OpenSSL verify fails
Hi I experience a weird problem. I encrypt a file usin PHP OPenSSL and Rijndael-128. I split the file and encrypt it, calculating a signature for each block. When I want to decrypt, it seems to work (I can decrypt and verify several blocks), but, randomly, the signature checking rerurn 0. Nothing changes betwwen the successful decryption and the failure. The key is correct and the same than before. The only idea I have now is that, I perform a lot of decryptions in a short time (several dozens, hundreds), so, maybe, it could make it fail. If I check the content of openssl_error_string, I can see : error:0906D06C:PEM routines:PEM_read_bio:no start line But this error happens everytime (even when it works), so, I dont think it's related. Any idea ? Thanks -- View this message in context: http://old.nabble.com/OpenSSL-verify-fails-tp31008774p31008774.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl verify fails
Bruce Stephens wrote: Bruce Stephens bruce.steph...@isode.com writes: Dr. Stephen Henson st...@openssl.org writes: [...] Is that unmodified OpenSSL 0.9.8o? If so that's peculiar I get the expected error here. No, it's Debian's 0.9.8o-2. Ah, my fault. Obvious in retrospect: Debian's openssl finds the root cert because it's in the ca-certificates package! Did you use -CAfile as in my original posting when testing? Doesn't -CAfile set exclusively all trusted CA certs? So the pre-installed CA certs should not be used as trust anchors in this case. Frankly this cert verification stuff seems really odd to me and the exact behaviour seems to be largely unknown. Ciao, Michael. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl verify fails
On Tue, Nov 09, 2010 at 01:45:15PM +, Bruce Stephens wrote: Michael Str??der mich...@stroeder.com writes: Bruce Stephens wrote: [...] Ah, my fault. Obvious in retrospect: Debian's openssl finds the root cert because it's in the ca-certificates package! Did you use -CAfile as in my original posting when testing? I did. Doesn't -CAfile set exclusively all trusted CA certs? Apparently not, the normal openssl.cnf is read and (on Debian, if ca-certificates is installed) that gives a set of extra CA certificates. Correct. This *augments* the default certificate list, found in the 'certs/' sub-directory and 'cert.pem' file of the directory reported by openssl version -d. From crypto/cryptlib.h: #define X509_CERT_AREA OPENSSLDIR #define X509_CERT_DIR OPENSSLDIR /certs #define X509_CERT_FILE OPENSSLDIR /cert.pem The OpenSSL toolkit does not include any default roots. These are configured by the O/S release engineering teams. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl verify fails
Michael Ströder mich...@stroeder.com writes: Bruce Stephens wrote: [...] Ah, my fault. Obvious in retrospect: Debian's openssl finds the root cert because it's in the ca-certificates package! Did you use -CAfile as in my original posting when testing? I did. Doesn't -CAfile set exclusively all trusted CA certs? Apparently not, the normal openssl.cnf is read and (on Debian, if ca-certificates is installed) that gives a set of extra CA certificates. [...] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
openssl verify fails
HI! I'm feeling dumb since this simple command fails and I cannot see why: $ openssl verify -CAfile rootcacert.pem subcacert.pem subcacert.pem: C = DE, O = SCA Deutsche Post Com GmbH, CN = Signtrust CERT Root CA 1:PN error 2 at 1 depth lookup:unable to get issuer certificate I've attached the certs (publicly downloadable). I've checked subject-/issuer names and the subject and authority key ids. Maybe I'm still overlooking something obvious? Many thanks in advance. Ciao, Michael. rootcacert.pem Description: application/x509-ca-cert subcacert.pem Description: application/x509-ca-cert
RE: openssl verify fails
Hi Michael, Your rootcacert is not a root cert, as it was issued by C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication and Email. You need to append that cert as well to your CAfile. Erik Erik Tkal Juniper OAC/UAC/Pulse Development -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Michael Ströder Sent: Wednesday, November 03, 2010 12:23 PM To: openssl-users@openssl.org Subject: openssl verify fails HI! I'm feeling dumb since this simple command fails and I cannot see why: $ openssl verify -CAfile rootcacert.pem subcacert.pem subcacert.pem: C = DE, O = SCA Deutsche Post Com GmbH, CN = Signtrust CERT Root CA 1:PN error 2 at 1 depth lookup:unable to get issuer certificate I've attached the certs (publicly downloadable). I've checked subject-/issuer names and the subject and authority key ids. Maybe I'm still overlooking something obvious? Many thanks in advance. Ciao, Michael. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl verify fails
Erik Tkal et...@juniper.net writes: Hi Michael, Your rootcacert is not a root cert, as it was issued by C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication and Email. You need to append that cert as well to your CAfile. That seems to be a change in behaviour. 0.9.8o is happy: brs% openssl version OpenSSL 0.9.8o 01 Jun 2010 brs% openssl verify -verbose -CAfile rootcacert.pem subcacert.pem subcacert.pem: OK brs% openssl verify -issuer_checks -CAfile rootcacert.pem subcacert.pem subcacert.pem: /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Class 3 CA 3:PN error 29 at 0 depth lookup:subject issuer mismatch /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Class 3 CA 3:PN error 29 at 0 depth lookup:subject issuer mismatch /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Class 3 CA 3:PN error 29 at 0 depth lookup:subject issuer mismatch /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Root CA 1:PN error 29 at 0 depth lookup:subject issuer mismatch OK [...] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: openssl verify fails
Maybe that's a bug in OpenSSL 0.9.8o? The docs for verify say It is an error if the whole chain cannot be built up. Erik Tkal Juniper OAC/UAC/Pulse Development -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Bruce Stephens Sent: Wednesday, November 03, 2010 12:59 PM To: openssl-users@openssl.org Subject: Re: openssl verify fails Erik Tkal et...@juniper.net writes: Hi Michael, Your rootcacert is not a root cert, as it was issued by C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication and Email. You need to append that cert as well to your CAfile. That seems to be a change in behaviour. 0.9.8o is happy: brs% openssl version OpenSSL 0.9.8o 01 Jun 2010 brs% openssl verify -verbose -CAfile rootcacert.pem subcacert.pem subcacert.pem: OK brs% openssl verify -issuer_checks -CAfile rootcacert.pem subcacert.pem subcacert.pem: /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Class 3 CA 3:PN error 29 at 0 depth lookup:subject issuer mismatch /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Class 3 CA 3:PN error 29 at 0 depth lookup:subject issuer mismatch /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Class 3 CA 3:PN error 29 at 0 depth lookup:subject issuer mismatch /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Root CA 1:PN error 29 at 0 depth lookup:subject issuer mismatch OK [...] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl verify fails
On Wed, Nov 03, 2010, Bruce Stephens wrote: Erik Tkal et...@juniper.net writes: Hi Michael, Your rootcacert is not a root cert, as it was issued by C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication and Email. You need to append that cert as well to your CAfile. That seems to be a change in behaviour. 0.9.8o is happy: brs% openssl version OpenSSL 0.9.8o 01 Jun 2010 brs% openssl verify -verbose -CAfile rootcacert.pem subcacert.pem subcacert.pem: OK brs% openssl verify -issuer_checks -CAfile rootcacert.pem subcacert.pem subcacert.pem: /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Class 3 CA 3:PN error 29 at 0 depth lookup:subject issuer mismatch /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Class 3 CA 3:PN error 29 at 0 depth lookup:subject issuer mismatch /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Class 3 CA 3:PN error 29 at 0 depth lookup:subject issuer mismatch /C=DE/O=SCA Deutsche Post Com GmbH/CN=Signtrust CERT Root CA 1:PN error 29 at 0 depth lookup:subject issuer mismatch OK Is that unmodified OpenSSL 0.9.8o? If so that's peculiar I get the expected error here. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl verify fails
Erik Tkal wrote: Your rootcacert is not a root cert, as it was issued by C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http://www.usertrust.com, CN=UTN-USERFirst-Client Authentication and Email. You need to append that cert as well to your CAfile. Shouldn't it be possible to mark every cert in the chain as trusted root and therefore path building should stop there? Also what's the magic behind these ASCII armor lines generated with openssl x509 -trustout ? -BEGIN TRUSTED CERTIFICATE- -END TRUSTED CERTIFICATE- Does that have any effect? Ciao, Michael. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl verify fails
Erik Tkal et...@juniper.net writes: Maybe that's a bug in OpenSSL 0.9.8o? The docs for verify say It is an error if the whole chain cannot be built up. Maybe, but I think it's just as reasonable to regard it as a bug in the docs. I think it's useful for verify to be able to verify chains from trust anchors (whether or not they're root CAs), and that verify ought to regard -CAfile and -CApath as pointing at certificates representing such trust anchors. With that interpretation 0.9.8o is right and 1.0.0a appears to be wrong. [...] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl verify fails
Bruce Stephens wrote: Erik Tkal et...@juniper.net writes: Maybe that's a bug in OpenSSL 0.9.8o? The docs for verify say It is an error if the whole chain cannot be built up. Maybe, but I think it's just as reasonable to regard it as a bug in the docs. I think it's useful for verify to be able to verify chains from trust anchors (whether or not they're root CAs), and that verify ought to regard -CAfile and -CApath as pointing at certificates representing such trust anchors. Which is IMHO what section 6.1.1 of RFC 5280 says. I vaguely remember a lengthy discussion on ietf-pkix mailing list with the result that a trust anchor cert does not necessarily have to be a self-signed cert. With that interpretation 0.9.8o is right and 1.0.0a appears to be wrong. Yupp. Ciao, Michael. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: openssl verify fails
Dr. Stephen Henson st...@openssl.org writes: [...] Is that unmodified OpenSSL 0.9.8o? If so that's peculiar I get the expected error here. No, it's Debian's 0.9.8o-2. [...] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org