I call these:
d2i_X509()
X509_print_fp()
which calls
pkey_set_type()
EVP_PKEY_asn1_find()
and that call fails.
I've traced the following error down to the rsaOAEP algorithm, which has a
nid of 919. I've included both the openssl and dumpasn1 dump of the
X509
: . . . . . . D7 .
504 3: . . . . . INTEGER 65537
: . . . . . }
: . . . . }
: . . . }
--
Ken Goldman kgold...@us.ibm.com
914-945-2415 (862-2415)
From: Peter Sylvester peter.sylves...@edelweb.fr
To:
Cc: Kenneth Goldman/Watson/IBM@IBMUS
Date: 09/05/2012
I'm 90% deep into parsing an X509 certificate, but I can't find sample
code for the last piece.
I found the extension, and located the ASN1_OBJECT with nid 85, OID
2.5.29.17, the subjectAltName. From the dumpasn output, I see that this
is an octet string of a sequence, etc.
I have to pull
If I shouldn't use GEN_IPADD, what should I use?
The goal is to extract the text value associated with several OIDs.
dumpasn1 says the values are PrintableString.
--
Ken Goldman kgold...@us.ibm.com
914-945-2415 (862-2415)
From: Dr. Stephen Henson st...@openssl.org
To:
I'd suggest as a next step to see if you're using the same public key for
both the Java and openssl verify.
After that, the next step would be, in Java, to do a raw public key
operation and examine the result. That will tell you whether it's the
public key, the padding, the OID, or the hash
The documentation says:
RSA_PKCS1_OAEP_PADDING
EME-OAEP as defined in PKCS #1 v2.0 with SHA-1, MGF1 and an empty encoding
parameter. This mode is recommended for all new applications.
--
Ken Goldman kgold...@us.ibm.com
914-945-2415 (862-2415)
From: Dereck Hurtubise
[EMAIL PROTECTED] wrote on 02/11/2008 10:22:00 AM:
I'm not that good in OpenSSL. How do I create a RSA file if I only
have a modulus and exponent. Programmatically I have set the 2
values with BN_bin2bn(), but how do I save this to a file?
I use PEM_write_RSAPublicKey()
It's interesting that
http://www.openssl.org/docs/crypto/OPENSSL_Applink.html
--
Ken Goldman [EMAIL PROTECTED]
914-784-7646 (863-7646)
[EMAIL PROTECTED] wrote on 02/16/2008 03:17:10 PM:
hello,
I use the functions:
r=RSA_generate_key(bits,e,NULL,NULL)
oFile = fopen(MyKey.txt,w);
if (oFile!=0) {
Is there sample code anywhere for how to construct X509 certificates
programmatically, through the API, not the command line?
The documentation includes the serialization API's, but?
little else.
I assume, since it can be done from the command line, that
the code exists and is just not
I'm having trouble programmatically reading a password protected
.pem file. With the same openssl library, I can read it using the
openssl command line.
Based on the below failure call stack, it seems to be failing getting the
nid for the cipher.
I suspect some compiler or linker option, but
I'd like confirmation that I understand how to free RSA keys.
I create an RSA *key. I then use it to create an EVP_PKEY
using EVP_PKEY_new() and EVP_PKEY_assign_RSA().
Later, want to free everything.
I _think_ that EVP_PKEY_free() will free both the EVP_PKEY and the
RSA objects. Is that
Subject says it: What a good approach to debugging a segfault
in i2d_X509()?
The X509 certificate succeeds when I use X509_sign(). But
when I sign by hand, adding the two signature algorithms,
signing with RSA_Sign(), and adding the signature to
the structure, X509_print_fp() segfaults.
The
Perhaps the problem is that you're reading the public key and
trying to sign. Signing uses a private key.
Try:
PEM_read_RSAPrivateKey()
RSA_sign()
[EMAIL PROTECTED] wrote on 06/27/2008 11:31:42 AM:
Excuse me,
I'm trying, using C, to do a simple sign and verify with RSA public and
private
[EMAIL PROTECTED] wrote on 07/16/2008 10:08:31 AM:
2) using static builds has a benefit: you know exactly what your
application is going to get SSL-wise: you will be sure it is installed
on the target system because you brought it along. The drawback is
that you have to provide your own
[EMAIL PROTECTED] wrote on 07/17/2008 12:16:18 PM:
Has this ever been (in recent history) an issue within a given
release branch?
Ie. has 0.9.8(n+1) ever broken apps that were running ok against 0.9.8n?
0.9.8x is of course not backwards compatible with 0.9.7y, and 0.9.9 will
not
be backwards
In my experience, openssl releases routinely break compatibility.
This occurs for letter as well as number changes.
Compiling against the new version is not enough. You must
link with the same version. Dynamic linking offers a
third possibility for inconsistency.
The symptom I typically see is
The decision in the case of OpenSSL was that 1.x would have a stable API,
permitting shared libraries to be used interchangeably. OpenSSL does not
have a stable API yet, officially.
If that's the rationale, I eagerly await 1.0. The lack of a stable
API has hurt me far too many times. I
The rpm manager will only update if you install through rpm.
1.5 gb sounds absurd for a csr. Perhaps dump the beginning of
it to see if a particular field is incorrect.
[EMAIL PROTECTED] wrote on 09/11/2008 02:34:04 PM:
I am running Red Hat Enterprise 5.2 with OpenSSL 0.9.8h. The
version of
[EMAIL PROTECTED] wrote on 09/17/2008 08:10:09 AM:
I just completed writing my first program using libcrypto to handle
RSA encryption sing a public key extracted from a X509 certificate.
This program communicates with a service created by our parent company.
The first attempts that I made to
In general, I find that openssl routinely breaks backward
compatibility. Even header files are incompatibly - compiling
with one version and linking with another will cause errors.
It would be wonderful to finally get to a version 1.0 which
would freeze the existing API and guarantee backward
What's the linker format when using [gcc / mingw] on Windows?
I am not using cygwin!
I assume I should use the libraries in .../OpenSSL/lib/MinGW,
but maybe not.
I've tried
-leay32
-LC:/program files/openssl/lib/mingw/libeay32.a
and even
copying libeay32.a to libcrypto.a and
-
From: Kenneth Goldman
To: openssl-users@openssl.org
Sent: Monday, March 09, 2009 8:26 PM
Subject: Linking with mingw on Windows
What's the linker format when using [gcc / mingw] on Windows?
I am not using cygwin!
I assume I should use the libraries in .../OpenSSL/lib/MinGW
Assuming it's not a joke, what's the meaning of a 1.0 as opposed to
0.9.something.
My hope is that you'll say the API is frozen and that there's a commitment
not to break backward compatibility in future releases.
--
Ken Goldman kg...@watson.ibm.com
914-784-7646 (863-7646)
I use that function, and it does not remove padding.
1 - How would it even know what is padding and what is your data?
2 - Why do you think it removes the padding? The function does
not return a length.
Here's a really wild guess: Are you perhaps padding your data with
zeros and then
It sounds like the question is how do I lock the client private key,
so the user/attacker can't move it off the office PC?
For the casual user, If you do this, you'll lose your job might work.
For a determined attacker, I can't see how any software-only solution
would work. Consider a hardware
owner-openssl-us...@openssl.org wrote on 09/30/2009 03:27:56 AM:
On Fri, Sep 18, 2009 at 01:59:12PM -0700, musikit wrote:
again works awesome for strings. however we are realizing there are
sometimes we just want a 32 bit int or a 64 bit int encrypted and
nothing
else.
You could just
owner-openssl-us...@openssl.org wrote on 11/26/2009 06:35:42 PM:
Finally, the source code IS the only reliable source of documentation
(assuming you can trust your compiler, OS, and hardware to do the
right thing). It isn't the most CONVENIENT, which is why we desire
other forms.
Two
Between 0.9.8 and 1.0.0, the function rsa_oaep.c:MGF1() was changed to
static.
This breaks backward compatibility. IMHO, the static keyword should be
removed.
(Copying the users mailing list. My hope is that I can gather some
community support for
the importance of backward compatibility.)
Is there any significance to the 1.0.0.value other than it's the next
number after 0.9.9?
(Hoping that someone will answer that openssl will guarantee backward
compatibility
from here on.)
--
Ken Goldman kg...@watson.ibm.com
914-784-7646 (863-7646)
This is an openssl security meta-question.
I notice that the tarballs also include a SHA1 digest. What's the point?
1 - If anyone has authority to update the tarball with a counterfeit, can't
they also update the SHA1.
2 - The web site isn't protected by ssl (ironic). A MIM altering the
owner-openssl-us...@openssl.org wrote on 04/11/2010 01:38:14 PM:
* Kenneth Goldman wrote on Fri, Apr 09, 2010 at 08:12 -0400:
I notice that the tarballs also include a SHA1 digest. What's the
point?
To have a check whether the FTP download was successful to avoid
accidentally using
I have some fairly basic code that is now segfaulting reliably with 1.0.0.
It has worked for years with all 0.9.8 releases.
1 - Did something change that I should know about? Before I compile
openssl for debug and step through it, is there something I should look
for?
2 - The meta-question:
An argument against combining the two DLL's with a custom build
is that your configuration will be different from everyone else.
Whoever maintains your code after you move on will have to learn
your non-standard configuration. More likely, they'll waste
time undoing your strange setup and going
How does one handle a suspend/resume power cycle when using OpenSSL?
Specifically, suppose one is in the middle of a SHA-1 Init/Update/Final
sequence when the suspend signal occurs? What happens to SHA_CTX?
I know I can save and restore SHA_CTX by peering into the structure. I
also know that
It depends what you mean by 'install'.
You can certainly install it under your home directory and use it or link
to it. I often do that when testing with a new version.
If you want to install it in a standard place like e.g. /usr/lib, then you
need rights to write that directory, often root
I'm getting a PEM_write_PUBKEY() segfault. This is existing code that
works
with 0.9.8 with Windows or 1.0.0. with Linux, but fails with 1.0.0. and
Windows.
What's my latent bug?
Here's a small sample that fails:
RSA *rsa = RSA_generate_key(512, 65537, NULL, NULL);
EVP_PKEY *pkey =
owner-openssl-us...@openssl.org wrote on 10/28/2010 03:07:18 AM:
From: Bob Dijck di...@turnhout.tokheim.com
I am trying to implement a signing function in C++ using RSA.
Here’s how I wanted to do this:
- First I calculate the SHA1 hash (not using openssl but another
implementation).
OpenSSL will hang if one asks it to create a key with an illegal (e.g.,
even) public exponent.
Is there a simple test for a legal public exponent?
If not, is there a list of commonly used ones. 3,17,65537, ...
Question:
OPENSSL_VERSION_TEXT is undocumented. Can I count on it being there and
up to date, or is it for internal use only?
Request:
OPENSSL_VERSION_NUMBER varies between a long and an int constant, Could
it please be standardized?
I use the precompiled openssl from
http://www.slproweb.com/products/Win32OpenSSL.html
I typically build with gcc, although I've used Microsoft VC++ in the past.
Perhaps post the linker error. I can send you a link to a sample makefile
if you like.
--
Ken Goldman kg...@watson.ibm.com
I'd try a trousers mailing list as well.
I just compiled trousers and linked with openssl 1.0.0 and it works. But
I didn't try the TPM engine, which I understand to be a layer on top of
trousers.
Did you 'discover' that it doesn't work through documentation or did you
try to link. My
My experience is more probably than yes.
I recall cases where it did not. It's also hard to test, because it might
fail some corner case that you don't use often.
owner-openssl-us...@openssl.org wrote on 05/10/2011 05:12:33 PM:
From: Ken Dreyer ktdre...@ktdreyer.com
To:
owner-openssl-us...@openssl.org wrote on 05/10/2011 06:52:26 PM:
From: Dr. Stephen Henson st...@openssl.org
To: openssl-users@openssl.org
Date: 05/10/2011 06:57 PM
The answer is probably yes but with some caveats.
If the application is well behaved and doesn't rely on undocumented
FYI: I've been using
http://www.openssl.org/docs/crypto/crypto.html
as a starting point for openssl man pages.
Today, I stumbled upon
http://www.openssl.org/docs/crypto/
which is much more complete.
Is there someone I should email to request an update to the publically
visible
I have to extract a binary (unsigned char *) representation of a public
key from an ECDSA openssl key structure. Later, I want to use that binary
to reconstruct an openssl public key structure that I can use to verify a
signature. The curve is fixed - P521.
I don't need any certificates,
owner-openssl-us...@openssl.org wrote on 07/18/2011 09:49:33 AM:
From: Billy Brumley bbrum...@gmail.com
To: openssl-users@openssl.org
Date: 07/18/2011 10:00 AM
Subject: Re: ECDSA public key token to/from binary
Sent by: owner-openssl-us...@openssl.org
Dear Ken,
One way to accomplish
I can create and use an EC_KEY, but I need utilities to write and read it
to a file.
1 - I assume I should use PEM format, like I do for RSA. Correct?
2 - Can someone post the call sequence? There's nothing in the html doc
yet. I see some clues in the openssl source, but I'd prefer not to
Is that possible in general? There's no maximum key size
or signature size, and certificates can have extensions.
I typically read the file size first, then allocate memory, then
read the file.
In general, hard coding a maximum length is used to enable a
buffer overflow attack. :-)
I am doing ECDSA signing and verification of SHA-512 digests.
1.0.0a. I don't know about 0.9.8.
From: Rick Lopes de Souza dragonde...@gmail.com
Does Openssl support ecdsa with sha256 and sha512?
Only above of 1.0.0 ?
I'm getting this error compiling openssl-fips-1.2.3.tar.gz, which seems to
be the latest. It seems to be well known on openssl-dev, but I don't know
what to do about it. Any ideas?
gcc -I.. -I../.. -I../../include -DOPENSSL_THREADS -D_REENTRANT
-DDSO_DLFCN -DHAVE_DLFCN_H -m64 -DL_ENDIAN
...@openssl.org
To: openssl-users@openssl.org
Date: 09/09/2011 09:45 AM
Subject: Re: out range error compiling fips 1.2.3
Sent by: owner-openssl-us...@openssl.org
On Thu, Sep 08, 2011, Kenneth Goldman wrote:
I'm getting this error compiling openssl-fips-1.2.3.tar.gz, which
seems
From: Jakob Bohm jb-open...@wisemo.com
Date: 09/09/2011 05:36 AM
Subject: Re: out range error compiling fips 1.2.3
On 9/8/2011 9:35 PM, Kenneth Goldman wrote:
...
A second question. In researching this error, I saw someone compile
with
./config fipscanisterbuild
That's
I'm trying to compile a 32-bit openssl 1.0.0d on Intel 64-bit Linux RHEL
6.1.
This was the only combination of many I tried that seems to work. Was I
right? Was there a better way?
./Configure linux-generic32 -shared -m32
--
Ken Goldman kg...@watson.ibm.com
914-784-7646 (863-7646)
I have a preinstalled Linux OpenSSL package, where openssl version says
OpenSSL 1.0.0-fips 29 Mar 2010.
I have the development libraries, but ECDSA headers like e.g., ecdsa.h are
missing. In the library, I don't see e.g., EC_KEY_new().
Is this expected? Do I have a fips build? Is ECDSA
A failed signature verification can have many causes. E.g.,
- bad digest
- bad signature
- bad public key
- bad OID
I debug by doing a raw public key operation on the signature. If you see
obvious padding and a good OID, and the digest doesn't match, then you
have to debug why the hash that
I think it's because RSA adds an object identifier (OID) to the hash
before padding and signing. The OID describes the hash algorithm.
ECDSA apparently doesn't do that. I don't know DSA, but perhaps
it's the same.
From: Lucas Martins lucasgm...@gmail.com
To: openssl-users@openssl.org
Date:
Yes, you can verify 'by hand' by doing the raw public key operation,
stripping off the padding and OID (what you call the asn1 formatting),
and then comparing the hashes.
When you say this is what I got from the PIC controller, I assume you
mean the result of applying the public key to the
From: Hasan Rezaul-CHR010 rezaul.ha...@nsn.com
To: openssl-users@openssl.org,
Date: 10/19/2011 12:44 PM
Subject: Openssl version compatibility [0.9.8r vs. 1.0.0e]
Sent by: owner-openssl-us...@openssl.org
We have a bunch of Linux Boxes (Clients) that would run openssl 0.9.8r.
We will
From: Väinö Leppänen narcomaco...@gmail.com
Date: 10/21/2011 03:27 AM
I'm just starting with openssl and public key encryption.
I'm trying to encrypt certain knowledge in a C++ application,
and I already have a working code but functions such as
PEM_read_RSA_PUBKEY
read the public key
When you use public key algorithms:
You encrypt with the recipient's public key and the recipient
decrypts with their private key.
You sign with your private key and the recipient verifies with your
public key.
owner-openssl-us...@openssl.org wrote on 12/28/2011 01:43:17 PM:
From: Ireneusz
From: Magosányi Árpád m...@magwas.rulez.org
To: openssl-users@openssl.org,
Date: 01/18/2012 03:38 AM
Subject: 100 bits of entropy with FIPS/EAL4 certified hw RNG?
1. (yes, I realise that RTFM, but which one?):
The openssl crypto library manual.
How should I/can I seed
100 bits of
From: Scott Wilson excell...@hotmail.com
Date: 01/18/2012 01:52 PM
Does openssl support SHA256?
Yes
If SHA256 is supported, how do I get it to work? Thanks!!
SHA256_Init/Update/Final()
From: Peter Eckersley peter.eckers...@gmail.com
To: openssl-users@openssl.org,
Date: 01/26/2012 04:42 PM
Subject: Separating the digest and signature steps of RSA signing
I have an offline system that needs to compute RSA signatures over
large blobs of data, given only hashes of the data
From: John Hascall j...@iastate.edu
To: openssl-users@openssl.org,
Date: 02/16/2012 09:54 AM
Richard writes:
Well, seeding the PRNG correctly seems not to be a trivial task,
Which is really sad, because you can buy a hardware RNG
for diddly-squat these days, for example
From: Jakob Bohm jb-open...@wisemo.com
Which version of the ANSI Spec, and where did you get a copy?
I have to rely on secondary sources and experience using various
implementations that claim conformance.
I generally refer to Plauger's The Standard C Library, where he quotes
the spec
We have a platform that does not support floating point operations. We
discovered that openssl uses floating point in the random number
generator.
Is there any build or compile time flag that uses an alternative to
floating point?
--
Ken Goldman kgold...@us.ibm.com
914-945-2415 (862-2415)
"openssl-users" wrote on 07/31/2017
09:20:59 AM:
> From: Matt Caswell
> To: openssl-users@openssl.org
> Date: 07/31/2017 09:21 AM
>
> Click "New Issue" on this page:
>
> https://github.com/openssl/openssl/issues
>
> You'll need a github
What is the process for adding a pull request to an openssl branch?
I tried from the web site, selecting 102stable and clicking 'new pull
request'. It uploaded but said "kgoldman wants to merge 4,027 commits
into master from OpenSSL_1_0_2-stable". I wanted to push one patch to
102stable.
> From: Michael Wojcik
> Without picking at the problem files myself, not really. It's
> probably something that will be fairly obvious in retrospect but I'm
> not seeing it from here.
>
> The import libraries (I'm assuming libssl.lib is one as well, on
> your system) basically tell the linker
> From: Viktor Dukhovni
> >
> > In the script, I used this:
> >
> > openssl ec -aes128 -passout pass: -in tmpecprivkeydec.pem
> -out tmpecprivkey.pem
>
> I try to avoid putting sensitive information in command-line arguments.
>
> If you're using "bash" (which has "printf" as a built-in)
> From: vin
> To: openssl-users@openssl.org
> Date: 05/09/2019 01:24 PM
> Subject: Re: Issue in linking Openssl1.1.1b to application
> Sent by: "openssl-users"
>
> Hi Ken
>
> Thanks for the reply.If I am not wrong ,You are asking me to set the path
of
> the dll in set path environment variable
> From: vin
> To: openssl-users@openssl.org
> Date: 05/10/2019 12:44 AM
> Subject: Re: Issue in linking Openssl1.1.1b to application
> Sent by: "openssl-users"
>
> Hi Ken
>
> I am almost struck in registering the built dll to windows 7 32 bit
machine.
>
> Can you provide me the details on which
From: Frederick Gotham
To: openssl-users@openssl.org
Date: 11/07/2019 10:39 AM
Subject:[EXTERNAL] Re: SOLVED: Force use of engine all the time
Sent by:"openssl-users"
Frederick Gotham wrote:
> I don't think any code other than "libcrypto.so" is using the TPM2,
> From: prudvi raj
> To: openssl-users@openssl.org
> Date: 07/10/2020 07:55 AM
> Subject: [EXTERNAL] get data from X509_EXTENSION in openSSL 1.1.1.
> Sent by: "openssl-users"
>
> Hi All,
>
> we are upgrading our codebase to 1.1.1 from 1.0.2k.Here's a code
> snippet causing error :
>
> ext =
> From: shivaramakrishna chakravarthula
>
> Is it possible to compile OpenSSL shared libraries with custom
> names on Linux/ Unix platforms to avoid conflicts with installed
> OpenSSL libraries?
> I have tried to modify the SHLIB_EXT in Configure script but it is
> not working. I am sure it is a
From: Gimhani Uthpala
To: Ken Goldman
Cc: openssl-users@openssl.org
Date: 01/07/2021 05:53 PM
Subject:[EXTERNAL] Re: Random and rare Seg faults at openssl library
level
I only have this 1.0.2.k-fips one version installed in both compiling and
running
> From: "Bhadri Madapusi"
>
> Is there any documentation on which version of openssl are supported
> on PPC LE. I am trying to figure out which version of 1.0.2 source
> and FIPS module to use to compile my nginx with openssl and FIPS. Thank
you.
Not documentation, but my power machines run
> From: openssl-users On Behalf Of
> Blumenthal, Uri - 0553 - MITLL
> Sent: Wednesday, January 5, 2022 6:41 PM
> To: Dr Paul Dale ; openssl-users@openssl.org
> Subject: [EXTERNAL] Re: EVP_PKEY_get_int_param is not getting degree from
> EC key
>
> The problem that I see is that there's a set of
Anyway, I'm trying to encrypt/decrypt using RSA and DES schemes. I've tried
some of the older code examples I could find, but some of the functions weren't
recognized by my header files.
[kgold] You cannot encrypt long streams with RSA. DES is deprecated.
Can anyone help me with this? I
The changes show a jump from 3.0 to 3.2
https://github.com/openssl/openssl/blob/master/CHANGES.md
smime.p7s
Description: S/MIME cryptographic signature
80 matches
Mail list logo