> From: owner-openssl-us...@openssl.org On Behalf Of ???? > Sent: Monday, 29 August, 2011 07:57
> Hello > I try to make ca signature about following case. > 1. Kx=DH, ECDH > 2. Au=ECDSA > 3. Enc=DES(56),3DES(168),RC4(40), rc4(128) This doesn't make sense. You (normally) use certificates in SSL/TLS for key exchange (Kx) and authentication (Au). They are not involved in data encryption (or MAC) at all. Each connection/session uses one Kx method and one Au method (or null) and you can't use Kx=DH (even E-DH) with Au=ECDSA. > For example I would like to know following cipher zuite. > EDH-RSA-DES-CBC3-SHA > ECDHE-ECDSA-AES256-SHA > RC4-MD5 > EXP-DES-CBS-SHA Those are four different ciphersuites. One uses DH-E and RSA, one uses ECDH-E and ECDSA, and two use RSA for both key exchange and authentication. (And the last is spelled CBC.) All but the second would use an endpoint RSA cert, which might be issued by a CA using any supported signature algorithm. > But I can not find the way. > For example, I tried following to make rc4 ca signature > but I got errors. A CA signs many things, none of them ever with RC4. It looks like you're trying to create a selfsigned RSA certificate, which could be a CA certificate (and key) but might not. > OpenSSL> genrsa -out keyRC4-40.pem > OpenSSL> rsa -in keyRC4-40.pem -rc4-40 -out RC4-40.pem That attempts to encrypt the privatekey locally under rc4-40. However, the PEM-encrypted logic in OpenSSL doesn't work for a stream cipher. It assumes that the IV can also be used as the (PBE) salt for 8 bytes, but a stream cipher has no IV, so it uses garbage instead as the salt, decrypts wrong, and isn't caught because a stream cipher needs no padding, so it attempts to ASN.1 decode nonsense and fails. > OpenSSL> req -new -x509 -key RC4-40.pem -out carc4-40.crt So any attempt to read in the privatekey, including this, fails (with overwhelming probability). If you use a block cipher or none, this creates a selfsigned RSA cert, possibly a CA cert as your filename implies. If it is used as a CA cert, the encryption on the CA's private key has no relationship whatsoever to the (data/bulk) encryption used on an SSL/TLS connection, or even for an endpoint privatekey using a cert from that CA. And a CA with a key protected by a cipher as weak(ened) as RC4-40 is generally worthless. What are you trying to accomplish? ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
