<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<div class="moz-cite-prefix">Many thanks for the answer.<br>
<br>
I should have been more specific on the requirements right away.
The "file" was really just an example to keep it simple. Reading
my own writing, I would probably have suggested what you did <span
class="moz-smiley-s1"><span> :-) </span></span><br>
<br>
So here are the facts:<br>
- client/server are not connected to the internet<br>
- the network protocol is existing and proprietary<br>
- the file structure is existing and proprietary, but can be
extended to allow for additional signature information to be
embedded that will be sent to the server<br>
- the data actually transferred (and to be signed) is part of that
file<br>
- the data has to be signed with an X.509 certificates public key
that already exists<br>
<br>
S/MIME does pretty much do what I want to do. However the network
protocol or the data to be signed cannot be changed for
compatibility reasons. Under these circumstances, I don't really
see how I could achieve my goal easier than by openssl directly.<br>
<br>
Considering the "very common requirement": I was thinking of i.e.
windows driver signatures, android/ios app signatures and similar
mechanisms to ensure that files are from a trusted source.<br>
<br>
Am 22.06.2015 um 14:44 schrieb Michael Wojcik:<br>
</div>
<blockquote
cite="mid:B550B44BF8AF314BB00C4E2AC1C18088014C2E2F3A@Rock-Exchange1.microfocus.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Consolas;
panose-1:2 11 6 9 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p
{mso-style-priority:99;
mso-margin-top-alt:auto;
margin-right:0in;
mso-margin-bottom-alt:auto;
margin-left:0in;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
p.MsoListParagraph, li.MsoListParagraph, div.MsoListParagraph
{mso-style-priority:34;
margin-top:0in;
margin-right:0in;
margin-bottom:0in;
margin-left:.5in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";
color:black;}
p.code, li.code, div.code
{mso-style-name:code;
mso-style-link:"code Char";
margin:0in;
margin-bottom:.0001pt;
font-size:10.0pt;
font-family:Consolas;
color:black;}
span.codeChar
{mso-style-name:"code Char";
mso-style-link:code;
font-family:Consolas;
color:black;}
span.EmailStyle21
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Response
inline below, prefixed with "MW". (Unfortunately Outlook is
incapable of replying to HTML messages properly, so you'll
have to excuse the formatting.)<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:9.0pt;font-family:"Courier New"">Michael
Wojcik</span><span style="font-size:9.0pt;color:#1F497D">
<br>
</span><span style="font-size:9.0pt;font-family:"Courier
New"">Technology Specialist</span><span
style="font-size:9.0pt;font-family:"Courier New"">,
Micro Focus</span><span
style="font-size:9.0pt;color:#1F497D">
</span><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<div style="border:none;border-left:solid blue 1.5pt;padding:0in
0in 0in 4.0pt">
<div>
<div style="border:none;border-top:solid #B5C4DF
1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif";color:windowtext">
openssl-users
[<a class="moz-txt-link-freetext" href="mailto:openssl-users-bounces@openssl.org">mailto:openssl-users-bounces@openssl.org</a>]
<b>On Behalf Of </b>Marco Warga<br>
<b>Sent:</b> Saturday, June 20, 2015 04:48<br>
<b>To:</b> <a class="moz-txt-link-abbreviated" href="mailto:openssl-users@openssl.org">openssl-users@openssl.org</a><br>
<b>Subject:</b> [openssl-users] beginner needs advice
on data signature/verification<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Hi,<br>
<br>
I hope some of you could give me advice on my project using
openssl.<br>
<br>
<span style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">MW:
Why are you using OpenSSL for this application? You want
to create a file on a trusted system, pass it through an
untrusted intermediary, and process it on another trusted
system. Why not simply use an existing mechanism like
secure email? (GPG is the obvious choice, unless there are
licensing issues.) If you are determined to create your
own protocol from primitives, then really all you appear
to need here is an HMAC. Don't involve the horrific mess
that is X.509 PKI unless it actually provides some
benefit.<o:p></o:p></span></p>
<p class="MsoNormal"><br>
Lets say I have a server/service on a machine processing a
file a corresponding client sends. That file is usually
created by me on a clean third machine. The server side is
assumed to be uncompromised (no hacker). The client side may
be compromised. Now I need to make sure that the service
only accepts those files that are created by me. I believe
that is a very common requirement and has been done alot of
times - I just can't find tutorials on how to implement it.
Know any ?<span style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">MW:
No, but that's probably because what you've described
isn't "a very common requirement". It's too vague. We
don't know what problem you're actually trying to solve.
It may be that you just need to send a file with a
verifier, which - as I noted above -
<i>is</i> commonly done, generally using something like
GPG or (for roll-your-own protocols where both ends are
controlled by the same party) an HMAC.<o:p></o:p></span></p>
<p class="MsoNormal"><br>
<br>
Lets assume I have an x509 cert together with its private
key signed by a ca owned by me. The trusted ca cert will be
present on the server side. This is what I plan to do:<br>
<br>
1.) Create the data files/blobs and sign them using the priv
key of the cert. Distribute the cert and the signature along
with (or inside) the data file.<br>
2.) Have the client send that data file to the server
(cert/sig first)<br>
3.) Service receives the cert, builds a cert store with the
local ca cert in it and verifies the client's cert with
X509_verify_cert()<br>
4.) if cert verifies ok, service compares the signature
against the one calculated from the incoming data using the
public key that came inside the cert just verified<span
style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><br>
Would this be the right approach considering that anything
the client sends may be forged (cert, sig, data...) ?<span
style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">MW:
It's safe from malicious behavior by the client, under a
threat model where an attacker is not able to forge client
certificates or client signatures. In other words, it's
safe as long as the private keys are neither leaked nor
forced.<o:p></o:p></span></p>
<p class="MsoNormal"><br>
Or would it be safer to have the cert used for signing
stored on the server side and not send with the data
(instead just its subject protected by the signature) ?<span
style="color:#1F497D"><o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">MW:
Irrelevant to the security of the scheme. Simpler from a
development and operations standpoint. But using something
like PGP/GPG or S/MIME would be simpler yet. There are any
number of examples online for signing a file and verifying
its signature.<o:p></o:p></span></p>
<p class="MsoNormal"><br>
<br>
Thanks alot,<br>
Marco<o:p></o:p></p>
<div id="stcpDiv">
<p class="MsoNormal">X509_verify_cert <o:p></o:p></p>
<div id="stcpDiv">
<p class="MsoNormal">X509_verify_cert<o:p></o:p></p>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span
style="background:white"><o:p> </o:p></span></p>
<p style="text-align:center" align="center"><span
style="background:white">Click <a moz-do-not-send="true"
href="https://www.mailcontrol.com/sr/SMsSvn1riRfGX2PQPOmvUsrLibhXE7+S86glxWVUEjKk%21XLlG9uNumpG1wkqEL+kqdX9II%21hjWj1JTd%211uc+%21w==">
here</a> to report this email as spam.<o:p></o:p></span></p>
</div>
</div>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
openssl-users mailing list
To unsubscribe: <a class="moz-txt-link-freetext" href="https://mta.openssl.org/mailman/listinfo/openssl-users">https://mta.openssl.org/mailman/listinfo/openssl-users</a>
</pre>
</blockquote>
<br>
</body>
</html>