[openssl.org #2456] EV API only supports CBC mode, please enhance to support *_ctr()
Until other cipher modes are supported by OpenSSL's EV , Ruby's cipher mode support is limited to the weakened CBC cipher modes (see http://redmine.ruby-lang.org/issues/show/4408). Having only CBC mode available leads to an attack that can recover up to 32bits of plaintext from an arbitrary block of cipher text (see http://www.kb.cert.org/vuls/id/958563). In order to mitigate this vulnerabilty its recommended can be setup to use CTR mode rather CBC mode. However, it seems that in evp.h you will find this: #if 0 const EVP_CIPHER *EVP_aes_128_ctr(void); #endif In fact, the only CTR-mode that seems to be implemented is in the non-abstracted aes.h (AES_ctr128_encrypt), the other instances (in evp.h) do all seem to be commented out for some reason. i'd have expected at the very least EVP_aes_128_ctr to be defined, since it would be implemented by invoking AES_ctr128_encrypt. Thanks, micah pgpGvXp0vYz9Z.pgp Description: PGP signature
[openssl.org #2353] PATCH: add missing OSCPSigning bits
In a recent attempt to add missing extended key usage pieces, I noticed
that the OCSPSigning extended key usage was not fully implemented. It is
perfectly possible that I am not fully cognizant of how the code works,
and it is properly implemented. It is however, clearly not documented.
The attached patch adds the bits that to my relatively uneducated eye
are missing for OSCPSigning extended key usage, including the missing
documentation update.
Micah
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index fe46624..e2345fb 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -175,3 +175,4 @@ static const unsigned char lvalues[5824]={
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [666] OBJ_code_sign */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [674] OBJ_email_protect */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [682] OBJ_time_stamp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [682] OBJ_OSCPSigning */
@@ -1091,3 +1090,4 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
{"emailProtection","E-mail Protection",NID_email_protect,8,
&(lvalues[674]),0},
{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[682]),0},
+{"OSCPSigning", "OSCP Signing",NID_OSCPSigning,8,&(lvalues[683]),0},
diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h
index bd0ee52..191c895 100644
--- a/crypto/objects/objects.h
+++ b/crypto/objects/objects.h
@@ -714,3 +714,7 @@
#define NID_time_stamp 133
#define OBJ_time_stamp OBJ_id_kp,8L
+#define SN_OCSP_sign "OCSPSigning"
+#define LN_OCSP_sign "OCSP Signing"
+#define NID_OCSP_sign 180
+#define OBJ_OCSP_sign OBJ_id_kp,9L
diff --git a/doc/apps/x509v3_config.pod b/doc/apps/x509v3_config.pod
index 0450067..e138eb3 100644
--- a/doc/apps/x509v3_config.pod
+++ b/doc/apps/x509v3_config.pod
@@ -115,3 +115,4 @@ following PKIX, NS and MS values are meaningful:
codeSigning Code signing.
emailProtection E-mail Protection (S/MIME).
timeStamping Trusted Timestamping
+ OCSPSigning OCSP Signing
[openssl.org #2352] PATCH: Add new extended key usage ipsecIKE
According to RFC 4945 § 5.1.3.12 section title "ExtendedKeyUsage"[0] the
following extended key usage has been added:
... this document defines an ExtendedKeyUsage keyPurposeID that MAY be
used to limit a certificate's use:
id-kp-ipsecIKE OBJECT IDENTIFIER ::= { id-kp 17 }
where id-kp is defined in RFC 3280 [5]. If a certificate is intended
to be used with both IKE and other applications, and one of the other
applications requires use of an EKU value, then such certificates
MUST contain either the keyPurposeID id-kp-ipsecIKE or
anyExtendedKeyUsage [5], as well as the keyPurposeID values
associated with the other applications. Similarly, if a CA issues
multiple otherwise-similar certificates for multiple applications
including IKE, and it is intended that the IKE certificate NOT be
used with another application, the IKE certificate MAY contain an EKU
extension listing a keyPurposeID of id-kp-ipsecIKE to discourage its
use with the other application. Recall, however, that EKU extensions
in certificates meant for use in IKE are NOT RECOMMENDED.
Conforming IKE implementations are not required to support EKU. If a
critical EKU extension appears in a certificate and EKU is not
supported by the implementation, then RFC 3280 requires that the
certificate be rejected. Implementations that do support EKU MUST
support the following logic for certificate validation:
o If no EKU extension, continue.
o If EKU present AND contains either id-kp-ipsecIKE or
anyExtendedKeyUsage, continue.
o Otherwise, reject cert.
I believe that the attached patch adds the ipsecIKE extended key usage
flag to openssl.
Micah
0. http://tools.ietf.org/html/rfc4945#section-5.1.3.12
--
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index fe46624..e2345fb 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -175,6 +175,8 @@ static const unsigned char lvalues[5824]={
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x03, /* [666] OBJ_code_sign */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x04, /* [674] OBJ_email_protect */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x08, /* [682] OBJ_time_stamp */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x09, /* [682] OBJ_OSCPSigning */
+0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x17, /* [684] OBJ_ipsecIKE */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x15,/* [690] OBJ_ms_code_ind */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x02,0x01,0x16,/* [700] OBJ_ms_code_com */
0x2B,0x06,0x01,0x04,0x01,0x82,0x37,0x0A,0x03,0x01,/* [710] OBJ_ms_ctl_sign */
@@ -1091,6 +1090,8 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
{"emailProtection","E-mail Protection",NID_email_protect,8,
&(lvalues[674]),0},
{"timeStamping","Time Stamping",NID_time_stamp,8,&(lvalues[682]),0},
+{"OSCPSigning", "OSCP Signing",NID_OSCPSigning,8,&(lvalues[683]),0},
+{"ipsecIKE", "ipsec Internet Key Exchange (IKE)",NID_ipsecIKE,8,&(lvalues[684]),0},
{"msCodeInd","Microsoft Individual Code Signing",NID_ms_code_ind,10,
&(lvalues[690]),0},
{"msCodeCom","Microsoft Commercial Code Signing",NID_ms_code_com,10,
@@ -4636,5 +4627,6 @@
180, /* OBJ_OCSP_sign1 3 6 1 5 5 7 3 9 */
297, /* OBJ_dvcs 1 3 6 1 5 5 7 3 10 */
+893, /* OBJ_ipsec_IKE1 3 6 1 5 5 7 3 17 */
298, /* OBJ_id_it_caProtEncCert 1 3 6 1 5 5 7 4 1 */
299, /* OBJ_id_it_signKeyPairTypes 1 3 6 1 5 5 7 4 2 */
300, /* OBJ_id_it_encKeyPairTypes1 3 6 1 5 5 7 4 3 */
diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h
index 27304e1..decf0cc 100644
--- a/crypto/objects/obj_mac.h
+++ b/crypto/objects/obj_mac.h
@@ -1530,6 +1515,11 @@
#define NID_dvcs 297
#define OBJ_dvcs OBJ_id_kp,10L
+#define SN_ipsec_IKE "ipsecIKE"
+#define LN_ipsec_IKE "ipsec Internet Key Exchange (IKE)"
+#define NID_ipsec_IKE 893
+#define OBJ_ipsec_IKE OBJ_id_kp,17L
+
#define SN_id_it_caProtEncCert "id-it-caProtEncCert"
#define NID_id_it_caProtEncCert 298
#define OBJ_id_it_caProtEncCert OBJ_id_it,1L
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 8c50aac..4bc3dfb 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -890,3 +887,4 @@ houseIdentifier 889
supportedAlgorithms 890
deltaRevocationList 891
dmdName 892
+ipsecIKE 893
\ No newline at end of file
diff --git a/crypto/objects/objects.h b/crypto/objects/objects.h
index bd0ee52..191c895 100644
--- a/crypto/objects/objects.h
+++ b/crypto/objects/objects.h
@@ -714,6 +714,16 @@
#define NID_time_stamp 133
#define OBJ_time_stamp OBJ_id_kp,8L
+#define SN_OCSP_sign "OCSPSigning"
+#define LN_OCSP_sign "OCSP Signing"
+#define NID_OCSP_sign 180
+#define OBJ_OCSP_sign OBJ_id_kp,9L
+
+#define SN_ipsec_IKE "ipsecIKE"
+#define LN_ipsec_IKE "ipsec Internet Key Exchange (IKE)"
+#define NID_ipsec_IKE 893
+#define OBJ_ipsec_IKE OBJ_id_kp,17L
+
/* Additional extended key usage OIDs: Microso
[openssl.org #2351] PATCH: Remove obsolete ipsec extended key usages
Hi,
The extended key usages id-kp-ipsecEndSystem, id-kp-ipsecTunnel and
id-kp-ipsecUser are obsoleted as per RFC 4945 § 5.1.3.12 section title
"ExtendedKeyUsage":
... Note that there were three IPsecrelated object identifiers in EKU
that were assigned in 1999. The semantics of these values were never
clearly defined. The use of these three EKU values in IKE/IPsec is
obsolete and explicitly deprecated by this specification. CAs SHOULD NOT
issue certificates for use in IKE with them. (For historical reference
only, those values were id-kp-ipsecEndSystem, id-kp-ipsecTunnel, and
id-kpipsecUser.) ...
I believe that the attached patch removes these extendedkey usages to
comply with the SHOULD NOT assertion in RFC 4945.
Note: A new extended key usage has been created for the Internet Key
Exchange (IKE) called id-kp-ipsecIKE has been added. A follow-up issue
will be created for that.
Micah
diff --git a/crypto/objects/obj_dat.h b/crypto/objects/obj_dat.h
index fe46624..e2345fb 100644
--- a/crypto/objects/obj_dat.h
+++ b/crypto/objects/obj_dat.h
@@ -334,9 +336,6 @@ static const unsigned char lvalues[5824]={
0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x08, /* [2129] OBJ_sbgp_autonomousSysNum */
0x2B,0x06,0x01,0x05,0x05,0x07,0x01,0x09, /* [2137] OBJ_sbgp_routerIdentifier */
0x2B,0x06,0x01,0x05,0x05,0x07,0x02,0x03, /* [2145] OBJ_textNotice */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x05, /* [2153] OBJ_ipsecEndSystem */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x06, /* [2161] OBJ_ipsecTunnel */
-0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x07, /* [2169] OBJ_ipsecUser */
0x2B,0x06,0x01,0x05,0x05,0x07,0x03,0x0A, /* [2177] OBJ_dvcs */
0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x01, /* [2185] OBJ_id_it_caProtEncCert */
0x2B,0x06,0x01,0x05,0x05,0x07,0x04,0x02, /* [2193] OBJ_id_it_signKeyPairTypes */
@@ -1357,10 +1358,6 @@ static const ASN1_OBJECT nid_objs[NUM_NID]={
{"sbgp-routerIdentifier","sbgp-routerIdentifier",
NID_sbgp_routerIdentifier,8,&(lvalues[2137]),0},
{"textNotice","textNotice",NID_textNotice,8,&(lvalues[2145]),0},
-{"ipsecEndSystem","IPSec End System",NID_ipsecEndSystem,8,
- &(lvalues[2153]),0},
-{"ipsecTunnel","IPSec Tunnel",NID_ipsecTunnel,8,&(lvalues[2161]),0},
-{"ipsecUser","IPSec User",NID_ipsecUser,8,&(lvalues[2169]),0},
{"DVCS","dvcs",NID_dvcs,8,&(lvalues[2177]),0},
{"id-it-caProtEncCert","id-it-caProtEncCert",NID_id_it_caProtEncCert,
8,&(lvalues[2185]),0},
@@ -2897,9 +2894,6 @@ static const unsigned int sn_objs[NUM_SN]={
647, /* "international-organizations" */
869, /* "internationaliSDNNumber" */
142, /* "invalidityDate" */
-294, /* "ipsecEndSystem" */
-295, /* "ipsecTunnel" */
-296, /* "ipsecUser" */
86, /* "issuerAltName" */
770, /* "issuingDistributionPoint" */
492, /* "janetMailbox" */
@@ -4629,7 +4623,4 @@ static const unsigned int obj_objs[NUM_OBJ]={
130, /* OBJ_client_auth 1 3 6 1 5 5 7 3 2 */
131, /* OBJ_code_sign1 3 6 1 5 5 7 3 3 */
132, /* OBJ_email_protect1 3 6 1 5 5 7 3 4 */
-294, /* OBJ_ipsecEndSystem 1 3 6 1 5 5 7 3 5 */
-295, /* OBJ_ipsecTunnel 1 3 6 1 5 5 7 3 6 */
-296, /* OBJ_ipsecUser1 3 6 1 5 5 7 3 7 */
133, /* OBJ_time_stamp 1 3 6 1 5 5 7 3 8 */
diff --git a/crypto/objects/obj_mac.h b/crypto/objects/obj_mac.h
index 27304e1..decf0cc 100644
--- a/crypto/objects/obj_mac.h
+++ b/crypto/objects/obj_mac.h
@@ -1500,21 +1500,6 @@
#define NID_email_protect 132
#define OBJ_email_protect OBJ_id_kp,4L
-#define SN_ipsecEndSystem "ipsecEndSystem"
-#define LN_ipsecEndSystem "IPSec End System"
-#define NID_ipsecEndSystem 294
-#define OBJ_ipsecEndSystem OBJ_id_kp,5L
-
-#define SN_ipsecTunnel "ipsecTunnel"
-#define LN_ipsecTunnel "IPSec Tunnel"
-#define NID_ipsecTunnel 295
-#define OBJ_ipsecTunnel OBJ_id_kp,6L
-
-#define SN_ipsecUser "ipsecUser"
-#define LN_ipsecUser "IPSec User"
-#define NID_ipsecUser 296
-#define OBJ_ipsecUser OBJ_id_kp,7L
-
#define SN_time_stamp "timeStamping"
#define LN_time_stamp "Time Stamping"
#define NID_time_stamp 133
diff --git a/crypto/objects/obj_mac.num b/crypto/objects/obj_mac.num
index 8c50aac..4bc3dfb 100644
--- a/crypto/objects/obj_mac.num
+++ b/crypto/objects/obj_mac.num
@@ -291,9 +291,6 @@ sbgp_ipAddrBlock 290
sbgp_autonomousSysNum 291
sbgp_routerIdentifier 292
textNotice 293
-ipsecEndSystem 294
-ipsecTunnel 295
-ipsecUser 296
dvcs 297
id_it_caProtEncCert 298
id_it_signKeyPairTypes 299
\ No newline at end of file
diff --git a/crypto/objects/objects.txt b/crypto/objects/objects.txt
index 52ac0a6..f477aa5 100644
--- a/crypto/objects/objects.txt
+++ b/crypto/objects/objects.txt
@@ -481,8 +481,5 @@ id-kp 2 : clientAuth : TLS Web Client Authentication
id-kp 3 : codeSigning : Code Signing
!Cname email-protect
id-kp 4 : emailProtection : E-mail Protection
-id-kp 5 : ipsecEndSystem : IPSec End System
-id-kp 6 : ipsecTunnel : IPSec Tunnel
-id-kp 7 : ipsecUser
