Re: Openssl tarball SHA1 checksum
On Sun April 11 2010, Kenneth Goldman wrote: > owner-openssl-us...@openssl.org wrote on 04/11/2010 01:38:14 PM: > > > * Kenneth Goldman wrote on Fri, Apr 09, 2010 at 08:12 -0400: > > >I notice that the tarballs also include a SHA1 digest. What's the > > >point? > > > > To have a check whether the FTP download was successful to avoid > > accidentally using corrupt files, a file integrity check with a > > checksum is quite common. > > Aha. So it's just a double check on ftp? It's not trying to > protect against an attacker targeting the openssl site or > the download process? The e-mail release notices that I receive (and I suppose everyone else) is cryptographically signed (pgp). That message contains the tarball's size, md5 sum and sha1 sum along with the download name and links. I.E: Those are part of the signed message. That should be enough to give at least a "warm and fuzzy" feeling about the tarball's authenticity. A level of assurance that is probably higher than any assurance that can be made about the results of the build process the sources are then subjected to by the users. Of course, the way to be _certain_ is to _buy_ a copy of the sources from a known and trusted security provider following whatever security protocols that provider has established. Spend enough money and you can probably even get your copy hand delievered by a certified, armed courier on secured media. Mike __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: locate key for p12 certificate
Hi Peter, Patrick, On 2010/04/08 2:10 PM, Patrick Patterson wrote: > Hello Peter: > > > On 08/04/10 3:45 AM, peter23452345 wrote: >> >> hi, i have been trying to create a certificate for use on my webscarab proxy. >> essentially what i want to do is this: run a php curl script which redirects >> certain https traffic though the webscarab proxy so that i can see the >> output from the curl script (php curl doesnt provide visibility into the >> http post string and i need to see this). i have already got this working >> with regular http - but i need https. [snip] > No, you don't need the server's private key to see that web page - you > simply need the public key (the key that is contained in the > certificate) - all the RSA keys are being used for is to authenticate > the server to you. The encryption isn't done using the key, it is done > at the TLS/SSL layer, using a symmetric key negotiated between the > client and the server. If you are curious as to how this works, the RFC > describing the TLS protocol is quite clear. > > In order for you to become an SSL Proxy and impersonate the server, you > need to get the private key from that server. Since you say that the > server is not under your control, this means that you are quite likely > not authorised to impersonate this server by transparently proxying for > it. It is for exactly this reason that people use TLS/SSL :) > > So, the short answer is - until you can convince the administrators of > the server that you are proxying for to hand over their private keys, > what you want to do is not possible. > > Have fun. > > Patrick. In fact, what WebScarab is doing is presenting an invalid certificate to the client, which normally stops and gives the user the option to accept that invalid certificate or abort the request. However, curl as a scripted client doesn't really get the opportunity to query the user. That said, you can instruct curl in advance to ignore certificate errors and warnings using the "-k" flag. $ curl -k Hope this helps. Rogan Dawes WebScarab author __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
ReadTimeout Does not work in OpenSSL C# library
Hi All, I want to managed OpenSSL .net library. But ReadTimeout does seem to work. Connection is getting successful but no exception is coming even after ReadTimeout(ex below has 1sec) expires. sslStream.ReadTimeout = 1000; sslStream.Read(clientReadBuffer, 0, clientReadBuffer.Length); Does anyone has any idea about this issue ? Is it a bug in OpenSSL.net Library ? Is this readtimeout working for anyone ? Swapnil || Hare Krishna Hare Krishna Krishna Krishna Hare Hare || || Hare RamaHare Rama Rama RamaHare Hare ||
Re: Openssl tarball SHA1 checksum
* Kenneth Goldman wrote on Sun, Apr 11, 2010 at 15:36 -0400: > owner-openssl-us...@openssl.org wrote on 04/11/2010 01:38:14 PM: > > * Kenneth Goldman wrote on Fri, Apr 09, 2010 at 08:12 -0400: > > > I notice that the tarballs also include a SHA1 digest. > > > What's the point? > > > > To have a check whether the FTP download was successful to > > avoid accidentally using corrupt files, a file integrity > > check with a checksum is quite common. > > Aha. So it's just a double check on ftp? It's not trying to > protect against an attacker targeting the openssl site or the > download process? (I cannot tell the intention of the checksum, because I don't know the involved processes, but I think it is wrong to take it as authenticity check). I think, to protect against malicious OpenSSL source code you have to retrieve the analyzed and approved version from the security lab you trust and appointed (ensuring authenticity by e.g. cryptographic means) and/or to verify the diff to the last checked version. Otherwise an attack to let's say the CVS server could succeed (if done well, checksum of announcement could even `proof' this malicious modification `authentic', if the attack had been done in a way remaining unnoticed by OpenSSL release process). oki, Steffen About Ingenico: Ingenico is a leading provider of payment solutions, with over 15 million terminals deployed in more than 125 countries. Its 2,850 employees worldwide support retailers, banks and service providers to optimize and secure their electronic payments solutions, develop their offer of services and increase their point of sales revenue. More information on http://www.ingenico.com/. This message may contain confidential and/or privileged information. If you are not the addressee or authorized to receive this for the addressee, you must not use, copy, disclose or take any action based on this message or any information herein. If you have received this message in error, please advise the sender immediately by reply e-mail and delete this message. Thank you for your cooperation. P Please consider the environment before printing this e-mail __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
SSL / Certificates / ... Some confusion
Hi, since a couple of days I try to setup a provider and a consumer over ssl following the documentation in a book [1] an dusing two servers. (Red Hat 5.x, openssl-0.9.8e-12, openldap-2.3.43-3 ) Doing so I was confronted with a lot off different warnings/messages but finaly I got the replication crypted. The final step in the tutorial is to use the saslmech=external but the messages I do get are different from the messages I should get. I noticed and googeled some provider debug info and wanted to ask for some prove or clarification or work around: >From the provider log: TLS certificate verification: Error, unsupported certificate purpose ... TLS trace: SSL3 alert write:warning:bad certificate connection_read(13): unable to get TLS client DN, error=49 id=1 >From a posting from 2006 and the answere from Howard Chu [2] I think I do have the same problem: My consumer server certificate "should be" from the providers view a client certificate. >From the certificate: X509v3 extensions: X509v3 Basic Constraints: CA:FALSE Netscape Cert Type: SSL Server Am I wrong, right, lost, ... Is there a workaround or any step while creating the certificates? Thanks once more and best regards, Götz [1] http://www.galileocomputing.de/katalog/buecher/titel/gp/titelID-1801 [2] http://www.openldap.org/lists/openldap-software/200604/msg00202.html -- Götz Reinicke IT-Koordinator Tel. +49 7141 969 420 Fax +49 7141 969 55 420 E-Mail goetz.reini...@filmakademie.de Filmakademie Baden-Württemberg GmbH Akademiehof 10 71638 Ludwigsburg www.filmakademie.de Eintragung Amtsgericht Stuttgart HRB 205016 Vorsitzende des Aufsichtsrats: Prof. Dr. Claudia Hübner Geschäftsführer: Prof. Thomas Schadt __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Problems with DSA 2048-bit keys
On Sun, 11 Apr 2010 23:29:27 -0400 "Dave Thompson" wrote: > Aside: do you really need this? FIPS 186-3 extended DSA to 2k and 3k, > but SP 800-57 no longer approves classic DSA for USgovt use at all, > even in the new sizes, it switches to ECDSA instead. I probably don't need DSA, I was testing different algorithms and key sizes for client/server interoperability reasons. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Openssl tarball SHA1 checksum
owner-openssl-us...@openssl.org wrote on 04/11/2010 01:38:14 PM: > * Kenneth Goldman wrote on Fri, Apr 09, 2010 at 08:12 -0400: > >I notice that the tarballs also include a SHA1 digest. What's the > >point? > > To have a check whether the FTP download was successful to avoid > accidentally using corrupt files, a file integrity check with a > checksum is quite common. Aha. So it's just a double check on ftp? It's not trying to protect against an attacker targeting the openssl site or the download process?
Re: How to passively obtain the server certificate from a TLS connection
Hello again! I've sent the email below one week ago to this mailing list (OpenSSL), and so far nobody replied... So my guess is that either I've asked a very stupid question, or? (The email was delivered as I've looked over the archives.) Thanks again, Ciprian. On Sun, Apr 4, 2010 at 10:56 PM, Ciprian Dorin, Craciun wrote: > Hello all! > > (I'm a new member of this mailing list, so if the answer to my > question is already somewhere in the archives please point me there.) > (I've done some searching and couldn't find anything useful.) > > In the context of the Perspectives project ( > http://www.cs.cmu.edu/~perspectives ) (the Perspectives developers > mailing list is also put in CC, so please keep them there) I want to > implement an HTTPS proxy server that does the following: > * when it receives the CONNECT request it connects to the > designated target, but, > * it monitors the connection (thus "sniffing" the connection) in > order to obtain the SSL certificate that the server uses; > * it compares the SSL certificate fingerprint to those reported by > the notary servers (part of the Perspectives project infrastructure), > and > * if the fingerprints match I stop "sniffing" the connection and > just continue proxying; > * if the fingerprints don't match I just drop the connection; > > So my problem is the following: how can I extract the SSL > certificate from the connection without reimplementing the TLS > protocol? > > For example I assume that there is a method (which I'm not aware > of and want to find it), in which I just feed the data that comes from > the server to the client (ignoring the other channel of the > connection), into a parser, which at the end will spit out the > certificate (or at least decode the TLS packets as they fly by). > (I bet that there are functions in the openssl library, but it's > hard to spot them in the reference documentation.) > > And a second question (related to security): I guess that there is > no way to trick my proxy by switching to another certificate once the > first one was already sent? For example I guess there is no way in > which the server can re-initiate the TLS handshake (reusing the same > connection) by using another certificate than the one previously sent. > > Thanks for your support, > Ciprian. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
