[openssl-users] engine interface for genrsa

ojike asharpel asharpele at gmail.com
Tue Apr 24 02:54:09 UTC 2018

Hello dear,
I joined these group so that l can get assistance for my research work.
Up till now, l have not been able.

Here is my problem.

My Project is an Msc Research on HTTPS Man-In-The-Middle (MITM) Attack
using a Compromised Certificate Authority.
Now I am going to be very elaborative so that you can read my mind and
understand what I want to achieve.
I have a Journal base paper am already working on. The author designed a
new HTTPAS (HTTP Active Secure) … These are the major work he did on his
project. He designed a HTTPAS framework that will enhance Client-Server web
Authentication and make the web authentication more comprehensive incase a
MITM attacker has compromised one or few Certificate Authorities.
Note: The MITM attacker has different vantage point and different attacking
patterns. For the
man-in-the-middle variant ①, the vantage point is close to the victim web
user (e.g. a gateway or a wireless access point of the victim user is
compromised by man-in-the-middle attackers), and
the attackers can blindly hijack all the HTTPS connections from the victim
user to any remote web sites (i.e. the attacking pattern is non-selective
Another Variant 2 takes the case that the vantage point is nearby web
servers. This variant is harder to detect than the others, because nearly
all the Internet paths to the victim web server necessarily pass through
the vantage point.
Look at his designs

He designed a client-side countermeasure which enables a web user to
actively collect site certificates from n different web sites. A
man-in-the-middle attack can be confirmed if these n certificates are
issued from less than μ CAs. (This countermeasure is based on a key insight
that a large number of site certificates from different Internet domains
are unlikely issued by the same CA, only if a man-in-the�middle variant is
launched with a single compromised CA.)
He also designed another Client-side countermeasure by enabling web users
to actively collect site certificates from other web servers of the same
web site. The key insight of this countermeasure is that popular web sites
usually deploy a large distributed system of servers across the Internet to
serve end users from different regions for high availability and
performance (i.e. content delivery network or CDN in short). These web
servers are likely to use the certificates issued from the same CA, while
the man-in-the-middle vantage point near one web server is unlikely to be
close to others, especially the ones located in a different geographical
Concerning his implementations, please read very well…. “We evaluate these
performance overheads

by implementing a prototype of HTTPAS using OpenSSL stacks. Our HTTPAS
prototype runs additional certificate collection and verification tasks in
a parallel manner. We achieve this parallel solution by exploiting the C++
multi-threading programming. We conduct the performance evaluation by
running our HTTPAS prototype implementation in a virtual machine and a real
machine, both of which are located in our laboratory with 8-core 2.67 GHz
central processing unit and 6 GB memory. We use the virtual machine for
HTTPAS performance evaluation due to a very practical reason: lots of
modern web sites are now hosted by cloud computing environments, where
virtual machines are the web servers running behind.

Dear friends, l need help, even though,it might require some financial
involvement.  I all respect that. I want to replicate this work and also
improve it

On Apr 20, 2018 3:46 AM, "Scott Wisniewski" <swisniewski at salesforce.com>

> FYI:
> If you provide an genrsa implementation in your engine that doesn't
> include the private parameters, even if it's marked with RSA_FLAG_EXT_PKEY,
> the openssl executable will not handle it correctly.
> That's because genrsa_main assumes that the object that comes back is an
> rsa private key. So it will attempt to save a PEM encoded RSA private key
> even though it doesn't have the private key fields and openssl won't be
> able to open the saved file.
> So, if you want to enable use of the openssl executable with genrsa being
> supported by your engine, you will actually need to modify apps/genrsa.c So
> that genrsa_main does:
> if (RSA_test_flags(rsa, RSA_FLAG_EXT_PKEY) == RSA_FLAG_EXT_PKEY) {
>     if (! PEM_write_bio_RSA_PUBKEY(out, rsa))
>         goto end;
> }
> else {
>     if (!PEM_write_bio_RSAPrivateKey(out, rsa, enc, NULL, 0,
>                                      (pem_password_cb *)password_callback,
>                                      &cb_data))
>         goto end;
> }
> instead of:
> if (!PEM_write_bio_RSAPrivateKey(out, rsa, enc, NULL, 0,
>                                     (pem_password_cb *)password_callback,
>                                     &cb_data))
>        goto end;
> And then it will save the key you generated in public key pem format.
> which will allow openssl to read it.
> One thing to note:
> None of the open source engines I checked (neither the PCKS11 engine, the
> NCipher engine, nor the CAPI engine) implement the genrsa hook. If you are
> looking for wide compatibility you may wish to ask your clients to do key
> generation using an external utility (as that's how almost everyone else
> does it).
> On Fri, Apr 13, 2018 at 5:28 PM, William Roberts <bill.c.roberts at gmail.com
> > wrote:
>> On Fri, Apr 13, 2018 at 2:55 PM, Richard Levitte <levitte at openssl.org>
>> wrote:
>> > In message <CAFftDdqWPXq1+Mo9_6J0EzhZ4uwg5QC=R5fx8N1j=QYchA8+YQ at mail.gm
>> ail.com> on Fri, 13 Apr 2018 09:17:28 -0700, William Roberts <
>> bill.c.roberts at gmail.com> said:
>> >
>> > bill.c.roberts> I am currently working on writing an openssl engine
>> > bill.c.roberts> to interface with a piece of hardware.
>> > bill.c.roberts>
>> > bill.c.roberts> I am trying to understand how to implement
>> > bill.c.roberts> rsa key generation, where the private key
>> > bill.c.roberts> bytes would not be available.
>> > bill.c.roberts>
>> > bill.c.roberts> I am currently invoking the
>> > bill.c.roberts> command:
>> > bill.c.roberts>
>> > bill.c.roberts> openssl genrsa -engine foo
>> > bill.c.roberts>
>> > bill.c.roberts> Which is calling my callback for RSA keygen, registered
>> via ENGINE_set_RSA()
>> > bill.c.roberts> and I set the flags: RSA_FLAG_EXT_PKEY.
>> > bill.c.roberts>
>> > bill.c.roberts> However, genrsa app seems to want rsa->e set here:
>> > bill.c.roberts> https://github.com/openssl/ope
>> nssl/blob/OpenSSL_1_0_2g/apps/genrsa.c#L291
>> > bill.c.roberts>
>> > bill.c.roberts> I can't find documentation on how to handle the keygen
>> interface
>> > bill.c.roberts> for RSA.
>> > bill.c.roberts>
>> > bill.c.roberts> Can someone point me in the right direction?
>> >
>> > e and n are public components of any RSA key pair (and RSA structure
>> > in OpenSSL).  You *must* make them available.  The rest of the numbers
>> > are private and do not need to be part of the RSA structure that
>> > OpenSSL handles.
>> Thanks. I went and read the RSA page on Wikipedia, and sure enough it
>> has what common meanings of what all the single letter variables
>> are in the RSA struct.
>> https://en.wikipedia.org/wiki/RSA_(cryptosystem)
>> >
>> > Cheers,
>> > Richard
>> >
>> > --
>> > Richard Levitte         levitte at openssl.org
>> > OpenSSL Project         http://www.openssl.org/~levitte/
>> > --
>> > openssl-users mailing list
>> > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>> --
>> openssl-users mailing list
>> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
> --
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180424/3affd4dd/attachment.html>

More information about the openssl-users mailing list