Re: Openssl upgrade to 1.1.1o on Red Linux 5.11

On 6/22/2022 10:32 AM, Gaurav Mittal11 wrote: Hi Team, Is there any way to upgrade openssl in redhat 5.11 as I am getting error its not supported. > uname -a Linux serverxxx 2.6.18-419.el5 #1 SMP Wed Feb 22 22:40:57 EST 2017 x86_64 x86_64 x86_64 GNU/Linux Red Hat Enterprise Linux Server re

Openssl 3.0.0 creating ECC key from X and Y, PEM_write_PUBKEY fails

I have X and Y as bignums. I create EVP_PKEY with this. I suspect that I have to do another step to indicate that I supplied X and Y and not a compressed public key. param_bld = OSSL_PARAM_BLD_new(); rc = getEcCurveString(&curveString, gets strings like prime256

Re: openssl 3.0.0 get ECC public key modulus from EVP_PKEY

On 10/14/2021 6:39 AM, Matt Caswell wrote: "priv" (OSSL_PKEY_PARAM_PRIV_KEY) The private key value. Since its an integer using EVP_PKEY_get_bn_param() would be appropriate here, but not EVP_PKEY_get_octet_string_param(). Basically you need to know the type of the parameter you are attemptin

Re: openssl 3.0.0 get ECC public key modulus from EVP_PKEY

On 10/13/2021 12:06 PM, Matt Caswell wrote: On 12/10/2021 23:37, Ken Goldman wrote: In pre-3.0.0, I used this, omitting the error checking, malloc, ... ecPoint = EC_KEY_get0_public_key(ecKey); ecGroup = EC_KEY_get0_group(ecKey); EC_POINT_point2oct(ecGroup, ecPoint

openssl 3.0.0 get ECC public key modulus from EVP_PKEY

In pre-3.0.0, I used this, omitting the error checking, malloc, ... ecPoint = EC_KEY_get0_public_key(ecKey); ecGroup = EC_KEY_get0_group(ecKey); EC_POINT_point2oct(ecGroup, ecPoint, POINT_CONVERSION_UNCOMPRESSED, *modul

EVP_EncryptInit_ex2() operation

Does it make sense to initialize the context once and then use it multiple times, or is cleaner to create a new one from the raw key byte string each time? I've seen sample code that uses this to 'reset' the context for a new encryption. EVP_EncryptInit_ex2(e, NULL, NULL, NULL, NULL);

openssl 3.0.0 equivalent to RSA_get0_key

... and RSA_get0_factors. I know about EVP_PKEY_get_bn_param(). However, that allocates new bignums. Therefore, the caller has to say, if >3.0.0, free them, else don't. The deprecated get0 functions just returned pointers that did not have to be separately freed. Is there a call to pass in

Openssl 3.0.0. EVP_PKEY RSA is NULL

I am doing the following, but the EVP_PKEY->pkey->rsa is null. Am I misusing the API or missing a step? (error checking removed) EVP_PKEY*rsa_pub_key = NULL; EVP_PKEY_CTX*ctx = NULL; OSSL_PARAM_BLD *param_bld = NULL; OSSL_PARAM *params = NULL;

Re: Openssl 3.0.0. EVP_PKEY_CTX vs EVP_PKEY

On 9/14/2021 11:40 AM, Tomas Mraz wrote: On Tue, 2021-09-14 at 11:11 -0400, Ken Goldman wrote: Conceptually, how are these different? When do I use one vs the other? The EVP_PKEY is an object holding data (well, rather a reference, but that is fairly irrelevant) of a private key, public key

Openssl 3.0.0. EVP_PKEY_CTX vs EVP_PKEY

Conceptually, how are these different? When do I use one vs the other? Where would I learn this?

Re: EVP_MAC_init - specify the hash algorithm

Where does one get the parameter values? E.g., where would I see the value strings for the EVP_MAC_new algorithm and the digest parameter values. I can guess HMAC and SHA256, but are they documented? Case sensitive? Which is preferred? You use EVP_MAC_new, which is undocumented. The doc samp

TYPE_new() and TYPE_free()

Assuming that I use the ASN1_SEQUENCE, ASN1_SEQUENCE_END, DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS macros ... TYPE_free() says that it frees all sub-objects. Can I assume that, if the sub-objects are also defined with those macros, that it will iterate all the way? TYPE_new() allocates

Re: openssl 3.0.0 valgrind failure on OPENSSL_ia32_cpuid - retract, sorry

On 8/27/2021 3:46 PM, Ken Goldman wrote: I run valgrind on all my software to find memory leaks.  This worked for openssl 1.0.2 and 1.1.1, but fails with 3.0.0.  Suggestions? Sorry, I updated valgrind and all is well.

openssl 3.0.0 valgrind failure on OPENSSL_ia32_cpuid

I run valgrind on all my software to find memory leaks. This worked for openssl 1.0.2 and 1.1.1, but fails with 3.0.0. Suggestions? vex amd64->IR: unhandled instruction bytes: 0xF3 0xF 0x1E 0xFA 0x49 0x89 0xD8 0x31 vex amd64->IR: REX=0 REX.W=0 REX.R=0 REX.X=0 REX.B=0 vex amd64->IR: VEX=0 V

Re: 3.0.0. IMPLEMENT_ASN1_FUNCTIONS missing _it prototypes

On 8/24/2021 5:56 AM, Matt Caswell wrote: On 23/08/2021 20:42, Ken Goldman wrote: I get warnings on all my ASN1_SEQUENCE_END, a missing prototype for the _it functions. The code is working, but I'd like a clean compile. 3.0.0 only, 1.0.2 and 1.1.1 are OK. Example: #include #in

Re: HMAC verification with EVP Interface

On 8/26/2021 5:35 AM, d0 wrote: Don't forget to use CRYPTO_memcmp for comparing the HMACs, not regular ol' memcmp. What's the rationale? The HMAC result isn't secret.

3.0.0. IMPLEMENT_ASN1_FUNCTIONS missing _it prototypes

I get warnings on all my ASN1_SEQUENCE_END, a missing prototype for the _it functions. The code is working, but I'd like a clean compile. 3.0.0 only, 1.0.2 and 1.1.1 are OK. Example: #include #include #include #include typedef struct { ASN1_TIME *notBefore; ASN1_TIME *notAfter; }

Re: Set X509 public key in 1.0.2

On 8/20/2021 7:19 PM, Thomas Dwyer III wrote: 1.0.2 has X509_PUBKEY_get() (without the zero) which I believe increases the reference count on the EVP_PKEY. Perfect! It was not in the 1.0.2 man page, but it seems to be portable across 1.0.1, 1.1.1, 3.0.0.

Set X509 public key in 1.0.2

I have an X509_PUBKEY structure holding the algorithm and public key. I want to set it in the X509 structure. In 1.1.1 and up, I can use evpPubkey = X509_PUBKEY_get0(addToCert->key);/* X509_PUBKEY */ X509_set_pubkey(x509Certificate, evpPubkey); However, 1.0.2 doesn't hav

Re: IMPLEMENT_ASN1_FUNCTIONS tutorial or help

On 8/17/2021 9:47 PM, Sands, Daniel via openssl-users wrote: The dump you show below is: Attributes (set, tagged with a 0, optional) Version privateKeyAlgorithm privateKey This is a PKCS#8 packet for a key. The encapsulated data is the RSA public key in PKCS1 format. I know OpenSSL has built-

Re: IMPLEMENT_ASN1_FUNCTIONS tutorial or help

) DECLARE_ASN1_FUNCTIONS(TPM_ADDTOCERT) IMPLEMENT_ASN1_FUNCTIONS(TPM_ADDTOCERT) const unsigned char *tmpptr = out.addedToCertificate.t.buffer; TPM_ADDTOCERT *addToCert = d2i_TPM_ADDTOCERT(NULL, &tmpptr, out.addedToCertificate.t.size); On 8/16/2021 4:56 PM,

Re: [EXTERNAL] Re: IMPLEMENT_ASN1_FUNCTIONS tutorial or help

On 8/17/2021 12:57 PM, Sands, Daniel via openssl-users wrote: Now I would like to do the other end, where I have der and I want to parse back to the structure, using d2i() 1 - Is there a tutorial on this? Seems like you don't need one. If you got i2d working you should have d2i already! I

Re: IMPLEMENT_ASN1_FUNCTIONS tutorial or help

On 8/17/2021 10:38 AM, Matt Caswell wrote: On 16/08/2021 21:56, Ken Goldman wrote: I am trying to parse some ASN.1 DER so I can add it to an X.509 certificate. For the input side, a poster showed me ASN1_SEQUENCE, ASN1_SEQUENCE_END, and then DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS

IMPLEMENT_ASN1_FUNCTIONS tutorial or help

I am trying to parse some ASN.1 DER so I can add it to an X.509 certificate. For the input side, a poster showed me ASN1_SEQUENCE, ASN1_SEQUENCE_END, and then DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS which created the i2d() function. Now I would like to do the other end, where I have d

Re: Misunderstanding openssl verify

On 8/16/2021 10:04 AM, Viktor Dukhovni wrote: It seems as though the 'verify' command checks the issuer, but not the signature of the certificate - the last parameter. > As documented. Then I am not understanding the documentation. https://www.openssl.org/docs/man1.1.1/man1/verify.html says

Misunderstanding openssl verify

It doesn't seem to be verifying the signature on the certificate parameter. Version 1.1.1k. I create an incorrectly signed self signed certificate and convert it from der to pem. A basic openssl verify -CAfile c1.pem c1.pem Returns OK, even though the signature is bad. Why? Editing

Re: openssl 3.0 - id2_x509() now fails

On 8/9/2021 3:50 AM, Tomas Mraz wrote: On Fri, 2021-08-06 at 18:06 -0400, Ken Goldman wrote: On 8/6/2021 1:11 PM, Ken Goldman wrote: I have an application where I have to create a partial x509 certificate.  It gets sent to an HSM, which fills in the public key and signs it. I was calling

Re: openssl 3.0 - id2_x509() now fails

On 8/6/2021 1:11 PM, Ken Goldman wrote: I have an application where I have to create a partial x509 certificate.  It gets sent to an HSM, which fills in the public key and signs it. I was calling X509_new X509_set_version X509_set_issuer_name X509_get_notBefore

openssl 3.0 - id2_x509() now fails

I have an application where I have to create a partial x509 certificate. It gets sent to an HSM, which fills in the public key and signs it. I was calling X509_new X509_set_version X509_set_issuer_name X509_get_notBefore X509_get_notAfter X509_se

openssl 3.0 genpkey

Should these be posted here or as github issues? (May be user error) 1 openssl genpkey -algorithm rsa -outform der -out key.der -quiet returns: genpkey: Option -quiet needs a value But the docs don't indicate that a value is needed. 2 openssl genpkey -algorithm rsa -outform der -out key.de

Re: EVP_MD_CTX_free documentation

Matt On 30/07/2021 17:55, Ken Goldman wrote: It would be nice if the documentation would guarantee that this function is a no-op when the parameter is NULL - like the standard free() call. This would save coding (if not NULL) all the time. Same comment for all the _free functions. I know I can

EVP_MD_CTX_free documentation

It would be nice if the documentation would guarantee that this function is a no-op when the parameter is NULL - like the standard free() call. This would save coding (if not NULL) all the time. Same comment for all the _free functions. I know I can look at the code, but that doesn't provide an

Re: RSA_set0_key() equivalent for 3.0.0

On 7/13/2021 5:14 PM, William Roberts wrote: Outside of the migration guide others have pointed out, I think the functions you need are: https://www.openssl.org/docs/manmaster/man3/EVP_PKEY_set1_RSA.html Use use EVP level no

Re: RSA_set0_key() equivalent for 3.0.0

On 7/13/2021 5:08 PM, Nicola Tuveri wrote: There is the migration guide: https://github.com/openssl/openssl/tree/master/doc/man7/migration_guide.pod The migration guide is very general. It says that the low level

RSA_set0_key() equivalent for 3.0.0

What is the 3.0.0 equivalent to RSA_set0_key() when I want to create a key token from n and e. Meta question: Is there a porting guide for these type of questions - something that says, "If you used this before, use this now."

Re: EVP_MAC_init - specify the hash algorithm

On 7/13/2021 2:50 PM, Matt Caswell wrote: On 13/07/2021 19:02, Ken Goldman wrote: Porting to 3.0 ... HMAC_Init_ex() had a place for the hash algorithm.  EVP_MAC_init() does not, unless it's embedded in the 'params' parameter. Any advice?  Or a sample for doing an HMAC with

EVP_MAC_init - specify the hash algorithm

Porting to 3.0 ... HMAC_Init_ex() had a place for the hash algorithm. EVP_MAC_init() does not, unless it's embedded in the 'params' parameter. Any advice? Or a sample for doing an HMAC with 3.0?

Re: Random and rare Seg faults at openssl library level

On 1/7/2021 10:11 AM, Michael Wojcik wrote: $ cat /etc/redhat-release && openssl version CentOS Linux release 7.9.2009 (Core) OpenSSL 1.0.2k-fips 26 Jan 2017 Ugh. Well, OP should have made that clear in the original message. And this is one of the problems with using an OpenSSL supplied by t

Re: Random and rare Seg faults at openssl library level

On 1/6/2021 12:10 PM, Gimhani Uthpala wrote: I am getting seg-faults at openssl level. This only occurred very randomly and the following are stacks that seg faults  at openssl level in the given 2 cases. We are using openssl 1.0.2k. The usual cause is that you are compiling with one version

openssl with Rust

Environment is Windows, Visual Studio Code, the Shining Light openssl build and the openssl crate. Does anyone have experience getting this to link? Environment variables? cargo.toml anything else?

OpenSSL version 3.0.0-alpha1 build failed

My build failed with the below. x86_64 Linux kernel 2.6.32 RHEL 6.7 Perl 5.10.1 Everything through 1.1.1e was successful. ~~ ./config Operating system: x86_64-whatever-linux2 Configuring OpenSSL version 3.0.0-alpha1 for target linux-x86_64 Using os-specific seed configuration *** glibc detect

Re: Fails on verifying signature - RSA_padding_check_PKCS1_type_1:invalid padding

On 2/13/2020 12:40 PM, Pedro Lopes wrote: When I try to verify the signature, fails with RSA_padding_check_PKCS1_type_1:invalid padding. That error typically means that the verification public key does does not match the signing private key.

Re: Add ECDSA signature R and S to X509 structure

On 8/17/2019 5:35 AM, Billy Brumley wrote: Hey Ken, I have an ECDSA signature supplied to me as R and S byte arrays and lengths (from an HSM). How do I add them to the X509 structure? Is there an API, a set of calls, or do you have any hints? You might be looking for ECDSA_SIG_set0: https

Add ECDSA signature R and S to X509 structure

I have an ECDSA signature supplied to me as R and S byte arrays and lengths (from an HSM). How do I add them to the X509 structure? Is there an API, a set of calls, or do you have any hints? ~~ For RSA, I simply filled in the ASN1_BIT_STRING length, data, and flags, but an RSA signature is a

Adding signature items to X509 certificate structure

This use case is that I have an HSM that internally forms an X509 certificate and returns the signature. I have to reconstruct the X509 structure externally. I have everything but the signature and its algorithm. How can I programmatically set these values? What I do now is: - X509_ALGOR_se

Re: Building a DER sequence

On 7/3/2019 4:30 PM, Viktor Dukhovni wrote: On Jul 3, 2019, at 2:41 PM, Ken Goldman wrote: That link points to the X509_dup page. It doesn't explain how to build a DER sequence, does it? The documentation is incomplete, and much RTFS is required, but it and code pointers should ge

Re: Building a DER sequence

On 7/1/2019 6:03 PM, Viktor Dukhovni wrote: On Mon, Jul 01, 2019 at 09:40:25PM +, Salz, Rich via openssl-users wrote: I see those macros, but ... is there any documentation? No. There's a high-level overview at: https://www.openssl.org/docs/manmaster/man3/X509_dup.html That

Re: Building a DER sequence

On 7/1/2019 5:19 PM, Viktor Dukhovni wrote: On Jun 25, 2019, at 10:59 AM, Ken Goldman wrote: I have to build a DER byte stream for a sequence containing: algorithm ID issuer validity subject name extensions What is the general approach? See for

Re: Building a DER sequence

On 6/26/2019 11:34 AM, Salz, Rich via openssl-users wrote: Do I construct a sequence and add items to it - top down? No, because then you have to go back and patch the sequence length and perhaps slide everything up or down a copule of bytes. I would look at an existing simple sequence an

Re: Building a DER sequence

On 6/26/2019 11:34 AM, Salz, Rich via openssl-users wrote: Do I construct a sequence and add items to it - top down? No, because then you have to go back and patch the sequence length and perhaps slide everything up or down a copule of bytes. I would look at an existing simple sequence an

Building a DER sequence

I have to build a DER byte stream for a sequence containing: algorithm ID issuer validity subject name extensions What is the general approach? Is there openssl support for this? Do I construct a sequence and add items to it - top down? Or do I construc

Re: why does RAND_add() take "randomness" as a "double"?

On 5/21/2019 9:48 PM, Paul Dale wrote: Double makes sense. Entropy is often estimated as a real value. Having a human readable calculation using floating point doesn't (to me) mean that an API argument has to be a double. From what I see in the code, the parameter 'double entropy' is used

Re: why does RAND_add() take "randomness" as a "double"?

On 5/21/2019 10:07 PM, Salz, Rich via openssl-users wrote: >Then just set it to 1.0 and be done with it. That hardly helps on systems that don't have floating point at all. No it doesn't. Such systems aren't supported by OpenSSL. There are many places were floating point is u

Re: why does RAND_add() take "randomness" as a "double"?

On 5/21/2019 10:15 AM, Laszlo Ersek wrote: [snip] Can someone please explain what is gained by using a floating point type here? Is it really a relevant use case that entropy is fed from an external source to OpenSSL such that truncating the amount to a whole number of bits would cause signific

Re: Issue in linking Openssl1.1.1b to application

On 5/9/2019 10:03 AM, vin wrote: Hi I was using an application with openssl0.9.8k .The procedure i used to link openssl to my application using visual studio -2008 was after building openssl i was linking libeay32.lib and ssleay32.lib to my application and including header files from include fol

Re: Using (not building) openssl with mingw on Windows 10

On 3/22/2019 12:18 PM, Michael Wojcik wrote: I seem to have discarded some of your older messages. Did you ever send us the actual link command that's being used? Maybe that will throw some light on the problem. "c:/program files/mingw/bin/gcc.exe" -D_MT -DTPM_WINDOWS -I. -shared -o libibmts

Re: Using (not building) openssl with mingw on Windows 10

N32_WINNT=0x0501 -D_WIN32_IE=0x0501 -DPTW32_STATIC_LIB -D__CLEANUP_C -DUNICODE -D_UNICODE -DWIN32_LEAN_AND_MEAN -DOPENSSL_SSL_CLIENT_ENGINE_AUTO=capi -DOPENSSL_CAPIENG_DIALOG -m64 -pipe -mms-bitfields -fno-builtin -march=core2 -mtune=core2 -D_MT -DZLIB -DNDEBUG -I/mingw/include @Ken: this seems t

Re: Using (not building) openssl with mingw on Windows 10

On 3/20/2019 12:41 PM, Michael Wojcik wrote: Sounds like you might have import libraries there. Does "ar t libcrypto.lib" show a bunch of .obj members, or a bunch of .dll members? If it's the latter, then it's just an import library that tells the linker what DLL needs to be loaded at runtim

Re: Using (not building) openssl with mingw on Windows 10

On 10/29/2018 7:18 AM, Jakob Bohm via openssl-users wrote: On 26/10/2018 23:08, Ken Goldman wrote: I've been happily using the Shining Light 32-bit binaries with both openssl 1.0 and 1.1 and mingw. On a new machine, I tried the 64-bit binaries.  However, they're missing the openssl

ECC keypair generation with password

I've been using this command to generate a password protected ECC keypair. openssl ecparam -name prime256v1 -genkey -noout | openssl pkey -aes256 -passout pass:passwd -text > tmpecprivkey.pem The output is a -BEGIN ENCRYPTED PRIVATE KEY- which I parsed using PEM_read_PrivateK

Re: [openssl-users] Problem with x509_verify_certificate

ed the second option, it did not make any difference. When I added X509_STORE_CTX_set0_param(csc,verify_param); X509_verify_cert(csc) started returning error X509_V_ERR_CERT_CHAIN_TOO_LONG: certificate chain too long -- Original Message -- From: Ken Sent: Thu, 22 Nov 2018 10:43:

Re: [openssl-users] Problem with x509_verify_certificate

Hi Viktor, It looks like FreeRDP was not setting a purpose when checking the certificate, causing this issue. I added: X509_STORE_CTX_set_default(csc, "ssl_server"); before the call to if (X509_verify_cert(csc) == 1) and this seems to make it work. I don't know if this is a "good" way to f

Re: [openssl-users] Problem with x509_verify_certificate

18 08:56:58 -0500 To: Openssl-users Subject: Re: [openssl-users] Problem with x509_verify_certificate On Nov 20, 2018, at 1:31 AM, Ken wrote: Are you saying to test with "openssl s_client -connect ..."? Test both with s_client and with your application if possible. In both cases conf

Re: [openssl-users] Problem with x509_verify_certificate

: Openssl-users Subject: Re: [openssl-users] Problem with x509_verify_certificate On Nov 19, 2018, at 1:15 AM, Ken wrote: There are no stale intermediate certificates on my computer. The evidence suggests otherwise. Also, strace shows that it is looking for the correct CA certificate

Re: [openssl-users] Problem with x509_verify_certificate

ost likely there's a stale (expired) copy of the intermediate certificate in question in the trust store, but the peer (server) sent an unexpired version in the handshake. The solution is to remove the stale intermediate from the trust store. On Nov 17, 2018, at 8:57 PM, Ken wrote: I use

Re: [openssl-users] Problem with x509_verify_certificate

aking sure it is the c_rehash for OpenSSL 1.1.x, and not some other version. On Nov 17, 2018, at 8:57 PM, Ken wrote: On both versions, strace shows is it checking for /var/lib/ca-certificates/openssl/4bfab552.0 (which exists, and is the correct CA) - but with openssl version "1.1.0i-fips

Re: [openssl-users] Problem with x509_verify_certificate

On Nov 17, 2018, at 8:57 PM, Ken <mailto:open...@k-h.us>> wrote: I use an application, FreeRDP (https://github.com/FreeRDP/FreeRDP), which uses x509_verify_certificate to check the validity of a certificate on a RDP server. Under openSUSE Leap 42.3 (which uses openssl version "1

[openssl-users] Problem with x509_verify_certificate

to find out if it matches the certificate.) Any idea what changed? (Or, better question, what needs to be changed to make this application work again?) Thanks, Ken -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] Using (not building) openssl with mingw on Windows 10

I've been happily using the Shining Light 32-bit binaries with both openssl 1.0 and 1.1 and mingw. On a new machine, I tried the 64-bit binaries. However, they're missing the openssl/lib/mingw directory where the .a files resided. It looks like the link procedure changed. Any hints before I

[openssl-users] HMAC key in PEM or other format

Is there a standard format for passing around an HMAC key? Can openssl read and write it? I know that an HMAC key is just a random number, and I can probably pass it around in binary, hex ascii, or base64. But I'd rather use a standard format if there is one. -- openssl-users mailing list

Re: [openssl-users] rsaOAEP OID in X509 certificate

On 8/9/2018 10:51 AM, Stephane van Hardeveld wrote: I will discuss this, but as far as I understand, these OID are allowed by the X 509 standard: 4.1.2.7. Subject Public Key Info [snip] And in rfc4055, 4.1 Openssl is capable of parsing it, only retrieving it gives an error on unknown algo

Re: [openssl-users] rsaOAEP OID in X509 certificate

On 8/9/2018 4:14 AM, Stephane van Hardeveld wrote: Hi Ken, I am trying to do two thing: 1: Generate X 509 certificates, with RSA-PSS signing, with different Hashing and Masking (SHA1 and SHA256), including an RSA Public key as content. This RSA 'content key' should specify it will b

Re: [openssl-users] rsaOAEP OID in X509 certificate

1 - If you are trying to extract the public key, X509_get_pubkey() won't work. I have sample code to do it. Let me know if you want the complete function. Basically: X509_get_X509_PUBKEY X509_PUBKEY_get0_param d2i_RSAPublicKey 2 - If you are trying to verify a certif

Re: [openssl-users] openssl 1.1 certificate verification fails with non-standard public key algorithm

On 7/25/2018 4:27 PM, Viktor Dukhovni wrote: Yes, that's what I'm saying, but also asking the broader list for feedback on such a change. Should security level zero succeed even with unsupported EE keys (which somehow get used with some other software???). For background, this is the TPM 1.2

Re: [openssl-users] openssl 1.1 certificate verification fails with non-standard public key algorithm

On 7/25/2018 10:47 AM, Viktor Dukhovni wrote: On Jul 25, 2018, at 10:05 AM, Ken Goldman wrote: I have a certificate with a non-standard public key algorithm -rsaesOaep. See snippet #2. With openssl 1.0, I can validate the certificate chain. With openssl 1.1 it fails with the error

[openssl-users] openssl 1.1 certificate verification fails with non-standard public key algorithm

Seeking advice. I have a certificate with a non-standard public key algorithm -rsaesOaep. See snippet #2. With openssl 1.0, I can validate the certificate chain. With openssl 1.1 it fails with the error X509_V_ERR_EE_KEY_TOO_SMALL. See dump #1. I believe that this is due to new 1.1 code

Re: [openssl-users] Get raw RSA public key from X509 certificate

On 04/27/18 04:50, Matt Caswell wrote: On 26/04/18 23:48, Ken Goldman wrote: On 04/26/18 16:37, Matt Caswell wrote: On 26/04/18 21:17, Ken Goldman wrote: I have to get the raw public modulus, but I cannot X509_get_pubkey() because of a non-standard object identifier. I can use

Re: [openssl-users] Get raw RSA public key from X509 certificate

On 04/26/18 16:37, Matt Caswell wrote: On 26/04/18 21:17, Ken Goldman wrote: I have to get the raw public modulus, but I cannot X509_get_pubkey() because of a non-standard object identifier. I can use X509_get_X509_PUBKEY() to get part way there.  I see the DER wrapped key in the

[openssl-users] Get raw RSA public key from X509 certificate

I have to get the raw public modulus, but I cannot X509_get_pubkey() because of a non-standard object identifier. I can use X509_get_X509_PUBKEY() to get part way there. I see the DER wrapped key in the public_key.data element, but I don't know an API to get to that element. Am I on the rig

Re: [openssl-users] X509 certificate algorithm

On 08/16/12 09:33, Dr. Stephen Henson wrote: On Thu, Aug 16, 2012, Kenneth Goldman wrote: I call these: d2i_X509() X509_print_fp() which calls pkey_set_type() EVP_PKEY_asn1_find() and that call fails. I've traced the following error down to the rsaOAEP algorithm, wh

[openssl-users] FIPS_mode_set(1) failing

This call fails on two platforms with: fips.c(143): OpenSSL internal error, assertion failed: FATAL FIPS SELFTEST FAILURE (or line 139) The openssl installs are: OpenSSL 1.0.1e-fips 11 Feb 2013 OpenSSL 1.0.2g-fips 1 Mar 2016 Any hints? Do I have to call a self test before entering

Re: [openssl-users] Certificate for RSA 2048 key says 2058

On 12/14/2017 1:34 PM, Viktor Dukhovni wrote: On Dec 14, 2017, at 1:11 PM, Ken Goldman wrote: I generate a key and self signed certificate like this: openssl genrsa -out cakey.pem -aes256 -passout pass: 2048 openssl req -new -x509 -key cakey.pem -out cacert.pem -days 3650 When I

Re: [openssl-users] [openssl-dev] Is X509_free(NULL) ok?

On 12/22/2017 9:24 AM, Salz, Rich via openssl-users wrote: if (ptr!= NULL) free(ptr); That shouldn’t be necessary for OpenSSL. If you find places where it is, please open an issue. OK. I'll mention a few, but it's a global issue. The code may handle NULL. However, conservati

Re: [openssl-users] [openssl-dev] Is X509_free(NULL) ok?

On 12/22/2017 8:06 AM, Salz, Rich via openssl-users wrote: Our intent is that all FREE functions can handle NULL. If you find things missing or undocumented, please open an issue on GitHub. Thanks! It would be great if that was documented for all _free() functions. I currently always code

[openssl-users] Certificate for RSA 2048 key says 2058

I generate a key and self signed certificate like this: > openssl genrsa -out cakey.pem -aes256 -passout pass: 2048 > openssl req -new -x509 -key cakey.pem -out cacert.pem -days 3650 When I dump the certificate, I see Subject Public Key Info: Public Key Algor

Re: [openssl-users] OpenSSL engine and TPM usage.

On 10/26/2017 3:33 AM, Michael Ströder wrote: Michael Richardson wrote: Jakob Bohm wrote: wow, further evidence that everything needs an upgrade path. From the viewpoint of hardware vendors the upgrade path is selling new hardware. It's simply like that. Not very sustainable... All the T

Re: [openssl-users] Storing private key on tokens

On 9/27/2017 2:19 PM, Dirk-Willem van Gulik wrote: On 27 Sep 2017, at 20:02, Michael Wojcik The tokens / HSMs I've used don't let you generate a key somewhere else and install it on the token. They insist on doing the key generation locally. That is, after all, part of the point of using a tok

Re: [openssl-users] openssl 1.0 and 1.1 co-exist

On 6/22/2017 7:05 AM, Jakob Bohm wrote: On 22/06/2017 04:31, Viktor Dukhovni wrote: On Wed, Jun 21, 2017 at 01:44:34PM -0400, Ken Goldman wrote: This is probably Linux specific ... Can both openssl versions co-exist on the same platform. I know that the .so is versioned, but how about the

Re: [openssl-users] Openssl 1.1 RSA_get0_key() documentation

On 7/28/2017 4:05 PM, Salz, Rich via openssl-users wrote: The __current__ code for this function returns values if the **BIGNUM is not NULL. Thus, it appears safe to pass in NULL for values not needed. If this behavior is guaranteed, it would be nice if it was documented. Wanna open an iss

[openssl-users] Openssl 1.1 RSA_get0_key() documentation

The __current__ code for this function returns values if the **BIGNUM is not NULL. Thus, it appears safe to pass in NULL for values not needed. However, the documentation is silent on this behavior. If this behavior is guaranteed, it would be nice if it was documented. If not, a comment in th

[openssl-users] openssl 1.0 and 1.1 co-exist

This is probably Linux specific ... Can both openssl versions co-exist on the same platform. I know that the .so is versioned, but how about the header files? Can I choose which library to build with? Do the headerso in the same /usr/include/openssl or are there links? Are there ifdefs in

Re: [openssl-users] NMAKE error

On 5/1/2017 12:00 PM, Jordan Brown wrote: On 5/1/2017 8:53 AM, James Condren wrote: Thanks for the prompt response. Just a little background: I am trying to install OpenSSL on a Windows PC so I can view a server cert. It might be simpler to install cygwin and an already-built OpenSSL. If

Re: [openssl-users] Functions for retrive public key from x509 cert

On 3/28/2017 5:25 AM, Christian Adja via openssl-users wrote: Someone can tell me what function is called for retrieve public key from x509 cert? in the case of EC public key? X509_get_pubkey() -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-user

Re: [openssl-users] Issues while "configuring before compiling" OpenSSL on Raspberry-Pi

It is definitely possible, because we run openssl on the Pi. We did not, however, compile it ourselves. We install from a Pi repository. On 2/12/2017 8:13 AM, Ajay Garg wrote: Any ideas please? Is compiling openssl even possible on Raspberry-Pi? -- openssl-users mailing list To unsubscrib

Re: [openssl-users] Generate ECC key with password protection

On 1/13/2017 2:02 PM, Viktor Dukhovni wrote: parameter setting error 139854491113288:error:06089094:digital envelope routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:404: In that case, your OpenSSL library is broken, or was built without EC support. Perhaps you're running the wrong ope

Re: [openssl-users] Generate ECC key with password protection

On 1/13/2017 1:21 PM, Viktor Dukhovni wrote: On Fri, Jan 13, 2017 at 06:18:51PM +, Viktor Dukhovni wrote: Still no success. I think this is exactly what you suggested, and something I had already tried. openssl genpkey -out cakeyecc.pem -outform PEM -pass pass: -aes256 -algorithm e

Re: [openssl-users] Generate ECC key with password protection

Thanks for the help. Am I getting closer? On 1/13/2017 9:44 AM, Viktor Dukhovni wrote: Also, take a look at test/certs/mkcert.sh: I looked at that, but what is $bits? The curve name. You're sure fond of leaving off the leading "-" in option names. You'll also really want the "ec_param_enc"

Re: [openssl-users] Generate ECC key with password protection

Thanks, getting closer ... On 1/12/2017 5:47 PM, Viktor Dukhovni wrote: My latest attempt is this. It gives me a usage error. Any hints? openssl genpkey -out cakeyecc.pem -outform pem -pass pass: aes-256-cbc -algorithm ec pkeyopt ec_paramgen_curve:prime256v1 -text The "aes-256-cbc" ar

Re: [openssl-users] Generate ECC key with password protection

On 7/20/2016 10:26 AM, Jakob Bohm wrote: On 20/07/2016 16:21, Ken Goldman wrote: From these web pages: https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations https://www.openssl.org/docs/manmaster/apps/ecparam.html the "openssl ecparam -genkey" command does no

Re: [openssl-users] ECDSA_SIG_new and ECDSA_SIG_free details - NULL vs zeros

On 1/11/2017 10:32 AM, Stephan Mühlstrasser wrote: OpenSSL does not support platforms where the memory representation of the NULL pointer contains non-zero bytes. IIRC there are even tests for this. Could someone from the OpenSSL team please explain the rationale for this decision? What is the

  1   2   3   >