Re: Getting hostname with openssl library
On 2009.10.19 at 17:40:11 -0400, Victor Duchovni wrote: On Mon, Oct 19, 2009 at 01:34:38PM -0500, William wrote: I am looking for the way to read a certificate from disk in C code and get the hostname (CN) inside that certificate in the C code using the openssl library. Sadly, a rather complex task in general: - The subject DN could contain multiple CN values, what does such a certificate mean? - The certificate may have a subjectAlternativeName extension, that lists a set of hostname values valid for the certificate. There is function X509_get1_email in the Openssl crypto library, which does almost same thing for E-mail addresses as Victor requested for the hostnames. May be looking into source code of this function would be helpful. But it should be noted that there is more than one field type in the GENERAL_NAME, which can hold hostnames. For some applications it would be URI field type, for other may be dnsName. - The certificate CN may be encoded via a multi-byte encoding. This is no problem, It is what ASN1_STRING_to_UTF8 function is for. BTW may someone point me to some document which specifies how IDN should be represented in the certificate - should they be specified in their human-readable form or in the representation used for DNS lookups? - The CN or subjectAltName may contain embedded NUL bytes. You can compare return value of ASN1_STRING_to_UTF8 (which is number of characters in the converted string) with result of strlen on resulting string and if they don't match ring a bell. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL CA and MySQL
On 2009.10.19 at 13:35:32 -0700, John R Pierce wrote: Matthias G?ntert wrote: hello guys is anyone working on a replacement for the text based ca database? It seems the database functions are defined in apps/ca.c and apps/apps.h, at least for version 0.9.8k. wouldn't it be nice if we had something to store the data in a relational db? why? there's nothing 'relational' about certificate stores, they are strictly hierarchical. maybe a simple ISAM like BerkeleyDB for a very large keystore would speed up lookups, I dunno. I would rather disagree. Distinguished name of the certificate is very close to relation in the terms of relational algebra. It contains number of fiels and SQL queries on the combination of these fields can be quite helpful. There are also some other fields such as expiration date, revocation status etc. So, SQL allows to easily express such queries as All the TLS server certificates for organization X which are not expired and not revoked All the certificates of person Y which are going to expire next week __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OpenSSL CA and MySQL
On 2009.10.19 at 21:55:09 +0200, Matthias G?ntert wrote: hello guys is anyone working on a replacement for the text based ca database? It There are such projects as XPKI, which use openssl library to generate certificates and database backend to store them. These projects also provide nice web interfaces both for users and CA operators. OpenSSL is library. openssl utility is more a demo application than production tool. So it is strange to expect it to use something more than plain text files. It is enough for demonstration and development of application. What more to expect from demo app. seems the database functions are defined in apps/ca.c and apps/apps.h, at least for version 0.9.8k. wouldn't it be nice if we had something to store the data in a relational db? is there something already out google couldnt find? From my own experience (I'm running nigtly tests of openssl builds on several dozens of platforms for few years now, and these tests each time requests dozen of certificates from central test CA each run), you can forget about more efficient backend than txtdb functions, used by openssl ca if number of the certificates in the CA database (including revoked and expired) is less than 10. If you are expecting your database to grow over 10 certificates in the reasonable period(which probably means more than 1 people use it) then you should go for XPKI or something simular. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Getting hostname with openssl library
A better question is to match a given hostname against a certificate and determine whether it obeys the https rules. There can be multiple hostnames and wild cards. The code implemented by curl is a complete way to do this. /PS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Problem OpenSSL Server with Java Client
Hi, I want SSL client server communication between OpenSSL Server with Java Client. My OpenSSL Server with OpenSSL Client works, Java Server with Java Client works. But OpenSSL Server with Java Client fails in SSL_accept().gives SSL_ERROR_SSL. I have first created a plain TCP socket, and after getting new fd from accept() I associate it with SSL obj and waiting for handshaking in SSL_accept (), where it fails .. sd = accept(ListenSocket, NULL, NULL); // Connected with TCP ssl = SSL_new (ctx); CHK_NULL(ssl); SSL_set_fd (ssl, sd); printf(waiting for ssl_connect\n); * err = SSL_accept (ssl); // Fails Here. // We call SSL_Connect from OpenSSL Client, in that case it works. What is similar to this in Java?* My Java code Socket sClientSock = new Socket(); sClientSock.connect(socAddress,5000); // Connected with TCP SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(sClientSock,localhost, ,true); //sslsocket.setUseClientMode(true); //sslsocket.startHandshake(); I also tried calling handshaking from java but did't work. Any suggestion about this problem ? Is there any good example related to it ? -- ...Swapnil || Hare Krishna Hare Krishna Krishna Krishna Hare Hare || || Hare RamaHare Rama Rama RamaHare Hare ||
Problem OpenSSL Server with Java Client
Hi, I want SSL client server communication between OpenSSL Server with Java Client. My OpenSSL Server with OpenSSL Client works, Java Server with Java Client works. But OpenSSL Server with Java Client fails in SSL_accept().gives SSL_ERROR_SSL. I have first created a plain TCP socket, and after getting new fd from accept() I associate it with SSL obj and waiting for handshaking in SSL_accept (), where it fails .. sd = accept(ListenSocket, NULL, NULL); // Connected with TCP ssl = SSL_new (ctx); CHK_NULL(ssl); SSL_set_fd (ssl, sd); printf(waiting for ssl_connect\n); * err = SSL_accept (ssl); // Fails Here. // We call SSL_Connect from OpenSSL Client, in that case it works. What is similar to this in Java?* My Java code Socket sClientSock = new Socket(); sClientSock.connect(socAddress,5000); // Connected with TCP SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(sClientSock,localhost, ,true); //sslsocket.setUseClientMode(true); //sslsocket.startHandshake(); I also tried calling handshaking from java but did't work. Any suggestion about this problem ? Is there any good example related to it ? -- ...Swapnil || Hare Krishna Hare Krishna Krishna Krishna Hare Hare || || Hare RamaHare Rama Rama RamaHare Hare ||
How can server accept connection from specific clients only
Dear All, I have written a server client application in which im using self signed ssl certificates .. How can i make sure that only known clients can connect to my server using ssl connection? im creating certificates as below Server Side: === Server Side -- (password used for private key encryption is : serverxyz) openssl genrsa -des3 -out server.pem 1024 openssl req -new -x509 -key server.pem -out cacert.pem -days 1095 cat cacert.pem server.pem mv cacert.pem root.pem openssl dhparam -check -text -5 1024 -out dh1024.pem Client Side --- (password used for private key encryption is : clientxyz) openssl genrsa -des3 -out client.pem 1024 openssl req -new -x509 -key client.pem -out cacert.pem -days 1095 cat cacert.pem client.pem rm -rf cacert.pem openssl s_client -connect my.server.net : my_server_portoutlog .. then type QUIT openssl x509 -inform PEM -in outlog -text -out root.pem Thanks In Advance Deepak
Re: Getting hostname with openssl library
On 2009.10.20 at 10:11:46 +0200, Peter Sylvester wrote: A better question is to match a given hostname against a certificate and determine whether it obeys the https rules. There can be multiple hostnames and wild cards. The code implemented by curl is a complete way to do this. Hmm, license of CURL seems to not have any incompatibilites with OpenSSL license. May be this code should be considered to be moved into openssl library? At least to the set of examples provided with OpenSSL. Better - as API function is libssl with appropriate switch in the s_client utility. So all users of the library can use robust and well tested code. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How can server accept connection from specific clients only
On 2009.10.20 at 16:50:59 +0530, Deepak Mundra wrote: Dear All, ══ I have written a server client application in which im using self signed ssl certificates .. How can i make sure that only known clients can connect to my server using ssl connection? There is three answers to this question. Which is right, depends on what you mean under connect. If connect means be able to interact using some application protocol over SSL, that simple password-protection on the application protocol level is enough. If your clients have your selfsigned certificate (but better to have separate CA and server certificates) in their trusted certificate store, they are sure that they connect to correct server. So, they can trust that their passwords would not be intercepted by some malicious third party. If your protocol doesn't contain means to verify user identity (such as login with password), connect does probably mean be able to successfully complete SSL handshake In this case you should use client certificates. This means that you have to create minimal CA to issue these certificate. You'll distribute certificate of this CA to clients to put in their trusted certificate store. Than clients would generate certificate requests (and keep corresponding secret keys really secret) and you will issue certificates. Of course, server certificate shouldn't be selfsigned. You have CA certificate to sign it with. Then you'll configure your server app to require client certificate. and allow only clients which provide certificate signed by your CA in. (this is done by having separate trusted certificate store for this app, containing only your CA certificate and CRL). Note that you really need CRL check in this setup. Because client can loose his secret key, and you need way to quickly disable ability of thief to log in with stolen key and certificate. Third meaning of connect is able to initiate SSL handshake at all I have seen only one application which have this kind of protection - openvpn. Its authors thinks that SSL handshake is resource consuming and it is possible to launch DoS attact to the server by doing many connects with wrong certificates or passwords, that would fail, but consume some server resources to detect wrong client. So they provide symmetric keys to do MAC authentication on handshake messages. It means that only clients which have this symmetric key can even start TLS handshake. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How can server accept connection from specific clients only
Have you looked at stunnel with verify options 2 or 3? Carter Carter Browne CBCS cbro...@cbcs-usa.com 781-721-2890 Deepak Mundra wrote: Dear All, I have written a server client application in which im using self signed ssl certificates .. How can i make sure that only known clients can connect to my server using ssl connection? im creating certificates as below Server Side: === Server Side -- (password used for private key encryption is : serverxyz) openssl genrsa -des3 -out server.pem 1024 openssl req -new -x509 -key server.pem -out cacert.pem -days 1095 cat cacert.pem server.pem mv cacert.pem root.pem openssl dhparam -check -text -5 1024 -out dh1024.pem Client Side --- (password used for private key encryption is : clientxyz) openssl genrsa -des3 -out client.pem 1024 openssl req -new -x509 -key client.pem -out cacert.pem -days 1095 cat cacert.pem client.pem rm -rf cacert.pem openssl s_client -connect my.server.net http://my.server.net : my_server_portoutlog .. then type QUIT openssl x509 -inform PEM -in outlog -text -out root.pem Thanks In Advance Deepak __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
OCSP Crashes - What's wrong?
Hello. I am trying to set up an ocsp server. I have following line: openssl ocsp -index codesign_intermediate/index.txt -url http://www.myhost.com:/codesign/ -rsigner root_ca/certs/cacert.crt -rkey root_ca/private/privkey.pem -CA root_ca/certs/cacert.crt -text -out codesign_intermediate/ocsp.txt When I start the bash script, I get following line: Waiting for OCSP client connections... Ok, then I tried to open the ocsp connection (to test if it's answering) using web-sniffer.net. A HTTP-200 response with 5 bytes arrive. (Of course, this isn't a valid ocsp request). Anyway, OpenSSL crashed now and says: Invalid request The OCSP-Daemon is stopped! (A second request isn't possible!) I tried to start the daemon again, but now I get 18758:error:02006062:system library:bind:Address already in use:b_sock.c:685:port='' 18758:error:20069075:BIO routines:BIO_get_accept_socket:unable to bind socket:b_sock.c:687: I cannot use this port a second time. My questions are: 1) What am I doing wrong? Why is the daemon terminating just because of this request? 2) Why is the port blocked now? How can I undo it? 3) How do I have to process when I have a Root-CA and a Intermediate-CA and both should use OCSP? Should both get different ports? 4) How can I add the OCSP URL to the root and intermediate certificates (I use the subprograms req + ca) Regards Daniel Marschall __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OCSP Crashes - What's wrong?
On Tue, Oct 20, 2009, Daniel Marschall wrote: Hello. I am trying to set up an ocsp server. I have following line: openssl ocsp -index codesign_intermediate/index.txt -url http://www.myhost.com:/codesign/ -rsigner root_ca/certs/cacert.crt -rkey root_ca/private/privkey.pem -CA root_ca/certs/cacert.crt -text -out codesign_intermediate/ocsp.txt When I start the bash script, I get following line: Waiting for OCSP client connections... Ok, then I tried to open the ocsp connection (to test if it's answering) using web-sniffer.net. A HTTP-200 response with 5 bytes arrive. (Of course, this isn't a valid ocsp request). Anyway, OpenSSL crashed now and says: Invalid request The OCSP-Daemon is stopped! (A second request isn't possible!) I tried to start the daemon again, but now I get 18758:error:02006062:system library:bind:Address already in use:b_sock.c:685:port='' 18758:error:20069075:BIO routines:BIO_get_accept_socket:unable to bind socket:b_sock.c:687: I cannot use this port a second time. My questions are: 1) What am I doing wrong? Why is the daemon terminating just because of this request? If you don't want it to exist on errors then -ignore_err will do the trick. Your main problem is expecting the OCSP test application to work as a proper responder. It isn't designed for that and will give awful performance. It is rather better if used as a CGI script from a webserver. 2) Why is the port blocked now? How can I undo it? Wait a while, this is fairly standard behaviour on some OSes. 3) How do I have to process when I have a Root-CA and a Intermediate-CA and both should use OCSP? Should both get different ports? A more sophisticated responder could switch to an appropriate CA based on the actual requests. That simple test application has a fixed responder certificate. 4) How can I add the OCSP URL to the root and intermediate certificates (I use the subprograms req + ca) http://www.openssl.org/docs/apps/x509v3_config.html#Authority_Info_Access_ Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
OCSP Crashes - What's wrong?
Hello. I am trying to set up an ocsp server. I have following line: openssl ocsp -index codesign_intermediate/index.txt -url http://www.myhost.com:/codesign/ -rsigner root_ca/certs/cacert.crt -rkey root_ca/private/privkey.pem -CA root_ca/certs/cacert.crt -text -out codesign_intermediate/ocsp.txt When I start the bash script, I get following line: Waiting for OCSP client connections... Ok, then I tried to open the ocsp connection (to test if it's answering) using web-sniffer.net. A HTTP-200 response with 5 bytes arrive. (Of course, this isn't a valid ocsp request). Anyway, OpenSSL crashed now and says: Invalid request The OCSP-Daemon is stopped! (A second request isn't possible!) I tried to start the daemon again, but now I get 18758:error:02006062:system library:bind:Address already in use:b_sock.c:685:port='' 18758:error:20069075:BIO routines:BIO_get_accept_socket:unable to bind socket:b_sock.c:687: I cannot use this port a second time. My questions are: 1) What am I doing wrong? Why is the daemon terminating just because of this request? 2) Why is the port blocked now? How can I undo it? 3) How do I have to process when I have a Root-CA and a Intermediate-CA and both should use OCSP? Should both get different ports? 4) How can I add the OCSP URL to the root and intermediate certificates (I use the subprograms req + ca) Regards Daniel Marschall
Re: Getting hostname with openssl library
On Tue, Oct 20, 2009 at 10:11:46AM +0200, Peter Sylvester wrote: A better question is to match a given hostname against a certificate and determine whether it obeys the https rules. There can be multiple hostnames and wild cards. The code implemented by curl is a complete way to do this. This code only handles the NUL byte issue in the latest 7.19.6 release, so don't copy the code from earlier versions. It does not support subjectAltName extensions. Otherwise, it is indeed essentially what is required. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Getting hostname with openssl library
It does not support subjectAltName extensions. SubjectAltName extension is supported since an eternity, more than 5 years ??? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Getting hostname with openssl library
On Tue, Oct 20, 2009 at 05:46:56PM +0200, Peter Sylvester wrote: It does not support subjectAltName extensions. SubjectAltName extension is supported since an eternity, more than 5 years ??? Oops, sorry, you are right, I failed to notice the code that does this just above the CN code. So, indeed this looks fairly complete, provided one is using the latest version. -- Viktor. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Generating sect163k1 key pairs
I have been trying to generate keys for a ECDSA system that uses a sect163k1 key pair. In generating some of the key sets, I notice that the printed length of the keys differ when using the -text command option. Since openssl is displaying a 163 bits in a byte-wise display, I am trying to figure out where the padding bits are applied? For example: ~$ sudo openssl ecparam -genkey -name sect163k1 -out testkey1.pem ~$ sudo openssl ec -text -in testkey1.pem read EC key Private-Key: (163 bit) priv: 00:c4:5c:43:a9:17:57:89:ff:e8:fe:f9:d6:b0:d4: 52:fc:d4:6b:71:98 pub: 04:01:9c:db:21:d7:49:17:cd:c4:93:56:13:e4:07: c2:af:1b:43:70:a3:b9:03:f1:26:f8:7b:1d:02:69: 21:39:cf:d5:28:ee:3b:44:3c:c5:64:7c:aa ASN1 OID: sect163k1 writing EC key -BEGIN EC PRIVATE KEY- MFICAQEEFMRcQ6kXV4n/6P751rDUUvzUa3GYoAcGBSuBBAABoS4DLAAEAZzbIddJ F83Ek1YT5AfCrxtDcKO5A/Em+HsdAmkhOc/VKO47RDzFZHyq -END EC PRIVATE KEY- ~$ sudo openssl ecparam -genkey -name sect163k1 -out testkey2.pem ~$ sudo openssl ec -text -in testkey2.pem read EC key Private-Key: (163 bit) priv: 65:06:db:ea:88:38:0d:50:37:9e:3a:92:77:15:ca: 3c:76:d0:00:12 pub: 04:07:7d:dd:c1:89:12:75:42:d6:9e:06:79:24:e1: 8b:4a:49:df:57:ac:e2:04:95:a1:2f:b9:dc:a7:8c: 5f:c3:18:a5:a7:9c:fc:9d:be:7f:e6:d7:4e ASN1 OID: sect163k1 writing EC key -BEGIN EC PRIVATE KEY- MFICAQEEFGUG2+qIOA1QN546kncVyjx20AASoAcGBSuBBAABoS4DLAAEB33dwYkS dULWngZ5JOGLSknfV6ziBJWhL7ncp4xfwxilp5z8nb5/5tdO -END EC PRIVATE KEY- The two private keys are described in a different number of bytes. Since the 2nd generated private key is shown in 20 bytes i.e. 160 bits, is it assumed that the MS 3 bits are 0? How is the public key partitioned? Where are the padding bits added in this display? Thanks Doug Bailey __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: OCSP Crashes - What's wrong?
Hello Steve. Dr. Stephen Henson schrieb: On Tue, Oct 20, 2009, Daniel Marschall wrote: Hello. I am trying to set up an ocsp server. I have following line: openssl ocsp -index codesign_intermediate/index.txt -url http://www.myhost.com:/codesign/ -rsigner root_ca/certs/cacert.crt -rkey root_ca/private/privkey.pem -CA root_ca/certs/cacert.crt -text -out codesign_intermediate/ocsp.txt When I start the bash script, I get following line: Waiting for OCSP client connections... Ok, then I tried to open the ocsp connection (to test if it's answering) using web-sniffer.net. A HTTP-200 response with 5 bytes arrive. (Of course, this isn't a valid ocsp request). Anyway, OpenSSL crashed now and says: Invalid request The OCSP-Daemon is stopped! (A second request isn't possible!) I tried to start the daemon again, but now I get 18758:error:02006062:system library:bind:Address already in use:b_sock.c:685:port='' 18758:error:20069075:BIO routines:BIO_get_accept_socket:unable to bind socket:b_sock.c:687: I cannot use this port a second time. My questions are: 1) What am I doing wrong? Why is the daemon terminating just because of this request? If you don't want it to exist on errors then -ignore_err will do the trick. Thank you very much. It works. Your main problem is expecting the OCSP test application to work as a proper responder. It isn't designed for that and will give awful performance. I am trying to make a very small CA with full features. I only want to manage the certificates of 5 developers, so I don't mind performance or frontend features. This CA I'm planning should work at Debian Etch-n-Half without any enforced/unstable packages (so I don't want to compile+install e.g. a better solution like OpenCA or OpenXPKI). It is rather better if used as a CGI script from a webserver. Do you know a finished solution of a CGI script (prefer PHP) which will do the OCSP parsing for me or do I have to write it completely by my own? 2) Why is the port blocked now? How can I undo it? Wait a while, this is fairly standard behaviour on some OSes. Ok, now it works again. 3) How do I have to process when I have a Root-CA and a Intermediate-CA and both should use OCSP? Should both get different ports? A more sophisticated responder could switch to an appropriate CA based on the actual requests. That simple test application has a fixed responder certificate. So, would it be better if I make 2 ports for my 2 CAs? e.g. = root-ca and 8889 = intermediate-ca? (Mh... it would be more nice if there would be something like http://www.example.com/ocsp/root/ and http://www.example.com/ocsp/intermediate/, but then 2 ocsp servers plus Apache would use port 80 at the same time...) 4) How can I add the OCSP URL to the root and intermediate certificates (I use the subprograms req + ca) http://www.openssl.org/docs/apps/x509v3_config.html#Authority_Info_Access_ Thank you. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Generating sect163k1 key pairs
Hi Doug, I am trying to figure out where the padding bits are applied? ... The two private keys are described in a different number of bytes. Since the 2nd generated private key is shown in 20 bytes i.e. 160 bits, is it assumed that the MS 3 bits are 0? The public key, also known as the public element, is a point Q(x, y) on the curve of order R. R is the order of the subgroup generator G, where G is a point called the Base Point. The private key, also known as the private exponent, x, is an integer such that Q = xG. Q = xG is similar to RSA's e*d mod n === 1. It's the trap door function - easy to compute one way, hard to compute the other way. All this means is that x, Q_x, and Q_y don't have to be 163 bits. We'd expect them to be slightly less (since this is a finite field), but not too much less since there is a relationship between R, the points on the curve (U), and the cofactor (S). The relationship is U = R * S, and the cofactor (S) is kept small so that subgroup order (R) is large. A fellow named Marcel Martin wrote a really nice Curve and Parameter generator. According to Marcel, the program correctly counts points on the curve (which can be tricky business). For Marcel's Elliptic Curve Builder (ECB), see http://www.ellipsa.eu/. For a small Curve and Domain Parameter writeup, see http://www.cryptopp.com/wiki/Elliptic_Curve_Builder. Jeff On Tue, Oct 20, 2009 at 3:36 PM, Doug Bailey dbai...@digium.com wrote: I have been trying to generate keys for a ECDSA system that uses a sect163k1 key pair. In generating some of the key sets, I notice that the printed length of the keys differ when using the -text command option. Since openssl is displaying a 163 bits in a byte-wise display, I am trying to figure out where the padding bits are applied? For example: ~$ sudo openssl ecparam -genkey -name sect163k1 -out testkey1.pem ~$ sudo openssl ec -text -in testkey1.pem read EC key Private-Key: (163 bit) priv: 00:c4:5c:43:a9:17:57:89:ff:e8:fe:f9:d6:b0:d4: 52:fc:d4:6b:71:98 pub: 04:01:9c:db:21:d7:49:17:cd:c4:93:56:13:e4:07: c2:af:1b:43:70:a3:b9:03:f1:26:f8:7b:1d:02:69: 21:39:cf:d5:28:ee:3b:44:3c:c5:64:7c:aa ASN1 OID: sect163k1 writing EC key -BEGIN EC PRIVATE KEY- MFICAQEEFMRcQ6kXV4n/6P751rDUUvzUa3GYoAcGBSuBBAABoS4DLAAEAZzbIddJ F83Ek1YT5AfCrxtDcKO5A/Em+HsdAmkhOc/VKO47RDzFZHyq -END EC PRIVATE KEY- ~$ sudo openssl ecparam -genkey -name sect163k1 -out testkey2.pem ~$ sudo openssl ec -text -in testkey2.pem read EC key Private-Key: (163 bit) priv: 65:06:db:ea:88:38:0d:50:37:9e:3a:92:77:15:ca: 3c:76:d0:00:12 pub: 04:07:7d:dd:c1:89:12:75:42:d6:9e:06:79:24:e1: 8b:4a:49:df:57:ac:e2:04:95:a1:2f:b9:dc:a7:8c: 5f:c3:18:a5:a7:9c:fc:9d:be:7f:e6:d7:4e ASN1 OID: sect163k1 writing EC key -BEGIN EC PRIVATE KEY- MFICAQEEFGUG2+qIOA1QN546kncVyjx20AASoAcGBSuBBAABoS4DLAAEB33dwYkS dULWngZ5JOGLSknfV6ziBJWhL7ncp4xfwxilp5z8nb5/5tdO -END EC PRIVATE KEY- The two private keys are described in a different number of bytes. Since the 2nd generated private key is shown in 20 bytes i.e. 160 bits, is it assumed that the MS 3 bits are 0? How is the public key partitioned? Where are the padding bits added in this display? Thanks Doug Bailey __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Problem OpenSSL Server with Java Client
From: owner-openssl-us...@openssl.org On Behalf Of swapnil kamble Sent: Tuesday, 20 October, 2009 05:47 (This is almost certainly a -users questions, not -dev.) I want SSL client server communication between OpenSSL Server with Java Client. My OpenSSL Server with OpenSSL Client works, Java Server with Java Client works. But OpenSSL Server with Java Client fails in SSL_accept().gives SSL_ERROR_SSL. I have first created a plain TCP socket, and after getting new fd from accept() I associate it with SSL obj and waiting for handshaking in SSL_accept (), where it fails .. sd = accept(ListenSocket, NULL, NULL); // Connected with TCP ssl = SSL_new (ctx); CHK_NULL(ssl); SSL_set_fd (ssl, sd); printf(waiting for ssl_connect\n); err = SSL_accept (ssl); // Fails Here. Note: that printf is misleading. After you get SSL_ERROR_SSL (always) either: - call ERR_get_error() to get the specific error code (an unsigned long) and display it, preferably with the explanation from ERR_error_string() (assuming you have loaded appropriate error strings, most easily by doing SSL_load_error_strings() once at startup), and repeat until 0 - or, if you have a suitable C FILE* (typically stderr) just call ERR_print_errors(), which does the above for you // We call SSL_Connect from OpenSSL Client, in that case it works. What is similar to this in Java? My Java code Socket sClientSock = new Socket(); sClientSock.connect(socAddress,5000); // Connected with TCP SSLSocketFactory sslsocketfactory = (SSLSocketFactory) SSLSocketFactory.getDefault(); SSLSocket sslsocket = (SSLSocket) sslsocketfactory.createSocket(sClientSock,localhost, ,true); Note: no need to do these separately; the inherited-from-SocketFactory createSocket (hostname,port) or (hostaddr,port) will return in one step a Socket that is an SSLSocket (more precisely an implementation of SSLSocket, down under sun.net.something) connected to that hostport and ready to handshake. Unless you are (deliberately?) cheating on the servername to be verified. Do you have an exception handler around this, and the handshake or first comms, that displays at least e.getMessage() (I prefer all of e.toString())? If so, what does it show? (If not, why not?) My first guess would be verification. Your Java client uses the default trustmanager and truststore; do you have these configured and how, and does the result include the CA for your server's certificate (which if selfsigned is the server cert itself)? Is your OpenSSL client set to verify the server? The default is no. AFAICS Java client SSLSocket verification can't be turned off directly, though you can enable (and then force selection of) anonymous-DH suites which have no cert to be verified. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: OCSP Crashes - What's wrong?
From: owner-openssl-us...@openssl.org Dr. Stephen Henson Sent: Tuesday, 20 October, 2009 09:15 On Tue, Oct 20, 2009, Daniel Marschall wrote: 18758:error:02006062:system library:bind:Address already in use:b_sock.c:685:port='' 18758:error:20069075:BIO routines:BIO_get_accept_socket:unable to bind socket:b_sock.c:687: 2) Why is the port blocked now? How can I undo it? Wait a while, this is fairly standard behaviour on some OSes. Usually one to five minutes. This is a TCP feature(?) dating back to the days of 1200-baud phone lines with frequent error bursts and numerous hops through congested minicomputer routers, when the 'maximum diameter' of the Internet could be pretty large. You can usually see them as TIME_WAIT in netstat or similar. Or use setsockopt(,,SO_REUSEADDR,1,). In this case using BIO it appears to me to be BIO_ctrl(,BIO_C_SET_BIND_MODE,) 1 or 2. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: How can server accept connection from specific clients only
Deepak Mundra wrote: I have written a server client application in which im using self signed ssl certificates .. How can i make sure that only known clients can connect to my server using ssl connection? Simply define *precisely* what you mean by known clients and test for that. If a connection doesn't meet your precise criteria for a known client, break the connection. If you don't know what you mean by known client then you need to do some thinking about what your application is trying to do. The typical way this is done is as follows: 1) The client verifies that it has reached the server it intended to reach by verifying the server's certificate. 2) Since the client knows it has a secure connection to the intended server, it can send a username, password, and other simple authentication information. 3) The server determines if it should talk to this client or what permissions it should give it based on the validity of the information sent in step 2. This mechanism may or may not be appropriate for your solution. It depends on whether known client means one that knows a valid username/password combination for this server. If it means something else, the solution is something else. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org