Re: Openssl upgrade to 1.1.1o on Red Linux 5.11

On 6/22/2022 10:32 AM, Gaurav Mittal11 wrote: Hi Team, Is there any way to upgrade openssl in redhat 5.11 as I am getting error its not supported. > uname -a Linux serverxxx 2.6.18-419.el5 #1 SMP Wed Feb 22 22:40:57 EST 2017 x86_64 x86_64 x86_64 GNU/Linux Red Hat Enterprise Linux Server

Openssl 3.0.0 creating ECC key from X and Y, PEM_write_PUBKEY fails

I have X and Y as bignums. I create EVP_PKEY with this. I suspect that I have to do another step to indicate that I supplied X and Y and not a compressed public key. param_bld = OSSL_PARAM_BLD_new(); rc = getEcCurveString(, gets strings like prime256v1

Re: openssl 3.0.0 get ECC public key modulus from EVP_PKEY

On 10/14/2021 6:39 AM, Matt Caswell wrote: "priv" (OSSL_PKEY_PARAM_PRIV_KEY) The private key value. Since its an integer using EVP_PKEY_get_bn_param() would be appropriate here, but not EVP_PKEY_get_octet_string_param(). Basically you need to know the type of the parameter you are

Re: openssl 3.0.0 get ECC public key modulus from EVP_PKEY

On 10/13/2021 12:06 PM, Matt Caswell wrote: On 12/10/2021 23:37, Ken Goldman wrote: In pre-3.0.0, I used this, omitting the error checking, malloc, ... ecPoint = EC_KEY_get0_public_key(ecKey); ecGroup = EC_KEY_get0_group(ecKey); EC_POINT_point2oct(ecGroup, ecPoint

openssl 3.0.0 get ECC public key modulus from EVP_PKEY

In pre-3.0.0, I used this, omitting the error checking, malloc, ... ecPoint = EC_KEY_get0_public_key(ecKey); ecGroup = EC_KEY_get0_group(ecKey); EC_POINT_point2oct(ecGroup, ecPoint, POINT_CONVERSION_UNCOMPRESSED,

EVP_EncryptInit_ex2() operation

Does it make sense to initialize the context once and then use it multiple times, or is cleaner to create a new one from the raw key byte string each time? I've seen sample code that uses this to 'reset' the context for a new encryption. EVP_EncryptInit_ex2(e, NULL, NULL, NULL, NULL);

openssl 3.0.0 equivalent to RSA_get0_key

... and RSA_get0_factors. I know about EVP_PKEY_get_bn_param(). However, that allocates new bignums. Therefore, the caller has to say, if >3.0.0, free them, else don't. The deprecated get0 functions just returned pointers that did not have to be separately freed. Is there a call to pass in

Openssl 3.0.0. EVP_PKEY RSA is NULL

I am doing the following, but the EVP_PKEY->pkey->rsa is null. Am I misusing the API or missing a step? (error checking removed) EVP_PKEY*rsa_pub_key = NULL; EVP_PKEY_CTX*ctx = NULL; OSSL_PARAM_BLD *param_bld = NULL; OSSL_PARAM *params = NULL;

Re: Openssl 3.0.0. EVP_PKEY_CTX vs EVP_PKEY

On 9/14/2021 11:40 AM, Tomas Mraz wrote: On Tue, 2021-09-14 at 11:11 -0400, Ken Goldman wrote: Conceptually, how are these different? When do I use one vs the other? The EVP_PKEY is an object holding data (well, rather a reference, but that is fairly irrelevant) of a private key, public key

Openssl 3.0.0. EVP_PKEY_CTX vs EVP_PKEY

Conceptually, how are these different? When do I use one vs the other? Where would I learn this?

Re: EVP_MAC_init - specify the hash algorithm

Where does one get the parameter values? E.g., where would I see the value strings for the EVP_MAC_new algorithm and the digest parameter values. I can guess HMAC and SHA256, but are they documented? Case sensitive? Which is preferred? You use EVP_MAC_new, which is undocumented. The doc

TYPE_new() and TYPE_free()

Assuming that I use the ASN1_SEQUENCE, ASN1_SEQUENCE_END, DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS macros ... TYPE_free() says that it frees all sub-objects. Can I assume that, if the sub-objects are also defined with those macros, that it will iterate all the way? TYPE_new() allocates

Re: openssl 3.0.0 valgrind failure on OPENSSL_ia32_cpuid - retract, sorry

On 8/27/2021 3:46 PM, Ken Goldman wrote: I run valgrind on all my software to find memory leaks.  This worked for openssl 1.0.2 and 1.1.1, but fails with 3.0.0.  Suggestions? Sorry, I updated valgrind and all is well.

openssl 3.0.0 valgrind failure on OPENSSL_ia32_cpuid

I run valgrind on all my software to find memory leaks. This worked for openssl 1.0.2 and 1.1.1, but fails with 3.0.0. Suggestions? vex amd64->IR: unhandled instruction bytes: 0xF3 0xF 0x1E 0xFA 0x49 0x89 0xD8 0x31 vex amd64->IR: REX=0 REX.W=0 REX.R=0 REX.X=0 REX.B=0 vex amd64->IR: VEX=0

Re: 3.0.0. IMPLEMENT_ASN1_FUNCTIONS missing _it prototypes

On 8/24/2021 5:56 AM, Matt Caswell wrote: On 23/08/2021 20:42, Ken Goldman wrote: I get warnings on all my ASN1_SEQUENCE_END, a missing prototype for the _it functions. The code is working, but I'd like a clean compile. 3.0.0 only, 1.0.2 and 1.1.1 are OK. Example: #include #include

Re: HMAC verification with EVP Interface

On 8/26/2021 5:35 AM, d0 wrote: Don't forget to use CRYPTO_memcmp for comparing the HMACs, not regular ol' memcmp. What's the rationale? The HMAC result isn't secret.

3.0.0. IMPLEMENT_ASN1_FUNCTIONS missing _it prototypes

I get warnings on all my ASN1_SEQUENCE_END, a missing prototype for the _it functions. The code is working, but I'd like a clean compile. 3.0.0 only, 1.0.2 and 1.1.1 are OK. Example: #include #include #include #include typedef struct { ASN1_TIME *notBefore; ASN1_TIME *notAfter; }

Re: Set X509 public key in 1.0.2

On 8/20/2021 7:19 PM, Thomas Dwyer III wrote: 1.0.2 has X509_PUBKEY_get() (without the zero) which I believe increases the reference count on the EVP_PKEY. Perfect! It was not in the 1.0.2 man page, but it seems to be portable across 1.0.1, 1.1.1, 3.0.0.

Set X509 public key in 1.0.2

I have an X509_PUBKEY structure holding the algorithm and public key. I want to set it in the X509 structure. In 1.1.1 and up, I can use evpPubkey = X509_PUBKEY_get0(addToCert->key);/* X509_PUBKEY */ X509_set_pubkey(x509Certificate, evpPubkey); However, 1.0.2 doesn't

Re: IMPLEMENT_ASN1_FUNCTIONS tutorial or help

On 8/17/2021 9:47 PM, Sands, Daniel via openssl-users wrote: The dump you show below is: Attributes (set, tagged with a 0, optional) Version privateKeyAlgorithm privateKey This is a PKCS#8 packet for a key. The encapsulated data is the RSA public key in PKCS1 format. I know OpenSSL has

Re: IMPLEMENT_ASN1_FUNCTIONS tutorial or help

) DECLARE_ASN1_FUNCTIONS(TPM_ADDTOCERT) IMPLEMENT_ASN1_FUNCTIONS(TPM_ADDTOCERT) const unsigned char *tmpptr = out.addedToCertificate.t.buffer; TPM_ADDTOCERT *addToCert = d2i_TPM_ADDTOCERT(NULL, , out.addedToCertificate.t.size); On 8/16/2021 4:56 PM, Ken

Re: [EXTERNAL] Re: IMPLEMENT_ASN1_FUNCTIONS tutorial or help

On 8/17/2021 12:57 PM, Sands, Daniel via openssl-users wrote: Now I would like to do the other end, where I have der and I want to parse back to the structure, using d2i() 1 - Is there a tutorial on this? Seems like you don't need one. If you got i2d working you should have d2i already!

Re: IMPLEMENT_ASN1_FUNCTIONS tutorial or help

On 8/17/2021 10:38 AM, Matt Caswell wrote: On 16/08/2021 21:56, Ken Goldman wrote: I am trying to parse some ASN.1 DER so I can add it to an X.509 certificate. For the input side, a poster showed me ASN1_SEQUENCE, ASN1_SEQUENCE_END, and then DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS

IMPLEMENT_ASN1_FUNCTIONS tutorial or help

I am trying to parse some ASN.1 DER so I can add it to an X.509 certificate. For the input side, a poster showed me ASN1_SEQUENCE, ASN1_SEQUENCE_END, and then DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS which created the i2d() function. Now I would like to do the other end, where I have

Re: Misunderstanding openssl verify

On 8/16/2021 10:04 AM, Viktor Dukhovni wrote: It seems as though the 'verify' command checks the issuer, but not the signature of the certificate - the last parameter. > As documented. Then I am not understanding the documentation. https://www.openssl.org/docs/man1.1.1/man1/verify.html

Misunderstanding openssl verify

It doesn't seem to be verifying the signature on the certificate parameter. Version 1.1.1k. I create an incorrectly signed self signed certificate and convert it from der to pem. A basic openssl verify -CAfile c1.pem c1.pem Returns OK, even though the signature is bad. Why? Editing

Re: openssl 3.0 - id2_x509() now fails

On 8/9/2021 3:50 AM, Tomas Mraz wrote: On Fri, 2021-08-06 at 18:06 -0400, Ken Goldman wrote: On 8/6/2021 1:11 PM, Ken Goldman wrote: I have an application where I have to create a partial x509 certificate.  It gets sent to an HSM, which fills in the public key and signs it. I was calling

Re: openssl 3.0 - id2_x509() now fails

On 8/6/2021 1:11 PM, Ken Goldman wrote: I have an application where I have to create a partial x509 certificate.  It gets sent to an HSM, which fills in the public key and signs it. I was calling X509_new X509_set_version X509_set_issuer_name X509_get_notBefore

openssl 3.0 - id2_x509() now fails

I have an application where I have to create a partial x509 certificate. It gets sent to an HSM, which fills in the public key and signs it. I was calling X509_new X509_set_version X509_set_issuer_name X509_get_notBefore X509_get_notAfter

openssl 3.0 genpkey

Should these be posted here or as github issues? (May be user error) 1 openssl genpkey -algorithm rsa -outform der -out key.der -quiet returns: genpkey: Option -quiet needs a value But the docs don't indicate that a value is needed. 2 openssl genpkey -algorithm rsa -outform der -out

Re: EVP_MD_CTX_free documentation

On 30/07/2021 17:55, Ken Goldman wrote: It would be nice if the documentation would guarantee that this function is a no-op when the parameter is NULL - like the standard free() call. This would save coding (if not NULL) all the time. Same comment for all the _free functions. I know I can look

EVP_MD_CTX_free documentation

It would be nice if the documentation would guarantee that this function is a no-op when the parameter is NULL - like the standard free() call. This would save coding (if not NULL) all the time. Same comment for all the _free functions. I know I can look at the code, but that doesn't provide

Re: RSA_set0_key() equivalent for 3.0.0

On 7/13/2021 5:14 PM, William Roberts wrote: Outside of the migration guide others have pointed out, I think the functions you need are: https://www.openssl.org/docs/manmaster/man3/EVP_PKEY_set1_RSA.html Use use EVP level

Re: RSA_set0_key() equivalent for 3.0.0

On 7/13/2021 5:08 PM, Nicola Tuveri wrote: There is the migration guide: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod The migration guide is very general. It says that the low level

RSA_set0_key() equivalent for 3.0.0

What is the 3.0.0 equivalent to RSA_set0_key() when I want to create a key token from n and e. Meta question: Is there a porting guide for these type of questions - something that says, "If you used this before, use this now."

Re: EVP_MAC_init - specify the hash algorithm

On 7/13/2021 2:50 PM, Matt Caswell wrote: On 13/07/2021 19:02, Ken Goldman wrote: Porting to 3.0 ... HMAC_Init_ex() had a place for the hash algorithm.  EVP_MAC_init() does not, unless it's embedded in the 'params' parameter. Any advice?  Or a sample for doing an HMAC with 3.0? If its

EVP_MAC_init - specify the hash algorithm

Porting to 3.0 ... HMAC_Init_ex() had a place for the hash algorithm. EVP_MAC_init() does not, unless it's embedded in the 'params' parameter. Any advice? Or a sample for doing an HMAC with 3.0?

Re: Random and rare Seg faults at openssl library level

On 1/7/2021 10:11 AM, Michael Wojcik wrote: $ cat /etc/redhat-release && openssl version CentOS Linux release 7.9.2009 (Core) OpenSSL 1.0.2k-fips 26 Jan 2017 Ugh. Well, OP should have made that clear in the original message. And this is one of the problems with using an OpenSSL supplied by

Re: Random and rare Seg faults at openssl library level

On 1/6/2021 12:10 PM, Gimhani Uthpala wrote: I am getting seg-faults at openssl level. This only occurred very randomly and the following are stacks that seg faults  at openssl level in the given 2 cases. We are using openssl 1.0.2k. The usual cause is that you are compiling with one

openssl with Rust

Environment is Windows, Visual Studio Code, the Shining Light openssl build and the openssl crate. Does anyone have experience getting this to link? Environment variables? cargo.toml anything else?

OpenSSL version 3.0.0-alpha1 build failed

My build failed with the below. x86_64 Linux kernel 2.6.32 RHEL 6.7 Perl 5.10.1 Everything through 1.1.1e was successful. ~~ ./config Operating system: x86_64-whatever-linux2 Configuring OpenSSL version 3.0.0-alpha1 for target linux-x86_64 Using os-specific seed configuration *** glibc

Re: Fails on verifying signature - RSA_padding_check_PKCS1_type_1:invalid padding

On 2/13/2020 12:40 PM, Pedro Lopes wrote: When I try to verify the signature, fails with RSA_padding_check_PKCS1_type_1:invalid padding. That error typically means that the verification public key does does not match the signing private key.

Re: Add ECDSA signature R and S to X509 structure

On 8/17/2019 5:35 AM, Billy Brumley wrote: Hey Ken, I have an ECDSA signature supplied to me as R and S byte arrays and lengths (from an HSM). How do I add them to the X509 structure? Is there an API, a set of calls, or do you have any hints? You might be looking for ECDSA_SIG_set0:

Add ECDSA signature R and S to X509 structure

I have an ECDSA signature supplied to me as R and S byte arrays and lengths (from an HSM). How do I add them to the X509 structure? Is there an API, a set of calls, or do you have any hints? ~~ For RSA, I simply filled in the ASN1_BIT_STRING length, data, and flags, but an RSA signature is

Adding signature items to X509 certificate structure

This use case is that I have an HSM that internally forms an X509 certificate and returns the signature. I have to reconstruct the X509 structure externally. I have everything but the signature and its algorithm. How can I programmatically set these values? What I do now is: -

Re: Building a DER sequence

On 7/3/2019 4:30 PM, Viktor Dukhovni wrote: On Jul 3, 2019, at 2:41 PM, Ken Goldman wrote: That link points to the X509_dup page. It doesn't explain how to build a DER sequence, does it? The documentation is incomplete, and much RTFS is required, but it and code pointers should get you

Re: Building a DER sequence

On 7/1/2019 6:03 PM, Viktor Dukhovni wrote: On Mon, Jul 01, 2019 at 09:40:25PM +, Salz, Rich via openssl-users wrote: I see those macros, but ... is there any documentation? No. There's a high-level overview at: https://www.openssl.org/docs/manmaster/man3/X509_dup.html

Re: Building a DER sequence

On 7/1/2019 5:19 PM, Viktor Dukhovni wrote: On Jun 25, 2019, at 10:59 AM, Ken Goldman wrote: I have to build a DER byte stream for a sequence containing: algorithm ID issuer validity subject name extensions What is the general approach? See

Re: Building a DER sequence

On 6/26/2019 11:34 AM, Salz, Rich via openssl-users wrote: Do I construct a sequence and add items to it - top down? No, because then you have to go back and patch the sequence length and perhaps slide everything up or down a copule of bytes. I would look at an existing simple sequence

Re: Building a DER sequence

On 6/26/2019 11:34 AM, Salz, Rich via openssl-users wrote: Do I construct a sequence and add items to it - top down? No, because then you have to go back and patch the sequence length and perhaps slide everything up or down a copule of bytes. I would look at an existing simple sequence

Building a DER sequence

I have to build a DER byte stream for a sequence containing: algorithm ID issuer validity subject name extensions What is the general approach? Is there openssl support for this? Do I construct a sequence and add items to it - top down? Or do I

Re: why does RAND_add() take "randomness" as a "double"?

On 5/21/2019 9:48 PM, Paul Dale wrote: Double makes sense. Entropy is often estimated as a real value. Having a human readable calculation using floating point doesn't (to me) mean that an API argument has to be a double. From what I see in the code, the parameter 'double entropy' is used

Re: why does RAND_add() take "randomness" as a "double"?

On 5/21/2019 10:07 PM, Salz, Rich via openssl-users wrote: >Then just set it to 1.0 and be done with it. That hardly helps on systems that don't have floating point at all. No it doesn't. Such systems aren't supported by OpenSSL. There are many places were floating point is

Re: why does RAND_add() take "randomness" as a "double"?

On 5/21/2019 10:15 AM, Laszlo Ersek wrote: [snip] Can someone please explain what is gained by using a floating point type here? Is it really a relevant use case that entropy is fed from an external source to OpenSSL such that truncating the amount to a whole number of bits would cause

Re: Issue in linking Openssl1.1.1b to application

On 5/9/2019 10:03 AM, vin wrote: Hi I was using an application with openssl0.9.8k .The procedure i used to link openssl to my application using visual studio -2008 was after building openssl i was linking libeay32.lib and ssleay32.lib to my application and including header files from include

Re: Using (not building) openssl with mingw on Windows 10

On 3/22/2019 12:18 PM, Michael Wojcik wrote: I seem to have discarded some of your older messages. Did you ever send us the actual link command that's being used? Maybe that will throw some light on the problem. "c:/program files/mingw/bin/gcc.exe" -D_MT -DTPM_WINDOWS -I. -shared -o

Re: Using (not building) openssl with mingw on Windows 10

On 3/20/2019 6:44 PM, Sergio NNX wrote: I've been happily using the Shining Light 32-bit binaries with both openssl 1.0 and 1.1 and mingw. Getting back to this: I tried mingw linking against these "c:/program files/openssl64/lib/libcrypto.lib" "c:/program files/openssl64/lib/libssl.lib"

Re: Using (not building) openssl with mingw on Windows 10

On 3/20/2019 12:41 PM, Michael Wojcik wrote: Sounds like you might have import libraries there. Does "ar t libcrypto.lib" show a bunch of .obj members, or a bunch of .dll members? If it's the latter, then it's just an import library that tells the linker what DLL needs to be loaded at

Re: Using (not building) openssl with mingw on Windows 10

On 10/29/2018 7:18 AM, Jakob Bohm via openssl-users wrote: On 26/10/2018 23:08, Ken Goldman wrote: I've been happily using the Shining Light 32-bit binaries with both openssl 1.0 and 1.1 and mingw. On a new machine, I tried the 64-bit binaries.  However, they're missing the openssl/lib/mingw

ECC keypair generation with password

I've been using this command to generate a password protected ECC keypair. openssl ecparam -name prime256v1 -genkey -noout | openssl pkey -aes256 -passout pass:passwd -text > tmpecprivkey.pem The output is a -BEGIN ENCRYPTED PRIVATE KEY- which I parsed using

[openssl-users] Using (not building) openssl with mingw on Windows 10

I've been happily using the Shining Light 32-bit binaries with both openssl 1.0 and 1.1 and mingw. On a new machine, I tried the 64-bit binaries. However, they're missing the openssl/lib/mingw directory where the .a files resided. It looks like the link procedure changed. Any hints before

[openssl-users] HMAC key in PEM or other format

Is there a standard format for passing around an HMAC key? Can openssl read and write it? I know that an HMAC key is just a random number, and I can probably pass it around in binary, hex ascii, or base64. But I'd rather use a standard format if there is one. -- openssl-users mailing

Re: [openssl-users] rsaOAEP OID in X509 certificate

On 8/9/2018 10:51 AM, Stephane van Hardeveld wrote: I will discuss this, but as far as I understand, these OID are allowed by the X 509 standard: 4.1.2.7. Subject Public Key Info [snip] And in rfc4055, 4.1 Openssl is capable of parsing it, only retrieving it gives an error on unknown

Re: [openssl-users] rsaOAEP OID in X509 certificate

On 8/9/2018 4:14 AM, Stephane van Hardeveld wrote: Hi Ken, I am trying to do two thing: 1: Generate X 509 certificates, with RSA-PSS signing, with different Hashing and Masking (SHA1 and SHA256), including an RSA Public key as content. This RSA 'content key' should specify it will be used for

Re: [openssl-users] rsaOAEP OID in X509 certificate

1 - If you are trying to extract the public key, X509_get_pubkey() won't work. I have sample code to do it. Let me know if you want the complete function. Basically: X509_get_X509_PUBKEY X509_PUBKEY_get0_param d2i_RSAPublicKey 2 - If you are trying to verify a

Re: [openssl-users] openssl 1.1 certificate verification fails with non-standard public key algorithm

On 7/25/2018 4:27 PM, Viktor Dukhovni wrote: Yes, that's what I'm saying, but also asking the broader list for feedback on such a change. Should security level zero succeed even with unsupported EE keys (which somehow get used with some other software???). For background, this is the TPM 1.2

Re: [openssl-users] openssl 1.1 certificate verification fails with non-standard public key algorithm

On 7/25/2018 10:47 AM, Viktor Dukhovni wrote: On Jul 25, 2018, at 10:05 AM, Ken Goldman wrote: I have a certificate with a non-standard public key algorithm -rsaesOaep. See snippet #2. With openssl 1.0, I can validate the certificate chain. With openssl 1.1 it fails with the error

[openssl-users] openssl 1.1 certificate verification fails with non-standard public key algorithm

Seeking advice. I have a certificate with a non-standard public key algorithm -rsaesOaep. See snippet #2. With openssl 1.0, I can validate the certificate chain. With openssl 1.1 it fails with the error X509_V_ERR_EE_KEY_TOO_SMALL. See dump #1. I believe that this is due to new 1.1

Re: [openssl-users] Get raw RSA public key from X509 certificate

On 04/27/18 04:50, Matt Caswell wrote: On 26/04/18 23:48, Ken Goldman wrote: On 04/26/18 16:37, Matt Caswell wrote: On 26/04/18 21:17, Ken Goldman wrote: I have to get the raw public modulus, but I cannot X509_get_pubkey() because of a non-standard object identifier. I can use

Re: [openssl-users] Get raw RSA public key from X509 certificate

On 04/26/18 16:37, Matt Caswell wrote: On 26/04/18 21:17, Ken Goldman wrote: I have to get the raw public modulus, but I cannot X509_get_pubkey() because of a non-standard object identifier. I can use X509_get_X509_PUBKEY() to get part way there.  I see the DER wrapped key

[openssl-users] Get raw RSA public key from X509 certificate

I have to get the raw public modulus, but I cannot X509_get_pubkey() because of a non-standard object identifier. I can use X509_get_X509_PUBKEY() to get part way there. I see the DER wrapped key in the public_key.data element, but I don't know an API to get to that element. Am I on the

Re: [openssl-users] X509 certificate algorithm

On 08/16/12 09:33, Dr. Stephen Henson wrote: On Thu, Aug 16, 2012, Kenneth Goldman wrote: I call these: d2i_X509() X509_print_fp() which calls pkey_set_type() EVP_PKEY_asn1_find() and that call fails. I've traced the following error down to the rsaOAEP algorithm,

[openssl-users] FIPS_mode_set(1) failing

This call fails on two platforms with: fips.c(143): OpenSSL internal error, assertion failed: FATAL FIPS SELFTEST FAILURE (or line 139) The openssl installs are: OpenSSL 1.0.1e-fips 11 Feb 2013 OpenSSL 1.0.2g-fips 1 Mar 2016 Any hints? Do I have to call a self test before entering

Re: [openssl-users] Certificate for RSA 2048 key says 2058

On 12/14/2017 1:34 PM, Viktor Dukhovni wrote: On Dec 14, 2017, at 1:11 PM, Ken Goldman <kgold...@us.ibm.com> wrote: I generate a key and self signed certificate like this: openssl genrsa -out cakey.pem -aes256 -passout pass: 2048 openssl req -new -x509 -key cakey.pem -out cace

Re: [openssl-users] [openssl-dev] Is X509_free(NULL) ok?

On 12/22/2017 9:24 AM, Salz, Rich via openssl-users wrote: if (ptr!= NULL) free(ptr); That shouldn’t be necessary for OpenSSL. If you find places where it is, please open an issue. OK. I'll mention a few, but it's a global issue. The code may handle NULL. However,

Re: [openssl-users] [openssl-dev] Is X509_free(NULL) ok?

On 12/22/2017 8:06 AM, Salz, Rich via openssl-users wrote: Our intent is that all FREE functions can handle NULL. If you find things missing or undocumented, please open an issue on GitHub. Thanks! It would be great if that was documented for all _free() functions. I currently always code

[openssl-users] Certificate for RSA 2048 key says 2058

I generate a key and self signed certificate like this: > openssl genrsa -out cakey.pem -aes256 -passout pass: 2048 > openssl req -new -x509 -key cakey.pem -out cacert.pem -days 3650 When I dump the certificate, I see Subject Public Key Info: Public Key

Re: [openssl-users] OpenSSL engine and TPM usage.

On 10/26/2017 3:33 AM, Michael Ströder wrote: Michael Richardson wrote: Jakob Bohm wrote: wow, further evidence that everything needs an upgrade path. From the viewpoint of hardware vendors the upgrade path is selling new hardware. It's simply like that. Not very

Re: [openssl-users] Storing private key on tokens

On 9/27/2017 2:19 PM, Dirk-Willem van Gulik wrote: On 27 Sep 2017, at 20:02, Michael Wojcik The tokens / HSMs I've used don't let you generate a key somewhere else and install it on the token. They insist on doing the key generation locally. That is, after all, part of the point of using a

Re: [openssl-users] openssl 1.0 and 1.1 co-exist

On 6/22/2017 7:05 AM, Jakob Bohm wrote: On 22/06/2017 04:31, Viktor Dukhovni wrote: On Wed, Jun 21, 2017 at 01:44:34PM -0400, Ken Goldman wrote: This is probably Linux specific ... Can both openssl versions co-exist on the same platform. I know that the .so is versioned, but how about

Re: [openssl-users] Openssl 1.1 RSA_get0_key() documentation

On 7/28/2017 4:05 PM, Salz, Rich via openssl-users wrote: The __current__ code for this function returns values if the **BIGNUM is not NULL. Thus, it appears safe to pass in NULL for values not needed. If this behavior is guaranteed, it would be nice if it was documented. Wanna open an

[openssl-users] Openssl 1.1 RSA_get0_key() documentation

The __current__ code for this function returns values if the **BIGNUM is not NULL. Thus, it appears safe to pass in NULL for values not needed. However, the documentation is silent on this behavior. If this behavior is guaranteed, it would be nice if it was documented. If not, a comment in

[openssl-users] openssl 1.0 and 1.1 co-exist

This is probably Linux specific ... Can both openssl versions co-exist on the same platform. I know that the .so is versioned, but how about the header files? Can I choose which library to build with? Do the headerso in the same /usr/include/openssl or are there links? Are there ifdefs in

Re: [openssl-users] NMAKE error

On 5/1/2017 12:00 PM, Jordan Brown wrote: On 5/1/2017 8:53 AM, James Condren wrote: Thanks for the prompt response. Just a little background: I am trying to install OpenSSL on a Windows PC so I can view a server cert. It might be simpler to install cygwin and an already-built OpenSSL.

Re: [openssl-users] Functions for retrive public key from x509 cert

On 3/28/2017 5:25 AM, Christian Adja via openssl-users wrote: Someone can tell me what function is called for retrieve public key from x509 cert? in the case of EC public key? X509_get_pubkey() -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] Issues while "configuring before compiling" OpenSSL on Raspberry-Pi

It is definitely possible, because we run openssl on the Pi. We did not, however, compile it ourselves. We install from a Pi repository. On 2/12/2017 8:13 AM, Ajay Garg wrote: Any ideas please? Is compiling openssl even possible on Raspberry-Pi? -- openssl-users mailing list To

Re: [openssl-users] Generate ECC key with password protection

On 1/13/2017 2:02 PM, Viktor Dukhovni wrote: parameter setting error 139854491113288:error:06089094:digital envelope routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:404: In that case, your OpenSSL library is broken, or was built without EC support. Perhaps you're running the wrong

Re: [openssl-users] Generate ECC key with password protection

On 1/13/2017 1:21 PM, Viktor Dukhovni wrote: On Fri, Jan 13, 2017 at 06:18:51PM +, Viktor Dukhovni wrote: Still no success. I think this is exactly what you suggested, and something I had already tried. openssl genpkey -out cakeyecc.pem -outform PEM -pass pass: -aes256 -algorithm

Re: [openssl-users] Generate ECC key with password protection

Thanks for the help. Am I getting closer? On 1/13/2017 9:44 AM, Viktor Dukhovni wrote: Also, take a look at test/certs/mkcert.sh: I looked at that, but what is $bits? The curve name. You're sure fond of leaving off the leading "-" in option names. You'll also really want the

Re: [openssl-users] Generate ECC key with password protection

Thanks, getting closer ... On 1/12/2017 5:47 PM, Viktor Dukhovni wrote: My latest attempt is this. It gives me a usage error. Any hints? openssl genpkey -out cakeyecc.pem -outform pem -pass pass: aes-256-cbc -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 -text The "aes-256-cbc"

Re: [openssl-users] Generate ECC key with password protection

On 7/20/2016 10:26 AM, Jakob Bohm wrote: On 20/07/2016 16:21, Ken Goldman wrote: From these web pages: https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations https://www.openssl.org/docs/manmaster/apps/ecparam.html the "openssl ecparam -genkey" command does

[openssl-users] ECDSA_SIG_new and ECDSA_SIG_free details

1 - Is this a bit of a bug? ECDSA_SIG_free() frees the r and s BIGNUMs before is frees the structure itself. However, ECDSA_SIG_new() doesn't set r and s to NULL. It calls zalloc, which sets them to 0x00 bytes. OK, in most platforms, the NULL pointer is an all 0x00 bytes value, but it's

[openssl-users] EVP_DigestVerifyFinal with ECDSA signature

I'm trying to use the EVP interface for signature verification. However, EVP_DigestVerifyFinal() takes a signature and length as parameters. While I understand this for RSA, ECDSA signatures have R and S elements. Is there a convertor function? If I must convert by hand, how is it done?

Re: [openssl-users] Raw EC key to EVP_PKEY to certificate

Perfect, thanks. On 12/30/2016 8:27 PM, Viktor Dukhovni wrote: On Dec 30, 2016, at 8:20 PM, Ken Goldman <kgold...@us.ibm.com> wrote: - EC_KEY ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1) - convert x and y from bin to bignum - EC_KEY_set_public_key_affine_coordinates(ecKey

[openssl-users] Raw EC key to EVP_PKEY to certificate

My overall goal is to create an X509 certificate for an ECC public key. I am starting with the X and Y points. The curve is NIST_P256. Here's the basic code. Am I close? - EC_KEY ecKey = EC_KEY_new_by_curve_name(NID_X9_62_prime256v1) - convert x and y from bin to bignum -

Re: [openssl-users] big endian vs little endian

On 12/18/2016 11:21 AM, sahorwitz wrote: I am obviously a newbie and missing something. How then do I encrypt the file on one machine (little endian), transmit it to another machine (big endian) and decrypt it there? Why do you think endian'ness is an issue? -- openssl-users mailing list To

Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

On 11/28/2016 3:40 PM, Salz, Rich wrote: Perhaps I didn't understand the original question. If all you want to do is compare 1.0.2 and 1.1.0, then look at OPENSSL_VERSION_NUMBER; if defined at it's 0x10101000L or greater, then you;'re on the 1.1.x branch, otherwise you are not and therefore on

Re: [openssl-users] openssl-1.1.0b : Getting keys from TPM

To read a public key, use the TPM2_ReadPublic command. I have an open source utility (tpm2pem) that converts that TPM format key to PEM. If you need the private key, you will have to "duplicate" it to a key you know and then use that key to decrypt it. It's possible. However, it defeats

Re: [openssl-users] Can you suggest any technical name for changing sources from openssl-1.0.2 to openssl-1.1.0?

I'd like an answer to this one also. I could not find that define. I did find about 10 variations, all uncommented. Could someone simply post the definitive answer? On 11/23/2016 8:50 AM, Salz, Rich wrote: Look at the OPENSSL version define. -- openssl-users mailing list To

[openssl-users] Openssl 1.1 port - hash state serializing

I have a simulation of a hardware device that has the following characteristics: - does hashing functions - resource constrained - multi-user Therefore, a typical pattern is that one application starts a digest calculation, then the hash state must get swapped out for another user. In 1.0,

  1   2   3   >