Re: Is there a simple implementation of hooking external private key with openssl-3.0 API?

2022-04-11 Thread Alon Bar-Lev
On Mon, Apr 11, 2022 at 11:52 AM Matt Caswell wrote: > > > > On 10/04/2022 19:18, Alon Bar-Lev wrote: > > Hello, > > > > I am trying to migrate to openssl-3.0 API, it seems to be very > > complicated to hook primitive private key usage to a custom functio

Is there a simple implementation of hooking external private key with openssl-3.0 API?

2022-04-10 Thread Alon Bar-Lev
the program here[1]. Regards, Alon Bar-Lev [1] https://github.com/alonbl/openssl-external/blob/master/example.c --- #include #include #include #include #include #include static RSA_METHOD *__example_rsa_method; static int __example_rsa_index; static int __example_rsa_priv_enc(int flen, const

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

2021-02-19 Thread Alon Bar-Lev
Done[1] [1] https://github.com/openssl/openssl/issues/14257 On Fri, Feb 19, 2021 at 11:09 PM Dmitry Belyavsky wrote: > > Would you mind to raise the issue on GitHub with the reproduction? > > On Fri, 19 Feb 2021, 21:44 Alon Bar-Lev, wrote: >> >> Hi, >> >> I

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

2021-02-19 Thread Alon Bar-Lev
are maintaining the crypto/cms/* implementation. Tested [fails] with: OpenSSL_1_1_1-stable master Regards, Alon [1] https://github.com/alonbl/openssl-cms-pss On Fri, Feb 19, 2021 at 10:06 PM Alon Bar-Lev wrote: > > Thanks. > I managed to narrow this, it is not related to pss also

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

2021-02-19 Thread Alon Bar-Lev
t; 3128:d=7 hl=2 l= 4 cons: cont [ 2 ] > > 3130:d=8 hl=2 l= 2 prim: INTEGER :DE > > 3134:d=5 hl=4 l= 256 prim: OCTET STRING [HEX > DUMP]:66C7A406905E0BEF3BE8A55B8BA05915020B6960BDE4700C3C3FB2F115FE5BA60B453EFF39BA37E4D16CA3A86582B3057D05875766BE99C51BC5BEC9CD1AAE3BEC34943160BB06784209F1A3773E07A

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

2021-02-19 Thread Alon Bar-Lev
Thanks! Was about to write... I tested both 1.1 and master branches and result is the same. On Fri, 19 Feb 2021 at 21:04 Thulasi Goriparthi < thulasi.goripar...@gmail.com> wrote: > I am able to reproduce this issue with 1.1.1j too. > > openssl version -a > > OpenSSL 1.1.1j 16 Feb 2021 > >

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

2021-02-18 Thread Alon Bar-Lev
Hello OpenSSL masters, Can someone please try to reproduce the below issue? Thanks, Alon On Sat, 13 Feb 2021 at 23:23 Alon Bar-Lev wrote: > Hello, > > I am trying to resign a CMS using the openssl tool. > > When I use RSA-PKCS1 everything is working fine. > > When I use

Re: openssl cms resign with RSA-PSS corrupts the CMS(?)

2021-02-13 Thread Alon Bar-Lev
On Sat, Feb 13, 2021 at 11:34 PM Quanah Gibson-Mount wrote: > --On Saturday, February 13, 2021 11:23 PM +0200 Alon Bar-Lev > wrote: > > > I prepared a demo[1] to help people reproduce the issue, tested with > > openssl-1.1.1i. > > Maybe <https://github.co

openssl cms resign with RSA-PSS corrupts the CMS(?)

2021-02-13 Thread Alon Bar-Lev
-1.1.1i. The script output pasted below shows that CMS resign without PSS works correctly, while the same sequence with PSS produces a corrupted CMS file. What am I doing wrong? Regards, Alon Bar-Lev [1] https://github.com/alonbl/openssl-cms-pss --- === CMS without PSS