RE: FIPS OpenSSL compilation error
> From: owner-openssl-us...@openssl.org On Behalf Of Pankaj Aggarwal > Sent: Tuesday, 25 August, 2009 05:06 > I am using cygwin on windows xp to compile FIPS Openssl 1.2 using Visual studio 2005. Apparently you mean cygwin _perl_. The MS compiler and linker (which are the only ones permitted under the validated policy) run in the normal Windows environment not the Unixoid cygwin one. > I get the following error after doing ms\do_fips in openssl directory. > SET FIPS_SHA1_EXE=out32dll\fips_standalone_sha1.exe > perl util\fipslink.pl /nologo /subsystem:console /opt:ref /dll > /map /base:0xFB0 /out:out32dll\libeay32.dll /def:ms/LIBEAY32.def > @C:\DOCUME~1\PAGGAR~1\LOCALS~1\Temp\nm749.tmp > sh: out32dllfips_standalone_sha1.exe: command not found > Invalid hash received for file at util\fipslink.pl line 74. > NMAKE : fatal error U1077: 'c:\cygwin\bin\perl.EXE' : return code '0x7f' It looks like perl's attempt to run the standalone-hash failed because it used a (cygwin) shell that isn't Windows-aware and treated the backslash as a shell quote not a pathname character. There may be some way to configure cygwin perl to behave 'correctly' for Windows, perhaps by using CMD instead of a Unixoid shell, but it's probably easier to use perl built for Windows such as ActiveState. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: FIPS_mode_set(1) - FIPS_mode_set(0) - FIPS_mode_set(1)
Is this still present in FIPS module 1.2.0? -Kyle H On Mon, Aug 24, 2009 at 11:55 AM, Mike Trent wrote: > > > > Mike Trent wrote: >> >> It seems that after setting FIPS mode off one cannot set it back on again >> in the same executable. >> >> I have a test program which does: >> >> FIPS_mode_set(1) - works ok indicated by a return true. >> FIPS_mode_set(0) - to turn off and works ok, at least the FIPS_mode() call >> returns 0, so it seems to be off. >> >> Then followed by again FIPS_mode_set(1) which returns a 0 indicating >> failure. A FIPS_Mode() call indicates that the test program is still in >> non FIPS mode. >> >> Is it possible to turn off FIPS and turn it back on in an executable? >> >> Thanks. >> > Ok... found the answer. > One needs to make this call: RAND_set_rand_method(NULL); > prior to making a FIPS_mode_set(1) after having turned off FIPS. > > > -- > View this message in context: > http://www.nabble.com/FIPS_mode_set%281%29---FIPS_mode_set%280%29---FIPS_mode_set%281%29-tp25121412p25121535.html > Sent from the OpenSSL - User mailing list archive at Nabble.com. > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Am On Vacation - OoO
I will be out of the office starting 08/26/2009 and will not return until 09/03/2009. For all project related queries please contact, Sivaprasad Chidambaram : Voip - (612) - 3265 Jaffar Mohideenpulavar : Voip - (612) - 5083 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: add extension to an existing (signed) CA certificate
If you want to get an OID branch, you can get one by applying for a "Private Enterprise Number" from the IANA, at http://pen.iana.org/pen/PenApplication.page . You will be assigned a number. This number will show up at http://www.iana.org/assignments/enterprise-numbers . This becomes your OID -- 1.3.6.1.4.1.. You can delegate anything you want from it, to any depth you want, to any level of ludicrosity you want. But, you can't do that in a number space that you do not already own. -Kyle H On Tue, Aug 25, 2009 at 11:50 AM, Peter Sylvester wrote: > >> Second, I doubt your organisation is authoritative for the OID arc >> 1.1.1.1.1 - from what documentation I can find, the 1.1 arc is used for >> examples, and shouldn't be used in production. You should have your >> organisation register with IANA to be issued its own correct OID arc (or, I >> think the French Government maintains an arc under their country arc for >> organisations and companies in that country). > > Afnor maintains at least the arc under 1.2.250.1, registration > required. > > I don't know whether 2.16.250 is actually in use. > > But there is a simpler arc: > 1.3.2 followed by the 'siren' or 'siret' number, i.e. > an identification of an organisation, > no additional registration necessary. > __ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-us...@openssl.org > Automated List Manager majord...@openssl.org > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Anonymous DH client
On Tue, Aug 25, 2009, Ram G wrote: > Hi, > > I'm trying to use openSSL without certificates and authentication through > Anonymous Diffie-Hellman key exchange. I have managed to successfully > exchange messages between server and client by modifying some of the sample > programs available with the source code. > > The salient features of the modified client and server test programs are: > 1) Not loading certificates > 2) Loading the DH params in the server by reading dhparams.pem > 3) Setting the cipher to ADH-AES128-SHA on both client and server > > I have a question regarding the DH key exchange - don't we have to load DH > params on the client side as well ? > > What I have been able to gather from online sources on DH key exchange is > that > > 1) Alice and Bob decides on the prime P and generator G > 2) Alice decides on a random number X and sends G(power of X) mod P to Bob > 3) Bob decides on a random number Y and sends G(power of Y) mod P to Alice > 4) Both Bob and Alice can calculate the shared secret on their own > > In my test program, I did not do anything on the client side to generate the > shared key. > > I would really appreciate if someone can shed some light on how anonymous DH > works in OpenSSL. > The DH parameters are supplied by the server and sent to the client during the handshake so the client doesn't need any DH parameters. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: SMIME Capabilities encoding in openssl.cnf
On Tue, Aug 25, 2009, Patrick Patterson wrote: > Hello all: > > I find myself needing to create some test certificates with SMIME > Capabilities > encoded in them. Now, the ASN.1 prototype for these are: > > SMIMECapabilities ::= SEQUENCE OF SMIMECapability > > SMIMECapability ::= SEQUENCE { > capabilityID OBJECT IDENTIFIER, > parameters ANY DEFINED BY capabilityID OPTIONAL } > > To me, this means that, in an extensions section of openssl.cnf, I should be > able to do something like: > > [my_cert_extensions] > basicConstraints = CA:FALSE > keyUsage= critical, keyEncipherment, dataEncipherment > SMIME-CAPS = ASN1:SEQUENCE:smime_seq > subjectKeyIdentifier= hash > authorityKeyIdentifier = keyid,issuer > > [ smime_seq ] > capabilityID.0 = OID:sha1 > capabilityID.1 = OID:sha256 > capabilityID.2 = OID:sha1WithRSA > capabilityID.3 = OID:aes-256-ecb > capabilityID.4 = OID:aes-256-cbc > capabilityID.5 = OID:aes-256-ofb > capabilityID.6 = OID:aes-128-ecb > capabilityID.7 = OID:aes-128-cbc > capabilityID.8 = OID:aes-128-ecb > > > And it should work - my problem is that it is devilishly hard to verify and > see whether this is, in fact, correct. Not to mention there is a complete > lack > of any examples of functional certificates out there that I can find. That, > and there is a notable lack of client programs that will spit out the > contents > of this extension in any sort of form that is useful. > > Can one of the OpenSSL gurus please let me know if I'm on the right path? > Close but you missed the fact that each component is itself a SEQUENCE. Most of the time the parameters will be absent so you can use the SEQWRAP modifier in those cases. S/MIME Capabilities is used in S/MIME messaages so you could use the cms printing options to examine it and compare with your result. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Should "make test" look for certificates in certs?
Hi, After running "make test", I noticed this: The following command should have some OK's and some failures There are definitly a few expired certificates ../util/shlib_wrap.sh ../apps/openssl verify -CApath ../certs ../certs/*.pem Error opening certificate file ../certs/*.pem 26531:error:02001002:system library:fopen:No such file or directory:bss_file.c:356:fop en('../certs/*.pem','r') 26531:error:20074002:BIO routines:FILE_CTRL:system lib:bss_file.c:358: unable to load certificate The test goes on to complete successfully. Is "make test" supposed to do this, or is it supposed to find something in certs? The only thing there is /demo, /expired & a README. Thanks. -John -- John Center Villanova University __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: add extension to an existing (signed) CA certificate
Second, I doubt your organisation is authoritative for the OID arc 1.1.1.1.1 - from what documentation I can find, the 1.1 arc is used for examples, and shouldn't be used in production. You should have your organisation register with IANA to be issued its own correct OID arc (or, I think the French Government maintains an arc under their country arc for organisations and companies in that country). Afnor maintains at least the arc under 1.2.250.1, registration required. I don't know whether 2.16.250 is actually in use. But there is a simpler arc: 1.3.2 followed by the 'siren' or 'siret' number, i.e. an identification of an organisation, no additional registration necessary. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: add extension to an existing (signed) CA certificate
Hello Jehan: On August 24, 2009 10:15:51 am jehan procaccia wrote: > Hello, > > since Firefox 3.5 apparently doesn't accept Root CA self signed > certificate which doesn't contain correct extensions (Basic Constraints: > CA:TRUE) > I wonder how I can add these extensions to my already existing and self > signed Root CA : > http://ca.institut-telecom.fr/pki/IT_MASTER_CA/itrootca.crt > The short answer is - you can't 'ADD' an extension to a signed certificate. What you would have to do is to re-do your key ceremony and re-issue your root certificate, following the process outlined for certificate modification in your CP. > My second level (intermediate; > http://ca.institut-telecom.fr/pki/IT_CA/itca.crt) CA does contain these > extensions: > > X509v3 Basic Constraints: critical > CA:TRUE > X509v3 Key Usage: critical > Certificate Sign, CRL Sign > Netscape Cert Type: > SSL CA, S/MIME CA, Object Signing CA > > And it works fine with them. > > Apparently that was the case of verisign CA back to V1 certificate also .. V1 certificates don't have an extensions section, so this isn't a problem. > So I suspect and hope that I can change, alter, my running root CA > certificate !?, can you tell me how ? As I said above, you can't alter a signed structure - that's why you sign it - to prevent anyone from altering it. The only way to add this extension to your root cert is to re-issue your Root CA certificate (you can use the same private keys, so you wouldn't have to change or re-do any of the other certificates in your trust chain, as long as your Certificate Policy allows this). Then, you just have to re-deploy this new certificate out to all of your relying parties - of course, you would have had to do that if you had been able to alter your existing Root CA certificate, so the process is no different. Now, while you are at it, you may want to fix up a couple of things: First of all, it is generally considered to be ill advised to create a certificatePolicy section in a Root CA. This is in case you ever change the assurance levels / certificate Policy OID that your PKI issues (among other reasons - see RFC3280 and RFC5280). Second, I doubt your organisation is authoritative for the OID arc 1.1.1.1.1 - from what documentation I can find, the 1.1 arc is used for examples, and shouldn't be used in production. You should have your organisation register with IANA to be issued its own correct OID arc (or, I think the French Government maintains an arc under their country arc for organisations and companies in that country). Also, since Root CA Certificates are not revoked by CRL (Please see RFC3280/RFC5280 for trust anchor verification), it is not considered good practice to have CRL DP in the root cert. And, having an AIA that points to itself is simply not that great an idea :) Have fun. -- Patrick Patterson President and Chief PKI Architect, Carillon Information Security Inc. http://www.carillon.ca __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Anonymous DH client
Hi, I'm trying to use openSSL without certificates and authentication through Anonymous Diffie-Hellman key exchange. I have managed to successfully exchange messages between server and client by modifying some of the sample programs available with the source code. The salient features of the modified client and server test programs are: 1) Not loading certificates 2) Loading the DH params in the server by reading dhparams.pem 3) Setting the cipher to ADH-AES128-SHA on both client and server I have a question regarding the DH key exchange - don't we have to load DH params on the client side as well ? What I have been able to gather from online sources on DH key exchange is that 1) Alice and Bob decides on the prime P and generator G 2) Alice decides on a random number X and sends G(power of X) mod P to Bob 3) Bob decides on a random number Y and sends G(power of Y) mod P to Alice 4) Both Bob and Alice can calculate the shared secret on their own In my test program, I did not do anything on the client side to generate the shared key. I would really appreciate if someone can shed some light on how anonymous DH works in OpenSSL. Thanks Ramg
SMIME Capabilities encoding in openssl.cnf
Hello all: I find myself needing to create some test certificates with SMIME Capabilities encoded in them. Now, the ASN.1 prototype for these are: SMIMECapabilities ::= SEQUENCE OF SMIMECapability SMIMECapability ::= SEQUENCE { capabilityID OBJECT IDENTIFIER, parameters ANY DEFINED BY capabilityID OPTIONAL } To me, this means that, in an extensions section of openssl.cnf, I should be able to do something like: [my_cert_extensions] basicConstraints = CA:FALSE keyUsage= critical, keyEncipherment, dataEncipherment SMIME-CAPS = ASN1:SEQUENCE:smime_seq subjectKeyIdentifier= hash authorityKeyIdentifier = keyid,issuer [ smime_seq ] capabilityID.0 = OID:sha1 capabilityID.1 = OID:sha256 capabilityID.2 = OID:sha1WithRSA capabilityID.3 = OID:aes-256-ecb capabilityID.4 = OID:aes-256-cbc capabilityID.5 = OID:aes-256-ofb capabilityID.6 = OID:aes-128-ecb capabilityID.7 = OID:aes-128-cbc capabilityID.8 = OID:aes-128-ecb And it should work - my problem is that it is devilishly hard to verify and see whether this is, in fact, correct. Not to mention there is a complete lack of any examples of functional certificates out there that I can find. That, and there is a notable lack of client programs that will spit out the contents of this extension in any sort of form that is useful. Can one of the OpenSSL gurus please let me know if I'm on the right path? Thanks. -- Patrick Patterson President and Chief PKI Architect, Carillon Information Security Inc. http://www.carillon.ca __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: WSAEWOULDBLOCK versus WSAECONNREFUSED
Md Lazreg wrote: > I do not know why you think my new change allows me to detect soft > failures. The only change I made is to change this: > status = select(m_sock_fd+1, NULL, &WriteSet, NULL, &tv); > to this: > status = select(m_sock_fd+1, NULL, &WriteSet, &ErrorSet, &tv); > Are you saying that for a soft failure, Windows will still put > the socket in the ErrorSet? How is your 'ErrorSet' constructed? And you're asking the wrong question. The question you should ask yourself is -- how can there be a hard error yet the socket not yet be ready for writing? What could I possibly still be waiting for? DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
FIPS OpenSSL compilation error
I am using cygwin on windows xp to compile FIPS Openssl 1.2 using Visual studio 2005. I get the following error after doing ms\do_fips in openssl directory. Am I missing something? SET FIPS_CC=cl SET FIPS_CC_ARGS=/Fotmp32dll\fips_premain.obj -Iinc32 -Itmp32dll /MD /Ox /O2 /Ob2 /W3 /Gs0 /GF /Gy /nologo -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -D_CRT_SECURE_NO_DEPRECATE -D_CRT_NONSTDC_NO_DEPRECATE -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DAES_ASM -DBN_ASM -DOPENSSL_BN_ASM_PART_WORDS -DOPENSSL_BN_ASM_MONT -DMD5_ASM -DSHA1_ASM -DRMD160_ASM -DOPENSSL_USE_APPLINK -I. /Fdout32dll -DOPENSSL_NO_CAMELLIA -DOPENSSL_NO_SEED -DOPENSSL_NO_RC5 -DOPENSSL_NO_MDC2 -DOPENSSL_NO_KRB5 -DOPENSSL_FIPS -DOPENSSL_NO_DYNAMIC_ENGINE -D_WINDLL -c SET PREMAIN_DSO_EXE=out32dll\fips_premain_dso.exe SET FIPS_SHA1_EXE=out32dll\fips_standalone_sha1.exe SET FIPS_TARGET=out32dll\libeay32.dll SET FIPSLIB_D=out32dll perl util\fipslink.pl /nologo /subsystem:console /opt:ref /dll /map /base:0xFB0 /out:out32dll\libeay32.dll /def:ms/LIBEAY32.def @C:\DOCUME~1\PAGGAR~1\LOCALS~1\Temp\nm749.tmp sh: out32dllfips_standalone_sha1.exe: command not found Invalid hash received for file at util\fipslink.pl line 74. NMAKE : fatal error U1077: 'c:\cygwin\bin\perl.EXE' : return code '0x7f' Stop. *** FIPS BUILD FAILURE* ***
Re: WSAEWOULDBLOCK versus WSAECONNREFUSED
I do not know why you think my new change allows me to detect soft failures. The only change I made is to change this: status = select(m_sock_fd+1, NULL, &WriteSet, NULL, &tv); to this: status = select(m_sock_fd+1, NULL, &WriteSet, &ErrorSet, &tv); Are you saying that for a soft failure, Windows will still put the socket in the ErrorSet? Thanks On Mon, Aug 24, 2009 at 8:14 PM, David Schwartz wrote: > > Md Lazreg wrote: > > > It is possible that the previous Windows behavior is correct but that > > is not the behavior I want. > > I think you are incorrect about that. > > > I want the same behavior as UNIX which in my opinion is what my clients > > would want. My clients can connect to a set of servers in a raw, if one > > is not available for whatever reason I want them to move to the next one > > instead of having to wait the whole timeout before trying the next > server. > > I agree. But that's not what your code does now. What your code does is > stops trying the first server. What you want it to do is start trying the > second server. > > Here's probably what you want: > > 1) Start trying to connect to the first server. > > 2) Wait a short amount of time to see if we have a connection. > > 3) If we have a connection, we are done. We succeed. > > 4) If we don't have a connection, add another attempt to another server, if > possible. > > 5) If all connection possibilities have failed, stop. We fail. > > 6) Go to step 2. > > Note that this does not require the change you made, which allows you to > detect soft failures. If you get a soft failure, there is no reason to > abort > the attempt -- it still might succeed. And why would you want to wait 60 > seconds or so if a server is not responding at all if you have another > server you could try? > > > Thanks for your help. > > You're welcome. I'm glad you got it working the way you think you want it. > But I don't think it's working the way you should want it. There is no rush > to abort a connection attempt that might ultimately succeed, no matter how > unlikely. Just don't wait for it -- keep going, and if it fails, no loss. > If > it succeeds later, you still win. > > DS > > > __ > OpenSSL Project http://www.openssl.org > User Support Mailing Listopenssl-users@openssl.org > Automated List Manager majord...@openssl.org >