<html>
<head>
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Hello Openssl,<br>
<br>
can you please tell me something?<br>
I don't understand if anybody reads this email.<br>
<br>
Almost a month has passed.<br>
<br>
Mario Scalabrino<br>
<br>
<br>
<div class="moz-cite-prefix">
<meta charset="UTF-8">
<title>Untitled Document</title>
On 17/02/2016 14:49, Mario Scalabrino wrote:<br>
</div>
<blockquote cite="mid:56C47A52.6090404@andifyou.com" type="cite">
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
Hello Openssl,<br>
<br>
is there any update? Do you need more information?<br>
<br>
Thank you<br>
<br>
Cheers<br>
<br>
Mario Scalabrino<br>
<br>
<div class="moz-signature">
<meta charset="UTF-8">
<title>Untitled Document</title>
<br>
<table border="0" width="750" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td style="text-align: center" align="" height="169"
width="181"><strong><a moz-do-not-send="true"
href="http://www.certifydoc.eu" target="_blank"
class="clink"><img
src="cid:part1.09030201.09070505@andifyou.com"
alt="Certify Doc" height="180" width="180"></a></strong></td>
<td style="padding: 0;margin:0; text-align: left;"
align="left" valign="top" width="569">
<p style="font-family: Gill Sans MT, Gill 'Gill Sans',
'Gill Sans MT', Bold; font-size: 24px; color:
rgba(17,47,127,1); margin-top: 0px; text-align: left;"><strong>MARIO
SCALABRINO <style="margin:0" data_temp_dwid="1"><img
src="cid:part3.07070008.09080101@andifyou.com"
alt="" height="1" width="400"></style="margin:0"></strong></p>
<p style="font-family: Gill Sans MT, Gill 'Gill Sans',
'Gill Sans MT', 'Myriad Pro', 'DejaVu Sans Condensed',
Gill Sans MT, Gill Sans MT, sans-serif, sans-serif;
font-size: 21px; color: rgba(151,151,151,1);
margin-top: 0px; text-align: left;">Founder & CEO
</p>
<p style="font-family: Gill Sans MT, Gill 'Gill Sans',
'Gill Sans MT', 'Myriad Pro', 'DejaVu Sans Condensed',
Gill Sans MT, Gill Sans MT, sans-serif; font-size:
16px; color: rgba(17,47,127,1); line-height: 10px;
text-align: left;"><img
src="cid:part4.00020100.06050700@andifyou.com"
alt="" height="12" width="13"> (+34) 680 128 282</p>
<a moz-do-not-send="true" style="font-family: Gill Sans
MT, Gill 'Gill Sans', 'Gill Sans MT', 'Myriad Pro',
'DejaVu Sans Condensed', Gill Sans MT, Gill Sans MT,
sans-serif; font-size: 16px; color: rgba(17,47,127,1);
line-height: 10px; text-align: left;"
href="mailto:mario.scalabrino@andifyou.com"
target="_blank" class="clink"><img
src="cid:part5.02020705.06090604@andifyou.com"
alt="" height="12" width="13">
mario.scalabrino@andifyou.com</a> <br>
<br>
<a moz-do-not-send="true" style="font-family: Gill Sans
MT, Gill 'Gill Sans', 'Gill Sans MT', 'Myriad Pro',
'DejaVu Sans Condensed', Gill Sans MT, Gill Sans MT,
sans-serif; font-size: 16px; color: rgba(17,47,127,1);
line-height: 10px; text-align: left;"
href="http://www.certifydoc.eu" target="_blank"
class="clink"><img
src="cid:part7.02040007.05040405@andifyou.com"
alt="" height="12" width="13"> www.certifydoc.eu</a>
<p style="font-family: Helvetica, Arial, sans-serif;
font-size: 12px; color: rgba(51,51,51,1); line-height:
10px; text-align: left;"><a moz-do-not-send="true"
href="https://www.linkedin.com/in/andifyou"
target="_blank"><img
src="cid:part9.01020103.01030008@andifyou.com"
alt="Linkedin" height="30" width="30"></a><a
moz-do-not-send="true"
href="https://www.facebook.com/certifydoc"
target="_blank"><img
src="cid:part11.09070008.09020703@andifyou.com"
alt="Facebook" height="30" width="30"></a><a
moz-do-not-send="true"
href="https://twitter.com/certifydoc"
target="_blank"><img
src="cid:part13.06000606.09050104@andifyou.com"
alt="Twitter" height="30" width="30"></a></p>
</td>
</tr>
<tr>
<td colspan="3"><br>
</td>
</tr>
</tbody>
</table>
</div>
<div class="moz-cite-prefix">On 28/01/2016 17:16, The default
queue via RT wrote:<br>
</div>
<blockquote
cite="mid:rt-4.0.19-8385-1453997788-238.4276-3-0@openssl.org"
type="cite">
<pre wrap="">Greetings,
This message has been automatically generated in response to the
creation of a trouble ticket regarding:
"Possible bug - ts -verify -digest, error:ts_rsp_verify.c:291:",
a summary of which appears below.
There is no need to reply to this message right now. Your ticket has been
assigned an ID of [openssl.org #4276].
Please include the string:
[openssl.org #4276]
in the subject line of all future correspondence about this issue. To do so,
you may reply to this message.
Thank you,
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:rt@openssl.org">rt@openssl.org</a>
-------------------------------------------------------------------------
Good afternoon Openssl,
please forward this email to whomever it may concern.
I receive an error and the Timestamping provider suspects it is a
Openssl bug.
Could you please check if it is openssl or the certificate?
This is when the error occurr
/openssl ts -verify -digest
e16db7d30581e44a5540f19553852b5a4e4e26f9adc365cc846f94038ee33025 -in
/tmp/namirial.tsr -CAfile /tmp/NamirialCATSA.pem
(result:)
*************
*Verification: FAILED**
**140236013643424:error:2F067065:time stamp
routines:TS_CHECK_SIGNING_CERTS:ess signing certificate
error:ts_rsp_verify.c:291:*/
I attach a complete reproduction scenario. I don't know if it is a
problem of this TSA certificate or in Openssl due to sha256 digest,
please help.
(in the curl command I cannot provide you the username and password, it
is a paid service)
Attached are the files resulting from the below commands in sequence and
the certificate of the TSA, but I'm sure you can check yourself the last
command where the error occur and advice.
you can copy and paste the commands below if you're in Linux Ubuntu and
the files are in the /tmp/ folder
*Reproduction scenario:*
OS: Ubuntu 14.04
Openssl version: OpenSSL 1.0.1f 6 Jan 2014
Generate tsq:
openssl ts -query -digest
e16db7d30581e44a5540f19553852b5a4e4e26f9adc365cc846f94038ee33025 -sha256
-cert -out /tmp/namirial.tsq
Readable tsq:
openssl ts -query -in /tmp/namirial.tsq -text
(result:)
************
Hash Algorithm: sha256
Message data:
0000 - e1 6d b7 d3 05 81 e4 4a-55 40 f1 95 53 85 2b 5a .m.....JU@..S.+Z
0010 - 4e 4e 26 f9 ad c3 65 cc-84 6f 94 03 8e e3 30 25 NN&...e..o....0%
Policy OID: unspecified
Nonce: 0x8CA62B5766A29A8B
Certificate required: yes
Extensions:
****************
Generate tsr (using curl)
curl -u xxxxxxx:yyyyyy -s --data-binary @/tmp/namirial.tsq -H
'Content-Type: application/timestamp-query' -H 'Pragma: no-cache' -H
'Accept: application/timestamp-reply' --output /tmp/namirial.tsr
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="http://timestamp.firmacerta.it">http://timestamp.firmacerta.it</a>
Readable tsr
openssl ts -reply -in /tmp/namirial.tsr -out /tmp/readable_tsr.txt -text
(result:)
******************
Status info:
Status: Granted.
Status description: Operation Okay
Failure info: unspecified
TST info:
Version: 1
Policy OID: 1.3.6.1.4.1.36203.2.1
Hash Algorithm: sha256
Message data:
0000 - e1 6d b7 d3 05 81 e4 4a-55 40 f1 95 53 85 2b 5a .m.....JU@..S.+Z
0010 - 4e 4e 26 f9 ad c3 65 cc-84 6f 94 03 8e e3 30 25 NN&...e..o....0%
Serial number: 0x1947FD96B97A42DE
Time stamp: Jan 28 14:56:16 2016 GMT
Accuracy: unspecified seconds, 0x01F4 millis, unspecified micros
Ordering: no
Nonce: 0x8CA62B5766A29A8B
TSA: unspecified
Extensions:
************************
Verify
openssl ts -verify -digest
e16db7d30581e44a5540f19553852b5a4e4e26f9adc365cc846f94038ee33025 -in
/tmp/namirial.tsr -CAfile /tmp/NamirialCATSA.pem
(result:)
*************
*Verification: FAILED**
**140236013643424:error:2F067065:time stamp
routines:TS_CHECK_SIGNING_CERTS:ess signing certificate
error:ts_rsp_verify.c:291:*
***************
</pre>
</blockquote>
<br>
</blockquote>
<br>
</body>
</html>