s_client won’t work with SQLServer because SQLServer doesn’t do immediate SSL handshake,
nor even a simple STARTTLS protocol. SQLServer starts in a database protocol (TDS), then wraps the initial SSL handshake in TDS, then finally switches to actual SSL. What kind of TDS client are you using and are you sure it is compatible with 0.9.8? “wrong tag” strongly suggests either the cert as sent by the server is damaged, which is not consistent with 1.0.0d accepting it unless the damage occurs in-transit due to the exact protocol messages which do differ some; or the 0.9.8 receiver is mishandling it, which is why Kyle asks about their builds. I would add to his requests the build options, if nondefault. A good start on this info can be obtained by ‘/whichever/openssl version –a’ assuming you have the commandline executable for each build. Also if you have the commandline(s), what happens if you get the server cert and CA certs, in PEM files, and do ‘openssl verify –CAfile cacert.pem srvcert.pem’? (Windows cert mgr can export pem, but if you only have der do ‘openssl x509 –in x.pem –out x.der –outform der’.) From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Kyle Hamilton Sent: Monday, March 17, 2014 01:34 To: openssl-users Subject: *** Spam *** Re: 0.9.8 RSA 2048, was Re: Need understanding on certutil output. What is your platform? When were each of 0.9.8 (unpatched, it appears) and 1.0.0d compiled? What toolchains were used to compile them? -Kyle H On Sun, Mar 16, 2014 at 8:42 PM, Mithun Kumar <mithunsi...@gmail.com> wrote: Hello Dave, When client gets server certificate(SQLServer) and tries to validate it we get "ASN1_F_ASN1_CHECK_TLEN" "ASN1_R_WRONG_TAG" error. i could parse the cert successfully and also dump the asn.1. I cant connect using s_client as it hangs. When i add logs to the openssl code i see that Field Name = "sig_alg" has this problem. When KeySize =1024 and signature algorithm = SHA1RSA it connects successfully where as with KeySize=2048 and signature Algorithm = SHA1RSA it fails. Also the failing cert works with V1.0.0.d and not with 0.9.8. Did we fix any bugs around above mentioned problem? Are there any work around that i can try? Not sure how to proceed forward. :( -Thanks On Sat, Mar 15, 2014 at 1:09 AM, Dave Thompson <dthomp...@prinpay.com> wrote: OpenSSL has long limited RSA key moduli to 16384 bits, far more than 2048. It also has limits on other kinds of keys; if you meant to ask about them, be specific. Do you really mean 0.9.8 with no suffix? Vanilla or patched? The oldest and newest 0.9.8 versions I have installed (g and x) handle RSA-2048 fine – even with SHA-256 for signature which your example doesn’t do. (NIST rates RSA-2048 strength equivalent to 112 bits, but SHA-1 drags signature strength down to 80 bits or less, especially for partly-chosen data like certs.) Does the error occur with s_client or something else, and if something else can you reproduce it with s_client? What exactly is the error? From: <mailto:owner-openssl-us...@openssl.org> owner-openssl-us...@openssl.org [mailto: <mailto:owner-openssl-us...@openssl.org> owner-openssl-us...@openssl.org] On Behalf Of Mithun Kumar Sent: Friday, March 14, 2014 11:53 To: <mailto:openssl-users@openssl.org> openssl-users@openssl.org Subject: *** Spam *** Re: Need understanding on certutil output. Hello Viktor, Thanks for the reply. Is there any limitations with Key Size? When cert 2 is received by the client from the server. I get a incorrect tag length error ? Currently i am using Openssl Version 0.9.8. Same cert(Cert2) works correctly for v1.0.0.d -Thanks mithun On Fri, Mar 14, 2014 at 8:02 PM, Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: On Fri, Mar 14, 2014 at 06:18:49PM +0530, Mithun Kumar wrote: > What is the difference between these two formats The first contains a 1024 bit RSA-SHA1 public key, the second a 2048-bit key. > Below is the ASN output using certuil tool. > > *Cert1:-* > > 0618: 30 0d ; SEQUENCE (d Bytes) > 061a: | 06 09 ; OBJECT_ID (9 Bytes) > 061c: | | 2a 86 48 86 f7 0d 01 01 05 > | | ; 1.2.840.113549.1.1.5 sha1RSA > 0625: | 05 00 ; NULL (0 Bytes) > 0627: 03 81 81 ; BIT_STRING (81 Bytes) > > *Cert2:-* > > 0780: 30 0d ; SEQUENCE (d Bytes) > 0782: | 06 09 ; OBJECT_ID (9 Bytes) > 0784: | | 2a 86 48 86 f7 0d 01 01 05 > | | ; 1.2.840.113549.1.1.5 sha1RSA > 078d: | 05 00 ; NULL (0 Bytes) > 078f: 03 82 01 01 ; BIT_STRING (101 Bytes) > 0793: 00 > > What does the highlighted values indicate? Any idea? The signature algorithm name and key length. The byte counts are reported in hex by the tool you're using, so 0x101 is 257 decimal, and 0x81 is 129 decimal. -- Viktor. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
