Re: EVP_DigestSign*() and EVP_DigestVerify*() - help needed
On 08/16/2013 05:30 PM, Ken Goldman wrote: The usual cause of a padding error is that the private key used to sign does not correspond to the public key used to verify. That is, unless you're a newbie to crypto. In that case the error is that you're passing the length of an encrypted blob using strlen(). The way I typically debug is to do a raw public key operation and trace the result. Thanks for your response, Ken. In my C code, I am able to sign and verify successfully if I use RSA_sign() and RSA_verify() with a SHA1() hash. Same set of private and public keys, same test message. And no strlen() on a binary buffer. :-) However, I'm trying to use a FIPS capable OpenSSL and, in FIPS mode, I get Low level API call to digest SHA1 forbidden when I call SHA1(), so I switched to using EVP_DigestSign*() and EVP_DigestVerify*() instead. Then I got the padding error during the verify operation. -- Thomas J. Pinkl 1002 Elbow Lane Warrington, PA 18976 T: (215) 491-0761 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: [openssl-users] Re: Displaying cert with ecdsa
Le 16/08/2013 20:10, Robert Moskowitz a écrit : On 08/14/2013 05:37 PM, Dave Thompson wrote: From: owner-openssl-us...@openssl.org On Behalf Of Robert Moskowitz Sent: Wednesday, 14 August, 2013 15:49 I have a CA cert in pem format that uses ecdsa. I have tried to display the contents with: openssl x509 -in x509-ca.pem -text -nameopt multiline -noout I get errors: Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Unable to load Public Key 140661212006240:error:0609E09C:digital envelope routines:PKEY_SET_TYPE:unsupported algorithm:p_lib.c:239: 140661212006240:error:0B07706F:x509 certificate routines:X509_PUBKEY_get:unsupported algorithm:x_pubkey.c:155: Is there an option I need to add? Is there something special with this cert's Public Key Algorithm? I'm pretty sure not. OpenSSL versions before 1.0.0 needed a cipherstring option to use ECC suites *in SSL/TLS protocol*, but local operations have worked as long as I remember. What version of OpenSSL are you running, and how was it built? In particular was it from official source, or patched? I am running Fedora 16, standard biuld stuff. Yes, I know it is time to upgrade... Fedora, an ECC certificate. This can't work, for legal reasons. Blame RedHat. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: openssl verify failure: Re: create certificate chain
From: owner-openssl-us...@openssl.org On Behalf Of sherry Sent: Friday, 16 August, 2013 20:09 Hi Dirk, (This is an open list, so I'll answer.) snip: genrsa and req -new -x509 for ca, genrsa and req -new and x509 -req for ca-int, genrsa and req -new and x509 -req for server Aside: I hope you know RSA 1024 is now considered under some threat (though not actually broken), and not safe for a projected 10-year lifetime. root@dev12042:~/cert# openssl verify -CAfile ca.crt ca-int.crt server.crt ca-int.crt: OK server.crt: CN = server error 20 at 0 depth lookup:unable to get local issuer certificate 'verify' validates each cert, individually, against only the specified or defaulted truststore. Your server.crt chains via ca-int.crt not directly to your ca.crt. Either: - concatenate ca.crt and ca-int.crt (and others if you like) into one file and use that for -CAfile. - put both ca.crt and ca-int.crt (and others if you like) in a directory with hash links or names and use for -CApath. - for this command only, add ca-int to the chain: openssl verify -CAfile ca.crt -untrusted ca-int.crt server.crt __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: SSL certificate and CA signed and -purpose
From: owner-openssl-us...@openssl.org On Behalf Of redpath Sent: Sunday, 18 August, 2013 08:12 I only deal with DSA processes so this is new to me and I have created a CA and want to create an SSL cert for a server (signed by the CA) and I am trying to understand the -purpose output for the result. Below is a simple test case of commands. I don't know what you mean by DSA processes. If you mean the Digital Signature Algorithm standardized by NIST, that is not involved at all in what you did. mkdir demoCA mkdir demoCA/newcerts mkdir demoCA/private cd demoCA touch index.txt echo 1000 serial cd .. *//create CA* openssl req -new -x509 -days 3650 -extensions v3_ca -keyout ./demoCA/private/cakey.pem -out ./demoCA/cacert.pem -config myconfig.cnf -batch -passout pass:password *//Now create an SSL certificate* openssl genrsa -out myrsa.pem 2048 See below. openssl req -new -out rsapub.csr -days 731 -keyout myrsa.key -batch -extensions v3_OCSP -config myconfig.cnf -passout pass:password Asides: -extensions on req -new are meaningful only if the config file used for ca has copy_extensions set, which is not the default but the default doesn't have v3_OCSP either. Even if you do use extensions in the req, unless v3_OCSP is a perversely confusing name it is probably not suitable for a webserver (Apache) cert as you say below you want. openssl ca -out *rsapub.crt.pem* -in rsapub.csr -passin pass:password -config myconfig.cnf -batch -cert ./demoCA/cacert.pem * //Check purpose* openssl x509 -text -in *rsapub.crt.pem* -notext -purpose Certificate purposes: *SSL client : Yes* SSL client CA : No *SSL server : Yes* SSL server CA : No Netscape SSL server : Yes Netscape SSL server CA : No S/MIME signing : Yes S/MIME signing CA : No S/MIME encryption : Yes S/MIME encryption CA : No CRL signing : Yes CRL signing CA : No Any Purpose : Yes Any Purpose CA : Yes OCSP helper : Yes OCSP helper CA : No Time Stamp signing : No Time Stamp signing CA : No There is no -notext for x509. ITYM -noout. 1) So is this correct to be used by a Server for SSL cert giving the rsapub.crt.pem and the myrsa.key to the Apache server for configuration. Yes, this cert is considered suitable for an SSL server such as Apache httpd (or tomcat with APR). On condition that the clients of that server (e.g. browsers) are configured to trust your CA cert, which they won't be by default. Aside: myrsa.pem and rsapub.* are not very meaningful names, but good enough for an example. I don't understand these fields SSL server CA:no and SSL client CA:no Those would be for certain kinds of CA certs. This isn't a CA cert, and you don't want a CA cert for an SSL server. 2) Also what command can I use to see if it is signed by the CA. openssl verify -CAfile $cacert rsapub.crt.pem where $cacert is ./demoCA/cacert.pem or a copy of it. For a child cert to be valid, it must be signed by the parent AND several other crosschecks must pass; 'verify' does all of these except limited revocation. If you really want to test only that the child cert is signed by the CA, but NOT the other requirements, it's more complicated; if so ask again. 3) I am also surprised I cannot give the config file for this command but must specify the bit default to use? Maybe I am missing something. I think using my config I am sure all options I want are always used. openssl genrsa -out myrsa.pem 2048 This wasn't actually used at all by the req -new. You can generate a key(pair) explicitly and then use it for req -new, but not the way you did it; your req -new generated a new RSA keypair using default_bits from the config file, as well as using Subject name information from the config file. If you want the explicit generation, which you apparently don't, then yes genrsa uses only command options not config file. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: SSL certificate and CA signed and -purpose
What I meant by DSA (not to spell it out Digital Signature Algorithms) is that most of my work is using certs for signing data not creating an SSL cert and signing with a CA. Thanks a bunch for answering my question to 1) verify that the cert is signed by the CA I use this command openssl verify -CAfile $cacert rsapub.crt.pem 2) and this cert example is good for Apache SSL with the -purpose option shown that was used openssl x509 -in cerrtname.pem -noout -purpose (the -notext is a slip in the command shown geez) Certificate purposes: *SSL client : Yes* SSL client CA : No *SSL server : Yes* SSL server CA : No Netscape SSL server : Yes Netscape SSL server CA : No -- View this message in context: http://openssl.6102.n7.nabble.com/SSL-certificate-and-CA-signed-and-purpose-tp46222p46236.html Sent from the OpenSSL - User mailing list archive at Nabble.com. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: simple file encrypt/decrypt
That is a very broad question. Here is an example in PHP: http://www.w3schools.com/php/func_string_sha1.asp On Sat, Aug 17, 2013 at 7:15 AM, Ztatik Light ztatik.li...@gmail.comwrote: anyone have simple code for encrypting/decrypting a file with a specified key using a specified cipher ? i'm getting really weird bugs with my code, i can provide a properly encrypted file to test with