[openssl-users] Cant get openssl x509 to work as documented

Sun Aug 27 05:02:20 UTC 2017

Jakob,

You make a good point.  In fact, after some reflection, there is 
probably no reason for the device to store more than the 96 bytes of 
keyvalue in secure store.  If some format is needed to use the key, that 
can be done at that time.  This is for the case where the device 
supports only one algorithm.

I know that the current practice is crypto agility, but IoT, 
particularly automotive IoT, will select and live with one for a 
generation of product.  When the next best thing is selected, then that 
will be used, but not retrofitted.  I hope that soon, I will be able to 
push Ed25519; I am concerned about the computational cost, though (still 
not clear why SHA512 and not SHAKE128).  Meanwhile P256 is what is fielded.

Bob

On 08/23/2017 03:52 PM, Jakob Bohm wrote:
> On 22/08/2017 22:26, Robert Moskowitz wrote:
>> Want to continue this thread but with new information.  I built a 
>> Fedora-arm 26 system (on a Cubieboard2) and it has openssl version 
>> 1.1.0f
>>
>> I built my DER root cert (and private key) no problem.
>>
>> I built my DER Intermediate cert private key and CSR no problem.
>>
>> For the following command:
>>
>> sn=8
>> format=der
>> dir=/root/ca3
>> cadir=/root/ca3
>>
>> openssl x509 -req -days 3650 -extfile $cadir/openssl-root.cnf 
>> -extensions v3_intermediate_ca\
>>  -sha256 -set_serial 0x$(openssl rand -hex $sn)\
>>  -inform $format -in $dir/csr/intermediate.csr.$format\
>>  -outform $format -out $dir/certs/intermediate.cert.$format\
>>  -CAkeyform $format -CAkey $cadir/private/ca.key.$format\
>>  -CAform $format -CA $cadir/certs/ca.cert.$format
>>
>> I built this reading:
>>
>> https://www.openssl.org/docs/man1.1.0/apps/x509.html
>>
>> This generates:
>>
>> 3069592528:error:0906D06C:PEM routines:PEM_read_bio:no start 
>> line:crypto/pem/pem_lib.c:691:Expecting: CERTIFICATE REQUEST
>>
>> The man page above has CAkeyform and CAform in the summary, but no 
>> details below.  I am ASSUMEing DER is now supported.
>>
>> for -sha256, I finally figured out that -[digest] is how the the man 
>> presents which hash to use.
>>
>> Why does this command use -extfile and not -config?  Is it because 
>> ALL that is taken from config is -extensions?  Confusing to the 
>> casual user.
>>
>> But why the error?
>>
>> And yes, I know I can convert a PEM cert to DER, but I would also 
>> have to convert the private key, and maintain duo structures in 
>> places.  Would RATHER have a parallel setup.  Of course there is the 
>> challenge of the cert chain that Viktor earlier explained. OCSP? :)
>>
>>
> I don't think you have to pass all the various formats as PEM just
> because you pass one of them as such.  After all, there are separate
> -XXXform style options for most of them.
>
> For example, you could store the CA private key in the encryption-
> supporting PEM format on the plentyful memory of the SD card, while
> using the more compact DER format for certificates and CSRs stored
> on embedded controllers (ECUs, dashboard displays etc.).
>
> Where OpenSSL bugs prevent use of DER for a file, it can be converted
> on the fly, storing the converted file in RAM (using tmpfs or similar).
>
>
> Enjoy
>
> Jakob