RE: ECDSA certificate question
Thanks Michael, I tried to invoke SM3 algorithm in command "openssl req -new -key eckey.pem -x509 -sm3 -nodes -days 365 -out cert.csr", unfortunately got the following error: 140320586413888:error:100C508A:elliptic curve routines:pkey_ec_ctrl:invalid digest type:crypto/ec/ec_pmeth.c:331: -Original Message- From: Michael Richardson Sent: Tuesday, September 22, 2020 4:36 PM To: Yan, Bob Cc: openssl-users@openssl.org Subject: Re: ECDSA certificate question Yan, Bob via openssl-users wrote: > Is there a way to generate a ECDSA certificate with SM2 typed public > key and ecdsa-with-SM3 as the signature algorithm in openssl 1.1.1x > version? I don't know the detail with the SM3, part, but have you seen: https://datatracker.ietf.org/doc/html/draft-moskowitz-ecdsa-pki-09 https://github.com/rgmhtt/draft-moskowitz-ecdsa-pki but, 1.1.1 release notes say it supports SM3. I expect you need to tweak something when "openssl req" is run. -- Michael Richardson. o O ( IPv6 IøT consulting ) Sandelman Software Works Inc, Ottawa and Worldwide
RE: [SPAM?] Re: ECDSA Certificate
> and how do I generate an ECDSA certificate? To generate a selfsigned ECDSA cert the same ways you do RSA, except use EC instead of RSA. - use req -new with EC key or -newkey with EC parms and -x509 to generate selfsigned cert directly. - use req -new with key or -newkey to generate CSR, then x509 -req -signkey to create selfsigned cert Set other attributes as appropriate. If you set KeyUsage, it must include digSign to use this cert for ECDHE-ECDSA. (KU for RSA should include digSign or encrypt depending on the suites to be used, but sometimes isn't enforced.) Use a curve supported by the peers you will communicate with. To obtain a CA-signed ECDSA cert the same ways as RSA, except EC instead of RSA, and harder. - generate CSR for EC key as above, for suitable curve - find a CA that issues EC certs, with usage allowing at least digSign=ECDSA. I haven't found any yet. - submit CSR to CA, prove your identity, pay fees. - receive cert and any chain cert(s) from CA. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: ECDSA Certificate
and how do I generate an ECDSA certificate? On 10.08.2014 14:12, Dave Thompson wrote: Both of those are using an RSA certificate; DHE or ECDHE is key-exchange only not authentication. However the servers must configure **parameters** for "temp DH" and "temp ECDH" respectively; do they? I haven't configured none of those ... Is the second server on not-very-recent RedHat or CentOS? Yes, it is a CentOS 6.5 *From:*owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] *On Behalf Of *Walter H. *Sent:* Sunday, August 10, 2014 02:39 *To:* openssl-users@openssl.org *Cc:* Dr. Stephen Henson *Subject:* ECDSA Certificate On 08.08.2014 02:11, Dr. Stephen Henson wrote: Well maybe, maybe not. Just because a ciphersuite is included in the cipherlist doesn't mean it is included or could be selected. For example if you set a ciphersuite which uses ECDSA authentication it wont be selected if the server doesn't include an ECDSA certificate. can you please give an example of an ECDSA certificate, Thanks I'm asking this, because one Web-Server connects with SSL_CIPHER=ECDHE-RSA-AES256-GCM-SHA384 |and one with| |SSL_CIPHER=DHE-RSA-AES256-GCM-SHA384| both with the same client; and both Web-Server (Apache) have this SSLCipherSuite RC4-SHA:RC4-MD5:HIGH:MEDIUM:!ADH:!DSS:!SSLv2:+3DES -- Greetings, Walter -- Mit freundlichen Grüßen, Best regards, Mes salutations distinguées, Ing. Walter Höhlhubmer _/ _/ _/_/ _/ _/ _/_/ Lederergasse 47a/7 _/ _/ _/_/ A-4020 Linz a. d. Donau _/ _/ _/ _/_/_/_/ Austria / EUROPE _/_/_/_/_/ _/_/ _/_/ _/_/ _/_/ [+43 664 951 83 72]_/ _/ _/_/ smime.p7s Description: S/MIME Cryptographic Signature
RE: ECDSA Certificate
Both of those are using an RSA certificate; DHE or ECDHE is key-exchange only not authentication. However the servers must configure *parameters* for "temp DH" and "temp ECDH" respectively; do they? For ECDHE the parameters must use one of the (named) curves specified by the client; openssl client supports all named curves, but other clients like browsers might not. Is the second server on not-very-recent RedHat or CentOS? Until late 2013, RedHat openssl packages disabled all elliptic curve crypto due to what they called legal concerns. Everyone believes this meant the Certicom patents, although I don't think they ever confirmed it. From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Walter H. Sent: Sunday, August 10, 2014 02:39 To: openssl-users@openssl.org Cc: Dr. Stephen Henson Subject: ECDSA Certificate On 08.08.2014 02:11, Dr. Stephen Henson wrote: Well maybe, maybe not. Just because a ciphersuite is included in the cipherlist doesn't mean it is included or could be selected. For example if you set a ciphersuite which uses ECDSA authentication it wont be selected if the server doesn't include an ECDSA certificate. can you please give an example of an ECDSA certificate, Thanks I'm asking this, because one Web-Server connects with SSL_CIPHER=ECDHE-RSA-AES256-GCM-SHA384 and one with SSL_CIPHER=DHE-RSA-AES256-GCM-SHA384 both with the same client; and both Web-Server (Apache) have this SSLCipherSuite RC4-SHA:RC4-MD5:HIGH:MEDIUM:!ADH:!DSS:!SSLv2:+3DES -- Greetings, Walter