before: Feb 13 16:11:39 2020 GMT Not After : Feb 12 16:11:39 2021 GMT Subject: C=US, ST=NY, L=Loc, O=Org, OU=test, CN=My Name/emailAddress=t...@example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (256 bit) pub: 04:2c:6a:41:55:51:35:78:26:67:d5:24:7d:f5:5c: eb:c7:56:18:41:a1:d9:d5:f1:eb:d8:08:94:9d:d8: 98:28:e2:e3:a8:98:24:a1:de:87:a4:28:bf:93:89: af:8b:3a:6c:a7:ca:07:ef:9a:77:8e:5f:66:1a:76: 83:6b:f6:ec:c7 ASN1 OID: prime256v1 NIST CURVE: P-256 X509v3 extensions: X509v3 Subject Key Identifier: D6:8A:F3:3B:4E:A1:F8:F8:34:C1:1B:7A:EC:BF:9B:58:7F:68:4A:D9 X509v3 Authority Key Identifier: keyid:D6:8A:F3:3B:4E:A1:F8:F8:34:C1:1B:7A:EC:BF:9B:58:7F:68:4A:D9 X509v3 Basic Constraints: CA:TRUE Signature Algorithm: ecdsa-with-SHA256 30:44:02:20:37:f0:f7:f7:4a:b4:8e:8f:64:72:e4:d1:31:9f: a1:36:c5:5d:f3:42:4c:24:37:75:cf:b6:55:b0:66:1b:6e:63: 02:20:39:18:81:f8:6c:86:3a:57:74:05:cc:99:6c:d9:dc:6a: a2:20:98:4c:66:a1:97:d1:c7:ea:42:b4:01:1a:f7:b2 Then I call the APIs as described in my first email to use them: ctx = SSL_CTX_new(TLS_method()); status = SSL_CTX_use_PrivateKey_file(ctx,,SSL_FILETYPE_PEM); status = SSL_CTX_use_certificate_file(ctx, ,,SSL_FILETYPE_PEM); // Verify the cert and key are a pair status = SSL_CTX_check_private_key(ctx); Then call the APIs to set the curves and allow the server to pick the appropriate curve for the client: status = SSL_CTX_set1_curves_list(ctx, "P-521:P-384:P-256"); status = SSL_CTX_set_ecdh_auto(ctx, 1); That should be it, right? The EC parameters file has been used to generate the private key, it does not need to be read in by an API call. With the steps above, I get a successful TLS connection from a client
Re: Questions about using Elliptic Curve ciphers in OpenSSL
Be aware that you just posted your certificate's private key, and thus you should regenerate a new keypair/certificate to use. Otherwise, anyone who can manipulate traffic to your machine can execute a man-in-the-middle attack. -Kyle H On Fri, Feb 14, 2020, 07:40 Jason Schultz wrote: > > Thank you for your response Thulasi, this helped. I'm posting this back to > the OpenSSL users list in case it helps anyone else, and in case anyone can > help with my additional questions. While waiting for responses, I've been > able to find out how my certificate and keys were generated. I'd like to > walk through that to hopefully verify I'm handling things correctly. > > First, here is how my EC parameters file was generated: > > openssl ecparam -name prime256v1 -genkey -out myecparamsfile.pem > > And the resulting file: > > M640A-SAIL:/etc/ssl # openssl ecparam -in myecparamsfile.pem -text > > ASN1 OID: prime256v1 > > NIST CURVE: P-256 > > -BEGIN EC PARAMETERS- > > BggqhkjOPQMBBw== > > -END EC PARAMETERS- > > # openssl ecparam -in myecparamsfile.pem -text > > ASN1 OID: prime256v1 > > NIST CURVE: P-256 > > -BEGIN EC PARAMETERS- > > BggqhkjOPQMBBw== > > -END EC PARAMETERS- > > Is this good so far? Do I need the -genkey? > > Then I take this file and use it when I generate my certificate and > private key pair, here is the openssl command I used: > > openssl req -nodes -sha256 -newkey ec:/etc/ssl/private/myecparamsfile.pem > -keyout mykeyout.pem -new -out mycertfileout.pem -config > /etc/ssl/openssl.cnf -x509 -days 365 -outform pem > Generating a EC private key > writing new private key to 'mykeyout.pem' > > > And the resulting key: > > # cat mykeyout.pem > -BEGIN PRIVATE KEY- > MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQgbfUwVhomun9Q5IAY > xTOAn+sDoXZ+k4UWkvUyfshPBJ6hRANCAAQsakFVUTV4JmfVJH31XOvHVhhBodnV > 8evYCJSd2Jgo4uOomCSh3oekKL+Tia+LOmynygfvmneOX2YadoNr9uzH > -END PRIVATE KEY- > > # openssl ec -noout -text -in mykeyout.pem > read EC key > Private-Key: (256 bit) > priv: > 6d:f5:30:56:1a:26:ba:7f:50:e4:80:18:c5:33:80: > 9f:eb:03:a1:76:7e:93:85:16:92:f5:32:7e:c8:4f: > 04:9e > pub: > 04:2c:6a:41:55:51:35:78:26:67:d5:24:7d:f5:5c: > eb:c7:56:18:41:a1:d9:d5:f1:eb:d8:08:94:9d:d8: > 98:28:e2:e3:a8:98:24:a1:de:87:a4:28:bf:93:89: > af:8b:3a:6c:a7:ca:07:ef:9a:77:8e:5f:66:1a:76: > 83:6b:f6:ec:c7 > ASN1 OID: prime256v1 > NIST CURVE: P-256 > > And certificate: > > M740A-PMM1:/etc/ssl # openssl x509 -text -in mycertfileout.pem > Certificate: > Data: > Version: 3 (0x2) > Serial Number: > e2:2f:c6:e4:bf:f1:de:20 > Signature Algorithm: ecdsa-with-SHA256 > Issuer: C=US, ST=NY, L=Loc, O=Org, OU=test, CN=My > Name/emailAddress=t...@example.com > Validity > Not Before: Feb 13 16:11:39 2020 GMT > Not After : Feb 12 16:11:39 2021 GMT > Subject: C=US, ST=NY, L=Loc, O=Org, OU=test, CN=My > Name/emailAddress=t...@example.com > Subject Public Key Info: > Public Key Algorithm: id-ecPublicKey > Public-Key: (256 bit) > pub: > 04:2c:6a:41:55:51:35:78:26:67:d5:24:7d:f5:5c: > eb:c7:56:18:41:a1:d9:d5:f1:eb:d8:08:94:9d:d8: > 98:28:e2:e3:a8:98:24:a1:de:87:a4:28:bf:93:89: > af:8b:3a:6c:a7:ca:07:ef:9a:77:8e:5f:66:1a:76: > 83:6b:f6:ec:c7 > ASN1 OID: prime256v1 > NIST CURVE: P-256 > X509v3 extensions: > X509v3 Subject Key Identifier: > D6:8A:F3:3B:4E:A1:F8:F8:34:C1:1B:7A:EC:BF:9B:58:7F:68:4A:D9 > X509v3 Authority Key Identifier: > > keyid:D6:8A:F3:3B:4E:A1:F8:F8:34:C1:1B:7A:EC:BF:9B:58:7F:68:4A:D9 > > X509v3 Basic Constraints: > CA:TRUE > Signature Algorithm: ecdsa-with-SHA256 > 30:44:02:20:37:f0:f7:f7:4a:b4:8e:8f:64:72:e4:d1:31:9f: > a1:36:c5:5d:f3:42:4c:24:37:75:cf:b6:55:b0:66:1b:6e:63: > 02:20:39:18:81:f8:6c:86:3a:57:74:05:cc:99:6c:d9:dc:6a: > a2:20:98:4c:66:a1:97:d1:c7:ea:42:b4:01:1a:f7:b2 > > Then I call the APIs as described in my first email to use them: > > ctx = SSL_CTX_new(TLS_method()); > > status = SSL_CTX_use_PrivateKey_file(ctx,,SSL_FILETYPE_PEM); > status = SSL_CTX_use_certificate_file(ctx, ,,SSL_FILETYPE_PEM); > > > // Verify the cert and key are a pair > status = SSL_CTX_check_private_key(ctx); > > > Then call the APIs to set the curves and allow the server to pick the > appropriate curve for the client: > > status = SSL_CTX_set1_curves_list(ctx, "P-521:P-384:P-256"); > status = SSL_CTX_set_ecdh_auto(ctx, 1); > > > That should be it, right? The EC parameters file has been used to generate > the private key, it does not need to be read in by an API call. > > With the steps above, I get a successful TLS connection from a client > using ECDHE-ECDSA-AES256-GCM-SHA384. > > And
RE: Questions about signing an intermediate CA
And I am one of those who appreciates very much your explanations/clarifications for a long time. Thank you again Michael. > [...] > And here on the openssl-users list there are people with widely varying > experience with and understanding of these matters; > [...] > So it's useful to try to be very precise in our terminology. > [...] > -- > Michael Wojcik
