Re: Re: Sign public key without having CSR or private key?
noloa...@gmail.com wrote: You pin a certificate by whitelisting expected server certificates (possibly thumbprints). How to do that? There's usually no need to sign another's key or certificate (I've never done it that way, and never seen it done that way). A little more background... Stories like the diginotar compromise [1] may happen again, anytime. I am developing an anonymous operating system [2]. We use wget to download Tor Browser from torproject.org and to access check.torproject.org. (Not available over secure apt.) Wget does offer ca pinning, but does not support certificate pinning [3]. So my original question was how do I get wget to verify the torproject.org fingerprint [4] without depending on root CA's? The only possible solution I saw was downloading the torproject.org SSL public key, run a local CA, sign the certificate and run wget with the --ca-certificate switch. That's why I posted the question Sign public key without having CSR or private key? here. If there are any suggestions for this situation I am all ears. [1] https://blog.torproject.org/blog/diginotar-debacle-and-what-you-should-do-about-it [2] https://trac.torproject.org/projects/tor/wiki/doc/TorBOX/ [3] https://lists.gnu.org/archive/html/bug-wget/2012-07/msg8.html [4] https://www.torproject.org/docs/faq.html.en#SSLcertfingerprint __ powered by Secure-Mail.biz - anonymous and secure e-mail accounts. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Re: Sign public key without having CSR or private key?
On Sat, Jul 7, 2012 at 4:02 PM, pro...@secure-mail.biz wrote:
noloa...@gmail.com wrote:
You pin a certificate by whitelisting expected server certificates
(possibly thumbprints).
How to do that?
My bad. You usually do it pragmatically in an On Connect callback or
delegate. I don't have any OpenSSL code handy, but but below is some
.Net/C# code. Cocoa/CocoaTouch and Objective C would do it in
NSURLConnection and the NSURLConnectionDelegate
(https://developer.apple.com/library/mac/#documentation/Foundation/Reference/NSURLConnectionDelegate_Protocol/Reference/Reference.html);
and you would do it in Android with HttpsURLConnection and
X509TrustManager
(http://stackoverflow.com/questions/11337726/android-httpsurlconnection-and-pinset-example).
public static void Main(string[] args)
{
ServicePointManager.ServerCertificateValidationCallback = PinCertificate;
// C1956DC8A7DFB2A5A56934DA09778E3A11023358
// WebRequest wr = WebRequest.Create(https://www.google.com/;);
// 8FC079E814777F688BA4C807D9BD67D62AF71AEB
WebRequest wr = WebRequest.Create(https://encrypted.google.com/;);
wr.GetResponse();
}
public static bool PinCertificate(object sender, X509Certificate certificate,
X509Chain chain, SslPolicyErrors sslPolicyErrors)
{
if (certificate == null)
return false;
if (chain == null)
return false;
byte[] cb = certificate.GetCertHash();
StringBuilder sb = new StringBuilder(cb.Length * 2);
foreach (byte b in cb)
sb.AppendFormat({0:X2}, b);
// Verify against known SHA1 thumb print of the certificate
String hash = sb.ToString();
if (hash != C1956DC8A7DFB2A5A56934DA09778E3A11023358)
return false;
return true;
}
There's usually no need to sign another's key
or certificate (I've never done it that way, and never seen it done
that way).
A little more background... Stories like the diginotar compromise [1] may
happen again, anytime.
Yes, agreed. I have no love or trust for the public CA hierarchy, and
I am still pissed off about what happened to the folks in Iran who
were probably tortured and killed due to Diginotar's failure.
I am developing an anonymous operating system [2]. We use wget to download
Tor Browser from torproject.org and to access check.torproject.org. (Not
available over secure apt.) Wget does offer ca pinning, but does not support
certificate pinning [3].
Unfortunately, I'm not familiar with wget (other than executing what I'm told).
So my original question was how do I get wget to verify the torproject.org
fingerprint [4] without depending on root CA's? The only possible solution I
saw was downloading the torproject.org SSL public key, run a local CA, sign
the certificate and run wget with the --ca-certificate switch. That's why I
posted the question Sign public key without having CSR or private key? here.
If there are any suggestions for this situation I am all ears.
Perhaps wget needs to be modified so that it allows you to supply
expected thumbrints of a server's certificate.
Jeff
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Re: Re: Sign public key without having CSR or private key?
On Sat, Jul 7, 2012 at 4:02 PM, pro...@secure-mail.biz wrote: noloa...@gmail.com wrote: You pin a certificate by whitelisting expected server certificates (possibly thumbprints). [SNIP] So my original question was how do I get wget to verify the torproject.org fingerprint [4] without depending on root CA's? The only possible solution I saw was downloading the torproject.org SSL public key, run a local CA, sign the certificate and run wget with the --ca-certificate switch. That's why I posted the question Sign public key without having CSR or private key?. If there are any suggestions for this situation I am all ears. Come to think of it, you could use OpenSSL's s_client to do the pinning, and then use wget if everything is OK. Its does set up a small breeding ground for a TOCTOU (http://nob.cs.ucdavis.edu/bishop/papers/1996-compsys/racecond.pdf), but I believe the risk is small. Jeff __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Re: Re: Sign public key without having CSR or private key?
noloa...@gmail.com wrote: On Sat, Jul 7, 2012 at 4:02 PM, pro...@secure-mail.biz wrote: noloa...@gmail.com wrote: You pin a certificate by whitelisting expected server certificates (possibly thumbprints). [SNIP] So my original question was how do I get wget to verify the torproject.org fingerprint [4] without depending on root CA's? The only possible solution I saw was downloading the torproject.org SSL public key, run a local CA, sign the certificate and run wget with the --ca-certificate switch. That's why I posted the question Sign public key without having CSR or private key?. If there are any suggestions for this situation I am all ears. Come to think of it, you could use OpenSSL's s_client to do the pinning, and then use wget if everything is OK. Its does set up a small breeding ground for a TOCTOU (http://nob.cs.ucdavis.edu/bishop/papers/1996-compsys/racecond.pdf), but I believe the risk is small. Since the implementation will be Open Source it were possible for an adversary to take advantage of TOCTOU, i.e. not tamper with s_client traffic but tamper with wget traffic. Cheers, proper __ powered by Secure-Mail.biz - anonymous and secure e-mail accounts. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
