Re: FIPS in 1.0.1 windows 7 64 bit compile / link problems

2012-07-02 Thread Dr. Stephen Henson
On Mon, Jul 02, 2012, Dirk Menstermann wrote: Hello Sergio, I use openssl-1.0.1c (and a daily snaphost) and openssl-fips-2.0.1. Which combination are you using and which target (debug?) do you build? Will the function FIPS_corrupt_aes be exported and is the include file fips.h available?

Re: [openssl-users] Padding used by the ca command

2012-07-02 Thread Dr. Stephen Henson
On Mon, Jul 02, 2012, Erwann Abalea wrote: Bonjour, Le 02/07/2012 16:05, Mathias Tausig a écrit : Which padding method does openssl use, when I sign a certificate with the 'ca' command (using an RSA key)? RSA PKCS#1v1.5 Is there a way to change it? I don't think so. In openssl

Re: rand in Windows

2012-07-06 Thread Dr. Stephen Henson
On Thu, Jul 05, 2012, John wrote: Thomas J. Hruska shineli...@shininglightpro.com wrote in message news:4ff658d9.2010...@shininglightpro.com... On 7/5/2012 8:07 PM, John wrote: Hello. I have OpenSSL-Win64 version 1.0.1c installed on 64-bit Win7. I am trying to use it to create a

Re: Sign public key without having CSR or private key?

2012-07-07 Thread Dr. Stephen Henson
On Sat, Jul 07, 2012, pro...@secure-mail.biz wrote: Hello, is it possible to sign a foreign SSL public key without having CSR/private key? Background: Because the public root CA's failed at least twice (DigiNotar, Comodo), I'd like to pin a SSL certificate from a website I have no

Re: How can I use OpenSSL to store symmetric encryption keys in PKCS#12 file?

2012-07-09 Thread Dr. Stephen Henson
On Mon, Jul 09, 2012, MauMau wrote: Hello, Please let me ask you for information and ideas about how to use OpenSSL effectively to implement encryption for data storage. I'm designing an encryption feature for a certain kind of data management system. I want to implement the

Re: How to know which curve to use for which cipher

2012-07-10 Thread Dr. Stephen Henson
On Tue, Jul 10, 2012, Wim Lewis wrote: (I think this is more appropriate for openssl-users than -dev, so I'm responding to that list.) On 10 Jul 2012, at 8:59 AM, Sirshendu Rakshit wrote: My questions are: 1) Is this a good way to know the EC_KEY using the curve-name Or there is

Re: FIPS: Incore fingerprint check fails on Android?

2012-07-18 Thread Dr. Stephen Henson
On Wed, Jul 18, 2012, Aunt Jomamma wrote: Sorry if this is duplicate, but I had an issue with the mailer, and not sure if this went... I have successfully built openssl-fips-2.0 + openssl-1.0.1c for Android using ndk-r8.   I am doing cross-compile on Mac OSX. However, I cannot pass

Re: FIPS: Incore fingerprint check fails on Android?

2012-07-18 Thread Dr. Stephen Henson
On Wed, Jul 18, 2012, AJ wrote: Its my application producing the error. I've been reading more... perhaps I need to get Android build to link via fipsld to get the valid fingerprint? Does this sound right? Any tips? How are you linking your application? If it is to the OpenSSL shared

Re: FIPS: Incore fingerprint check fails on Android?

2012-07-18 Thread Dr. Stephen Henson
On Wed, Jul 18, 2012, AJ wrote: This explains it -- thank you -- I was using a static library -- so I would need to use fipsld, if I continue to use static.   However, knowing this, I wanted to try with shared OpenSSL library instead, but my build fails on multiple definition errors. The

Re: create certificate request programmatically using OpenSSL API

2012-07-20 Thread Dr. Stephen Henson
On Fri, Jul 20, 2012, Abyss Lingvo wrote: Hi all!  How to create certificate request programmatically via OpenSSL API? This is the solution for command line utility:  openssl genrsa -out server_key.pem -passout pass:$passwd -des3 1024 openssl req -new -key server_key.pem

Re: FIPS 2.0: fipsld on cross-compile

2012-07-20 Thread Dr. Stephen Henson
On Fri, Jul 20, 2012, AJ wrote: 1) I am cross-compiling a static FIPS enabled OpenSSL library for Android (using Linux host). I have generated the libssl.a and lib crypto.a. I am trying to use the fipsld tool, as documented in Sec 5.3.1  in the User Guide. However, I am running into

Re: FIPS 2.0: fipsld on cross-compile

2012-07-20 Thread Dr. Stephen Henson
On Fri, Jul 20, 2012, AJ wrote: OK, that worked -- built my library using fipsld.  However, on running, I am STILL getting fingerprint validation failure when calling FIPS_mode_set(1). 1552985864:error:2D06B06F:FIPS routines:FIPS_check_incore_fingerprint:fingerprint does not

Re: FIPS 2.0: fipsld on cross-compile

2012-07-23 Thread Dr. Stephen Henson
On Sun, Jul 22, 2012, AJ wrote: Hi Steve, Thanks for all the help -- I think I've things sorted out now. Here are some of the issues I've had cross-compiling for Android.  Just some feedback -- maybe they'll help someone running into the same. 1) Building as shared libraries is

Re: X509 Certificate : Need help to retrieve Extended Key Usage filed from the certificate

2012-07-25 Thread Dr. Stephen Henson
On Wed, Jul 25, 2012, Puneet Khunteta wrote: Hello, I am an user of openssl library. I am seeking for a method to get the Extended Key Usage field from the X509 certificate . I will be grateful if you can provide me a sample code in c. You can retrieve a structure representing any

Re: fingerprint does not match on FIPS_mode_set when FIPS + openssl is dynamically linked into build

2012-07-26 Thread Dr. Stephen Henson
On Wed, Jul 25, 2012, Cassie Helms wrote: Hi folks, I have dynamically linked a FIPS capable OpenSSL library (libcrypto.so and libssl.so) into my product's build, but still get a fingerprint does not match error when I call FIPS_mode_set(1). This is using a validated copy of FIPS 2.0

Re: Blowfish and key length

2012-07-26 Thread Dr. Stephen Henson
On Thu, Jul 26, 2012, Cristiano Toninato wrote: This simple test program should print always the same result, but with openSSL 0.9.8o and gcc 4.5.2 output is From http://www.schneier.com/code/vectors.txt, cipher bytes should be 51866FD5B85ECB8A Test BF_ecb_encrypt(): 51866FD5B85ECB8A Test

Re: Help with client certificates

2012-07-26 Thread Dr. Stephen Henson
On Wed, Jul 25, 2012, Fili, Tom wrote: I'm trying to setup my application to allow for the use of client certificates. I am using the capi engine to pull from the Windows store. I setup my ssl connection and it works fine if I set the correct certificate using SSL_CTX_use_certificate_ASN1

Re: Tls1.2 Problem with client certificate and RSA_verify

2012-07-27 Thread Dr. Stephen Henson
On Fri, Jul 27, 2012, Albers, Thorsten wrote: Hi, I have a problem with the openssl s_server (v1.0.1c) when requesting a client certificate. I'm developing my own TLS 1.2 implementation (for embedded platforms), and I'm stuck with a problem with using the client certificate. I already

Re: fingerprint does not match on FIPS_mode_set when FIPS + openssl is dynamically linked into build

2012-07-27 Thread Dr. Stephen Henson
On Fri, Jul 27, 2012, Cassie Helms wrote: Cassie Helms cassie.helms@... writes: Built fips_algvs on build system and scp'd to target system as suggested. Hmm. I incorporated building fips_algvs into my build system and ran it from the rpm install on the target machine. I get

Re: X509 Certificate : Need help to retrieve Extended Key Usage filed from the certificate

2012-07-27 Thread Dr. Stephen Henson
On Fri, Jul 27, 2012, Puneet Khunteta wrote: any Update ? regards, Puneet On Thu, Jul 26, 2012 at 4:27 PM, Puneet Khunteta khunteta.pun...@gmail.comwrote: Hello Stephen, On using the suggestion provided by you , got the following output snippet It shows extusage-data Empty.

Re: fingerprint does not match on FIPS_mode_set when FIPS + openssl is dynamically linked into build

2012-07-28 Thread Dr. Stephen Henson
On Fri, Jul 27, 2012, Cassie Helms wrote: Dr. Stephen Henson steve@... writes: Integrity test started ERROR:2D06B06F:lib=45,func=107,reason=111:file=fips.c:line=229 Integrity test Failed Incorrectly!! Well that error indicates the fingerprint error

Re: OpenSSL 1.0.0g-fips download link.

2012-07-28 Thread Dr. Stephen Henson
On Sat, Jul 28, 2012, Tayade, Nilesh wrote: Hi, Could someone please point me to the link where I can download OpenSSL-1.0.0g-fips? On http://www.openssl.org/source/, I see only OpenSSL-1.0.0g. To get '-fips' do I need to apply any patch? There has never been an official 1.0.0*-fips

Re: FIPS Mode and Default DRBG (OpenSSL 1.0.x and FIPS 2.0 Module)

2012-07-29 Thread Dr. Stephen Henson
On Sat, Jul 28, 2012, Jeffrey Walton wrote: Hi All, According to the FIPS 2.0 User Guide (Default DRBG, page 64): A special DRBG instance called the default DRBG is used to map the DRBG to the RAND interface. Unfortunately, the documentation (both the Security Policy and User Guide) does

Re: Padding check failed and program crash with SIGABRT.

2012-07-29 Thread Dr. Stephen Henson
On Sat, Jul 28, 2012, Tayade, Nilesh wrote: Hi, I have developed the utility to decrypt the packets coming on wire. I take the server private key and go on decrypting packets which are received through the .pcap file. But the utility is crashing in decrypting a trace file (Please see

Re: Tls1.2 Problem with client certificate and RSA_verify

2012-07-30 Thread Dr. Stephen Henson
On Mon, Jul 30, 2012, Albers, Thorsten wrote: Thanks Steve! Unfortunately your hint couldn't help me. I know that in TLS 1.2 the hash and signature algorithms can be chosen during the handshake. I chose to use Sha256 with RSA for the signature, and therefore adding the corresponding algorithm

Re: strange results after setting utf8 -subj in openssl ca command

2012-07-30 Thread Dr. Stephen Henson
On Sun, Jul 29, 2012, Dave Thompson wrote: Note that X.509 certs (and ASN.1 generally) don't actually support UTF8. They support several 1-byte codes (some now obsolete), BMPString which is 2-byte UCS-2, and UniversalString which is 4-byte UCS-4. I believe OpenSSL selects the smallest of

Re: SSL compression

2012-07-31 Thread Dr. Stephen Henson
On Tue, Jul 31, 2012, Sebastian Raymond wrote: Hello, I have written a SSL client program to talk with SSL server. I have a linux machine and Openssl 1.0.0e is installed with zlib enabled. That means, deflate compression method is supported. I want to transfer the data without

Re: SSL compression

2012-07-31 Thread Dr. Stephen Henson
On Tue, Jul 31, 2012, Sebastian Raymond wrote: Yes, I am calling it before SSL_new(); SSL_CTX_set_options(ctx,SSL_OP_NO_COMPRESSION); SSL *ssl = SSL_new(ctx); Is your application linked to an older version of OpenSSL? If that isn't it you could try running it under a debugger

Re: How to find correct issuer certificate in multi-level hierarchy?

2012-08-02 Thread Dr. Stephen Henson
On Thu, Aug 02, 2012, Ashok C wrote: Hi, Is there a way in which I can determine the correct issuer certificate of an issued certificate(either intermediate CA or end entity) based on comparing immediate pair alone. Eg: My hierarchy is like this: Root Intermediate CA 1 Intermediate

Re: command line hmac with key in hex

2012-08-02 Thread Dr. Stephen Henson
On Thu, Aug 02, 2012, MITSUNARI Shigeo wrote: Hi, I tried to use openssl command to generate an HMAC with a key contains '\0', but failed. openssl dgst -sha1 -hmac `cat key-file` input-file I'm happy if dgst command supports binary format like enc command. So I appended -hmachex key in

Re: how to use diffrent certificate chain for every client in my SSL server (API)

2012-08-03 Thread Dr. Stephen Henson
On Fri, Aug 03, 2012, Saurabh Pandya wrote: Hi all, I am using server certificate X problematically with following API for each SSL * session. X is dynamically generated for each client, when its CA(s) as always same. SSL_use_certificate(this_ssl, X); It works fine when there

Re: OpenSSL pipe

2012-08-03 Thread Dr. Stephen Henson
On Fri, Aug 03, 2012, Jakob Bohm wrote: On 8/3/2012 10:32 AM, Maciej Pawlus wrote: Hi, I need to sign mobileconfig file before sending it to the iOS device. For this I want to call openssl as a separate process. However I do not want to operate on physical files, as it requires a lot of

Re: ECDSA testing with s_client/s_server

2012-08-03 Thread Dr. Stephen Henson
On Fri, Aug 03, 2012, Erik Tkal wrote: I debugged this to see what is happening, and it seems that the server is looking at the configured certificate and key and deciding that the client needs to be sending 0xFF01 (it is finding NID_X9_62_prime_field as the field type). However, the

Re: ECDSA testing with s_client/s_server

2012-08-03 Thread Dr. Stephen Henson
On Fri, Aug 03, 2012, Erik Tkal wrote: Hi Steve, here's the cert: Certificate: Data: Version: 3 (0x2) Serial Number: 34474 (0x86aa) Signature Algorithm: ecdsa-with-SHA256 Issuer: CN=eRoot1, OU=Engineering, O=Juniper Networks, Inc., L=Westford, ST=MA,

Re: suite B crypto in what version?

2012-08-06 Thread Dr. Stephen Henson
On Mon, Aug 06, 2012, Jakob Bohm wrote: Much (maybe all, I don't know) of suite B is probable in OpenSSL 1.0.1 too, but I don't have an algorithm by algorithm breakdown of inclusion status, others on this list probably have such a list. All the required suite B algorithms are supported

Re: suite B crypto in what version?

2012-08-07 Thread Dr. Stephen Henson
On Tue, Aug 07, 2012, Jeffrey Walton wrote: Hi Doctor Henson, On Mon, Aug 6, 2012 at 11:33 AM, Dr. Stephen Henson st...@openssl.org wrote: On Mon, Aug 06, 2012, Jakob Bohm wrote: Much (maybe all, I don't know) of suite B is probable in OpenSSL 1.0.1 too, but I don't have

Re: FIPS self-test failing on iOS platform

2012-08-07 Thread Dr. Stephen Henson
On Fri, Aug 03, 2012, Daniel Tekel wrote: Hello OpenSSL community, I'm trying to work with FIPS-mode enabled OpenSSL library (version 2.0.1) on iOS platform, but unfortunately every time I try to enable FIPS mode (via FIPS_module_mode_set), few self-tests fail. Specifically these:

Re: Size of ephemeral DH keys

2012-08-14 Thread Dr. Stephen Henson
On Tue, Aug 14, 2012, no_spam...@yahoo.com wrote: Is there a correlation between the strength (size) of the asymmetric keys used to do the authentication and the strength (size) of the ephemeral DH keys generated/used to protect the session key (during the key exchange)? On first glance, in

Re: [openssl-users] OpenSSL OCSP

2012-08-14 Thread Dr. Stephen Henson
On Tue, Aug 14, 2012, adrien pisarz wrote: For information, the index file is written by parsing a CRL file but I don't want to write into this file all the valid certificates as an enrolment be done and my index file may not be synchronized. I have an other question, why the engine

Re: X509 certificate algorithm

2012-08-16 Thread Dr. Stephen Henson
On Thu, Aug 16, 2012, Kenneth Goldman wrote: I call these: d2i_X509() X509_print_fp() which calls pkey_set_type() EVP_PKEY_asn1_find() and that call fails. I've traced the following error down to the rsaOAEP algorithm, which has a nid of 919. I've

Re: RSA OAEP with sha256

2012-08-16 Thread Dr. Stephen Henson
On Thu, Aug 16, 2012, Martin Kaiser wrote: Dear all, I'd like to encrypt some bytes using RSA OAEP with MGF1. Both OAEP and MGF1 should use sha256 instead of the default sha1. Does openssl support this at all? I tried something along the lines of size_t outlen; int ret;

Re: Unregister an index registered with RSA_get_ex_new_index

2012-08-16 Thread Dr. Stephen Henson
On Thu, Aug 16, 2012, Felipe Blauth wrote: Dear all, Im writing an OpenSSL engine and I have some internal data to manage via ex_data functions. What I've been doing so far is using RSA_get_ex_new_index(0, NULL, NULL, NULL, my free function), at the initialization of the engine to

Re: openssl bug database?

2012-08-17 Thread Dr. Stephen Henson
On Fri, Aug 17, 2012, Cassie Helms wrote: I want to make sure I don't potentially report openssl bugs that someone else has already reported. Is there a database of open openssl bugs that I haven't seen the link to, somewhere? See: http://www.openssl.org/support/faq.html#BUILD16 and

Re: Unregister an index registered with RSA_get_ex_new_index

2012-08-17 Thread Dr. Stephen Henson
On Fri, Aug 17, 2012, Felipe Blauth wrote: I see. I've digged a little bit more in the built-in engines and found out that this is the way some of them are implemented. I guess there's no way to to the same for ECDSA_METHOD tough, since there's no finish function pointer on that... There

Re: Easy way to turn on gdb symbols (and just gdb symbols?)

2012-08-17 Thread Dr. Stephen Henson
On Fri, Aug 17, 2012, Cassie Helms wrote: I'm seeing odd failures in the MD4/MD4_Init functions and I can't debug them with gdb because I can't see what the source is doing. Maybe I should add that I've verified that FIPS_mode is turned on right before my failing MD4 calls (think

Re: Easy way to turn on gdb symbols (and just gdb symbols?)

2012-08-17 Thread Dr. Stephen Henson
On Fri, Aug 17, 2012, Cassie Helms wrote: Maybe I should add that I've verified that FIPS_mode is turned on right before my failing MD4 calls (think OpenSSLDie()), and I didn't do anything special to compile or turn on the MD4 algorithm.could that be where I'm missing a step?

Re: Free returned pointer from OBJ_nid2obj() ?

2012-08-17 Thread Dr. Stephen Henson
On Fri, Aug 17, 2012, Eric Fowler wrote: Must a client free the pointer returned from OBJ_nid2obj() ? I assume the pointer references data in some internal table and is not free()'d. But I want to be sure ... man page is no help on this. An application doesn't have to no. However it is

Re: How tell OpenSSL to prompt?

2012-08-18 Thread Dr. Stephen Henson
On Sat, Aug 18, 2012, Charles Mills wrote: This is probably the world's most basic question but I can't find the answer. I have the following in my OpenSSL config file: snip [ usr_cert ] snip subjectAltName = @alt_names snip [ alt_names ]

Re: How tell OpenSSL to prompt?

2012-08-20 Thread Dr. Stephen Henson
On Mon, Aug 20, 2012, Charles Mills wrote: http://www.openssl.org/docs/apps/config.html Okay, thanks, I had seen that. I thought there must be more. Did you run openssl.exe from the same command prompt where you typed the SET commands? Absolutely. It is in fact a .BAT file. The

Re: Compiling for debug

2012-08-20 Thread Dr. Stephen Henson
On Mon, Aug 20, 2012, Ken Goldman wrote: I'm trying to compile openssl for: Linux, 32-bit on a 64-bit machine, shared libraries, and debug. The closest I found was: ./Configure linux-elf -m32 -shared -g but this still does -O3, and the optimizer doesn't work well with the source

Re: Using variable length Blowfish key with command line

2012-08-22 Thread Dr. Stephen Henson
On Tue, Aug 21, 2012, Nathan McCrina wrote: On 08/21/12 23:04, Dave Thompson wrote: From: owner-openssl-us...@openssl.org On Behalf Of Nathan McCrina Sent: Tuesday, 21 August, 2012 21:31 Not in commandline; in library it's fine. See http://marc.info/?l=openssl-usersm=134463726501144w=2

Re: Deadlock in multi-threaded OpenSSL FIPS 2.0

2012-08-22 Thread Dr. Stephen Henson
On Wed, Aug 22, 2012, Seiichi Tatsukawa wrote: We are seeing the deadlock in FIPS 2.0. (1.0.1c + fips-2.0 and using AES256-SHA256 if that matters.) DRBG's auto reseeding (after 2^24 operations) causes it. Here is the simplified backtrace. fips_drbg_bytes()

Re: confusion with defination of SSL_CIPHER struct

2012-08-23 Thread Dr. Stephen Henson
On Thu, Aug 23, 2012, Saurabh Pandya wrote: I found following definition of SSL_CIPHER in openssl code typedef struct ssl_cipher_st { int valid; const char *name; /* text name */ unsigned long id; /* id, 4 bytes, first is version

Re: Generation ECDHE parameters

2012-08-23 Thread Dr. Stephen Henson
On Wed, Aug 22, 2012, Varma Dantuluri wrote: Hi We are in the process of adding support for ECDSA-ECDHE cipher suites and hence ECDSA certificates to our server. Right now, the server does the following: 1) Assign the ECDSA certificate to the SSL_CTX. 2) Set the callback for ECDH

Re: openssl smime verify fails in ASN1_CHECK_TLEN but asn1parse is ok?

2012-08-27 Thread Dr. Stephen Henson
On Mon, Aug 27, 2012, GWu wrote: Hello, I'm trying to verify an email signature using openssl. I've saved the complete mail to a file named mail.eml, then I'm using openssl to verify: openssl smime -inform SMIME -CAfile all.pem -verify -in mail.eml which gives an error:

Re: openssl smime verify fails in ASN1_CHECK_TLEN but asn1parse is ok?

2012-08-27 Thread Dr. Stephen Henson
On Mon, Aug 27, 2012, GWu wrote: On Mon, Aug 27, 2012 at 9:27 PM, Dr. Stephen Henson wrote: On Mon, Aug 27, 2012, GWu wrote: [...] openssl smime -inform SMIME -CAfile all.pem -verify -in mail.eml which gives an error: [...] It sounds like the signature is malformed. That wouldn't

Re: openssl smime verify fails in ASN1_CHECK_TLEN but asn1parse is ok?

2012-08-28 Thread Dr. Stephen Henson
On Tue, Aug 28, 2012, GWu wrote: On Mon, Aug 27, 2012 at 10:50 PM, Dr. Stephen Henson wrote: On Mon, Aug 27, 2012, GWu wrote: The email is available at http://www.buergerkarte.at/mvnforum/mvnforum/viewthread_thread,272#1180 (German language forum, but the email - or it's significant

Re: openssl smime verify fails in ASN1_CHECK_TLEN but asn1parse is ok?

2012-08-28 Thread Dr. Stephen Henson
On Tue, Aug 28, 2012, GWu wrote: Great, thanks a lot. I've been able to reproduce this on the erroneous messages as well, and a correctly signed message gives for example openssl rsautl -verify -certin -inkey s.pem -in sig.der -asn1parse 0:d=0 hl=2 l= 33 cons: SEQUENCE 2:d=1

Re: EVP_CIPHER_CTX_set_key_length and EVP_CIPHER_key_length

2012-08-28 Thread Dr. Stephen Henson
On Tue, Aug 28, 2012, la...@angry-red-pla.net wrote: Hi all I created a shared key based on a DH exchange and want to use that key with a symmetric encryption algorithm. This key has a length of 16 Bytes (128 bit). Here is what I do to initialize AES: char *key,*iv; // DH exchange

Re: RFC 6066 - Maximum Fragment Length

2012-08-31 Thread Dr. Stephen Henson
On Fri, Aug 31, 2012, Hankyaku wrote: Dear All, I've got another question regarding the contents of 1.0.1c. I didn't really find the references to what RFC specs are implemented in the new version (not many RFC references in changelogs and docs at all). I was wondering if Maximum

Re: SSL_CTX_set_default_verify_paths and Windows?

2012-09-01 Thread Dr. Stephen Henson
On Fri, Aug 31, 2012, Dave Thompson wrote: like a scifi movie monster feeding on nuclear bomb radiation. There is definitely an engine for MS CAPI, and I thought I had heard mention that the engine interface was adding at least some truststore function. But looking in 1.0.1c I don't see any

Re: asn1 parsing tutorial

2012-09-04 Thread Dr. Stephen Henson
On Tue, Sep 04, 2012, Ken Goldman wrote: Use case: I have to parse a non-standard X.509 certificate that openssl cannot handle at a higher level. I think I have to parse at a low level and pull out the data I need. Is this the OAEP certificate issue? It should be possible to retrieve

Re: Parsing X509 certificate subjectAltName

2012-09-11 Thread Dr. Stephen Henson
On Tue, Sep 11, 2012, Charles Mills wrote: { case GEN_DNS: case GEN_URI: case GEN_IPADD:

Re: Parsing X509 certificate subjectAltName

2012-09-12 Thread Dr. Stephen Henson
On Wed, Sep 12, 2012, Kenneth Goldman wrote: If I shouldn't use GEN_IPADD, what should I use? The goal is to extract the text value associated with several OIDs. dumpasn1 says the values are PrintableString. You check each value of the returned GENERAL_NAMES structure until you find the

Re: fipscanister.o: file not recognized

2012-09-13 Thread Dr. Stephen Henson
On Fri, Sep 14, 2012, TJ wrote: On 7 September 2012 23:54, Steve Marquess marqu...@opensslfoundation.com wrote: On 09/07/2012 12:24 AM, TJ wrote: I'm doing a cross platform FIPS build (FIPSv2.0.1 with OpenSSL 1.01c). ./Configure no-asm no-hw linux-generic32 make -j1 -C openssl-fips

Re: openssl s_client: SSL handshake has read 0 bytes and written and no peer certificate available

2012-09-19 Thread Dr. Stephen Henson
On Wed, Sep 19, 2012, Jochen Hayek wrote: Until recently this worked for me (and it still does on a different platform with *older* versions of everything), but now it breaks: $ curl --verbose --insecure 'https://banking.postbank.de/rai/login' * About to connect()

Re: openssl1.0.1b SSLv2 connection between s_server and s_client

2012-09-21 Thread Dr. Stephen Henson
On Fri, Sep 21, 2012, YUN GAO wrote: Hi there: I got a problem for upgrading openssl from 0.9.8l to 1.0.1b. Now I can repro the problem using s_server and s_client: openssl s_server -ssl2 -cert ssl_server.pem -WWW -CAfile cafile.pem openssl s_client -connect localhost:4433 -no_ssl3

Re: openssl1.0.1b SSLv2 connection between s_server and s_client

2012-09-23 Thread Dr. Stephen Henson
On Mon, Sep 24, 2012, YUN GAO wrote: Thanks for the explanation, As i mentioned in my email, the following situation does works: openssl s_server -ssl2 -cert ssl_server.pem -WWW -CAfile cafile.pem openssl s_client -connect localhost:4433 -ssl2 -debug Does it mean that -ssl2 is not using

Re: openssl FIPS 2.0 - EVP_MD_CTX initialization

2012-09-25 Thread Dr. Stephen Henson
On Tue, Sep 25, 2012, blaan...@rockwellcollins.com wrote: I've been using openssl-fips for a couple of years. I'm looking to upgrade to 2.0 because of the slow (~10 seconds) integrity check on my platforms when using version 1.2 when I call FIPS_mode_set(). I've got the FIPS canister

Re: X509 V1 intermediate CA vs end-entity

2012-09-25 Thread Dr. Stephen Henson
On Tue, Sep 25, 2012, sanjaya joshi wrote: We can conclude an X509 V1 certificate to be a root ca using (EXFLAG_V1|EXFLAG_SS). Similarly, is there a way to know whether an X509 V1 certificate is an intermediate CA or end-entity certificate ? You can't: there is nothing in a V1

Re: error iin x509v3.h compiled with visual studio

2012-09-25 Thread Dr. Stephen Henson
On Tue, Sep 25, 2012, david preetham wrote: am trying to build wpa_supplicant which is referencing openssl header file x509v3.h on Visual studio 2005. while i am building compiler hitting x509v3.h header file and finding hell lot of errors. Can anybody please help me.

Re: openssl FIPS 2.0 - EVP_MD_CTX initialization

2012-09-26 Thread Dr. Stephen Henson
On Tue, Sep 25, 2012, blaan...@rockwellcollins.com wrote: After further investigation, the FIPS private headers (for instance, fipssyms.h) are definitely being installed when I do make install in the openssl-fips-2.0.1 directory. Then those headers are being used by my openssl build,

Re: libs version are 1.0.0 after compiling openssl 1.0.1c

2012-09-26 Thread Dr. Stephen Henson
On Tue, Sep 25, 2012, Thakur, Praveen Kumar wrote: I don't see any issue if .so files extension is 1.0.0. However, I wanted to confirm that is this a defect with 1.0.1 release? Or am I missing something. The 1.0.1 release should be binary compatible with 1.0.0, any discrepancies should be

Re: enc command sometimes fail to encrypt (XTS) or decrypt (GCM)

2012-09-26 Thread Dr. Stephen Henson
On Wed, Sep 26, 2012, Michel wrote: Hello, I am using the the OpenSSL enc command to encrypt and decrypt a test file. When using AES-GCM mode, I can encrypt but cannot decrypt the result. Even though I succeed with all other modes. Example is as follow : openssl enc -e -a -aes-128-gcm

Re: Invalid certificate handling

2012-09-28 Thread Dr. Stephen Henson
On Fri, Sep 28, 2012, YUN GAO wrote: Hi there: I found a different behavior between 0.9.8l and 1.0.1b, it happens when s_server using an invalid certificate, and s_client requires a verification of server certificate. The invalid certificate has an incorrect signature length, and its name

Re: Cert issue with 64 bit build on Windows

2012-09-28 Thread Dr. Stephen Henson
On Fri, Sep 28, 2012, James Swift wrote: Hi, I have also posted this issue in the OpenSSL mailing list but it occurs down in the OpenSSL libraries and this is probably the place to ask. This issue doesn't occur in a 32 bit compile of OpenSSL 1.0.1c (with libcurl 7.27.0) but does when

Re: TLS 1.2 client authentication

2012-10-01 Thread Dr. Stephen Henson
On Mon, Oct 01, 2012, Thulasi wrote: Hello all, I've a problem with TLS 1.2 client authentication where client has 512-bit RSA key and certificate and signature hash is of sha512. This is reproducible with openssl-1.0.1c and many prior versions which support TLS 1.2 client authentication.

Re: Cert issue with 64 bit build on Windows

2012-10-01 Thread Dr. Stephen Henson
On Mon, Oct 01, 2012, James Swift wrote: Try running the OpenSSL tests using: nmake -f ms\ntdll.mak test rsa_test PKCS #1 v1.5 encryption/decryption ok OAEP decryption (test vector data) failed! PKCS #1 v1.5 encryption/decryption ok OAEP decryption (test vector data) failed! PKCS #1

Re: Error thrown by s3_pkt.c when connecting via flash sockets with socket.io over SSL

2012-10-01 Thread Dr. Stephen Henson
On Fri, Sep 28, 2012, Justin Meltzer wrote: Hello everyone, My company is running into a problem which has been causing us a lot of strife. We're using socket.io to connect a cross-domain client to our node.js server over flash sockets using SSL encryption. Unfortunately, one of the

Re: s_client signature_algorithm extension

2012-10-02 Thread Dr. Stephen Henson
On Mon, Oct 01, 2012, Abhiram Shandilya wrote: Is there a way to add a specific signature_algorithm extension when using s_client to connect to an SSL server? Why does s_client negotiate ECDH-RSA-AES128-SHA256 when I use the cipher ECDH-ECDSA-AES128-SHA256? Is this because they are equivalent

Re: Non-Blocking and ENGINE

2012-10-04 Thread Dr. Stephen Henson
On Tue, Oct 02, 2012, Dirk Menstermann wrote: Hello list, is there a way to use ENGINEs in a non-blocking way - meaning for a network operation (remote HSM) the thread can do something else instead of waiting for the IO operation to complete? No there is no way to do that at present.

Re: how to extract O= and OU= from a subject cert

2012-10-04 Thread Dr. Stephen Henson
On Wed, Oct 03, 2012, mclellan, dave wrote: We know how to extract the subject and issuer from a cert sent by a peer. Can anyone point out where we get started to look into how to extract the Organization and organizationalUnit attributes? It's not obvious from the API definitions and

Re: CN 64 chars

2012-10-09 Thread Dr. Stephen Henson
On Tue, Oct 09, 2012, Juan Angel Martin Gomez [AC Camerfirma] wrote: Hello, I’m trying to make a CSR with a CN that has more than 64 chars I know that the upper bound is 64 chars, but I can see in the RFC 5280 this note: -- Note - upper bounds on string types, such as

Re: CN 64 chars

2012-10-09 Thread Dr. Stephen Henson
On Wed, Oct 10, 2012, Dr. Stephen Henson wrote: On Tue, Oct 09, 2012, Juan Angel Martin Gomez [AC Camerfirma] wrote: Hello, I’m trying to make a CSR with a CN that has more than 64 chars I know that the upper bound is 64 chars, but I can see in the RFC 5280

Re: PKCS7 open and extract signature

2012-10-11 Thread Dr. Stephen Henson
On Thu, Oct 11, 2012, redpath wrote: I have a PKCS7 file with signature in the envelope. What API function can I use to open the PKCS7 to extract the signature data and length and then verify the message digest? The verify is shown below assuming I got the signature data and length.

Re: OpenSSL cert authority with no database

2012-10-11 Thread Dr. Stephen Henson
On Thu, Oct 11, 2012, Derek Cole wrote: Hello, Is there a way to sign certificates with your own CA, and NOT have to use a database file to keep track of them? For development purposes, I end up creating the same cert multiple times, and trying to sign it which will cause me to get the

Re: id-aes256-GCM command line encrypt+decrypt fail

2012-10-12 Thread Dr. Stephen Henson
On Fri, Oct 12, 2012, Michel wrote: I am guessing that 'special handling' is linked to the 'no additional authentication data' issue discussed in : http://incog-izick.blogspot.fr/2011_08_01_archive.html It's to do with the fact that additional parameters are required with GCM and how the

Re: FIPS seed_pid issue

2012-10-12 Thread Dr. Stephen Henson
On Fri, Oct 12, 2012, Kumar Ghanta wrote: Hi, Earlier versions of openssl-fips (versions 1.1.2 etc) have the following checks in the fips_rand.c. It looks this check is being removed in the later versions. I just want to know whether we need this check in earlier versions as per the NIST

Re: PKCS7 open and extract signature

2012-10-12 Thread Dr. Stephen Henson
On Fri, Oct 12, 2012, redpath wrote: Tried to find documentation and examples ( which includes searching the forum) for using a PKCS7 standard in context to what I am trying to do for best practices when using a signature to verify a document received. Basically I have a document file

Re: top 10 mistakes when using libopenssl?

2012-10-14 Thread Dr. Stephen Henson
On Sat, Oct 13, 2012, Ken Goldman wrote: On 10/10/2012 8:08 PM, Kyle Hamilton wrote: Suggestions from my experience: If you include the library, #1 for novices has to be: 1 - Using strlen() to get the length of encrypted data. I'd add... Forgetting to call OpenSSL_add_all_algorithms

Re: top 10 mistakes when using libopenssl?

2012-10-15 Thread Dr. Stephen Henson
On Mon, Oct 15, 2012, Charles Mills wrote: Oh-oh. I'm not calling OpenSSL_add_all_algorithms() or anything real similar. I call SSL_library_init() and SSL_load_error_strings() and set up the Locking callback but that's it. SSL_library_init() counts as similar to

Re: Inconsistent behavior between FIPS and non-FIPS AES

2012-10-16 Thread Dr. Stephen Henson
On Tue, Oct 16, 2012, AJ wrote: Any other comments on the actual issue here? I don't believe the inconsistency is the expected way the API should work. It's a bug. The fix was applied to non-validated versions of OpenSSL but was too late to be included in the last validation. Steve. -- Dr

Re: FIPS seed_pid issue

2012-10-16 Thread Dr. Stephen Henson
On Sun, Oct 14, 2012, Kumar Ghanta wrote: Thank you very much for the quick response Stephen. Is it fine if we allow parent and child processes to share the same seed? I just want to know if there are any NIST restrictions. If possible, can you please elaborate on how does openssl takes care

Re: SP 800-90 DRNGs

2012-10-23 Thread Dr. Stephen Henson
On Wed, Oct 24, 2012, TJ wrote: Can somebody please confirm that the SP 800-90 DRNGs are only included with the FIPS module? I removed the FIPS module from our product since we are doing our own validation, but apparently we require SP 800-90 DRNGs for validation. Are the SP 800-90 DRNGs

Re: Creating X509 certificate subject alt name in C

2012-10-26 Thread Dr. Stephen Henson
On Thu, Oct 25, 2012, Ken Goldman wrote: I've managed to parse the odd X509 certificate I received. Now I have to create one. It should look like the below. X509v3 extensions: X509v3 Subject Alternative Name: critical

Re: PEM_read_PrivateKey

2012-10-29 Thread Dr. Stephen Henson
On Mon, Oct 29, 2012, Gerardo Ganis wrote: Dear OpenSSL Users, Could someone confirm that when loading private keys in memory using PEM_read_PrivateKey EVP_PKEY *evpp = PEM_read_PrivateKey(fk, 0, 0, 0); the full key is filled in, i.e. evpp points to a complete

Re: RES: PEM_read_PrivateKey

2012-10-30 Thread Dr. Stephen Henson
On Tue, Oct 30, 2012, Leonardo Laface de Almeida wrote: Hi, The code for my project example is attached. The error code is as well. The error remains. For generating Key, the callback is called. For getting Private Key, the callback is not called. What's wrong here? I really

Re: libpcap working with openSSL sockets

2012-10-31 Thread Dr. Stephen Henson
On Wed, Oct 31, 2012, Dave Thompson wrote: I meant to make that any _nonstatic_ [EC]DH (i.e. ephemeral with authentication, or anonymous without). OpenSSL doesn't implement static DH at all, and I've never seen anyone use static ECDH. Actually OpenSSL does now implement static DH but

Re: ECDH-RSA and TLS 1.2

2012-11-01 Thread Dr. Stephen Henson
On Thu, Nov 01, 2012, Abhiram Shandilya wrote: I ran openssl s_server with an ECC certificate signed by an RSA Root CA. When I try to connect using s_client and a TLS 1.2 ECDH-RSA cipher suite (eg ECDH-RSA-AES128-SHA256 or ECDH-RSA-AES128-GCM-SHA256), the connection fails with s_server

Re: ECDH-RSA and TLS 1.2

2012-11-01 Thread Dr. Stephen Henson
On Fri, Nov 02, 2012, Abhiram Shandilya wrote: Hi Steve, Thanks for your response. I'm just trying to figure out what it takes to get this working - are you of the opinion that an SSL server should not support TLS 1.2 ECDH-RSA cipher suites? Could you also mention why? Well one reason is

  1   2   3   4   5   6   7   8   9   10   >