From mahendra.sp at gmail.com Sat May 1 06:30:15 2021 From: mahendra.sp at gmail.com (Mahendra SP) Date: Sat, 1 May 2021 12:00:15 +0530 Subject: Load and unload of engines at runtime In-Reply-To: References: Message-ID: Hi All, Could someone please help with this query? Thanks Mahendra On Thu, Apr 29, 2021 at 5:20 PM Mahendra SP wrote: > Hi All, > > We have crypto engines for offloading operations like RSA, digests and > ciphers, hmac etc. We are looking at a way to load and unload engines at > run time. This is needed as we need to use the engine when needed for > crypto operations. Else we plan to use openssl for the same. > > We tried, > -> unregister calls like ENGINE_unregister_XXX calls to force redirection > to openssl > -> Again, ENGINE_register_XXX to redirect to engine. > > However, the above methods are not helping. Please suggest a way to > achieve the above requirement. > > Thanks > Mahendra > -------------- next part -------------- An HTML attachment was scrubbed... URL: From christian.heinrich at cmlh.id.au Sat May 1 07:04:28 2021 From: christian.heinrich at cmlh.id.au (Christian Heinrich) Date: Sat, 1 May 2021 17:04:28 +1000 Subject: Proposal to Deprecate TLS v1.2 within OWASP ASVS Message-ID: I have put forth a Pull Request for OWASP Application Security Verification Standard (ASVS) to deprecate TLS v1.2 and require TLS v1.3 only. This is part of a much larger piece of work to align with PCI-DSS v3.2.1 at https://github.com/OWASP/ASVS/issues/317#issuecomment-829077114 It is also subject to change due to the dependency on what is in the next major release of PCI-DSS v4.0 of which the latest news is available at https://blog.pcisecuritystandards.org/pci-dss-v4.0-timeline-updated-to-support-an-additional-rfc Please note the Pull Request (PR) is at an early stage so it might not be merged in the next minor release of OWASP ASVS if adoption of TLS v1.3 is too low at this point in time, etc. I'd appreciate any further feedback from OpenSSL at https://github.com/OWASP/ASVS/issues/979 please? -- Regards, Christian Heinrich http://cmlh.id.au/contact From pauli at openssl.org Sat May 1 07:22:12 2021 From: pauli at openssl.org (Dr Paul Dale) Date: Sat, 1 May 2021 17:22:12 +1000 Subject: Load and unload of engines at runtime In-Reply-To: References: Message-ID: <5039a5fd-45d9-a297-4fd1-40c233e79ecf@openssl.org> Why would you believe that ENGINE_register / ENGINE_unregister are the calls to load/unload an engine?? These calls are for _after_ the engine has been loaded: /*- Manage registration of ENGINEs per "table". For each type, there are 3 ?* functions; ?*?? ENGINE_register_***(e) - registers the implementation from 'e' (if it has one) ?*?? ENGINE_unregister_***(e) - unregister the implementation from 'e' ?*?? ENGINE_register_all_***() - call ENGINE_register_***() for each 'e' in the list ?* Cleanup is automatically registered from each table when required. ?*/ Might I suggest reading the manual pages?? Start with ENGINE_add(). Pauli BTW: waiting less than a day for a response is a bit impulsive. Most of the people who respond here are volunteers. On 1/5/21 4:30 pm, Mahendra SP wrote: > Hi All, > > Could someone please help with this query? > > Thanks > Mahendra > > On Thu, Apr 29, 2021 at 5:20 PM Mahendra SP > wrote: > > Hi All, > > We have crypto engines for offloading operations like RSA, digests > and ciphers, hmac etc. We are looking at a way to load and unload > engines at run time. This is needed as we need to use the engine > when needed for crypto operations. Else we plan to use openssl for > the same. > > We tried, > -> unregister calls like ENGINE_unregister_XXX calls to force > redirection to openssl > -> Again, ENGINE_register_XXX to redirect to engine. > > However, the above methods are not helping. Please suggest a way > to achieve the above requirement. > > Thanks > Mahendra > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jisoza at gmail.com Sat May 1 17:41:55 2021 From: jisoza at gmail.com (Juan Isoza) Date: Sat, 1 May 2021 19:41:55 +0200 Subject: Tutorial for OpenSSL3 deprecated API replacement Message-ID: Hello, I've code based on sample from https://www.programmersought.com/article/37955188510/ It uses RSA function (like RSA_generate_key_ex , RSA_public_decrypt ...) Where can I find a "porting guideline" which help me finding alternative, for each API RSAxx API ? A lot of programmer will need do this work, if possible before releasing OpenSSL 3, so a tutorial can be very useful -------------- next part -------------- An HTML attachment was scrubbed... URL: From nic.tuv at gmail.com Sun May 2 11:18:02 2021 From: nic.tuv at gmail.com (Nicola Tuveri) Date: Sun, 2 May 2021 14:18:02 +0300 Subject: Tutorial for OpenSSL3 deprecated API replacement In-Reply-To: References: Message-ID: A migration guide is being worked on in https://github.com/openssl/openssl/pull/14710 You might want to provide feedback with comments there to help making sure useful information is not left out. Nicola P. S. It's a pity that a lot of external resources, including blog post, articles and stack overflow q/a are still referring to RSA_* and similar low level APIs that have been more or less informally deprecated for some time (more than 5 years), without nobody really caring as long as it was a deprecation only on the documentation without compiler warnings. We do need a community effort to make sure top results in web searches stop suggesting outdated code snippets. The efforts on this migration guide and on the demo applications is a step in the right direction. -------------- next part -------------- An HTML attachment was scrubbed... URL: From janjust at nikhef.nl Mon May 3 07:20:51 2021 From: janjust at nikhef.nl (Jan Just Keijser) Date: Mon, 3 May 2021 09:20:51 +0200 Subject: Version compatibility issues - Re: openssl development work / paid In-Reply-To: References: <88307274-9f51-65a4-724c-12e766143d14@optimcloud.com> <83cb5811-d075-22b6-b6c8-f5f202e52ed8@ddvo.net> Message-ID: <86a25187-bed6-641a-fd2f-590c4eae0ce9@nikhef.nl> Just for the record: On 26/03/21 09:51, Embedded Devel wrote: > i now have a second developer looking at this, so hoping he can sort > it all out. > [...] I was that second developer and even though 'Embedded Devel' listed this as "paid" work and even though he made repeated promises about following up on payment, I never did receive payment. I checked the email address and IP addresses used for this job and found nothing terribly wrong. My conclusion is that either someone hijacked an email address - meaning that Optimcloud is not a very *safe* company to do business with -? or that 'Embedded Devel' at Optimcloud simply thinks he can get away with this - meaning that Optimcloud is not a very *trustworthy* company to do business with. You have been warned. JJK On 26/03/21 09:51, Embedded Devel wrote: > i believe this was all from back in the 0.9x days, the code in > question is close to 10+/- years old > > if everyone would look at the email thread? re: "ssl client write / > server accept seems broken" > > some might see more of the issue i am facing, i have has 1 person look > at this and he believes > > quote " > > This looks like using *very* outdated OpenSSL API. Hence the SSL > client (and server) code needs to ported to work with more recent > versions OpenSSL and make use of TLS methods instead of SSL methods. > > For testing you could try to build OpenSSL with the old SSL3 support > enabled (we don't even support that at all in OpenWrt any longer, but > should work to build manually). > Because ssl_undefined_function is most likely a result of: > Disabled features: > ... > ? ? ssl3? ? ? ? ? ? ? ? ? ? [default] OPENSSL_NO_SSL3 > ? ? ssl3-method? ? ? ? ? ? ?[default] OPENSSL_NO_SSL3_METHOD > ... > > If you find someone very familiar with OpenSSLs API (I've used it, more > than once, but it's not what I'm doing every day), this can be done in > a few days. I'd probably need a week for this and I'm not particularly > keen on it, there are things I'm better with which are waiting as well." > > i now have a second developer looking at this, so hoping he can sort > it all out. > From kaushalshriyan at gmail.com Mon May 3 16:27:40 2021 From: kaushalshriyan at gmail.com (Kaushal Shriyan) Date: Mon, 3 May 2021 21:57:40 +0530 Subject: SSL Cipher suites settings in Nginx webserver Message-ID: Hi, I am using Lets Encrypt SSL Certificates for Nginx 1.20.00 webserver running on CentOS Linux release 7.9.2009 (Core). I will appreciate it if someone can guide me to set the cipher suites in the Nginx Webserver config. I am referring to https://ssl-config.mozilla.org/. Is there a way to verify if the below cipher suites set are accurate and are free from any vulnerabilities? $openssl version OpenSSL 1.0.2k-fips 26 Jan 2017 $cat /etc/redhat-release CentOS Linux release 7.9.2009 (Core) $nginx -v nginx version: nginx/1.20.0 ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; Please guide and I look forward to hearing from you. Thanks in Advance. Best Regards, Kaushal -------------- next part -------------- An HTML attachment was scrubbed... URL: From lists at optimcloud.com Tue May 4 05:24:35 2021 From: lists at optimcloud.com (Embedded Devel) Date: Tue, 4 May 2021 12:24:35 +0700 Subject: Version compatibility issues - Re: openssl development work / paid In-Reply-To: <86a25187-bed6-641a-fd2f-590c4eae0ce9@nikhef.nl> References: <88307274-9f51-65a4-724c-12e766143d14@optimcloud.com> <83cb5811-d075-22b6-b6c8-f5f202e52ed8@ddvo.net> <86a25187-bed6-641a-fd2f-590c4eae0ce9@nikhef.nl> Message-ID: <9961ac3b-8f98-b53a-db41-59d10de83425@optimcloud.com> On 5/3/21 2:20 PM, Jan Just Keijser wrote: > Just for the record: > > On 26/03/21 09:51, Embedded Devel wrote: >> i now have a second developer looking at this, so hoping he can sort >> it all out. >> > [...] > > I was that second developer and even though 'Embedded Devel' listed > this as "paid" work and even though he made repeated promises about > following up on payment, I never did receive payment. > > I checked the email address and IP addresses used for this job and > found nothing terribly wrong. My conclusion is that either someone > hijacked an email address - meaning that Optimcloud is not a very > *safe* company to do business with -? or that 'Embedded Devel' at > Optimcloud simply thinks he can get away with this - meaning that > Optimcloud is not a very *trustworthy* company to do business with. > no actually, neither is the case. I submitted the work for payment, accounting inquired of the developer if it was all working and he stated it wasnt. So where it is, and its more i think we dont understand is when the client registers and is authorized it should generate a new xml config for the client, and right now there appears to be some mismatch, basically we have no idea how you had this working. so we are a month in from the work you did and i submitted payment for, and still have had 0 reproducability. Ive even reviewed the document you sent, as has he, and we are missing something. the database says (6,'archer.optimcloud.com','0.0.0.0','60:32:b1:f8:9b:3a','mips','12345678','19.07.2','1.0.3','/etc/apconfig/CA/ac_ca_cert.pem','/etc/apconfig/CA/ac_client_cert.pem','/etc/apconfig/CA/ac_client_key.pem','none','2021-04-29 07:28:53',1,1) the ac_server logs says..... so is it a mismatched certificate ? 5]: DEBUG: generic blocked db query: SELECT * FROM blocked_systems WHERE mac="60:32:b1:f8:9b:3a"; May? 4 07:07:22 portaladmin ac_server[24675]: DEBUG: generic new systems db query: SELECT * FROM new_systems WHERE mac="60:32:b1:f8:9b:3a"; May? 4 07:07:22 portaladmin ac_server[24675]: DEBUG: generic systems db query: SELECT * FROM systems WHERE mac="60:32:b1:f8:9b:3a"; May? 4 07:07:22 portaladmin ac_server[24675]: INFO:? Device Registration Process May? 4 07:07:22 portaladmin ac_server[24675]: DEBUG: db query: SELECT id FROM systems WHERE hostname="client.xi-group.com" and active='1' ORDER BY ID DESC LIMIT 1; May? 4 07:07:22 portaladmin ac_server[24675]: ac_gen_db_generate_conf_xml(): No such hostname: client.xi-group.com May? 4 07:07:22 portaladmin ac_server[24675]: DEBUG:? Sending ACK reply (INIT+XML config) May? 4 07:07:22 portaladmin ac_server[24675]: DEBUG: generic update last seen db query: UPDATE systems SET last_seen=NOW() WHERE hostname="client.xi-group.com"; May? 4 07:07:22 portaladmin ac_server[24675]: DEBUG: generic update log db query: INSERT INTO logs(time, actor, action) VALUES (NOW(), 'ac_server', 'AC_INIT from client: client.xi-group.com; XML Reply.'); the db says your hostname is archer (6,'archer.optimcloud.com','0.0.0.0','60:32:b1:f8:9b:3a','mips','12345678','19.07.2','1.0.3','/etc/apconfig/CA/ac_ca_cert.pem','/etc/apconfig/CA/ac_client_cert.pem','/etc/apconfig/CA/ac_client_key.pem','none','2021-04-29 07:28:53',1,1) > You have been warned. > > JJK > > > On 26/03/21 09:51, Embedded Devel wrote: >> i believe this was all from back in the 0.9x days, the code in >> question is close to 10+/- years old >> >> if everyone would look at the email thread? re: "ssl client write / >> server accept seems broken" >> >> some might see more of the issue i am facing, i have has 1 person >> look at this and he believes >> >> quote " >> >> This looks like using *very* outdated OpenSSL API. Hence the SSL >> client (and server) code needs to ported to work with more recent >> versions OpenSSL and make use of TLS methods instead of SSL methods. >> >> For testing you could try to build OpenSSL with the old SSL3 support >> enabled (we don't even support that at all in OpenWrt any longer, but >> should work to build manually). >> Because ssl_undefined_function is most likely a result of: >> Disabled features: >> ... >> ? ? ssl3? ? ? ? ? ? ? ? ? ? [default] OPENSSL_NO_SSL3 >> ? ? ssl3-method? ? ? ? ? ? ?[default] OPENSSL_NO_SSL3_METHOD >> ... >> >> If you find someone very familiar with OpenSSLs API (I've used it, more >> than once, but it's not what I'm doing every day), this can be done in >> a few days. I'd probably need a week for this and I'm not particularly >> keen on it, there are things I'm better with which are waiting as well." >> >> i now have a second developer looking at this, so hoping he can sort >> it all out. >> > From janjust at nikhef.nl Tue May 4 07:34:32 2021 From: janjust at nikhef.nl (Jan Just Keijser) Date: Tue, 4 May 2021 09:34:32 +0200 Subject: Version compatibility issues - Re: openssl development work / paid In-Reply-To: <9961ac3b-8f98-b53a-db41-59d10de83425@optimcloud.com> References: <88307274-9f51-65a4-724c-12e766143d14@optimcloud.com> <83cb5811-d075-22b6-b6c8-f5f202e52ed8@ddvo.net> <86a25187-bed6-641a-fd2f-590c4eae0ce9@nikhef.nl> <9961ac3b-8f98-b53a-db41-59d10de83425@optimcloud.com> Message-ID: First of all, apologies to this mailing list for making you part of this. I will reply one more time , then take this discussion off-list. On 04/05/21 07:24, Embedded Devel wrote: > > On 5/3/21 2:20 PM, Jan Just Keijser wrote: >> Just for the record: >> >> On 26/03/21 09:51, Embedded Devel wrote: >>> i now have a second developer looking at this, so hoping he can sort >>> it all out. >>> >> [...] >> >> I was that second developer and even though 'Embedded Devel' listed >> this as "paid" work and even though he made repeated promises about >> following up on payment, I never did receive payment. >> >> I checked the email address and IP addresses used for this job and >> found nothing terribly wrong. My conclusion is that either someone >> hijacked an email address - meaning that Optimcloud is not a very >> *safe* company to do business with -? or that 'Embedded Devel' at >> Optimcloud simply thinks he can get away with this - meaning that >> Optimcloud is not a very *trustworthy* company to do business with. >> > no actually, neither is the case. I submitted the work for payment, > accounting inquired of the developer if it was all working and he > stated it wasnt. So where it is, and its more i think we dont > understand is when the client registers and is authorized it should > generate a new xml config for the client, and right now there appears > to be some mismatch, basically we have no idea how you had this > working. so we are a month in from the work you did and i submitted > payment for, and still have had 0 reproducability. Ive even reviewed > the document you sent, as has he, and we are missing something. This is the first time I hear of this. To get a few things straight (and I have the full email exchange at hand to back this up): - 'embedded devel' originally asked for a developer to port old OpenSSL code to openssl 1.1+ - I offered to do this and ported the application to work with openssl 1.1.1 within a few hours. 'embedded devel' agreed with me in email that I had achieved the original goal. - after that, I offered to help in debugging the rest of the client/server application workflow, which was poorly documented but which had little to do with openssl specifics. I never offered or promised to get the entire client/server application framework working again. - 'embedded devel' accepted my offer and said he had a fixed maximum amount that he could spend. - I worked for the remainder of the time on analyzing and debugging the application workflow, even though it turned out that I was not given all source code. 'embedded devel' confirmed that a part was missing. - I wrote a report with my findings and suggestions on how to proceed. 'embedded devel' was satisfied with the report and told me he would ask accounting to pay me. - after several reminders about payment he did not respond to my emails until I made my post yesterday, claiming for the first time that what I had done was not reproducible. Reviewing this, I see no reason to change my viewpoint on the trustworthiness of either 'embedded devel' or the company Optimcloud. [...] Snipping out the rest of the mail as it is off-topic to this mailing list. I will reply to it privately. JJK From lists at optimcloud.com Tue May 4 08:02:14 2021 From: lists at optimcloud.com (Embedded Devel) Date: Tue, 4 May 2021 15:02:14 +0700 Subject: Version compatibility issues - Re: openssl development work / paid In-Reply-To: References: <88307274-9f51-65a4-724c-12e766143d14@optimcloud.com> <83cb5811-d075-22b6-b6c8-f5f202e52ed8@ddvo.net> <86a25187-bed6-641a-fd2f-590c4eae0ce9@nikhef.nl> <9961ac3b-8f98-b53a-db41-59d10de83425@optimcloud.com> Message-ID: <4e1f624d-3559-a6df-2dc2-700858584a3c@optimcloud.com> >>> I was that second developer and even though 'Embedded Devel' listed >>> this as "paid" work and even though he made repeated promises about >>> following up on payment, I never did receive payment. >>> >>> I checked the email address and IP addresses used for this job and >>> found nothing terribly wrong. My conclusion is that either someone >>> hijacked an email address - meaning that Optimcloud is not a very >>> *safe* company to do business with -? or that 'Embedded Devel' at >>> Optimcloud simply thinks he can get away with this - meaning that >>> Optimcloud is not a very *trustworthy* company to do business with. >>> >> no actually, neither is the case. I submitted the work for payment, >> accounting inquired of the developer if it was all working and he >> stated it wasnt. So where it is, and its more i think we dont >> understand is when the client registers and is authorized it should >> generate a new xml config for the client, and right now there appears >> to be some mismatch, basically we have no idea how you had this >> working. so we are a month in from the work you did and i submitted >> payment for, and still have had 0 reproducability. Ive even reviewed >> the document you sent, as has he, and we are missing something. > > This is the first time I hear of this. To get a few things straight > (and I have the full email exchange at hand to back this up): Wow so lets just make the whole thing public. > - 'embedded devel' originally asked for a developer to port old > OpenSSL code to openssl 1.1+ > - I offered to do this and ported the application to work with openssl > 1.1.1 within a few hours. 'embedded devel' agreed with me in email > that I had achieved the original goal. This is in fact true, and i dont dispute it. > > - after that, I offered to help in debugging the rest of the > client/server application workflow, which was poorly documented but > which had little to do with openssl specifics. I never offered or > promised to get the entire client/server application framework working > again. > - 'embedded devel' accepted my offer and said he had a fixed maximum > amount that he could spend. Also true. > - I worked for the remainder of the time on analyzing and debugging > the application workflow, even though it turned out that I was not > given all source code. 'embedded devel' confirmed that a part was missing. The missing part was the UI, which itself was also in the process of a rewrite, also of which isnt completed and the developer has been compensated already. > > - I wrote a report with my findings and suggestions on how to proceed. > 'embedded devel' was satisfied with the report and told me he would > ask accounting to pay me. I am and was satisfied, and I did submit it to billing. However that being said, we still cannot reproduce how you made this work because it is unclear, it doesnt apper clearly in the document, that also didnt prevent me from paying the bill. > - after several reminders about payment he did not respond to my > emails until I made my post yesterday, claiming for the first time > that what I had done was not reproducible. This is untrue, and heres the proof. "ive already processed this for payment, ill push the accountant to get it remitted though the tone is a bit stern...? nothing to worry about, itll post to you. Thanks On 3/31/21 10:11 PM, Jan Just Keijser wrote: > Hello there, > > On 30/03/21 14:47, Jan Just Keijser wrote: >> >> just as a check/reminder: I have not yet seen my payment. >> Please let me know when the payment is made. >> > > this is my second and last reminder: I expect payment for my services, > ? 1000 as agreed and promised, before the end of this week. > > kind regards, > > Jan Just Keijser " Now so we can not consume everyone elses time with trivial bits of banter and this spins out of hand emailing the list, and outing these facts doesnt get you paid either. It seems yopur just upset because you believe we are trying to rip you off and we arent. Plainly said it doesnt appear to work, we cannot reproduce it, however i know that when you did it, it did work, so whats the secret. To me its simple. work is obviously done, more then happy to pay, matter of fact ill remit $500 Euros in good faith right now. Out of my personal account. Now proof of payment is sent, simply tell us how you made this work. And leave everyone else out of it, We are all busy, I did what i said i would do, and never intended not to pay you. Jan Just Keijser -?500.00 Tuesday, May 4, 2021, 2:54 PM Id attache the receipt, but its been blocked by the mailing list due to size > > Reviewing this, I see no reason to change my viewpoint on the > trustworthiness of either 'embedded devel' or the company Optimcloud. Personally, I would have used a different tone in your last 3 emails. Its not very professional. And I did submit the payment information, I even signed for it to be remitted. My Accountants have a process, they followed the process. Sometimes thing take time of get thrown a curve ball. And FYI, I am the Owner and CEO. On 5/4/21 2:34 PM, Jan Just Keijser wrote: > First of all, apologies to this mailing list for making you part of this. > I will reply one more time , then take this discussion off-list. > > On 04/05/21 07:24, Embedded Devel wrote: >> >> On 5/3/21 2:20 PM, Jan Just Keijser wrote: >>> Just for the record: >>> >>> On 26/03/21 09:51, Embedded Devel wrote: >>>> i now have a second developer looking at this, so hoping he can >>>> sort it all out. >>>> >>> [...] >>> >>> I was that second developer and even though 'Embedded Devel' listed >>> this as "paid" work and even though he made repeated promises about >>> following up on payment, I never did receive payment. >>> >>> I checked the email address and IP addresses used for this job and >>> found nothing terribly wrong. My conclusion is that either someone >>> hijacked an email address - meaning that Optimcloud is not a very >>> *safe* company to do business with -? or that 'Embedded Devel' at >>> Optimcloud simply thinks he can get away with this - meaning that >>> Optimcloud is not a very *trustworthy* company to do business with. >>> >> no actually, neither is the case. I submitted the work for payment, >> accounting inquired of the developer if it was all working and he >> stated it wasnt. So where it is, and its more i think we dont >> understand is when the client registers and is authorized it should >> generate a new xml config for the client, and right now there appears >> to be some mismatch, basically we have no idea how you had this >> working. so we are a month in from the work you did and i submitted >> payment for, and still have had 0 reproducability. Ive even reviewed >> the document you sent, as has he, and we are missing something. > > This is the first time I hear of this. To get a few things straight > (and I have the full email exchange at hand to back this up): > - 'embedded devel' originally asked for a developer to port old > OpenSSL code to openssl 1.1+ > - I offered to do this and ported the application to work with openssl > 1.1.1 within a few hours. 'embedded devel' agreed with me in email > that I had achieved the original goal. > - after that, I offered to help in debugging the rest of the > client/server application workflow, which was poorly documented but > which had little to do with openssl specifics. I never offered or > promised to get the entire client/server application framework working > again. > - 'embedded devel' accepted my offer and said he had a fixed maximum > amount that he could spend. > - I worked for the remainder of the time on analyzing and debugging > the application workflow, even though it turned out that I was not > given all source code. 'embedded devel' confirmed that a part was > missing. > - I wrote a report with my findings and suggestions on how to proceed. > 'embedded devel' was satisfied with the report and told me he would > ask accounting to pay me. > - after several reminders about payment he did not respond to my > emails until I made my post yesterday, claiming for the first time > that what I had done was not reproducible. > > Reviewing this, I see no reason to change my viewpoint on the > trustworthiness of either 'embedded devel' or the company Optimcloud. > > [...] > Snipping out the rest of the mail as it is off-topic to this mailing > list. I will reply to it privately. > > JJK > -------------- next part -------------- An HTML attachment was scrubbed... URL: From janjust at nikhef.nl Wed May 5 07:40:21 2021 From: janjust at nikhef.nl (Jan Just Keijser) Date: Wed, 5 May 2021 09:40:21 +0200 Subject: Version compatibility issues - Re: openssl development work / paid In-Reply-To: <86a25187-bed6-641a-fd2f-590c4eae0ce9@nikhef.nl> References: <88307274-9f51-65a4-724c-12e766143d14@optimcloud.com> <83cb5811-d075-22b6-b6c8-f5f202e52ed8@ddvo.net> <86a25187-bed6-641a-fd2f-590c4eae0ce9@nikhef.nl> Message-ID: <32dadec2-cc57-77fd-12a3-c25971fc5f71@nikhef.nl> Hi, Apologies for top-posting, but I am glad to report that Optimcloud and I managed to resolve this issue. It turns out that some of my emails were not received and that the other party was not aware that I had *not* been paid. Optimcloud promptly proceeded to pay the agreed sum, which I have now received. I am also glad to report that - after more emails back and forth - he is now able to continue with the development of his application. JJK / Jan Just Keijser On 03/05/21 09:20, Jan Just Keijser wrote: > Just for the record: > > On 26/03/21 09:51, Embedded Devel wrote: >> i now have a second developer looking at this, so hoping he can sort >> it all out. >> > [...] > > I was that second developer and even though 'Embedded Devel' listed > this as "paid" work and even though he made repeated promises about > following up on payment, I never did receive payment. From BitBlitz at mailboxdrop.com Wed May 5 21:28:09 2021 From: BitBlitz at mailboxdrop.com (BitBlitz at mailboxdrop.com) Date: Wed, 5 May 2021 14:28:09 -0700 Subject: Trouble trying to create a custom ASN.1 object via Openssl Config file Message-ID: Using Openssl version: OpenSSL 1.1.1f 31 Mar 2020 I am trying to encode an arbitrary ASN.1 SEQUENCE in an OpenSSL Config file and I want the result to look like an ECDSA subject key: 0042: | 30 59 ; SEQUENCE (59 Bytes)0044: | | 30 13 ; SEQUENCE (13 Bytes)0046: | | | 06 07 ; OBJECT_ID (7 Bytes)0048: | | | | 2a 86 48 ce 3d 02 01 | | | | ; 1.2.840.10045.2.1 ECC004f: | | | 06 08 ; OBJECT_ID (8 Bytes)0051: | | | 2a 86 48 ce 3d 03 01 07 | | | ; 1.2.840.10045.3.1.7 ECDSA_P256 (x962P256v1)0059: | | 03 42 ; BIT_STRING (42 Bytes)005b: | | 00005c: | | 04 f4 df ac 6c 8d e5 b0 6c 55 29 13 1e fe 35 9a006c: | | c6 06 57 97 ca c5 6f 1b 9e 3b cd 46 f3 01 91 0e007c: | | 2a 5b 93 fe 6b d3 04 06 44 6c 54 e7 f5 b5 f5 81008c: | | d4 a4 eb 12 9f e7 ae 27 f6 97 c8 f6 d3 e6 c8 9b009c: | | 3a Both the documentation: https://www.openssl.org/docs/man1.1.1/man3/ASN1_generate_nconf.html and a cursory inspection of the OpenSSL source code: https://github.com/openssl/openssl/blob/master/crypto/asn1/asn1_gen.c seem to agree that it should be possible to pass a hex string to BITSTR and/ot OCTETSTRING. However, I've tried many combinations in the config file and either I get the ASCII interpretation of the data or an error parsing the config file. I am trying to construct the sequence like this:[ ECDSA_PublicKeyInfo ] SubjectPublicKeyInfo=SEQUENCE:ecdsa256_alg hex1=BITWRAP,BITSTR:0x04112233445566778899aabbccddeeff hex2=INTEGER:0x04112233445566778899aabbccddeeff hex3=BITWRAP,INTEGER:0x04112233445566778899aabbccddeeffThe INTEGER lines correct interpret the HEX, but the BITSTR line does not. However, Integer inserts the integer marker bytes (02 10) into the data stream, which I don't want. I have also tried: hex1=BITWRAP,BITSTR,HEX:0x04112233445566778899aabbccddeeff This generates an error during parsing, and hex1=BITWRAP,BITSTR:HEX:0x04112233445566778899aabbccddeeff encodes "HEX" into the data stream.How can I construct the sequence shown above with an OpenSSL Config file? Is this just impossible? Full example below. Thanks, Brad Command lines: openssl ecparam -name prime256v1 -genkey -out ecc256.pem openssl req -new -key ecc256.pem -out ecc256_req.pem -config config.txtconfig.txt: [ req ] distinguished_name = req_dn req_extensions = req_ext prompt = no encrypt_key = no digest = sha256 version=2 [ req_dn ] C=US ST=SomeState CN=Something [ req_ext ] # SubjectDirectoryAttributes 2.5.29.9=ASN1:SEQUENCE:EccPublicKeyInfo [EccPublicKeyInfo] X=SEQUENCE:ECDSA_PublicKeyInfo [ecdsa256_alg] algorithm=OID:1.2.840.10045.2.1 parameter=OID:1.2.840.10045.3.1.7 [ ECDSA_PublicKeyInfo ] SubjectPublicKeyInfo=SEQUENCE:ecdsa256_alg hex1=BITWRAP,BITSTR:0x04112233445566778899aabbccddeeff hex2=INTEGER:0x04112233445566778899aabbccddeeff hex3=BITWRAP,INTEGER:0x04112233445566778899aabbccddeeff -------------- next part -------------- An HTML attachment was scrubbed... URL: From ted.m.w at comcast.net Thu May 6 02:06:14 2021 From: ted.m.w at comcast.net (Ted Wynnychenko) Date: Wed, 5 May 2021 21:06:14 -0500 Subject: openssl cms -encrypt error: error setting recipientinfo Message-ID: <002d01d7421c$65d14510$3173cf30$@m.w@comcast.net> Hello I recently decided to change from RSA to EC keys/certs. I do this primarily as a learning exercise (there is no real corporate or professional demand to have this working). I am running OpenBSD current (6.9) from about 1 month ago. Previously, I have been using "openssl smime" to sign and encrypt emails. Now that I am migrating to EC keys/certificates, I need to switch to "openssl cms". However, I am unable to encrypt using the EC certificate. When I use: (I am going to obfuscate the emails in plain text, although I understand there will be some encoded in the public key that follows.) cat text.in | /usr/bin/openssl cms -encrypt -from 'User ' -to 'Admin ' -subject "Test Email" -aes256 encryption.pem > encrypted.out with the old RSA certificate, everything works as expected. But, when I replace the RSA cert with the EC certificate, it does not. Instead, I see: 15724089243112:error:2EFFF06F:CMS routines:CRYPTO_internal:ctrl failure:/usr/src/lib/libcrypto/cms/cms_env.c:124: 15724089243112:error:2EFFF074:CMS routines:CRYPTO_internal:error setting recipientinfo:/usr/src/lib/libcrypto/cms/cms_env.c:944: 15724089243112:error:2EFFF068:CMS routines:CRYPTO_internal:cms lib:/usr/src/lib/libcrypto/cms/cms_smime.c:850: And the output file is zero size. The "-to" email address used is encoded as a SAN email in the EC certificate. I tried a more basic command: openssl cms -encrypt -in text.in -out encrypted.out -recip encryption.pem Works with RSA certificate, same error with EC certificate. I also tried (not really understanding, but it is in the man page example): openssl cms -encrypt -in text.in -out encrypted.out -recip encryption.pem -keyopt ecdh_kdf_md:sha256 and got the same error. I am not sure what this error means, or how to address it. I was wondering if I needed to add the email to the certificate's DN, but since (I understand) emails in the DN are depreciated, and the email is included as a SAN, that seems unlikely. Any suggestions would be great. I have pasted the output from, "openssl x509 -in encryption.pem -noout -text" below. As I said, the plain text has been altered, but the public key is unchanged. Thanks Ted $ openssl x509 -in encryption.pem -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: ecdsa-with-SHA384 Issuer: C=US, ST=State, L=Town, O=Example, OU=Home, CN=example.com Validity Not Before: Jan 2 00:00:00 2019 GMT Not After : Apr 17 13:57:06 2051 GMT Subject: C=US, ST=State, L=Town, O=Example, OU=Home, CN=admin.example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: 04:80:34:1b:cf:63:94:33:47:37:39:42:89:cd:80: 86:44:2f:df:5f:e2:cb:3f:1b:08:3b:2c:c8:20:ec: 4e:68:2a:ac:1d:ba:7b:09:3d:78:84:cc:e5:7c:f1: 5f:3c:36:c1:89:c1:8d:95:dc:ec:dd:7c:18:e9:58: a2:83:bc:f9:db:82:cc:c3:fe:17:87:e3:52:78:70: 3b:2a:9e:ca:44:f6:f0:ff:42:82:8b:5a:51:9f:94: 63:4b:ef:08:d1:53:37 ASN1 OID: secp384r1 NIST CURVE: P-384 X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Subject Key Identifier: C6:1E:C2:DD:D2:89:2A:64:58:F2:94:1F:EB:80:CA:AC:3C:9B:43:DC X509v3 CRL Distribution Points: Full Name: URI:https://crl.example.com/example.ca.crl CRL Issuer: DirName: C = US, O = Example, CN = example.com Authority Information Access: OCSP - URI:http://ocsp.example.com:2560 X509v3 Issuer Alternative Name: DNS:example.com, email:admin at example.com X509v3 Authority Key Identifier: keyid:74:87:C7:29:8F:E5:8F:79:00:9F:95:52:69:F8:CA:57:A6:84:4C:9E DirName:/C=US/ST=Illinois/L=Winnetka/O=Wynnychenko/OU=Home/CN=wynnychenko.co m serial:B0:99:14:14:0B:6D:33:21 X509v3 Key Usage: critical Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment X509v3 Extended Key Usage: E-mail Protection X509v3 Subject Alternative Name: email:admin at example.com Signature Algorithm: ecdsa-with-SHA384 30:65:02:31:00:94:1c:9e:ce:f2:0f:9f:b4:65:18:6d:7d:e4: be:01:19:0e:05:02:02:f6:83:84:88:11:0a:39:69:39:2a:7a: af:64:dd:4d:d0:57:dd:e3:db:8f:02:0a:8a:1b:27:8a:80:02: 30:44:65:8c:36:be:7a:c6:27:cf:6d:3d:9c:42:d1:72:93:a5: df:21:c9:c0:58:64:c3:6e:d7:7c:30:13:da:10:7d:b9:e6:5d: d6:1c:89:e0:d5:eb:ba:03:d8:76:22:17:18 From Sanjeev.Kumar-Mishra at rbbn.com Thu May 6 06:47:45 2021 From: Sanjeev.Kumar-Mishra at rbbn.com (Kumar Mishra, Sanjeev) Date: Thu, 6 May 2021 06:47:45 +0000 Subject: How to switch between OpenSSL 1.0.2 and 1.1 in compilation loading and linking a C code. Message-ID: Hi, In my Linux Debian server both OpenSSL 1.0.2 and 1.1 is installed. As a user I am compiling C code for 1.0.2. But at the runtime and linking and loading it is picking version 1.1 as default. How to switch between OpenSSL 1.0.2 and 1.1 in compilation loading and linking a C code ? Is there any linux env is required to set? I am using following commands- export LD_LIBRARY_PATH=/sonus/p4/ws/shared/cmn_thirdparty.main/bldtools/toolchain/current/sonus/lib/ To compile gcc -I /sonus/p4/ws/shared/cmn_thirdparty.main/openssl/distrib/include -L /sonus/p4/ws/shared/cmn_thirdparty.main/bldtools/toolchain/current/sonus/lib/ -lssl -lcrypto cpxmain1.c -o cpxmain1 Both the libcrypto.so.1.0.2 and libcrypto.so.1.1 is present in this path but only picking 1.1 as a default. How to change this default setting? Thanks With Best Regards, Sanjeev Kumar Mishra Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From sravani.maddukuri at broadcom.com Thu May 6 10:34:28 2021 From: sravani.maddukuri at broadcom.com (Sravani Maddukuri) Date: Thu, 6 May 2021 16:04:28 +0530 Subject: Switch hangs for significant amount of time when using RAND_write_file API with openssl version 1.1.1h and above. Message-ID: Hi, I have updated the openssl version running on the switch from 1.1.1g to 1.1.1h and eventually to 1.1.1k. Starting 1.1.1h, I am observing that the switch hangs for a significant amount of time (> 3 minutes) when the call RAND_write_file is invoked from the switch software. The same call (RAND_write_file) invoked from the switch software with the earlier versions of openssl (1.1.1g) did not make the switch to hang for the noticeable time. Can you please help me understand why this behavior is and suggest a solution if any? Regards, Sravani -- This electronic communication and the information and any files transmitted with it, or attached to it, are confidential and are intended solely for the use of the individual or entity to whom it is addressed and may contain information that is confidential, legally privileged, protected by privacy laws, or otherwise restricted from disclosure to anyone else. If you are not the intended recipient or the person responsible for delivering the e-mail to the intended recipient, you are hereby notified that any use, copying, distributing, dissemination, forwarding, printing, or copying of this e-mail is strictly prohibited. If you received this e-mail in error, please return the e-mail to the sender, delete it from your computer, and destroy any printed copy of it. -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4224 bytes Desc: S/MIME Cryptographic Signature URL: From Shivakumar.Poojari at rbbn.com Thu May 6 10:38:30 2021 From: Shivakumar.Poojari at rbbn.com (Shivakumar Poojari) Date: Thu, 6 May 2021 10:38:30 +0000 Subject: Macro to support 3.0 and 1.0 Message-ID: Hi All, We are upgrading our code to openssl 3.0. But we need to keep the older version of code also which is 1.0. So, we tried by keeping the newer version of the code as below but when we compiled the code for 3.0, evp.h is not getting included. Please suggest f our approach is correct #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) /******higher version code************/ #include #else /*******lower version code *********/ #include #endif Also, we found that OPENSSL_VERSION_NUMBER is deprecated, so thought of using the below macros but we think since this macro is defined in newer version this might not work when we compile it for older versions. Please suggest how to handle this. if (OPENSSL_VERSION_MAJOR >= 3) #include else if (OPENSSL_VERSION_MAJOR < 3) #include thanks, shiva kumar Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From levitte at openssl.org Thu May 6 11:30:13 2021 From: levitte at openssl.org (Richard Levitte) Date: Thu, 06 May 2021 13:30:13 +0200 Subject: Macro to support 3.0 and 1.0 In-Reply-To: References: Message-ID: <878s4sw14q.wl-levitte@openssl.org> Before using OPENSSL_VERSION_NUMBER, you should have this line: #include So something like this should make it possible: #include #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) /******higher version code************/ #include #else /*******lower version code *********/ #include #endif If that's not the case, you may have found a bug. A short example program that demonstrates this flaw would be nice in that case. Cheers, Richard On Thu, 06 May 2021 12:38:30 +0200, Shivakumar Poojari wrote: > > > Hi All, > > We are upgrading our code to openssl 3.0. But we need to keep the older > version of code also which is 1.0. So, we tried by keeping the newer version > of the code as below but when we compiled the code for 3.0, evp.h is not > getting included. Please suggest f our approach is correct > > #if (OPENSSL_VERSION_NUMBER >= 0x30000000L) > > /******higher version code************/ > > #include > > #else > > /*******lower version code *********/ > > #include > > #endif > > Also, we found that OPENSSL_VERSION_NUMBER is deprecated, so thought of using > the below macros but we think since this macro is defined in newer version this might > not work when we compile it for older versions. Please suggest how to handle this. > > if (OPENSSL_VERSION_MAJOR >= 3) > #include > else if (OPENSSL_VERSION_MAJOR < 3) > #include > > thanks, > shiva kumar > > Notice: This e-mail together with any attachments may contain information of Ribbon Communications > Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended > recipient. Any review, disclosure, reliance or distribution by others or forwarding without > express permission is strictly prohibited. If you are not the intended recipient, please notify > the sender immediately and then delete all copies, including any attachments. > > -- Richard Levitte levitte at openssl.org OpenSSL Project http://www.openssl.org/~levitte/ From openssl at openssl.org Thu May 6 12:45:32 2021 From: openssl at openssl.org (OpenSSL) Date: Thu, 6 May 2021 12:45:32 +0000 Subject: OpenSSL version 3.0.0-alpha16 published Message-ID: <20210506124532.GA16280@openssl.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenSSL version 3.0 alpha 16 released ===================================== OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ OpenSSL 3.0 is currently in alpha. OpenSSL 3.0 alpha 16 has now been made available. Note: This OpenSSL pre-release has been provided for testing ONLY. It should NOT be used for security critical purposes. Specific notes on upgrading to OpenSSL 3.0 from previous versions, as well as known issues are available on the OpenSSL Wiki, here: https://wiki.openssl.org/index.php/OpenSSL_3.0 The alpha release is available for download via HTTPS and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html): * https://www.openssl.org/source/ * ftp://ftp.openssl.org/source/ The distribution file name is: o openssl-3.0.0-alpha16.tar.gz Size: 14491795 SHA1 checksum: 9719fde1203a21f768c5688dd7bd579c6b5a8ae4 SHA256 checksum: 08ce8244b59d75f40f91170dfcb012bf25309cdcb1fef9502e39d694f883d1d1 The checksums were calculated using the following commands: openssl sha1 openssl-3.0.0-alpha16.tar.gz openssl sha256 openssl-3.0.0-alpha16.tar.gz Please download and check this alpha release as soon as possible. To report a bug, open an issue on GitHub: https://github.com/openssl/openssl/issues Please check the release notes and mailing lists to avoid duplicate reports of known issues. (Of course, the source is also available on GitHub.) Yours, The OpenSSL Project Team. -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmCT3csACgkQ2cTSbQ5g RJFT+AgAr7HK6rYxwu3cmgutVCaMH1kZyvwaQPowm7br7xMiFM1aJpd2hTCqETTw NydbsWOFL7M8ASowY1HjLjEL+NzFV0o9WMF3oi7SUkSny32eIQozwFTia1NDqf1i aD1Ou7Y/E4RLykXFGpSyhtNudFjGWtNVgTzsjCEN/1XrkJqHmWliKvHt0y2phoWR cR9sBAyHlkBzoYxjYDBDTlkt1/Q8n79giIb6CSsTU+XaOgClUCuJ5NEPrBqOitPC Plt6WcOKEXXotezJFrL+alB/0mhCxZa+TWAb8AiTN0ptDHRSg0PBmfJED+yRfwLh j+COkLymdQvO9XWp/jevKgEyPxwGTw== =X9gN -----END PGP SIGNATURE----- From uri at ll.mit.edu Thu May 6 13:35:36 2021 From: uri at ll.mit.edu (Blumenthal, Uri - 0553 - MITLL) Date: Thu, 6 May 2021 13:35:36 +0000 Subject: openssl cms -encrypt error: error setting recipientinfo In-Reply-To: <002d01d7421c$65d14510$3173cf30$@m.w@comcast.net> References: <002d01d7421c$65d14510$3173cf30$@m.w@comcast.net> Message-ID: <353D7F50-2C0A-44E2-ADE7-7437A4EFB3D9@ll.mit.edu> At least one problem I can see with your EC certificate is wrong Key Usage. For EC it should be "Key Agreement". I'd not use the same cert for signing and encrypting. If you do, then add Signature and Non-Repudiation (but I've never done that). -- Regards, Uri There are two ways to design a system. One is to make is so simple there are obviously no deficiencies. The other is to make it so complex there are no obvious deficiencies. - C. A. R. Hoare ?On 5/5/21, 22:07, "openssl-users on behalf of Ted Wynnychenko" wrote: Hello I recently decided to change from RSA to EC keys/certs. I do this primarily as a learning exercise (there is no real corporate or professional demand to have this working). I am running OpenBSD current (6.9) from about 1 month ago. Previously, I have been using "openssl smime" to sign and encrypt emails. Now that I am migrating to EC keys/certificates, I need to switch to "openssl cms". However, I am unable to encrypt using the EC certificate. When I use: (I am going to obfuscate the emails in plain text, although I understand there will be some encoded in the public key that follows.) cat text.in | /usr/bin/openssl cms -encrypt -from 'User ' -to 'Admin ' -subject "Test Email" -aes256 encryption.pem > encrypted.out with the old RSA certificate, everything works as expected. But, when I replace the RSA cert with the EC certificate, it does not. Instead, I see: 15724089243112:error:2EFFF06F:CMS routines:CRYPTO_internal:ctrl failure:/usr/src/lib/libcrypto/cms/cms_env.c:124: 15724089243112:error:2EFFF074:CMS routines:CRYPTO_internal:error setting recipientinfo:/usr/src/lib/libcrypto/cms/cms_env.c:944: 15724089243112:error:2EFFF068:CMS routines:CRYPTO_internal:cms lib:/usr/src/lib/libcrypto/cms/cms_smime.c:850: And the output file is zero size. The "-to" email address used is encoded as a SAN email in the EC certificate. I tried a more basic command: openssl cms -encrypt -in text.in -out encrypted.out -recip encryption.pem Works with RSA certificate, same error with EC certificate. I also tried (not really understanding, but it is in the man page example): openssl cms -encrypt -in text.in -out encrypted.out -recip encryption.pem -keyopt ecdh_kdf_md:sha256 and got the same error. I am not sure what this error means, or how to address it. I was wondering if I needed to add the email to the certificate's DN, but since (I understand) emails in the DN are depreciated, and the email is included as a SAN, that seems unlikely. Any suggestions would be great. I have pasted the output from, "openssl x509 -in encryption.pem -noout -text" below. As I said, the plain text has been altered, but the public key is unchanged. Thanks Ted $ openssl x509 -in encryption.pem -noout -text Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: ecdsa-with-SHA384 Issuer: C=US, ST=State, L=Town, O=Example, OU=Home, CN=example.com Validity Not Before: Jan 2 00:00:00 2019 GMT Not After : Apr 17 13:57:06 2051 GMT Subject: C=US, ST=State, L=Town, O=Example, OU=Home, CN=admin.example.com Subject Public Key Info: Public Key Algorithm: id-ecPublicKey Public-Key: (384 bit) pub: 04:80:34:1b:cf:63:94:33:47:37:39:42:89:cd:80: 86:44:2f:df:5f:e2:cb:3f:1b:08:3b:2c:c8:20:ec: 4e:68:2a:ac:1d:ba:7b:09:3d:78:84:cc:e5:7c:f1: 5f:3c:36:c1:89:c1:8d:95:dc:ec:dd:7c:18:e9:58: a2:83:bc:f9:db:82:cc:c3:fe:17:87:e3:52:78:70: 3b:2a:9e:ca:44:f6:f0:ff:42:82:8b:5a:51:9f:94: 63:4b:ef:08:d1:53:37 ASN1 OID: secp384r1 NIST CURVE: P-384 X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Subject Key Identifier: C6:1E:C2:DD:D2:89:2A:64:58:F2:94:1F:EB:80:CA:AC:3C:9B:43:DC X509v3 CRL Distribution Points: Full Name: URI:https://crl.example.com/example.ca.crl CRL Issuer: DirName: C = US, O = Example, CN = example.com Authority Information Access: OCSP - URI:http://ocsp.example.com:2560 X509v3 Issuer Alternative Name: DNS:example.com, email:admin at example.com X509v3 Authority Key Identifier: keyid:74:87:C7:29:8F:E5:8F:79:00:9F:95:52:69:F8:CA:57:A6:84:4C:9E DirName:/C=US/ST=Illinois/L=Winnetka/O=Wynnychenko/OU=Home/CN=wynnychenko.co m serial:B0:99:14:14:0B:6D:33:21 X509v3 Key Usage: critical Digital Signature, Non Repudiation, Key Encipherment, Data Encipherment X509v3 Extended Key Usage: E-mail Protection X509v3 Subject Alternative Name: email:admin at example.com Signature Algorithm: ecdsa-with-SHA384 30:65:02:31:00:94:1c:9e:ce:f2:0f:9f:b4:65:18:6d:7d:e4: be:01:19:0e:05:02:02:f6:83:84:88:11:0a:39:69:39:2a:7a: af:64:dd:4d:d0:57:dd:e3:db:8f:02:0a:8a:1b:27:8a:80:02: 30:44:65:8c:36:be:7a:c6:27:cf:6d:3d:9c:42:d1:72:93:a5: df:21:c9:c0:58:64:c3:6e:d7:7c:30:13:da:10:7d:b9:e6:5d: d6:1c:89:e0:d5:eb:ba:03:d8:76:22:17:18 -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 5249 bytes Desc: not available URL: From thomas_floodeenjr at mentor.com Thu May 6 13:56:03 2021 From: thomas_floodeenjr at mentor.com (Floodeenjr, Thomas) Date: Thu, 6 May 2021 13:56:03 +0000 Subject: How to switch between OpenSSL 1.0.2 and 1.1 in compilation loading and linking a C code. In-Reply-To: References: Message-ID: You may need to rename the libraries on your system or use LD_PRELOAD when launching your application. Another option is to specify the full path to the specific libraries you want when you link with, instead of the -l. For example: gcc -I /sonus/p4/ws/shared/cmn_thirdparty.main/openssl/distrib/include -L /sonus/p4/ws/shared/cmn_thirdparty.main/bldtools/toolchain/current/sonus/lib/ /libssl.so.1.0.2 /libcrypto.so.1.0.2 cpxmain1.c -o cpxmain1 -Tom From: openssl-users On Behalf Of Kumar Mishra, Sanjeev Sent: Thursday, May 6, 2021 12:48 AM To: openssl-users at openssl.org Cc: Paramashivaiah, Sunil ; Narayana, Sunil Kumar ; Bhattacharjee, Debapriyo (c) ; Shivakumar Poojari Subject: How to switch between OpenSSL 1.0.2 and 1.1 in compilation loading and linking a C code. Hi, In my Linux Debian server both OpenSSL 1.0.2 and 1.1 is installed. As a user I am compiling C code for 1.0.2. But at the runtime and linking and loading it is picking version 1.1 as default. How to switch between OpenSSL 1.0.2 and 1.1 in compilation loading and linking a C code ? Is there any linux env is required to set? I am using following commands- export LD_LIBRARY_PATH=/sonus/p4/ws/shared/cmn_thirdparty.main/bldtools/toolchain/current/sonus/lib/ To compile gcc -I /sonus/p4/ws/shared/cmn_thirdparty.main/openssl/distrib/include -L /sonus/p4/ws/shared/cmn_thirdparty.main/bldtools/toolchain/current/sonus/lib/ -lssl -lcrypto cpxmain1.c -o cpxmain1 Both the libcrypto.so.1.0.2 and libcrypto.so.1.1 is present in this path but only picking 1.1 as a default. How to change this default setting? Thanks With Best Regards, Sanjeev Kumar Mishra Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From pauli at openssl.org Thu May 6 23:36:21 2021 From: pauli at openssl.org (Dr Paul Dale) Date: Fri, 7 May 2021 09:36:21 +1000 Subject: Switch hangs for significant amount of time when using RAND_write_file API with openssl version 1.1.1h and above. In-Reply-To: References: Message-ID: <15d63b97-0215-d3ec-2957-107a5df4a872@openssl.org> My guess would be that OpenSSL is waiting for the system randomness source to properly seed.? This was an intentional change.? Without it security will likely be lost. Paul Dale On 6/5/21 8:34 pm, Sravani Maddukuri via openssl-users wrote: > Hi, > > I have updated the openssl version running on the switch from 1.1.1g > to 1.1.1h and eventually to 1.1.1k. > Starting 1.1.1h, I am observing that the switch hangs for a > significant amount of time (> 3 minutes) when the?call RAND_write_file > is invoked from the switch software. > The same call (RAND_write_file) invoked from the switch software with > the earlier versions of openssl (1.1.1g) did not make the switch to > hang for the noticeable time. Can you please help me understand why > this behavior is and suggest a solution if any? > > Regards, > Sravani > > This electronic communication and the information and any files > transmitted with it, or attached to it, are confidential and are > intended solely for the use of the individual or entity to whom it is > addressed and may contain information that is confidential, legally > privileged, protected by privacy laws, or otherwise restricted from > disclosure to anyone else. If you are not the intended recipient or > the person responsible for delivering the e-mail to the intended > recipient, you are hereby notified that any use, copying, > distributing, dissemination, forwarding, printing, or copying of this > e-mail is strictly prohibited. If you received this e-mail in error, > please return the e-mail to the sender, delete it from your computer, > and destroy any printed copy of it. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mario.briggs at in.ibm.com Mon May 10 05:38:19 2021 From: mario.briggs at in.ibm.com (Mario Ds Briggs) Date: Mon, 10 May 2021 05:38:19 +0000 Subject: Install/Build openssl with following ciphers - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 Message-ID: An HTML attachment was scrubbed... URL: From matt at openssl.org Mon May 10 09:08:59 2021 From: matt at openssl.org (Matt Caswell) Date: Mon, 10 May 2021 10:08:59 +0100 Subject: Install/Build openssl with following ciphers - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 In-Reply-To: References: Message-ID: On 10/05/2021 06:38, Mario Ds Briggs wrote: > In the openssl libs that i have installed on?ubuntu/rhel/mac-os, i dont > find the following ciphers when i run 'openssl ciphers' command > TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, > TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, > TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, > TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 These are the standard IETF names for these ciphersuites. OpenSSL calls them something slightly different. So for example "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" is known as "ECDHE-ECDSA-AES256-GCM-SHA384" in OpenSSL. Most likely you are using a version of OpenSSL that does have support for these ciphersuites, but you are not seeing it in the "ciphers" output because of the above. You can get "ciphers" to display the standard name as well as the OpenSSL name using the command below: $ openssl ciphers -v -stdname Matt From 1nagarjun1 at gmail.com Mon May 10 11:18:43 2021 From: 1nagarjun1 at gmail.com (Nagarjun J) Date: Mon, 10 May 2021 16:48:43 +0530 Subject: Query regarding ECC Message-ID: Hi, ECC Partial Public key validation is already supported in openssl-1.0.2l or Openssl-2.0.16 ? Regards Nagarjun -------------- next part -------------- An HTML attachment was scrubbed... URL: From mario.briggs at in.ibm.com Tue May 11 04:24:51 2021 From: mario.briggs at in.ibm.com (Mario Ds Briggs) Date: Tue, 11 May 2021 04:24:51 +0000 Subject: Install/Build openssl with following ciphers - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 In-Reply-To: References: Message-ID: An HTML attachment was scrubbed... URL: From Sanjeev.Kumar-Mishra at rbbn.com Tue May 11 05:22:33 2021 From: Sanjeev.Kumar-Mishra at rbbn.com (Kumar Mishra, Sanjeev) Date: Tue, 11 May 2021 05:22:33 +0000 Subject: How to access different fields of structure SSL in OpenSSL 3.0 Message-ID: Hi, How to access different fields of structure SSL in OpenSSL 3.0 ? For example the code is like this - SSL *ssl; ...... ....... SSL_CTX_set_tlsext_status_cb(ssl->ctx, NULL); MRM_LOG_INFO("SSL_free ref %d ", ssl->references); Thanks With Best Regards, Sanjeev Kumar Mishra Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From bbrumley at gmail.com Tue May 11 05:34:56 2021 From: bbrumley at gmail.com (Billy Brumley) Date: Tue, 11 May 2021 08:34:56 +0300 Subject: Install/Build openssl with following ciphers - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 In-Reply-To: References: Message-ID: > Bonus question :-) I have a 2 more TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 and TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 > > I dont even find these listed on the man pages - https://www.openssl.org/docs/man1.0.2/man1/ciphers.html and hence was curious https://www.openssl.org/news/changelog.html BBB From matt at openssl.org Tue May 11 07:29:05 2021 From: matt at openssl.org (Matt Caswell) Date: Tue, 11 May 2021 08:29:05 +0100 Subject: Install/Build openssl with following ciphers - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384, TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 In-Reply-To: References: Message-ID: <641ae0a3-8d74-0f6c-064c-ca80019535d6@openssl.org> On 11/05/2021 05:24, Mario Ds Briggs wrote: > thanks Matt. I couldnt find the -stdname option on my macOS openssl, In that case you are most likely not using OpenSSL at all but LibreSSL. Or possibly a very old version of OpenSSL. > but > using ur example above, i could find the ones they map to. So I am good > and thanks very much for your kind help. > Bonus question :-) I have a 2 more > TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 > and?TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 > I dont even find these listed on the man pages - > https://www.openssl.org/docs/man1.0.2/man1/ciphers.html > ?and hence was > curious Support for ChaCha20/Poly1305 was first added in OpenSSL 1.1.0 so they are not listed in the 1.0.2 man pages you are referring to. You will find these ciphers in the man pages for the current 1.1.1 version here: https://www.openssl.org/docs/man1.1.1/man1/ciphers.html Matt From tomas at openssl.org Tue May 11 12:48:06 2021 From: tomas at openssl.org (Tomas Mraz) Date: Tue, 11 May 2021 14:48:06 +0200 Subject: How to access different fields of structure SSL in OpenSSL 3.0 In-Reply-To: References: Message-ID: <680df2c2ed1eb3075e1b047e6338879fa6ae4c51.camel@openssl.org> On Tue, 2021-05-11 at 05:22 +0000, Kumar Mishra, Sanjeev wrote: > Hi, > How to access different fields of structure SSL in OpenSSL 3.0 ? For > example the code is like this - > > SSL *ssl; > ...... > ....... > SSL_CTX_set_tlsext_status_cb(ssl->ctx, NULL); > MRM_LOG_INFO("SSL_free ref %d ", ssl->references); For the SSL_CTX_set_tlsext_status_cb() you can use SSL_get_SSL_CTX() to obtain the ctx. There is no way to get the ssl->references value as that is an internal value. As you apparently need it just for debug logging you should be able to avoid that. Tomas Mraz From eddie.via at msa.hinet.net Wed May 12 00:45:36 2021 From: eddie.via at msa.hinet.net (Eddie Chang) Date: Wed, 12 May 2021 08:45:36 +0800 (CST) Subject: What's different between RSASSA and RSAPSS padding mode? Message-ID: <1668117167.440993.1620780336316@sg2001-ap-4> Hi: I'm new comer to openssl. Recently, I study SPDM document https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_0.99a.pdf and feel confused about ReqBaseAsymAlg structure in page 49. In this spec, I saw it can support RSASSA_4096 and RSAPSS_4096. But I check opensl source code, rsa_padding_mode option only support pss padding. Don't have any idea about RSASSA. Anyonce can please help to comemnt what different between RSASSA and RSAPSS is? For testting, I can specify PSS padding with SHA256 digest for sign and verfiifcation as below command. openssl dgst -sha512 -binary -out sha512_out.bin test.bin openssl pkeyutl -sign -in sha512_out.bin -inkey gv100_rsa_3072_pvt_dbg.pem -out sig1.bin -pkeyopt digest:sha512 -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:-1 openssl pkeyutl -verify -in sha512_out.bin -sigfile sig1.bin -pkeyopt digest:sha512 -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:-1 -pubin -inkey gv100_rsa_3072_pub_dbg.pem But don't know how to test RSASSA. Thanks Byte 0 Bit 5. TPM_ALG_RSASSA_4096 Byte 0 Bit 6. TPM_ALG_RSAPSS_4096 -------------- next part -------------- An HTML attachment was scrubbed... URL: From Matthias.St.Pierre at ncp-e.com Wed May 12 06:06:21 2021 From: Matthias.St.Pierre at ncp-e.com (Dr. Matthias St. Pierre) Date: Wed, 12 May 2021 06:06:21 +0000 Subject: What's different between RSASSA and RSAPSS padding mode? In-Reply-To: <1668117167.440993.1620780336316@sg2001-ap-4> References: <1668117167.440993.1620780336316@sg2001-ap-4> Message-ID: It?s the same. The correct full name is RSASSA-PSS, where ?SSA? stands for Secure Signature Algorithm (IIRC) and ?PSS? for Probabilistic Signature Scheme Regards https://en.wikipedia.org/wiki/PKCS_1#Schemes https://datatracker.ietf.org/doc/html/rfc4056 From: openssl-users On Behalf Of Eddie Chang Sent: Wednesday, May 12, 2021 2:46 AM To: openssl-users at openssl.org Subject: What's different between RSASSA and RSAPSS padding mode? Hi: I'm new comer to openssl. Recently, I study SPDM document https://www.dmtf.org/sites/default/files/standards/documents/DSP0274_0.99a.pdf and feel confused about ReqBaseAsymAlg structure in page 49. In this spec, I saw it can support RSASSA_4096 and RSAPSS_4096. But I check opensl source code, rsa_padding_mode option only support pss padding. Don't have any idea about RSASSA. Anyonce can please help to comemnt what different between RSASSA and RSAPSS is? For testting, I can specify PSS padding with SHA256 digest for sign and verfiifcation as below command. openssl dgst -sha512 -binary -out sha512_out.bin test.bin openssl pkeyutl -sign -in sha512_out.bin -inkey gv100_rsa_3072_pvt_dbg.pem -out sig1.bin -pkeyopt digest:sha512 -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:-1 openssl pkeyutl -verify -in sha512_out.bin -sigfile sig1.bin -pkeyopt digest:sha512 -pkeyopt rsa_padding_mode:pss -pkeyopt rsa_pss_saltlen:-1 -pubin -inkey gv100_rsa_3072_pub_dbg.pem But don't know how to test RSASSA. Thanks Byte 0 Bit 5. TPM_ALG_RSASSA_4096 Byte 0 Bit 6. TPM_ALG_RSAPSS_4096 --- ?????HiNet WebMail --- -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 7494 bytes Desc: not available URL: From Matthias.St.Pierre at ncp-e.com Wed May 12 06:15:00 2021 From: Matthias.St.Pierre at ncp-e.com (Dr. Matthias St. Pierre) Date: Wed, 12 May 2021 06:15:00 +0000 Subject: What's different between RSASSA and RSAPSS padding mode? In-Reply-To: References: <1668117167.440993.1620780336316@sg2001-ap-4> Message-ID: <9d860ccdb4614f5e8cae2033563d0343@ncp-e.com> Correction: It seems like the naming of the TPM_ALG_* constants is a little bit inconsistent: According to https://trustedcomputinggroup.org/wp-content/uploads/TCG-_Algorithm_Registry_r1p32_pub.pdf * TPM_ALG_RSASSA refers to RSASSA-PKCS1-v1_5 and * TPM_ALG_RSAPSS refers to RSASSA-PSS. -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 7494 bytes Desc: not available URL: From openssl.org at benshort.co.uk Fri May 14 08:21:55 2021 From: openssl.org at benshort.co.uk (openssl.org at benshort.co.uk) Date: Fri, 14 May 2021 09:21:55 +0100 Subject: SHA digest differences in version 1.0 and 1.1.1 Message-ID: <0156e51a-7253-7646-918c-6785554fd8f5@benshort.co.uk> Hi, I am working with some legacy code which was written to use openssl version 1.0. I am trying to make it work with openssl version 1.1.1 but the following line returns NULL. ??? const EVP_MD* messageDigest = EVP_get_digestbyname("sha"); I changed it to the following. ??? const EVP_MD* messageDigest = EVP_get_digestbyname("sha1"); That does return a EVP_MD pointer but when I use it with a EVP_MD_CTX to create a hash it produces a different hash than the legacy code for the same data. What digest was returned by "sha" in the older version? Ben From matt at openssl.org Fri May 14 08:56:39 2021 From: matt at openssl.org (Matt Caswell) Date: Fri, 14 May 2021 09:56:39 +0100 Subject: SHA digest differences in version 1.0 and 1.1.1 In-Reply-To: <0156e51a-7253-7646-918c-6785554fd8f5@benshort.co.uk> References: <0156e51a-7253-7646-918c-6785554fd8f5@benshort.co.uk> Message-ID: <451e830f-d9e1-5faf-e5c0-f417457047ce@openssl.org> On 14/05/2021 09:21, openssl.org at benshort.co.uk wrote: > Hi, > > I am working with some legacy code which was written to use openssl > version 1.0. > > I am trying to make it work with openssl version 1.1.1 but the following > line returns NULL. > > ??? const EVP_MD* messageDigest = EVP_get_digestbyname("sha"); > > I changed it to the following. > > ??? const EVP_MD* messageDigest = EVP_get_digestbyname("sha1"); > > That does return a EVP_MD pointer but when I use it with a EVP_MD_CTX to > create a hash it produces a different hash than the legacy code for the > same data. > > What digest was returned by "sha" in the older version? That is "SHA-0". A very early (1993) implementation of what later became SHA-1. According to Wikipedia SHA-0: "...was withdrawn by the NSA shortly after publication and was superseded by the revised version, published in 1995 in FIPS PUB 180-1 and commonly designated SHA-1. SHA-0 really really should not be used and support was removed in OpenSSL 1.1.0. Matt From john.sha.jiang at gmail.com Sun May 16 21:57:00 2021 From: john.sha.jiang at gmail.com (John Jiang) Date: Mon, 17 May 2021 05:57:00 +0800 Subject: SM3WithSM2 Certificate Message-ID: Hi, Using OpenSSL 1.1.1i. I suppose OpenSSL already supports SM algorithms, including SM2 and SM3. However, I used the following command on a SM2 certificate, openssl x509 -text -in test-sm2.crt and got the below line, Signature Algorithm: 1.2.156.10197.1.501 This OID is actually SM2 signing with SM3. Why doesn't openssl x509 tool display this name? Does OpenSSL support this signature scheme? Best regards, John Jiang -------------- next part -------------- An HTML attachment was scrubbed... URL: From pramothmurali at gmail.com Sun May 16 22:30:22 2021 From: pramothmurali at gmail.com (Pramoth Murali) Date: Sun, 16 May 2021 17:30:22 -0500 Subject: Migrating from cryptlib to openssl In-Reply-To: References: Message-ID: This is not a question specific to Openssl itself, but to discuss the challenges of moving from other crypto libraries to OpenSSL (specifically from cryptlib). We have a legacy C++ application consuming cryptlib to perform encryption operations, and we are considering migrating the application to consume openssl. Looking over the definition file (.def) files between two, I notice there?s not exactly a 1:1 counterpart but I notice that openssl is extensive in terms of the operations I can do with. We are considering the challenges and the gotchas we should know when migrating from a different crypto library to openssl. Has anyone been through this transition before and what were the challenges with the migration? Note, the current motive is to save paying for the cryptlib license, but also believe that moving to Openssl wil streamline our applications using openssl and help patch security fixes easier. -------------- next part -------------- An HTML attachment was scrubbed... URL: From g.smorkalov at crazypanda.ru Mon May 17 13:41:57 2021 From: g.smorkalov at crazypanda.ru (=?UTF-8?B?0JPRgNC40LPQvtGA0LjQuSDQodC80L7RgNC60LDQu9C+0LI=?=) Date: Mon, 17 May 2021 16:41:57 +0300 Subject: Replay HTTP traffic Message-ID: Hello. I am trying to debug some ssl related code and I need some help. We have a HTTP client based on libuv and libopenssl for TLS. It is an internal C++ library with its own TCP wrapper around lubuv and HTTP parser. It works fine and our servers make millions of HTTPS requests to social networks with it. If it is one connection per request (Connection: Close) there is no problem at all. But sometimes connections with keep-alive receive strange ssl errors: error:04067084:rsa routines:rsa_ossl_public_decrypt:data too large for modulus , or error:04067072:rsa routines:rsa_ossl_public_decrypt:padding check failed It is a really rare event, once per million I think. The error is returned from SSL_read when new data comes from the server. It is never the first response, usually there are more than ten requests/responses in the connection before the error. We have a tcpdump of such connections and keylog made with SSL_CTX_set_keylog_callback. Wireshark opens this dump and decrypts it normally using keylog as pre-master keyfile. The last packet produces an error in our HTTP client but in wireshark it is ok and it contains normal HTTP response with 200 OK. No sign of any error or data corruption. That fact makes me think that data is ok and my openssl usage has some problems. I want to reproduce this situation and replay this tcpdump. It means run our server (actually only http client part) and give it captured data. It is no problem to make a server that sends exactly the same data from tcp dump. It is no problem to make exactly the same http request. But I need to use the pre-master key from the keylog on the client side. I cannot find any function that sets keys to SSL_CTX* or SSL*. Is there any? I tried to build my own libopenssl with constant keys. I put memcpy(s->session->master_key, overriden_secret, 48) in ssl_generate_master_secret and tls13_generate_secret. Also memcpy(s->s3->client_random, overriden_random, 32); in tls_construct_client_hello and tls_early_post_process_client_hello. It doesn't work and produces ssl error on handshake phase error:1416C095:SSL routines:tls_process_finished:digest check failed. Client Hello produced by this patched libopenssl is always different, this means I haven't replaced all keys. It is something in s->tmp structure I cannot understand to replace all usages and values. Is there a simpler way? Without reproducing it is practically impossible to find a bug. Even if it does not reproduce, I'll get some information. Maybe it is UB in a different place. I've asked the same question on stackoverflow, so you can answer there if it is easier or better for you: https://stackoverflow.com/questions/67570255/how-to-replay-encrypted-traffic-with-libopenssl Thank you! -------------- next part -------------- An HTML attachment was scrubbed... URL: From matt at openssl.org Mon May 17 14:18:01 2021 From: matt at openssl.org (Matt Caswell) Date: Mon, 17 May 2021 15:18:01 +0100 Subject: Replay HTTP traffic In-Reply-To: References: Message-ID: <03ec24dd-7b17-1770-8f32-0093c66919ce@openssl.org> On 17/05/2021 14:41, ???????? ????????? wrote: > Hello. I am trying to debug some ssl related code and I need some help. > > We have a HTTP client based on libuv and libopenssl for TLS. It is an > internal C++ library with its own TCP wrapper around lubuv and HTTP > parser. It works fine and our servers make millions of HTTPS requests to > social networks with it. If it is one connection per request > (Connection: Close) there is no problem at all. But sometimes > connections with keep-alive receive strange ssl errors: > > error:04067084:rsa routines:rsa_ossl_public_decrypt:data too large for > modulus , or error:04067072:rsa routines:rsa_ossl_public_decrypt:padding > check failed > > It is a really rare event, once per million I think. The error is > returned from SSL_read when new data comes from the server. It is never > the first response, usually there are more than ten requests/responses > in the connection before the error. If I understand you correctly then you are seeing this at some point *after* the initial handshake and the connection has been running for a while. If so that is a very strange error indeed. These are RSA errors. But once the initial handshake is complete there should be no reason for libssl to be performing RSA calls. RSA is *only* used during the handshake and not during application data transfer. Unless that is there is a reneg handshake happening (only applies for TLSv1.2 or less)...but if so that would be fairly clear in the wireshark logs. Does your application do anything with libcrypto directly? Or does it only use libssl? Is your client application multi-threaded? I'm wondering whether this error is actually a stale error left in the queue from some earlier problem on the same thread. You could try forcefully clearing any stale errors (ERR_clear_error()) before any SSL_read() calls and see if the problem goes away. > > We have a tcpdump of such connections and keylog made with > SSL_CTX_set_keylog_callback. Wireshark opens this dump and decrypts it > normally using keylog as pre-master keyfile. The last packet produces an > error in our HTTP client but in wireshark it is ok and it contains > normal HTTP response with 200 OK. No sign of any error or data > corruption. That fact makes me think that data is ok and my openssl > usage has some problems. > > I want to reproduce this situation and replay this tcpdump. It means run > our server (actually only http client part) and give it captured data. > It is no problem to make a server that sends exactly the same data from > tcp dump. It is no problem to make exactly the same?http request. But I > need to use the pre-master key from the keylog on the client side. I > cannot find any function that sets keys to SSL_CTX* or SSL*. Is there any? > > I tried to build my own libopenssl with constant keys. I put > memcpy(s->session->master_key, overriden_secret, 48) in > ssl_generate_master_secret and tls13_generate_secret. Also > memcpy(s->s3->client_random, overriden_random, 32); in > tls_construct_client_hello and tls_early_post_process_client_hello. It > doesn't work and produces ssl error on handshake phase > error:1416C095:SSL routines:tls_process_finished:digest check failed. > Client Hello produced by this patched libopenssl is always different, > this means I haven't replaced all keys. It is something in s->tmp > structure I cannot understand to replace all usages and values. This is very much a non-trivial task. OpenSSL has no support for this kind of thing at the moment and it would be difficult to add it. I don't think the key logging logs the ephemeral keys that are used as input to the master secret generation. So the ClientHello key_share (assuming TLSv1.3) is going to be different regardless. You could conceivably hack the finished check so that it passes regardless if you still end up with the right master secret - but everything isn't necessarily going to be the *same* as in the initial failing run. If my possibly theory about a stale error on the queue is right then even if you got everything right then it might still not show up the problem if the stale error is related to some other thing that happened on the same thread. Matt > > Is there a simpler way? > > Without reproducing it is practically impossible to find a bug. Even if > it does not reproduce, I'll get some information. Maybe it is UB in a > different place. > > I've asked the same question on stackoverflow, so you can answer there > if it is easier or better for you: > https://stackoverflow.com/questions/67570255/how-to-replay-encrypted-traffic-with-libopenssl > > > Thank you! > > From Sanjeev.Kumar-Mishra at rbbn.com Wed May 19 07:23:24 2021 From: Sanjeev.Kumar-Mishra at rbbn.com (Kumar Mishra, Sanjeev) Date: Wed, 19 May 2021 07:23:24 +0000 Subject: Which header file I need to include for X509 OCSP Certificate Verification Message-ID: Hi, Which header file I need to include for X509 OCSP Certificate Verification. I am getting compilation error for different structures and macros. Although, I am including following files- // #include #include #include #include #include // #include #include //SANJEEV ADDED #include #include // #include #include "fipsUtils.h" For example - X509_CERT_OCSP *ocsp_info = NULL; Is this structure is opaque in OpenSSL 3.0 ? How to use this structure? Thanks With Best Regards, Sanjeev Kumar Mishra Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mike.mckenney at scsiraidguru.com Wed May 19 17:56:48 2021 From: mike.mckenney at scsiraidguru.com (Michael McKenney) Date: Wed, 19 May 2021 17:56:48 +0000 Subject: =?Windows-1252?Q?I_installed_Openssl_1.1.1k_and_Ubuntu_20.04_did_an_upgra?= =?Windows-1252?Q?de_and_reverted_it_back_to_1.1.1f.___Usually_Ubuntu_upgr?= =?Windows-1252?Q?ades_don=92t_break_it.__?= Message-ID: I installed Openssl 1.1.1k and Ubuntu 20.04 did an upgrade and reverted it back to 1.1.1f. Usually Ubuntu upgrades don?t break it. OpenSSL 1.1.1f 31 Mar 2020 (Library: OpenSSL 1.1.1k 25 Mar 2021) built on: Thu Apr 29 14:11:04 2021 UTC platform: linux-x86_64 options: bn(64,64) rc4(16x,int) des(int) blowfish(ptr) compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG OPENSSLDIR: "/usr/local/ssl" ENGINESDIR: "/usr/local/ssl/lib/engines-1.1" Seeding source: os-specific How do I change it back to 1.1.1k? I tried a reinstall. Didn?t work. This is the directions I use to install sudo apt-get update && sudo apt-get upgrade openssl version -a sudo apt install build-essential checkinstall zlib1g-dev -y cd /usr/local/src/ sudo wget https://www.openssl.org/source/openssl-1.1.1k.tar.gz sudo tar -xf openssl-1.1.1k.tar.gz cd openssl-1.1.1k sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl shared zlib sudo make sudo make test sudo make install cd /etc/ld.so.conf.d/ sudo vim openssl-1.1.1k.conf add /usr/local/ssl/lib sudo ldconfig -v sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup sudo mv /usr/bin/openssl /usr/bin/openssl.backup sudo vim /etc/environment add PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games :/usr/local/games:/usr/local/ssl/bin" source /etc/environment echo $PATH which openssl openssl version -a Michael A. McKenney mike.mckenney at scsiraidguru.com https://wp.scsiraidguru.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From openssl at openssl.org Thu May 20 13:53:22 2021 From: openssl at openssl.org (OpenSSL) Date: Thu, 20 May 2021 13:53:22 +0000 Subject: OpenSSL version 3.0.0-alpha17 published Message-ID: <20210520135322.GA26288@openssl.org> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 OpenSSL version 3.0 alpha 17 released ===================================== OpenSSL - The Open Source toolkit for SSL/TLS https://www.openssl.org/ OpenSSL 3.0 is currently in alpha. OpenSSL 3.0 alpha 17 has now been made available. Note: This OpenSSL pre-release has been provided for testing ONLY. It should NOT be used for security critical purposes. Specific notes on upgrading to OpenSSL 3.0 from previous versions are available in the OpenSSL Migration Guide, here: https://www.openssl.org/docs/manmaster/man7/migration_guide.html The alpha release is available for download via HTTPS and FTP from the following master locations (you can find the various FTP mirrors under https://www.openssl.org/source/mirror.html): * https://www.openssl.org/source/ * ftp://ftp.openssl.org/source/ The distribution file name is: o openssl-3.0.0-alpha17.tar.gz Size: 14551193 SHA1 checksum: c026f0451988a4d3799b0ac8cc6aae45d05eddc5 SHA256 checksum: fcf7f7d732209904a8f994d6af5df10b1ca5df7bd18618e40805a2e32aa44f47 The checksums were calculated using the following commands: openssl sha1 openssl-3.0.0-alpha17.tar.gz openssl sha256 openssl-3.0.0-alpha17.tar.gz Please download and check this alpha release as soon as possible. To report a bug, open an issue on GitHub: https://github.com/openssl/openssl/issues Please check the release notes and mailing lists to avoid duplicate reports of known issues. (Of course, the source is also available on GitHub.) Yours, The OpenSSL Project Team. -----BEGIN PGP SIGNATURE----- iQEzBAEBCAAdFiEEhlersmDwVrHlGQg52cTSbQ5gRJEFAmCmZHoACgkQ2cTSbQ5g RJFr9QgAiw+HwvyEf+uTsqeGMaKnfgUrBxZBsjDH4AwEhomsF7vZlA8TDDabf0s3 tHoAwjlqOlEO3LDUGy+xraofmkA/NRvJsEgdXHP03WSYkQwb+iYnJ1RPPwjSpny7 ujq2kFfDU9l7uwnucD3FHRzhUH/lvTVSl2sg3s9bNKhArcu6vLVCSYWRhz4ISKfe BxYpp1HjYNE6jS6lIkUVaE50PKL+L29UDf0VzZhQCHQrBvRJq9cj6rUMx50e5vbF PUEQhqkHFZpQgBnanQ8auf0Lzr+4EUdvJ52Y24uPb6bZAZMoAP/UYc3YM0jjGxhp x9G11J5xuS6H/76XUevfyo8RnqXoXA== =vyTR -----END PGP SIGNATURE----- From jb-openssl at wisemo.com Fri May 21 14:03:02 2021 From: jb-openssl at wisemo.com (Jakob Bohm) Date: Fri, 21 May 2021 16:03:02 +0200 Subject: =?UTF-8?Q?Re=3a_I_installed_Openssl_1=2e1=2e1k_and_Ubuntu_20=2e04_d?= =?UTF-8?Q?id_an_upgrade_and_reverted_it_back_to_1=2e1=2e1f=2e_Usually_Ubunt?= =?UTF-8?Q?u_upgrades_don=e2=80=99t_break_it=2e?= In-Reply-To: References: Message-ID: On 2021-05-19 19:56, Michael McKenney wrote: > > I installed Openssl 1.1.1k and Ubuntu 20.04 did an upgrade and > reverted it back to 1.1.1f.?? Usually Ubuntu upgrades don?t break it. > > OpenSSL 1.1.1f? 31 Mar 2020 (Library: OpenSSL 1.1.1k? 25 Mar 2021) > > built on: Thu Apr 29 14:11:04 2021 UTC > > platform: linux-x86_64 > > options:? bn(64,64) rc4(16x,int) des(int) blowfish(ptr) > > compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 > -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ > -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 > -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM > -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM > -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG > > OPENSSLDIR: "/usr/local/ssl" > > ENGINESDIR: "/usr/local/ssl/lib/engines-1.1" > > Seeding source: os-specific > > How do I change it back to 1.1.1k?? I tried a reinstall. ?Didn?t work. > > This is the directions I use to install > sudo apt-get update && sudo apt-get upgrade > > openssl version -a > > sudo apt install build-essential checkinstall zlib1g-dev -y > > cd /usr/local/src/ > > sudo wget https://www.openssl.org/source/openssl-1.1.1k.tar.gz > > sudo tar -xf openssl-1.1.1k.tar.gz > > cd openssl-1.1.1k > > sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl > shared zlib > > sudo make > > sudo make test > > sudo make install > > cd /etc/ld.so.conf.d/ > > sudo vim openssl-1.1.1k.conf > > add??? /usr/local/ssl/lib > > sudo ldconfig -v > > sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup > > sudo mv /usr/bin/openssl /usr/bin/openssl.backup > > sudo vim /etc/environment > > add > PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games > > :/usr/local/games:/usr/local/ssl/bin" > > source /etc/environment > > echo $PATH > > which openssl > > openssl version -a > > Sorry, but you did not state what command and output indicates that Ubuntu undid your upgrade, what is the output of each of the following diagnostic commands (after Ubuntu apparently undid your upgrade). $ dpkg --status libssl1.1 $ dpkg --status libssl-dev $ dpkg --status openssl $ type openssl $ openssl version -a $ ls -alF /usr/lib/x86_64-linux-gnu/libssl* $ ls -alF /usr/locallib/libssl* $ ls -alF /usr/local/bin/openssl $ /usr/local/bin/openssl version -a Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded -------------- next part -------------- An HTML attachment was scrubbed... URL: From bfussell at cisco.com Fri May 21 14:07:44 2021 From: bfussell at cisco.com (Barry Fussell (bfussell)) Date: Fri, 21 May 2021 14:07:44 +0000 Subject: Secure Heap Usage for EC private key Message-ID: Long shot if someone may know. Secure heap was added long ago for private keys for RSA, DSA and DH however EC key generation does not seem to be included. I see some other EC functions that use secure heap and I also noticed that the CHANGES file stated: "Add secure heap for storage of private keys (when possible)." which leads me to believe there was something about EC key generation that prohibited using secure heap. Any background on the reason for the EC omission ? Thanks, Barry -------------- next part -------------- An HTML attachment was scrubbed... URL: From jb-openssl at wisemo.com Fri May 21 20:13:47 2021 From: jb-openssl at wisemo.com (Jakob Bohm) Date: Fri, 21 May 2021 22:13:47 +0200 Subject: =?UTF-8?Q?Re=3a_I_installed_Openssl_1=2e1=2e1k_and_Ubuntu_20=2e04_d?= =?UTF-8?Q?id_an_upgrade_and_reverted_it_back_to_1=2e1=2e1f=2e_Usually_Ubunt?= =?UTF-8?Q?u_upgrades_don=e2=80=99t_break_it=2e?= In-Reply-To: References: Message-ID: <440284a1-9d3e-a08c-1225-01a283d6e2d9@wisemo.com> (Replying on list to bring this back to the public forum where others can help you) On 2021-05-21 16:18, Michael McKenney wrote: > It took awhile to run all these commands > > Sorry, but you did not state what command and output indicates > that Ubuntu undid your upgrade, what is the output of each of > the following diagnostic commands (after Ubuntu apparently > undid your upgrade). > > $ dpkg --status libssl1.1 > $ dpkg --status libssl-dev > $ dpkg --status openssl > $ type openssl > $ openssl version -a > $ ls -alF /usr/lib/x86_64-linux-gnu/libssl* > $ ls -alF /usr/locallib/libssl* Oops, my bad, should have been /usr/local/lib/libssl* > $ ls -alF /usr/local/bin/openssl > $ /usr/local/bin/openssl version -a > > > Here is the results > > $ dpkg --status libssl1.1 > > sudo dpkg --status libssl1.1 This shouldn't require root privileges, at least on Debian (Ubuntu is a heavily modified Debian). > > [sudo] password for michael: > > Package: libssl1.1 > Status: install ok installed > Priority: optional > Section: libs > Installed-Size: 4027 > Maintainer: Ubuntu Developers ubuntu-devel-discuss at lists.ubuntu.com > > Architecture: amd64 > Multi-Arch: same > Source: openssl > Version: 1.1.1f-1ubuntu2.4 Ok, go to the Ubuntu website and check which OpenSSL bug fixes are included in Ubuntu OpenSSL 1.1.1f-1ubuntu2.4, or look in the file /usr/share/doc/libssl1.1/Changelog.Debian.gz > Depends: libc6 (>= 2.25), debconf (>= 0.5) | debconf-2.0 > Breaks: isync (<< 1.3.0-2), lighttpd (<< 1.4.49-2), python-boto (<< > 2.44.0-1.1), python-httplib2 (<< 0.11.3-1), python-imaplib2 (<< 2.57-5), > python3-boto (<< 2.44.0-1.1), python3-imaplib2 (<< 2.57-5) > Description: Secure Sockets Layer toolkit - shared libraries > This package is part of the OpenSSL project's implementation of the SSL > and TLS cryptographic protocols for secure communication over the > Internet. > . > It provides the libssl and libcrypto shared libraries. > Homepage: https://www.openssl.org/ > Original-Maintainer: Debian OpenSSL Team > pkg-openssl-devel at lists.alioth.debian.org > > > $ dpkg --status libssl-dev > > sudo dpkg --status libssl-dev > This shouldn't require root privileges, at least on Debian (Ubuntu is a heavily modified Debian). > dpkg-query: package 'libssl-dev' is not installed and no information is > available > > Use dpkg --info (= dpkg-deb --info) to examine archive files. > Ok, this confirms that you have not installed the OpenSSL development files from Ubuntu. > $ dpkg --status openssl > > sudo dpkg --status openssl > This shouldn't require root privileges, at least on Debian (Ubuntu is a heavily modified Debian). > Package: openssl > Status: install ok installed > Priority: optional > Section: utils > Installed-Size: 1257 > Maintainer: Ubuntu Developers ubuntu-devel-discuss at lists.ubuntu.com > > Architecture: amd64 > Multi-Arch: foreign > Version: 1.1.1f-1ubuntu2.4 > Depends: libc6 (>= 2.15), libssl1.1 (>= 1.1.1) > Suggests: ca-certificates > Conffiles: > /etc/ssl/openssl.cnf fb92a2dab53f11f4f5f22adc5257b553 > Description: Secure Sockets Layer toolkit - cryptographic utility > This package is part of the OpenSSL project's implementation of the SSL > and TLS cryptographic protocols for secure communication over the > Internet. > . > It contains the general-purpose command line binary /usr/bin/openssl, > useful for cryptographic operations such as: > ? * creating RSA, DH, and DSA key parameters; > ? * creating X.509 certificates, CSRs, and CRLs; > ? * calculating message digests; > ? * encrypting and decrypting with ciphers; > ? * testing SSL/TLS clients and servers; > ? * handling S/MIME signed or encrypted mail. > Homepage: https://www.openssl.org/ > Original-Maintainer: Debian OpenSSL Team > pkg-openssl-devel at lists.alioth.debian.org > Ok, go to the Ubuntu website and check which OpenSSL bug fixes are included in Ubuntu OpenSSL 1.1.1f-1ubuntu2.4, or look in the file /usr/share/doc/openssl/Changelog.Debian.gz > > $ type openssl > openssl is hashed (/usr/local/ssl/bin/openssl) Ok, this shows that your locally built OpenSSL is still there under /usr/local/... > $ openssl version -a > OpenSSL 1.1.1k? 25 Mar 2021 > built on: Thu May 20 12:00:48 2021 UTC > platform: linux-x86_64 > options:? bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr) > compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 > -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ > -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 > -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM > -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM > -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG > OPENSSLDIR: "/usr/local/ssl" > ENGINESDIR: "/usr/local/ssl/lib/engines-1.1" > Seeding source: os-specific > > michael at ubuntuwpmm1tb:~$ > > $ ls -alF /usr/lib/x86_64-linux-gnu/libssl* > > -rw-r--r-- 1 root root 598104 Apr 27 20:37 /usr/lib/x86_64-linux-gnu/libssl.so.1.1 This shows that the Ubuntu installed OpenSSL was built by Ubuntu on the most recent April 27 (2021-04-27) at 20:37 your timezone. > > michael at ubuntuwpmm1tb:~$ > > $ ls -alF /usr/locallib/libssl* > > ls -alF /usr/locallib/libssl* > > ls: cannot access '/usr/locallib/libssl*': No such file or directory > > $ ls -alF /usr/local/bin/openssl > > ls -alF /usr/local/bin/openssl > > ls: cannot access '/usr/local/bin/openssl': No such file or directory > > $ /usr/local/bin/openssl version -a > > /usr/local/bin/openssl version -a > > -bash: /usr/local/bin/openssl: No such file or directory > > > > *From:*openssl-users *On Behalf Of > *Jakob Bohm via openssl-users > *Sent:* Friday, May 21, 2021 10:03 AM > *To:* openssl-users at openssl.org > *Subject:* Re: I installed Openssl 1.1.1k and Ubuntu 20.04 did an > upgrade and reverted it back to 1.1.1f. Usually Ubuntu upgrades don?t > break it. > > On 2021-05-19 19:56, Michael McKenney wrote: > > I installed Openssl 1.1.1k and Ubuntu 20.04 did an upgrade and > reverted it back to 1.1.1f.?? Usually Ubuntu upgrades don?t break it. > > OpenSSL 1.1.1f? 31 Mar 2020 (Library: OpenSSL 1.1.1k? 25 Mar 2021) > > built on: Thu Apr 29 14:11:04 2021 UTC > > platform: linux-x86_64 > > options:? bn(64,64) rc4(16x,int) des(int) blowfish(ptr) > > compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 > -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ > -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 > -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM > -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM > -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB > -DNDEBUG > > OPENSSLDIR: "/usr/local/ssl" > > ENGINESDIR: "/usr/local/ssl/lib/engines-1.1" > > Seeding source: os-specific > > How do I change it back to 1.1.1k?? I tried a reinstall. ?Didn?t work. > > This is the directions I use to install > > sudo apt-get update && sudo apt-get upgrade > > openssl version -a > > sudo apt install build-essential checkinstall zlib1g-dev -y > > cd /usr/local/src/ > > sudo wget https://www.openssl.org/source/openssl-1.1.1k.tar.gz > > sudo tar -xf openssl-1.1.1k.tar.gz > > cd openssl-1.1.1k > > sudo ./config --prefix=/usr/local/ssl --openssldir=/usr/local/ssl > shared zlib > > sudo make > > sudo make test > > sudo make install > > cd /etc/ld.so.conf.d/ > > sudo vim openssl-1.1.1k.conf > > ??????? add??? /usr/local/ssl/lib > > sudo ldconfig -v > > sudo mv /usr/bin/c_rehash /usr/bin/c_rehash.backup > > sudo mv /usr/bin/openssl /usr/bin/openssl.backup > > sudo vim /etc/environment > > add > PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games > > ?????????????????????? :/usr/local/games:/usr/local/ssl/bin" > > source /etc/environment > > echo $PATH > > which openssl > > openssl version -a > > Sorry, but you did not state what command and output indicates > that Ubuntu undid your upgrade, what is the output of each of > the following diagnostic commands (after Ubuntu apparently > undid your upgrade). > > $ dpkg --status libssl1.1 > $ dpkg --status libssl-dev > $ dpkg --status openssl > $ type openssl > $ openssl version -a > $ ls -alF /usr/lib/x86_64-linux-gnu/libssl* > $ ls -alF /usr/locallib/libssl* > $ ls -alF /usr/local/bin/openssl > $ /usr/local/bin/openssl version -a > Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com Transformervej 29, 2860 S?borg, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded From mail at henningkrause.eu Sun May 23 12:45:50 2021 From: mail at henningkrause.eu (Henning Krause) Date: Sun, 23 May 2021 12:45:50 +0000 Subject: Support for ECDH One-pass in "openssl cms enc" Message-ID: Hi, I'm trying to encrypt an email using the ECDH One-Pass algorithm. I've first created an X509 certificate with an EDSA key based on the curve prime256v1. Then, I ran this command: openssl cms -encrypt -in Unencrypted.eml -binary -recip ecc.cer -aes256 -keyopt ecdh_kdf_md:sha256 -keyopt ecdh_cofactor_mode:1 This does indeed create an encrypted eml: MIME-Version: 1.0 Content-Disposition: attachment; filename="smime.p7m" Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name="smime.p7m" Content-Transfer-Encoding: base64 MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQIxggEQoYIBDAIBA6BRoU8wCQYHKoZI zj0CAQNCAAQYMD63JbNHczeD0BVjdlzuZAdTyFchu/KsXAZA6/OmbJ37xEoga1GG ItMUW5qnzzNL9L25wi1GVZrMxH5bksxEMBUGBiuBBAEOATALBglghkgBZQMEAS0w gZwwgZkwbTBnMQswCQYDVQQGEwJERTEMMAoGA1UECAwDTlJXMRIwEAYDVQQHDAlQ YWRlcmJvcm4xGTAXBgNVBAoMEE5ldCBhdCBXb3JrIEdtYkgxGzAZBgNVBAMMEk5v U3BhbVByb3h5IERldiBDQQICEBwEKB6t+YrcLQLXlVc8oC47Ija4mgzJ0uv7DvFl JQXtUGZpf4pYQ9fvEO0wgYwGCSqGSIb3DQEHATAdBglghkgBZQMEASoEENsnhiim ZK1xDpAN3tpDiwmAYLp71os2uX6TIEJeDbtAuEf570gNii9AdHgdbS3+4hpFUyKI fifnofwQRq5+vsIc8DllYGMdMoWknO0vzNSNaLFpWMJ2Xe0SFyU0dO30wHlHXvz3 a3CzwXa5yoQ1qHfo3Q== And it does have the expected KEK encryption algorithm set: 1.3.132.1.14.1 => dhSinglePass-cofactorDH-sha256kdf-scheme However, the KDF method used is exactly the same as when I execute: openssl cms -encrypt -in Unencrypted.eml -binary -recip ecc.cer -aes256 -keyopt ecdh_kdf_md:sha256 -keyopt ecdh_cofactor_mode:0 This call does produce a different KEK algorithm: 1.3.132.1.11.1 ecdhX963KDF-SHA256. At least I can decrypt the content encryption key in both cases using the same algorithm ('Standard' ECDH). I'm using OpenSSL 3.0.0-beta1-dev (Library: OpenSSL 3.0.0-beta1-dev ). Any ideas? Do I need any additional parameters to get this working? Kind regards, Henning -------------- next part -------------- An HTML attachment was scrubbed... URL: From kaushalshriyan at gmail.com Mon May 24 06:52:42 2021 From: kaushalshriyan at gmail.com (Kaushal Shriyan) Date: Mon, 24 May 2021 12:22:42 +0530 Subject: List ECs (elliptic curves) in Cipher suites Message-ID: Hi, I have shared the below mentioned Cipher suite as part of strong Cipher Suites to be enabled on the server. The security auditor comments saying ECs (elliptic curves) are not listed. I am not sure what it means. Please guide with examples. TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 Thanks in Advance. I look forward to hearing from you. Best Regards, Kaushal -------------- next part -------------- An HTML attachment was scrubbed... URL: From mail at henningkrause.eu Mon May 24 07:40:49 2021 From: mail at henningkrause.eu (Henning Krause) Date: Mon, 24 May 2021 07:40:49 +0000 Subject: Support for ECDH One-pass in "openssl cms enc" In-Reply-To: References: Message-ID: Hi, after studying the different key generator functions more closely I came to the conclusion that, since the Prime256 curve has a cofactor of 1, both KDF should produce the same value and so everything has cleared up. Kind regards, Henning ________________________________ From: openssl-users on behalf of Henning Krause via openssl-users Sent: Sunday, May 23, 2021 2:45 PM To: openssl-users at openssl.org Subject: Support for ECDH One-pass in "openssl cms enc" Hi, I'm trying to encrypt an email using the ECDH One-Pass algorithm. I've first created an X509 certificate with an EDSA key based on the curve prime256v1. Then, I ran this command: openssl cms -encrypt -in Unencrypted.eml -binary -recip ecc.cer -aes256 -keyopt ecdh_kdf_md:sha256 -keyopt ecdh_cofactor_mode:1 This does indeed create an encrypted eml: MIME-Version: 1.0 Content-Disposition: attachment; filename="smime.p7m" Content-Type: application/pkcs7-mime; smime-type=enveloped-data; name="smime.p7m" Content-Transfer-Encoding: base64 MIIBuQYJKoZIhvcNAQcDoIIBqjCCAaYCAQIxggEQoYIBDAIBA6BRoU8wCQYHKoZI zj0CAQNCAAQYMD63JbNHczeD0BVjdlzuZAdTyFchu/KsXAZA6/OmbJ37xEoga1GG ItMUW5qnzzNL9L25wi1GVZrMxH5bksxEMBUGBiuBBAEOATALBglghkgBZQMEAS0w gZwwgZkwbTBnMQswCQYDVQQGEwJERTEMMAoGA1UECAwDTlJXMRIwEAYDVQQHDAlQ YWRlcmJvcm4xGTAXBgNVBAoMEE5ldCBhdCBXb3JrIEdtYkgxGzAZBgNVBAMMEk5v U3BhbVByb3h5IERldiBDQQICEBwEKB6t+YrcLQLXlVc8oC47Ija4mgzJ0uv7DvFl JQXtUGZpf4pYQ9fvEO0wgYwGCSqGSIb3DQEHATAdBglghkgBZQMEASoEENsnhiim ZK1xDpAN3tpDiwmAYLp71os2uX6TIEJeDbtAuEf570gNii9AdHgdbS3+4hpFUyKI fifnofwQRq5+vsIc8DllYGMdMoWknO0vzNSNaLFpWMJ2Xe0SFyU0dO30wHlHXvz3 a3CzwXa5yoQ1qHfo3Q== And it does have the expected KEK encryption algorithm set: 1.3.132.1.14.1 => dhSinglePass-cofactorDH-sha256kdf-scheme However, the KDF method used is exactly the same as when I execute: openssl cms -encrypt -in Unencrypted.eml -binary -recip ecc.cer -aes256 -keyopt ecdh_kdf_md:sha256 -keyopt ecdh_cofactor_mode:0 This call does produce a different KEK algorithm: 1.3.132.1.11.1 ecdhX963KDF-SHA256. At least I can decrypt the content encryption key in both cases using the same algorithm ('Standard' ECDH). I'm using OpenSSL 3.0.0-beta1-dev (Library: OpenSSL 3.0.0-beta1-dev ). Any ideas? Do I need any additional parameters to get this working? Kind regards, Henning -------------- next part -------------- An HTML attachment was scrubbed... URL: From piotr.lobacz at softgent.com Mon May 24 09:54:01 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Mon, 24 May 2021 09:54:01 +0000 Subject: CSR generation using pkcs11 token engine from C# code Message-ID: Hi all, i am currently trying to generate CSR with the usage of tpm2-pkcs11 module together with pkcs11 engine from opensc and the whole thing running with openssl api from C# code. I have checked that my solution works from command line. I have added these lines: openssl_conf = openssl_init [openssl_init] engines = engine_section [engine_section] pkcs11 = pkcs11_section [pkcs11_section] engine_id = pkcs11 dynamic_path = /usr/lib/engines-1.1/libpkcs11.so MODULE_PATH = /usr/lib/libtpm2_pkcs11.so init = 0 to the /etc/ssl/openssl.cnf configuration file and than this command: openssl req -new -subj '/C=PL/ST=Gdansk/L=Gdansk/CN=softgent.com/' -sha256 -engine pkcs11 -keyform engine -key "pkcs11:token=foo;object=tls;type=private;pin-value=1234567890" produces CSR for me. Now i want to do all this, from C# code. I have found a C# library https://github.com/andyhopp/OpenSsl.DynamicEngine which will load the engine, but i think that this won't be sufficient in a matter of pkcs11 engine, because i also need to load pkcs11 module. The question is what should i add to this library for propper work in means of pkcs11 api? What i mean is to use all this data from cnf file to configure openssl. Another question is how to execute this command above for csr from C#? I suspect that because on linux C# sdk uses openssl api for all cryptographic operations than it should be somehow similar to the C solution. I would be gratefull if someone could point me at least for a C solution of this issue. Best regards Piotr Lobacz [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. From mike.mckenney at scsiraidguru.com Mon May 24 11:28:49 2021 From: mike.mckenney at scsiraidguru.com (Michael McKenney) Date: Mon, 24 May 2021 11:28:49 +0000 Subject: CSR generation using pkcs11 token engine from C# code In-Reply-To: References: Message-ID: I wrote this script years ago when I switched to Godaddy 10 site certificates. I don't use it from C# You could easily put it into C# or PHP. < > would be variables at the top. I have it filled in so I just modify the alt_names. I just cut and paste the all of it into Ubuntu and run it in the directory /etc/apache2/ssl. If you don't need all 10, you can delete the extra ones in alt_names. openssl req -new -sha256 -nodes -out \ -newkey rsa:2048 -keyout \ -config <( cat <<-EOF [req] default_bits = 2048 prompt = no default_md = sha256 req_extensions = req_ext distinguished_name = dn [ dn ] C= < country > ST= < Your States > L= < City or location > O= < Organization > OU= emailAddress= CN = [ req_ext ] subjectAltName = @alt_names [ alt_names ] DNS.1 = < domain #1 > DNS.2 = < domain #2 > DNS.3 = < domain #3 > DNS.4 = < domain #4 > DNS.5 = < domain #5 > DNS.6 = < domain #6 > DNS.7 = < domain #7 > DNS.8 = < domain #8 > DNS.9 = < domain #9 > EOF ) -----Original Message----- From: openssl-users On Behalf Of Piotr Lobacz Sent: Monday, May 24, 2021 5:54 AM To: openssl-users at openssl.org Subject: CSR generation using pkcs11 token engine from C# code Hi all, i am currently trying to generate CSR with the usage of tpm2-pkcs11 module together with pkcs11 engine from opensc and the whole thing running with openssl api from C# code. I have checked that my solution works from command line. I have added these lines: openssl_conf = openssl_init [openssl_init] engines = engine_section [engine_section] pkcs11 = pkcs11_section [pkcs11_section] engine_id = pkcs11 dynamic_path = /usr/lib/engines-1.1/libpkcs11.so MODULE_PATH = /usr/lib/libtpm2_pkcs11.so init = 0 to the /etc/ssl/openssl.cnf configuration file and than this command: openssl req -new -subj '/C=PL/ST=Gdansk/L=Gdansk/CN=softgent.com/' -sha256 -engine pkcs11 -keyform engine -key "pkcs11:token=foo;object=tls;type=private;pin-value=1234567890" produces CSR for me. Now i want to do all this, from C# code. I have found a C# library https://github.com/andyhopp/OpenSsl.DynamicEngine which will load the engine, but i think that this won't be sufficient in a matter of pkcs11 engine, because i also need to load pkcs11 module. The question is what should i add to this library for propper work in means of pkcs11 api? What i mean is to use all this data from cnf file to configure openssl. Another question is how to execute this command above for csr from C#? I suspect that because on linux C# sdk uses openssl api for all cryptographic operations than it should be somehow similar to the C solution. I would be gratefull if someone could point me at least for a C solution of this issue. Best regards Piotr Lobacz [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. From mike.mckenney at scsiraidguru.com Mon May 24 11:36:32 2021 From: mike.mckenney at scsiraidguru.com (Michael McKenney) Date: Mon, 24 May 2021 11:36:32 +0000 Subject: =?Windows-1252?Q?RE:_I_installed_Openssl_1.1.1k_and_Ubuntu_20.04_did_an_u?= =?Windows-1252?Q?pgrade_and_reverted_it_back_to_1.1.1f._Usually_Ubuntu_up?= =?Windows-1252?Q?grades_don=92t_break_it.?= In-Reply-To: <440284a1-9d3e-a08c-1225-01a283d6e2d9@wisemo.com> References: <440284a1-9d3e-a08c-1225-01a283d6e2d9@wisemo.com> Message-ID: Jakob, Thanks for all the help over the weekend. I really appreciated the help. I did a reply all to your first email to add openssl-users. These two servers for at my home. They host many web sites. These are some of them: https://wp.scsiraidguru.com https://wp.michaelmckenney.com https://science.scsiraidguru.com https://ipv6.scsiraidguru.com I followed this to setup Openssl on 1.1.1k. I modified the code from 1.1.1h. https://code.luasoftware.com/tutorials/linux/upgrade-openssl-on-ubuntu-20/ I did fix the libssl. Openssl version points to 1.1.1k. libssl points to 1.1.1f. How do I install Openssl to get all the components to 1.1.1k? Here is a recap of the information you asked for. $ dpkg --status libssl1.1 sudo dpkg --status libssl1.1 [sudo] password for michael: Package: libssl1.1 Status: install ok installed Priority: optional Section: libs Installed-Size: 4027 Maintainer: Ubuntu Developers Architecture: amd64 Multi-Arch: same Source: openssl Version: 1.1.1f-1ubuntu2.4 Depends: libc6 (>= 2.25), debconf (>= 0.5) | debconf-2.0 Breaks: isync (<< 1.3.0-2), lighttpd (<< 1.4.49-2), python-boto (<< 2.44.0-1.1), python-httplib2 (<< 0.11.3-1), python-imaplib2 (<< 2.57-5), python3-boto (<< 2.44.0-1.1), python3-imaplib2 (<< 2.57-5) Description: Secure Sockets Layer toolkit - shared libraries This package is part of the OpenSSL project's implementation of the SSL and TLS cryptographic protocols for secure communication over the Internet. . It provides the libssl and libcrypto shared libraries. Homepage: https://www.openssl.org/ Original-Maintainer: Debian OpenSSL Team $ dpkg --status libssl-dev dpkg --status libssl-dev Package: libssl-dev Status: install ok installed Priority: optional Section: libdevel Installed-Size: 7818 Maintainer: Ubuntu Developers Architecture: amd64 Multi-Arch: same Source: openssl Version: 1.1.1f-1ubuntu2.4 Depends: libssl1.1 (= 1.1.1f-1ubuntu2.4) Suggests: libssl-doc Conflicts: libssl1.0-dev Description: Secure Sockets Layer toolkit - development files This package is part of the OpenSSL project's implementation of the SSL and TLS cryptographic protocols for secure communication over the Internet. . It contains development libraries, header files, and manpages for libssl and libcrypto. Homepage: https://www.openssl.org/ Original-Maintainer: Debian OpenSSL Team michael at ubuntuwpmm1tb:~$ $ dpkg --status openssl sudo dpkg --status openssl Package: openssl Status: install ok installed Priority: optional Section: utils Installed-Size: 1257 Maintainer: Ubuntu Developers Architecture: amd64 Multi-Arch: foreign Version: 1.1.1f-1ubuntu2.4 Depends: libc6 (>= 2.15), libssl1.1 (>= 1.1.1) Suggests: ca-certificates Conffiles: /etc/ssl/openssl.cnf fb92a2dab53f11f4f5f22adc5257b553 Description: Secure Sockets Layer toolkit - cryptographic utility This package is part of the OpenSSL project's implementation of the SSL and TLS cryptographic protocols for secure communication over the Internet. . It contains the general-purpose command line binary /usr/bin/openssl, useful for cryptographic operations such as: * creating RSA, DH, and DSA key parameters; * creating X.509 certificates, CSRs, and CRLs; * calculating message digests; * encrypting and decrypting with ciphers; * testing SSL/TLS clients and servers; * handling S/MIME signed or encrypted mail. Homepage: https://www.openssl.org/ Original-Maintainer: Debian OpenSSL Team $ type openssl type openssl openssl is hashed (/usr/local/ssl/bin/openssl) $ openssl version -a openssl version -a OpenSSL 1.1.1k 25 Mar 2021 built on: Thu May 20 12:00:48 2021 UTC platform: linux-x86_64 options: bn(64,64) rc4(16x,int) des(int) idea(int) blowfish(ptr) compiler: gcc -fPIC -pthread -m64 -Wa,--noexecstack -Wall -O3 -DOPENSSL_USE_NODELETE -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_CPUID_OBJ -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DKECCAK1600_ASM -DRC4_ASM -DMD5_ASM -DAESNI_ASM -DVPAES_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -DX25519_ASM -DPOLY1305_ASM -DZLIB -DNDEBUG OPENSSLDIR: "/usr/local/ssl" ENGINESDIR: "/usr/local/ssl/lib/engines-1.1" Seeding source: os-specific michael at ubuntuwpmm1tb:~$ $ ls -alF /usr/lib/x86_64-linux-gnu/libssl* ls -alF /usr/lib/x86_64-linux-gnu/libssl* -rw-r--r-- 1 root root 598104 Apr 27 20:37 /usr/lib/x86_64-linux-gnu/libssl.so.1.1 michael at ubuntuwpmm1tb:~$ $ ls -alF /usr/locallib/libssl* ls -alF /usr/locallib/libssl* ls: cannot access '/usr/locallib/libssl*': No such file or directory $ ls -alF /usr/local/bin/openssl ls -alF /usr/local/bin/openssl ls: cannot access '/usr/local/bin/openssl': No such file or directory $ /usr/local/bin/openssl version -a /usr/local/bin/openssl version -a -bash: /usr/local/bin/openssl: No such file or directory From piotr.lobacz at softgent.com Mon May 24 12:09:38 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Mon, 24 May 2021 12:09:38 +0000 Subject: ODP: CSR generation using pkcs11 token engine from C# code In-Reply-To: References: , Message-ID: Hi Michael, thx for your quick reply. Unfortunately i can't use your script because i need to use native code not bash implementation. For the first question about loading token module i have found a solution on github https://github.com/tkil/openssl-pkcs11-samples . This code is a C/C++ code but i can fairly port it to C#, and i was right about different load of engine for pkcs11 engine. So this can be closed. Another thing is to generate CSR with the usage of token and openssl. This will be more complicated and i don't know yet how to do that. BR Piotr ________________________________ Od: Michael McKenney Wys?ane: poniedzia?ek, 24 maja 2021 13:28 Do: Piotr Lobacz ; openssl-users at openssl.org Temat: RE: CSR generation using pkcs11 token engine from C# code I wrote this script years ago when I switched to Godaddy 10 site certificates. I don't use it from C# You could easily put it into C# or PHP. < > would be variables at the top. I have it filled in so I just modify the alt_names. I just cut and paste the all of it into Ubuntu and run it in the directory /etc/apache2/ssl. If you don't need all 10, you can delete the extra ones in alt_names. openssl req -new -sha256 -nodes -out \ -newkey rsa:2048 -keyout \ -config <( cat <<-EOF [req] default_bits = 2048 prompt = no default_md = sha256 req_extensions = req_ext distinguished_name = dn [ dn ] C= < country > ST= < Your States > L= < City or location > O= < Organization > OU= emailAddress= CN = [ req_ext ] subjectAltName = @alt_names [ alt_names ] DNS.1 = < domain #1 > DNS.2 = < domain #2 > DNS.3 = < domain #3 > DNS.4 = < domain #4 > DNS.5 = < domain #5 > DNS.6 = < domain #6 > DNS.7 = < domain #7 > DNS.8 = < domain #8 > DNS.9 = < domain #9 > EOF ) -----Original Message----- From: openssl-users On Behalf Of Piotr Lobacz Sent: Monday, May 24, 2021 5:54 AM To: openssl-users at openssl.org Subject: CSR generation using pkcs11 token engine from C# code Hi all, i am currently trying to generate CSR with the usage of tpm2-pkcs11 module together with pkcs11 engine from opensc and the whole thing running with openssl api from C# code. I have checked that my solution works from command line. I have added these lines: openssl_conf = openssl_init [openssl_init] engines = engine_section [engine_section] pkcs11 = pkcs11_section [pkcs11_section] engine_id = pkcs11 dynamic_path = /usr/lib/engines-1.1/libpkcs11.so MODULE_PATH = /usr/lib/libtpm2_pkcs11.so init = 0 to the /etc/ssl/openssl.cnf configuration file and than this command: openssl req -new -subj '/C=PL/ST=Gdansk/L=Gdansk/CN=softgent.com/' -sha256 -engine pkcs11 -keyform engine -key "pkcs11:token=foo;object=tls;type=private;pin-value=1234567890" produces CSR for me. Now i want to do all this, from C# code. I have found a C# library https://github.com/andyhopp/OpenSsl.DynamicEngine which will load the engine, but i think that this won't be sufficient in a matter of pkcs11 engine, because i also need to load pkcs11 module. The question is what should i add to this library for propper work in means of pkcs11 api? What i mean is to use all this data from cnf file to configure openssl. Another question is how to execute this command above for csr from C#? I suspect that because on linux C# sdk uses openssl api for all cryptographic operations than it should be somehow similar to the C solution. I would be gratefull if someone could point me at least for a C solution of this issue. Best regards Piotr Lobacz [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mike.mckenney at scsiraidguru.com Mon May 24 12:17:43 2021 From: mike.mckenney at scsiraidguru.com (Michael McKenney) Date: Mon, 24 May 2021 12:17:43 +0000 Subject: CSR generation using pkcs11 token engine from C# code In-Reply-To: References: , Message-ID: Usually I reserve C# for Windows servers. I use PHP on Ubuntu other Linux Distros. Most web servers that need OpenSSL are Linux. Glad you got it working. From: Piotr Lobacz Sent: Monday, May 24, 2021 8:10 AM To: Michael McKenney ; openssl-users at openssl.org Subject: ODP: CSR generation using pkcs11 token engine from C# code Hi Michael, thx for your quick reply. Unfortunately i can't use your script because i need to use native code not bash implementation. For the first question about loading token module i have found a solution on github https://github.com/tkil/openssl-pkcs11-samples . This code is a C/C++ code but i can fairly port it to C#, and i was right about different load of engine for pkcs11 engine. So this can be closed. Another thing is to generate CSR with the usage of token and openssl. This will be more complicated and i don't know yet how to do that. BR Piotr ________________________________ Od: Michael McKenney > Wys?ane: poniedzia?ek, 24 maja 2021 13:28 Do: Piotr Lobacz >; openssl-users at openssl.org > Temat: RE: CSR generation using pkcs11 token engine from C# code I wrote this script years ago when I switched to Godaddy 10 site certificates. I don't use it from C# You could easily put it into C# or PHP. < > would be variables at the top. I have it filled in so I just modify the alt_names. I just cut and paste the all of it into Ubuntu and run it in the directory /etc/apache2/ssl. If you don't need all 10, you can delete the extra ones in alt_names. openssl req -new -sha256 -nodes -out \ -newkey rsa:2048 -keyout \ -config <( cat <<-EOF [req] default_bits = 2048 prompt = no default_md = sha256 req_extensions = req_ext distinguished_name = dn [ dn ] C= < country > ST= < Your States > L= < City or location > O= < Organization > OU= emailAddress= CN = [ req_ext ] subjectAltName = @alt_names [ alt_names ] DNS.1 = < domain #1 > DNS.2 = < domain #2 > DNS.3 = < domain #3 > DNS.4 = < domain #4 > DNS.5 = < domain #5 > DNS.6 = < domain #6 > DNS.7 = < domain #7 > DNS.8 = < domain #8 > DNS.9 = < domain #9 > EOF ) -----Original Message----- From: openssl-users > On Behalf Of Piotr Lobacz Sent: Monday, May 24, 2021 5:54 AM To: openssl-users at openssl.org Subject: CSR generation using pkcs11 token engine from C# code Hi all, i am currently trying to generate CSR with the usage of tpm2-pkcs11 module together with pkcs11 engine from opensc and the whole thing running with openssl api from C# code. I have checked that my solution works from command line. I have added these lines: openssl_conf = openssl_init [openssl_init] engines = engine_section [engine_section] pkcs11 = pkcs11_section [pkcs11_section] engine_id = pkcs11 dynamic_path = /usr/lib/engines-1.1/libpkcs11.so MODULE_PATH = /usr/lib/libtpm2_pkcs11.so init = 0 to the /etc/ssl/openssl.cnf configuration file and than this command: openssl req -new -subj '/C=PL/ST=Gdansk/L=Gdansk/CN=softgent.com/' -sha256 -engine pkcs11 -keyform engine -key "pkcs11:token=foo;object=tls;type=private;pin-value=1234567890" produces CSR for me. Now i want to do all this, from C# code. I have found a C# library https://github.com/andyhopp/OpenSsl.DynamicEngine which will load the engine, but i think that this won't be sufficient in a matter of pkcs11 engine, because i also need to load pkcs11 module. The question is what should i add to this library for propper work in means of pkcs11 api? What i mean is to use all this data from cnf file to configure openssl. Another question is how to execute this command above for csr from C#? I suspect that because on linux C# sdk uses openssl api for all cryptographic operations than it should be somehow similar to the C solution. I would be gratefull if someone could point me at least for a C solution of this issue. Best regards Piotr Lobacz [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. -------------- next part -------------- An HTML attachment was scrubbed... URL: From piotr.lobacz at softgent.com Tue May 25 14:14:58 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Tue, 25 May 2021 14:14:58 +0000 Subject: ODP: CSR generation using pkcs11 token engine from C# code In-Reply-To: References: , , Message-ID: Ok i am trying to use this code: TokenEngine::TokenEngine( const StringList & modulePaths ) { ENGINE * tok = ENGINE_by_id( "pkcs11" ); if ( ! tok ) throw Exception( "token: unable to get engine" ); m_pEngine = tok; const string modulePath( findFirstExisting( modulePaths ) ); if ( modulePath.empty() ) throw Exception( "token: unable to find module path" ); DEBUG( "token: ctor: module_path=" << QS( modulePath ) ); if ( 1 != ENGINE_ctrl_cmd_string( tok, "MODULE_PATH", modulePath.c_str(), CMD_MANDATORY ) ) throw Exception( "token: setting module_path <= " + QS( modulePath ) ); DEBUG( "token: ctor: initializing " << m_pEngine ); if ( 1 != ENGINE_init( tok ) ) throw Exception( "token: unable to initialize" ); DEBUG( "token: ctor: done" ); } which is from this site https://github.com/tkil/openssl-pkcs11-samples/blob/master/OpenSSLWrappers.cpp and the problem is that if i change modulePath value to a not existing file the method is still returning 1 which i think it should not. Correct me if i'm wrong. BR Piotr ________________________________ Od: Michael McKenney Wys?ane: poniedzia?ek, 24 maja 2021 14:17 Do: Piotr Lobacz ; openssl-users at openssl.org Temat: RE: CSR generation using pkcs11 token engine from C# code Usually I reserve C# for Windows servers. I use PHP on Ubuntu other Linux Distros. Most web servers that need OpenSSL are Linux. Glad you got it working. From: Piotr Lobacz Sent: Monday, May 24, 2021 8:10 AM To: Michael McKenney ; openssl-users at openssl.org Subject: ODP: CSR generation using pkcs11 token engine from C# code Hi Michael, thx for your quick reply. Unfortunately i can't use your script because i need to use native code not bash implementation. For the first question about loading token module i have found a solution on github https://github.com/tkil/openssl-pkcs11-samples . This code is a C/C++ code but i can fairly port it to C#, and i was right about different load of engine for pkcs11 engine. So this can be closed. Another thing is to generate CSR with the usage of token and openssl. This will be more complicated and i don't know yet how to do that. BR Piotr ________________________________ Od: Michael McKenney > Wys?ane: poniedzia?ek, 24 maja 2021 13:28 Do: Piotr Lobacz >; openssl-users at openssl.org > Temat: RE: CSR generation using pkcs11 token engine from C# code I wrote this script years ago when I switched to Godaddy 10 site certificates. I don't use it from C# You could easily put it into C# or PHP. < > would be variables at the top. I have it filled in so I just modify the alt_names. I just cut and paste the all of it into Ubuntu and run it in the directory /etc/apache2/ssl. If you don't need all 10, you can delete the extra ones in alt_names. openssl req -new -sha256 -nodes -out \ -newkey rsa:2048 -keyout \ -config <( cat <<-EOF [req] default_bits = 2048 prompt = no default_md = sha256 req_extensions = req_ext distinguished_name = dn [ dn ] C= < country > ST= < Your States > L= < City or location > O= < Organization > OU= emailAddress= CN = [ req_ext ] subjectAltName = @alt_names [ alt_names ] DNS.1 = < domain #1 > DNS.2 = < domain #2 > DNS.3 = < domain #3 > DNS.4 = < domain #4 > DNS.5 = < domain #5 > DNS.6 = < domain #6 > DNS.7 = < domain #7 > DNS.8 = < domain #8 > DNS.9 = < domain #9 > EOF ) -----Original Message----- From: openssl-users > On Behalf Of Piotr Lobacz Sent: Monday, May 24, 2021 5:54 AM To: openssl-users at openssl.org Subject: CSR generation using pkcs11 token engine from C# code Hi all, i am currently trying to generate CSR with the usage of tpm2-pkcs11 module together with pkcs11 engine from opensc and the whole thing running with openssl api from C# code. I have checked that my solution works from command line. I have added these lines: openssl_conf = openssl_init [openssl_init] engines = engine_section [engine_section] pkcs11 = pkcs11_section [pkcs11_section] engine_id = pkcs11 dynamic_path = /usr/lib/engines-1.1/libpkcs11.so MODULE_PATH = /usr/lib/libtpm2_pkcs11.so init = 0 to the /etc/ssl/openssl.cnf configuration file and than this command: openssl req -new -subj '/C=PL/ST=Gdansk/L=Gdansk/CN=softgent.com/' -sha256 -engine pkcs11 -keyform engine -key "pkcs11:token=foo;object=tls;type=private;pin-value=1234567890" produces CSR for me. Now i want to do all this, from C# code. I have found a C# library https://github.com/andyhopp/OpenSsl.DynamicEngine which will load the engine, but i think that this won't be sufficient in a matter of pkcs11 engine, because i also need to load pkcs11 module. The question is what should i add to this library for propper work in means of pkcs11 api? What i mean is to use all this data from cnf file to configure openssl. Another question is how to execute this command above for csr from C#? I suspect that because on linux C# sdk uses openssl api for all cryptographic operations than it should be somehow similar to the C solution. I would be gratefull if someone could point me at least for a C solution of this issue. Best regards Piotr Lobacz [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png]> Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Sanjeev.Kumar-Mishra at rbbn.com Wed May 26 08:15:59 2021 From: Sanjeev.Kumar-Mishra at rbbn.com (Kumar Mishra, Sanjeev) Date: Wed, 26 May 2021 08:15:59 +0000 Subject: How to set the different parameters of X509_STORE_CTX structure. Message-ID: Hi, I am upgrading the code of OpenSSL 1.0 to 3.0. I am not getting some API for setting some parameter of X509_STORE_CTX structure as it is opaque in 3.0. For example the code is like - X509_STORE_CTX *ctx; ........ ........ ctx->current_issuer = NULL; ctx->current_crl_score = 0; ctx->current_reasons = 0; ........ ........ Thanks With Best Regards, Sanjeev Kumar Mishra Notice: This e-mail together with any attachments may contain information of Ribbon Communications Inc. and its Affiliates that is confidential and/or proprietary for the sole use of the intended recipient. Any review, disclosure, reliance or distribution by others or forwarding without express permission is strictly prohibited. If you are not the intended recipient, please notify the sender immediately and then delete all copies, including any attachments. -------------- next part -------------- An HTML attachment was scrubbed... URL: From piotr.lobacz at softgent.com Wed May 26 13:24:39 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Wed, 26 May 2021 13:24:39 +0000 Subject: dynamic engine load Message-ID: Hi all, I am trying to write a function which will load dynamic engine for pkcs11. What i intendt to do is not to use engine id pkcs11 but dynamic. The problem is that i get an error for ENGINE_ctrl_cmd_string with MODULE_PATH parameter. My function currently looks like this: public void Initialize() { if (null == engine) { engine = SafeNativeMethods.ENGINE_by_id("dynamic"); if (engine.IsInvalid) { throw new InvalidOperationException($"Unable to load dynamic engine"); } if (!File.Exists(EnginePath)) { throw new InvalidOperationException($"Unable to find engine library path"); } if (1 != SafeNativeMethods.ENGINE_ctrl_cmd_string(engine, "SO_PATH", EnginePath, 0)) { throw new InvalidOperationException("dynamic: setting so_path <= '{EnginePath}'"); } if (1 != SafeNativeMethods.ENGINE_ctrl_cmd_string(engine, "ID", Id, 0)) { throw new InvalidOperationException("dynamic: setting engine id <= '{id}'"); } if(Id == "pkcs11") { if(!File.Exists(ModulePath)) { throw new InvalidOperationException($"Unable to load pkcs11 module path"); } if(1 != SafeNativeMethods.ENGINE_ctrl_cmd_string(engine, "MODULE_PATH", ModulePath, 0)) { throw new InvalidOperationException("dynamic: setting module_path <= '{ModulePath}'"); } } if (1 != SafeNativeMethods.ENGINE_ctrl_cmd(engine, "LIST_ADD", 1, IntPtr.Zero, null, 0)) { throw new InvalidOperationException( "dynamic: setting list_add <= 1"); } if (1 != SafeNativeMethods.ENGINE_ctrl_cmd(engine, "LOAD", 1, IntPtr.Zero, null, 0)) { throw new InvalidOperationException( "dynamic: setting load <= 1"); } } } This function is writtien in C# but it shouldn't be rather a problem, cause it looks nearly the same as with C code. According to some manuals and other stuff i should be able to load dynamic engine for pkcs11 module and i am because for example this command: OpenSSL> engine dynamic -pre SO_PATH:/usr/lib/engines-1.1/libpkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib/libckteec.so works and produces log: (dynamic) Dynamic engine loading support [Success]: SO_PATH:/usr/lib/engines-1.1/libpkcs11.so [Success]: ID:pkcs11 [Success]: LIST_ADD:1 [Success]: LOAD [Success]: MODULE_PATH:/usr/lib/libckteec.so Loaded: (pkcs11) pkcs11 engine but as i said it before, when using my method i get an error on call for ENGINE_ctrl_cmd_string method. The error code which i'm getting is 0. I would be very apprecieate if someone could help me solve this issue. BR Piotr Lobacz [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. From piotr.lobacz at softgent.com Wed May 26 13:46:48 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Wed, 26 May 2021 13:46:48 +0000 Subject: ODP: dynamic engine load In-Reply-To: References: Message-ID: Ok i have found the problem:] The solution was to move the whole conditional if(Id == "pkcs11" {..} to the end of the function and now all is working properly. BR Piotr Lobacz ________________________________ Od: openssl-users w imieniu u?ytkownika Piotr Lobacz Wys?ane: ?roda, 26 maja 2021 15:24 Do: openssl-users at openssl.org Temat: dynamic engine load Hi all, I am trying to write a function which will load dynamic engine for pkcs11. What i intendt to do is not to use engine id pkcs11 but dynamic. The problem is that i get an error for ENGINE_ctrl_cmd_string with MODULE_PATH parameter. My function currently looks like this: public void Initialize() { if (null == engine) { engine = SafeNativeMethods.ENGINE_by_id("dynamic"); if (engine.IsInvalid) { throw new InvalidOperationException($"Unable to load dynamic engine"); } if (!File.Exists(EnginePath)) { throw new InvalidOperationException($"Unable to find engine library path"); } if (1 != SafeNativeMethods.ENGINE_ctrl_cmd_string(engine, "SO_PATH", EnginePath, 0)) { throw new InvalidOperationException("dynamic: setting so_path <= '{EnginePath}'"); } if (1 != SafeNativeMethods.ENGINE_ctrl_cmd_string(engine, "ID", Id, 0)) { throw new InvalidOperationException("dynamic: setting engine id <= '{id}'"); } if(Id == "pkcs11") { if(!File.Exists(ModulePath)) { throw new InvalidOperationException($"Unable to load pkcs11 module path"); } if(1 != SafeNativeMethods.ENGINE_ctrl_cmd_string(engine, "MODULE_PATH", ModulePath, 0)) { throw new InvalidOperationException("dynamic: setting module_path <= '{ModulePath}'"); } } if (1 != SafeNativeMethods.ENGINE_ctrl_cmd(engine, "LIST_ADD", 1, IntPtr.Zero, null, 0)) { throw new InvalidOperationException( "dynamic: setting list_add <= 1"); } if (1 != SafeNativeMethods.ENGINE_ctrl_cmd(engine, "LOAD", 1, IntPtr.Zero, null, 0)) { throw new InvalidOperationException( "dynamic: setting load <= 1"); } } } This function is writtien in C# but it shouldn't be rather a problem, cause it looks nearly the same as with C code. According to some manuals and other stuff i should be able to load dynamic engine for pkcs11 module and i am because for example this command: OpenSSL> engine dynamic -pre SO_PATH:/usr/lib/engines-1.1/libpkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib/libckteec.so works and produces log: (dynamic) Dynamic engine loading support [Success]: SO_PATH:/usr/lib/engines-1.1/libpkcs11.so [Success]: ID:pkcs11 [Success]: LIST_ADD:1 [Success]: LOAD [Success]: MODULE_PATH:/usr/lib/libckteec.so Loaded: (pkcs11) pkcs11 engine but as i said it before, when using my method i get an error on call for ENGINE_ctrl_cmd_string method. The error code which i'm getting is 0. I would be very apprecieate if someone could help me solve this issue. BR Piotr Lobacz [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. -------------- next part -------------- An HTML attachment was scrubbed... URL: From selva.nair at gmail.com Wed May 26 13:52:57 2021 From: selva.nair at gmail.com (Selva Nair) Date: Wed, 26 May 2021 09:52:57 -0400 Subject: dynamic engine load In-Reply-To: References: Message-ID: Hi, On Wed, May 26, 2021 at 9:25 AM Piotr Lobacz wrote: > > Hi all, > I am trying to write a function which will load dynamic engine for pkcs11. What i intendt to do is not to use engine id pkcs11 but dynamic. The problem is that i get an error for ENGINE_ctrl_cmd_string with MODULE_PATH parameter. My function currently looks like this: > > public void Initialize() > { > if (null == engine) > { > engine = SafeNativeMethods.ENGINE_by_id("dynamic"); > if (engine.IsInvalid) > { > throw new InvalidOperationException($"Unable to load dynamic engine"); > } > > if (!File.Exists(EnginePath)) > { > throw new InvalidOperationException($"Unable to find engine library path"); > } > > if (1 != SafeNativeMethods.ENGINE_ctrl_cmd_string(engine, "SO_PATH", EnginePath, 0)) > { > throw new InvalidOperationException("dynamic: setting so_path <= '{EnginePath}'"); > } At this point you should do the "LOAD" control to get the dynamic engine shell replaced by pkcs11. Then set the ID and the MODULE_PATH. So its dynamic --> set SO_PATH --> LOAD and then set all parameters of the engine that SO_PATH implements. Selva Selva From piotr.lobacz at softgent.com Wed May 26 20:32:00 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Wed, 26 May 2021 20:32:00 +0000 Subject: ODP: dynamic engine load In-Reply-To: References: , Message-ID: Yeah, that is what i have figured it out and written it in my previous message:] but big thx for help. BR Piotr Lobacz ________________________________ Od: Selva Nair Wys?ane: ?roda, 26 maja 2021 15:52 Do: Piotr Lobacz DW: openssl-users at openssl.org Temat: Re: dynamic engine load Hi, On Wed, May 26, 2021 at 9:25 AM Piotr Lobacz wrote: > > Hi all, > I am trying to write a function which will load dynamic engine for pkcs11. What i intendt to do is not to use engine id pkcs11 but dynamic. The problem is that i get an error for ENGINE_ctrl_cmd_string with MODULE_PATH parameter. My function currently looks like this: > > public void Initialize() > { > if (null == engine) > { > engine = SafeNativeMethods.ENGINE_by_id("dynamic"); > if (engine.IsInvalid) > { > throw new InvalidOperationException($"Unable to load dynamic engine"); > } > > if (!File.Exists(EnginePath)) > { > throw new InvalidOperationException($"Unable to find engine library path"); > } > > if (1 != SafeNativeMethods.ENGINE_ctrl_cmd_string(engine, "SO_PATH", EnginePath, 0)) > { > throw new InvalidOperationException("dynamic: setting so_path <= '{EnginePath}'"); > } At this point you should do the "LOAD" control to get the dynamic engine shell replaced by pkcs11. Then set the ID and the MODULE_PATH. So its dynamic --> set SO_PATH --> LOAD and then set all parameters of the engine that SO_PATH implements. Selva Selva [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. -------------- next part -------------- An HTML attachment was scrubbed... URL: From piotr.lobacz at softgent.com Wed May 26 20:45:23 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Wed, 26 May 2021 20:45:23 +0000 Subject: ODP: dynamic engine load In-Reply-To: References: , , Message-ID: Btw i have verified that in openssl command line tool if i switch order from the one that worked for me: OpenSSL> engine dynamic -pre SO_PATH:/usr/lib/engines-1.1/libpkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib/libckteec.so to the one that was in the code: OpenSSL> engine dynamic -pre SO_PATH:/usr/lib/engines-1.1/libpkcs11.so -pre MODULE_PATH:/usr/lib/libckteec.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD the error is the same as for me in the C# code. So the question is if you are telling me that the proper order is like that: dynamic --> set SO_PATH --> LOAD and then set all parameters of the engine that SO_PATH implements. does the order which i used is also correct one? BR Piotr ________________________________ Od: openssl-users w imieniu u?ytkownika Piotr Lobacz Wys?ane: ?roda, 26 maja 2021 22:32 Do: Selva Nair DW: openssl-users at openssl.org Temat: ODP: dynamic engine load Yeah, that is what i have figured it out and written it in my previous message:] but big thx for help. BR Piotr Lobacz ________________________________ Od: Selva Nair Wys?ane: ?roda, 26 maja 2021 15:52 Do: Piotr Lobacz DW: openssl-users at openssl.org Temat: Re: dynamic engine load Hi, On Wed, May 26, 2021 at 9:25 AM Piotr Lobacz wrote: > > Hi all, > I am trying to write a function which will load dynamic engine for pkcs11. What i intendt to do is not to use engine id pkcs11 but dynamic. The problem is that i get an error for ENGINE_ctrl_cmd_string with MODULE_PATH parameter. My function currently looks like this: > > public void Initialize() > { > if (null == engine) > { > engine = SafeNativeMethods.ENGINE_by_id("dynamic"); > if (engine.IsInvalid) > { > throw new InvalidOperationException($"Unable to load dynamic engine"); > } > > if (!File.Exists(EnginePath)) > { > throw new InvalidOperationException($"Unable to find engine library path"); > } > > if (1 != SafeNativeMethods.ENGINE_ctrl_cmd_string(engine, "SO_PATH", EnginePath, 0)) > { > throw new InvalidOperationException("dynamic: setting so_path <= '{EnginePath}'"); > } At this point you should do the "LOAD" control to get the dynamic engine shell replaced by pkcs11. Then set the ID and the MODULE_PATH. So its dynamic --> set SO_PATH --> LOAD and then set all parameters of the engine that SO_PATH implements. Selva Selva [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. -------------- next part -------------- An HTML attachment was scrubbed... URL: From selva.nair at gmail.com Wed May 26 22:44:56 2021 From: selva.nair at gmail.com (Selva Nair) Date: Wed, 26 May 2021 18:44:56 -0400 Subject: dynamic engine load In-Reply-To: References: Message-ID: Hi, On Wed, May 26, 2021 at 4:45 PM Piotr Lobacz wrote: > Btw i have verified that in openssl command line tool if i switch order > from the one that worked for me: > > OpenSSL> engine dynamic -pre SO_PATH:/usr/lib/engines-1.1/libpkcs11.so > -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre > MODULE_PATH:/usr/lib/libckteec.so > > to the one that was in the code: > > OpenSSL> engine dynamic -pre SO_PATH:/usr/lib/engines-1.1/libpkcs11.so > -pre MODULE_PATH:/usr/lib/libckteec.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre > LOAD > > the error is the same as for me in the C# code. So the question is if you > are telling me that the proper order is like that: > > dynamic --> set SO_PATH --> LOAD and then set all parameters of > the engine that SO_PATH implements. > > does the order which i used is also correct one? > The main error in your original code was setting MODULE_PATH on the dynamic engine instead of on pkcs11. And, I mistyped saying set ID after LOAD. As for LIST_ADD, if required, should be specified before LOAD as it's a directive to the dynamic engine, not pkcs11. It has been a while since I have looked into dynamic loading in detail, but here is my understanding. The dynamic engine supports only a few controls out of which the most useful ones are SO_PATH, ID and LIST_ADD. It won't understand MODULE_PATH. And, if SO_PATH is not given, I think ID could be used to locate the so-path of the engine but I have never got it to work. In any case, as you are giving the full SO_PATH, you don't need to set the ID. A "wrong" ID may lead to load failure but no ID will succeed. There may be some use of ID if the same shared lib implements multiple engines with different IDs. I don't know. The LOAD control causes the dynamic engine to convert itself to a new engine. Almost all engine parameters are wiped clean (including id and name) and the shared library pointed to by SO_PATH is loaded. The bind function defined in the shared lib gets executed which will fill-in the new engine parameters and set up the methods it supports. In the case of pkcs11, It sets the id to "pkcs11" on loading. So, after loading, querying the ID using Engine_get_id() will return "pkcs11". LOAD also causes the engine to be added to the internal list if LIST_ADD was specified before LOAD, not otherwise. Once loaded, the pkcs11 engine can handle controls like MODULE_PATH. It will use it to locate the module and load it when required -- usually after Engine_init() is called. Selva -------------- next part -------------- An HTML attachment was scrubbed... URL: From piotr.lobacz at softgent.com Thu May 27 12:10:16 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Thu, 27 May 2021 12:10:16 +0000 Subject: ODP: dynamic engine load In-Reply-To: References: , Message-ID: Ok, so from what you are saying, my order like this: dynamic --> set SO_PATH --> LOAD and then set all parameters of the engine that SO_PATH implements. i.e MODULE_PATH is correct? BR Piotr ________________________________ Od: Selva Nair Wys?ane: czwartek, 27 maja 2021 00:44 Do: Piotr Lobacz DW: openssl-users at openssl.org Temat: Re: dynamic engine load Hi, On Wed, May 26, 2021 at 4:45 PM Piotr Lobacz > wrote: Btw i have verified that in openssl command line tool if i switch order from the one that worked for me: OpenSSL> engine dynamic -pre SO_PATH:/usr/lib/engines-1.1/libpkcs11.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD -pre MODULE_PATH:/usr/lib/libckteec.so to the one that was in the code: OpenSSL> engine dynamic -pre SO_PATH:/usr/lib/engines-1.1/libpkcs11.so -pre MODULE_PATH:/usr/lib/libckteec.so -pre ID:pkcs11 -pre LIST_ADD:1 -pre LOAD the error is the same as for me in the C# code. So the question is if you are telling me that the proper order is like that: dynamic --> set SO_PATH --> LOAD and then set all parameters of the engine that SO_PATH implements. does the order which i used is also correct one? The main error in your original code was setting MODULE_PATH on the dynamic engine instead of on pkcs11. And, I mistyped saying set ID after LOAD. As for LIST_ADD, if required, should be specified before LOAD as it's a directive to the dynamic engine, not pkcs11. It has been a while since I have looked into dynamic loading in detail, but here is my understanding. The dynamic engine supports only a few controls out of which the most useful ones are SO_PATH, ID and LIST_ADD. It won't understand MODULE_PATH. And, if SO_PATH is not given, I think ID could be used to locate the so-path of the engine but I have never got it to work. In any case, as you are giving the full SO_PATH, you don't need to set the ID. A "wrong" ID may lead to load failure but no ID will succeed. There may be some use of ID if the same shared lib implements multiple engines with different IDs. I don't know. The LOAD control causes the dynamic engine to convert itself to a new engine. Almost all engine parameters are wiped clean (including id and name) and the shared library pointed to by SO_PATH is loaded. The bind function defined in the shared lib gets executed which will fill-in the new engine parameters and set up the methods it supports. In the case of pkcs11, It sets the id to "pkcs11" on loading. So, after loading, querying the ID using Engine_get_id() will return "pkcs11". LOAD also causes the engine to be added to the internal list if LIST_ADD was specified before LOAD, not otherwise. Once loaded, the pkcs11 engine can handle controls like MODULE_PATH. It will use it to locate the module and load it when required -- usually after Engine_init() is called. Selva [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. -------------- next part -------------- An HTML attachment was scrubbed... URL: From janjust at nikhef.nl Thu May 27 12:51:30 2021 From: janjust at nikhef.nl (Jan Just Keijser) Date: Thu, 27 May 2021 14:51:30 +0200 Subject: How to set the different parameters of X509_STORE_CTX structure. In-Reply-To: References: Message-ID: Hi, On 26/05/21 10:15, Kumar Mishra, Sanjeev wrote: > Hi, > > I am upgrading the code of OpenSSL 1.0 to 3.0. I am not getting some > API for setting some parameter of X509_STORE_CTX structure as it is > opaque in 3.0. For example the code is like - > > X509_STORE_CTX? *ctx; > ........ > ........ > > ctx->current_issuer = NULL; > ctx->current_crl_score = 0; > ctx->current_reasons = 0; > ........ > ........ > this changed with openssl 1.1.1 already; do ? man X509_STORE_CTX_init which sets all of the above. HTH, JJK -------------- next part -------------- An HTML attachment was scrubbed... URL: From piotr.lobacz at softgent.com Fri May 28 11:10:34 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Fri, 28 May 2021 11:10:34 +0000 Subject: CSR creation using pkcs11 dynamic engine Message-ID: Hi all, i'm trying to generate CSR using C# System.SecurityCryptography.Openssl library together with pkcs11 token library. The whole proces for this in command line works without any problems. For execution of this process i use command: openssl req -new -subj '/C=PL/ST=Gdansk/L=Gdansk/CN=softgent.com/' -sha256 -engine pkcs11 -keyform engine -key "pkcs11:token=foo;object=tls;type=private;pin-value=1234567890" The CSR is being generated and the output is like this: -----BEGIN CERTIFICATE REQUEST----- MIIBADCBqAIBADBGMQswCQYDVQQGEwJQTDEPMA0GA1UECAwGR2RhbnNrMQ8wDQYD VQQHDAZHZGFuc2sxFTATBgNVBAMMDHNvZnRnZW50LmNvbTBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABB7SwUzg8S+3iYNiqGPlidqwCdmuY8MV3RfKDiR5tL/I//Cn 9dGCBAfxTO23gb5pygIXB/qCARYuYLiGpE+tFo+gADAKBggqhkjOPQQDAgNHADBE AiAI4kDGjeO/V3f7RWe34e00aZAubjLGuIRbxgmQosu7mQIgQDK3Nx22fJn80Cml t3EQTa6x9oC4RtibFgWCxZ36Wyo= -----END CERTIFICATE REQUEST----- Now i'm trying to do all that programatically. In order to do that i have added some OpenSsl C# missing support for the engines and used the ENGINE_load_private_key method to retrieve SafeEvpPKeyHandle which is being retrieved (i have checked it with changing the key id value). The key which i'm using is "label_" + myKeyId i.e. "label_tls". The code looks like this: public virtual SafeEvpPKeyHandle GetPrivKey(string label) { string keyId = "label_" + label; SafeEvpPKeyHandle pkey = SafeNativeMethods.ENGINE_load_private_key(engine, keyId, IntPtr.Zero, IntPtr.Zero); if(pkey.IsInvalid) { throw new InvalidOperationException("engine: unable to find private key with label='{label}'"); } return pkey; } This is being returnin me SafeEvpPKeyHandle. The problem is in calling CreateSigningRequest from System.Security.Cryptography.OpenSsl.dll. I have this method: public virtual string GetCSR(SafeEvpPKeyHandle pkey, string ext, HashAlgorithmName name) { // FIXME: determine key type RSA rsa = new RSAOpenSsl(pkey); CertificateRequest req = new CertificateRequest("CN=potato", rsa, name, RSASignaturePadding.Pkcs1); // this method is only for RSA key different is for EC, DSA etc. byte[] requestDer = req.CreateSigningRequest(); string requestPem = new string(PemEncoding.Write("CERTIFICATE REQUEST", requestDer)); return requestPem; } and i'm getting this error: Unhandled exception. Interop+Crypto+OpenSslCryptographicException: error:04075093:rsa routines:RSA_sign:value missing at System.Security.Cryptography.RSAOpenSsl.TrySignHash(ReadOnlySpan`1 hash, Span`1 destination, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding, Boolean allocateSignature, Int32& bytesWritten, Byte[]& signature) at System.Security.Cryptography.RSAOpenSsl.SignHash(Byte[] hash, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) at System.Security.Cryptography.RSA.SignData(Byte[] data, Int32 offset, Int32 count, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) at System.Security.Cryptography.RSA.SignData(Byte[] data, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) at System.Security.Cryptography.X509Certificates.RSAPkcs1X509SignatureGenerator.SignData(Byte[] data, HashAlgorithmName hashAlgorithm) at System.Security.Cryptography.X509Certificates.Pkcs10CertificationRequestInfo.ToPkcs10Request(X509SignatureGenerator signatureGenerator, HashAlgorithmName hashAlgorithm) at System.Security.Cryptography.X509Certificates.CertificateRequest.CreateSigningRequest(X509SignatureGenerator signatureGenerator) at System.Security.Cryptography.X509Certificates.CertificateRequest.CreateSigningRequest() at System.Security.Cryptography.Engine.GetCSR(SafeEvpPKeyHandle pkey, String ext, HashAlgorithmName name) in /home/plobacz/workspace/OpenSsl.DynamicEngine/Engine.cs:line 72 at Flexgent.Services.CryptoSubsystem.CryptoSubsystem.Configure(String config) in /home/plobacz/workspace/crypto-subsystem/flexgent/extensions/security/crypto-subsystem/src/CryptoSubsystem.cs:line 145 at Flexgent.Core.Service.Flexgent.Core.IService.Configure(String config) in /home/plobacz/workspace/crypto-subsystem/flexgent/core/library/src/Classes/Service.cs:line 42 at Flexgent.Core.ServiceRunner`1.Run(ServiceRunnerOptions options, Action`1 mainLoop, IEnumerable`1 standaloneConnectInterfaces) in /home/plobacz/workspace/crypto-subsystem/flexgent/core/library/src/Classes/ServiceRunner.cs:line 50 at Flexgent.Services.CryptoSubsystem.CryptoSubsystemMain.<>c.
b__1_0(ServiceRunnerOptions o) in /home/plobacz/workspace/crypto-subsystem/flexgent/extensions/security/crypto-subsystem/src/ServiceMain.cs:line 20 at CommandLine.ParserResultExtensions.WithParsed[T](ParserResult`1 result, Action`1 action) at Flexgent.Services.CryptoSubsystem.CryptoSubsystemMain.Main(String[] args) in /home/plobacz/workspace/crypto-subsystem/flexgent/extensions/security/crypto-subsystem/src/ServiceMain.cs:line 19 I suspect that this happens, because the key in SafeEvpPKeyHandle isn't private. But when i cal this: pkcs11-tool --module /usr/lib/libtpm2_pkcs11.so --list-objects -l --pin 1234567890 I can see that there is private and public object: ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:221:Fapi_List_Finish() FAPI not provisioned. ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List ERROR: Listing FAPI token objects failed. Using slot 0 with a present token (0x1) Public Key Object; RSA 1024 bits label: tls ID: cd924ad983bc51ca1f15f446630901fa835f7b45 Usage: encrypt, verify, wrap Access: local Private Key Object; RSA label: tls ID: cd924ad983bc51ca1f15f446630901fa835f7b45 Usage: decrypt, sign, unwrap Access: sensitive, always sensitive, never extractable, local Allowed mechanisms: RSA-X-509,RSA-PKCS-OAEP,RSA-PKCS,SHA1-RSA-PKCS,SHA256-RSA-PKCS,SHA384-RSA-PKCS,SHA512-RSA-PKCS,RSA-PKCS-PSS,SHA1-RSA-PKCS-PSS,SHA256-RSA-PKCS-PSS,SHA384-RSA-PKCS-PSS,SHA512-RSA-PKCS-PSS Maybe i'm giving some wrong parameters for retrievieng the private key from the engine? BR Piotr [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. From minfrin at sharp.fm Fri May 28 11:30:14 2021 From: minfrin at sharp.fm (Graham Leggett) Date: Fri, 28 May 2021 13:30:14 +0200 Subject: X509_verify_cert() rejects all trusted certs with "default" X509_VERIFY_PARAM Message-ID: <1D5ACC3B-7D04-4CAA-A642-FC61D65E7552@sharp.fm> Hi all, While running code that calls X509_verify_cert(), the trusted root certificates (?BEGIN TRUSTED CERTIFICATE?) loaded into the verification are failing verification with ?certificate rejected?: 2: CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE: verify failed: certificate rejected The code path we?re following looks like this: * frame #0: 0x000000010060b808 libcrypto.3.dylib`obj_trust(id=910, x=0x000000010096da70, flags=8) at x509_trs.c:271:17 frame #1: 0x000000010060b672 libcrypto.3.dylib`X509_check_trust(x=0x000000010096da70, id=0, flags=0) at x509_trs.c:72:16 frame #2: 0x000000010061207b libcrypto.3.dylib`check_trust(ctx=0x00000001009fe5b0, num_untrusted=2) at x509_vfy.c:776:17 frame #3: 0x0000000100610e7e libcrypto.3.dylib`build_chain(ctx=0x00000001009fe5b0) at x509_vfy.c:3124:37 frame #4: 0x000000010060d655 libcrypto.3.dylib`verify_chain(ctx=0x00000001009fe5b0) at x509_vfy.c:216:15 frame #5: 0x000000010060d27b libcrypto.3.dylib`X509_verify_cert(ctx=0x00000001009fe5b0) at x509_vfy.c:295:15 In X509_check_trust() we get to this line of code which appears to ask ?trust roots with NID_anyExtendedKeyUsage": https://github.com/openssl/openssl/blob/master/crypto/x509/x509_trs.c#L72 int X509_check_trust(X509 *x, int id, int flags) { X509_TRUST *pt; int idx; /* We get this as a default value */ if (id == X509_TRUST_DEFAULT) return obj_trust(NID_anyExtendedKeyUsage, x, flags | X509_TRUST_DO_SS_COMPAT); This leads us to this code here: https://github.com/openssl/openssl/blob/master/crypto/x509/x509_trs.c#L268 for (i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) { ASN1_OBJECT *obj = sk_ASN1_OBJECT_value(ax->trust, i); int nid = OBJ_obj2nid(obj); if (nid == id || (nid == NID_anyExtendedKeyUsage && (flags & X509_TRUST_OK_ANY_EKU))) return X509_TRUST_TRUSTED; } We iterate through the above loop twice for our root certificate, once with a nid of: (lldb) print OBJ_nid2sn(nid) (const char *) $2 = 0x000000010067b13d ?emailProtection" and a second time with a nid of: (lldb) print OBJ_nid2sn(nid) (const char *) $3 = 0x000000010067b0d2 ?serverAuth" Neither ?emailProtection? nor ?serverAuth? are equal to ?anyExtendedKeyUsage?, and so we drop to this line which triggers the rejection of our root certificate: return X509_TRUST_REJECTED; I am lost - I can fully understand what the code is doing, but I can?t see why openssl only trusts certs with ?anyExtendedKeyUsage?. Can anyone explain why openssl would reject this certificate? I am using the ?default? X509_VERIFY_PARAM. Alas the source code apps/verify.c makes no attempt to set the trust parameter, and the docs for X509_VERIFY_PARAM_set_trust() say "sets the trust setting in param to trust? but doesn?t explain what possible values there are for ?trust? or their effect. Regards, Graham ? From tomas at openssl.org Fri May 28 11:58:16 2021 From: tomas at openssl.org (Tomas Mraz) Date: Fri, 28 May 2021 13:58:16 +0200 Subject: X509_verify_cert() rejects all trusted certs with "default" X509_VERIFY_PARAM In-Reply-To: <1D5ACC3B-7D04-4CAA-A642-FC61D65E7552@sharp.fm> References: <1D5ACC3B-7D04-4CAA-A642-FC61D65E7552@sharp.fm> Message-ID: Hello, is this a regression when comparing with OpenSSL-1.1.1? If so, it might be a good idea to report this as an issue to the project in GitHub. Tomas On Fri, 2021-05-28 at 13:30 +0200, Graham Leggett via openssl-users wrote: > Hi all, > > While running code that calls X509_verify_cert(), the trusted root > certificates (?BEGIN TRUSTED CERTIFICATE?) loaded into the > verification are failing verification with ?certificate rejected?: > > 2: CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE: verify > failed: certificate rejected > > The code path we?re following looks like this: > > * frame #0: 0x000000010060b808 libcrypto.3.dylib`obj_trust(id=910, > x=0x000000010096da70, flags=8) at x509_trs.c:271:17 > frame #1: 0x000000010060b672 > libcrypto.3.dylib`X509_check_trust(x=0x000000010096da70, id=0, > flags=0) at x509_trs.c:72:16 > frame #2: 0x000000010061207b > libcrypto.3.dylib`check_trust(ctx=0x00000001009fe5b0, > num_untrusted=2) at x509_vfy.c:776:17 > frame #3: 0x0000000100610e7e > libcrypto.3.dylib`build_chain(ctx=0x00000001009fe5b0) at > x509_vfy.c:3124:37 > frame #4: 0x000000010060d655 > libcrypto.3.dylib`verify_chain(ctx=0x00000001009fe5b0) at > x509_vfy.c:216:15 > frame #5: 0x000000010060d27b > libcrypto.3.dylib`X509_verify_cert(ctx=0x00000001009fe5b0) at > x509_vfy.c:295:15 > > In X509_check_trust() we get to this line of code which appears to > ask ?trust roots with NID_anyExtendedKeyUsage": > > https://github.com/openssl/openssl/blob/master/crypto/x509/x509_trs.c#L72 > > int X509_check_trust(X509 *x, int id, int flags) > { > X509_TRUST *pt; > int idx; > > /* We get this as a default value */ > if (id == X509_TRUST_DEFAULT) > return obj_trust(NID_anyExtendedKeyUsage, x, > flags | X509_TRUST_DO_SS_COMPAT); > > This leads us to this code here: > > https://github.com/openssl/openssl/blob/master/crypto/x509/x509_trs.c#L268 > > > for (i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) { > ASN1_OBJECT *obj = sk_ASN1_OBJECT_value(ax->trust, i); > int nid = OBJ_obj2nid(obj); > > if (nid == id || (nid == NID_anyExtendedKeyUsage && > (flags & X509_TRUST_OK_ANY_EKU))) > return X509_TRUST_TRUSTED; > } > > We iterate through the above loop twice for our root certificate, > once with a nid of: > > (lldb) print OBJ_nid2sn(nid) > (const char *) $2 = 0x000000010067b13d ?emailProtection" > > and a second time with a nid of: > > (lldb) print OBJ_nid2sn(nid) > (const char *) $3 = 0x000000010067b0d2 ?serverAuth" > > Neither ?emailProtection? nor ?serverAuth? are equal to > ?anyExtendedKeyUsage?, and so we drop to this line which triggers the > rejection of our root certificate: > > return X509_TRUST_REJECTED; > > I am lost - I can fully understand what the code is doing, but I > can?t see why openssl only trusts certs with ?anyExtendedKeyUsage?. > > Can anyone explain why openssl would reject this certificate? > > I am using the ?default? X509_VERIFY_PARAM. > > Alas the source code apps/verify.c makes no attempt to set the trust > parameter, and the docs for X509_VERIFY_PARAM_set_trust() say "sets > the trust setting in param to trust? but doesn?t explain what > possible values there are for ?trust? or their effect. > > Regards, > Graham > ? > > -- Tom?? Mr?z No matter how far down the wrong road you've gone, turn back. Turkish proverb [You'll know whether the road is wrong if you carefully listen to your conscience.] From piotr.lobacz at softgent.com Fri May 28 17:43:41 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Fri, 28 May 2021 17:43:41 +0000 Subject: ODP: CSR creation using pkcs11 dynamic engine In-Reply-To: References: Message-ID: Ok, i have found out that dotnet OpenSsl library has it's own code for verification is key private. For this it needs the whole data of private key from which this method: static int HasNoPrivateKey(RSA* rsa) which is in ./src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.c of dotnet verifies occurence of all private parameters. Unfortunately from what i know private keys are not extractable from tokens because of CKA_EXTRACTABLE=false parameter. Correct me if i'm wrong but from what i know about openssl, when i'm switching to a closed engine the whole cryptography is being made by the engine module. I think that there should be some other method verifing if key is private. Maybe somebody could give me a hint? BR Piotr ________________________________ Od: openssl-users w imieniu u?ytkownika Piotr Lobacz Wys?ane: pi?tek, 28 maja 2021 13:10 Do: openssl-users at openssl.org Temat: CSR creation using pkcs11 dynamic engine Hi all, i'm trying to generate CSR using C# System.SecurityCryptography.Openssl library together with pkcs11 token library. The whole proces for this in command line works without any problems. For execution of this process i use command: openssl req -new -subj '/C=PL/ST=Gdansk/L=Gdansk/CN=softgent.com/' -sha256 -engine pkcs11 -keyform engine -key "pkcs11:token=foo;object=tls;type=private;pin-value=1234567890" The CSR is being generated and the output is like this: -----BEGIN CERTIFICATE REQUEST----- MIIBADCBqAIBADBGMQswCQYDVQQGEwJQTDEPMA0GA1UECAwGR2RhbnNrMQ8wDQYD VQQHDAZHZGFuc2sxFTATBgNVBAMMDHNvZnRnZW50LmNvbTBZMBMGByqGSM49AgEG CCqGSM49AwEHA0IABB7SwUzg8S+3iYNiqGPlidqwCdmuY8MV3RfKDiR5tL/I//Cn 9dGCBAfxTO23gb5pygIXB/qCARYuYLiGpE+tFo+gADAKBggqhkjOPQQDAgNHADBE AiAI4kDGjeO/V3f7RWe34e00aZAubjLGuIRbxgmQosu7mQIgQDK3Nx22fJn80Cml t3EQTa6x9oC4RtibFgWCxZ36Wyo= -----END CERTIFICATE REQUEST----- Now i'm trying to do all that programatically. In order to do that i have added some OpenSsl C# missing support for the engines and used the ENGINE_load_private_key method to retrieve SafeEvpPKeyHandle which is being retrieved (i have checked it with changing the key id value). The key which i'm using is "label_" + myKeyId i.e. "label_tls". The code looks like this: public virtual SafeEvpPKeyHandle GetPrivKey(string label) { string keyId = "label_" + label; SafeEvpPKeyHandle pkey = SafeNativeMethods.ENGINE_load_private_key(engine, keyId, IntPtr.Zero, IntPtr.Zero); if(pkey.IsInvalid) { throw new InvalidOperationException("engine: unable to find private key with label='{label}'"); } return pkey; } This is being returnin me SafeEvpPKeyHandle. The problem is in calling CreateSigningRequest from System.Security.Cryptography.OpenSsl.dll. I have this method: public virtual string GetCSR(SafeEvpPKeyHandle pkey, string ext, HashAlgorithmName name) { // FIXME: determine key type RSA rsa = new RSAOpenSsl(pkey); CertificateRequest req = new CertificateRequest("CN=potato", rsa, name, RSASignaturePadding.Pkcs1); // this method is only for RSA key different is for EC, DSA etc. byte[] requestDer = req.CreateSigningRequest(); string requestPem = new string(PemEncoding.Write("CERTIFICATE REQUEST", requestDer)); return requestPem; } and i'm getting this error: Unhandled exception. Interop+Crypto+OpenSslCryptographicException: error:04075093:rsa routines:RSA_sign:value missing at System.Security.Cryptography.RSAOpenSsl.TrySignHash(ReadOnlySpan`1 hash, Span`1 destination, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding, Boolean allocateSignature, Int32& bytesWritten, Byte[]& signature) at System.Security.Cryptography.RSAOpenSsl.SignHash(Byte[] hash, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) at System.Security.Cryptography.RSA.SignData(Byte[] data, Int32 offset, Int32 count, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) at System.Security.Cryptography.RSA.SignData(Byte[] data, HashAlgorithmName hashAlgorithm, RSASignaturePadding padding) at System.Security.Cryptography.X509Certificates.RSAPkcs1X509SignatureGenerator.SignData(Byte[] data, HashAlgorithmName hashAlgorithm) at System.Security.Cryptography.X509Certificates.Pkcs10CertificationRequestInfo.ToPkcs10Request(X509SignatureGenerator signatureGenerator, HashAlgorithmName hashAlgorithm) at System.Security.Cryptography.X509Certificates.CertificateRequest.CreateSigningRequest(X509SignatureGenerator signatureGenerator) at System.Security.Cryptography.X509Certificates.CertificateRequest.CreateSigningRequest() at System.Security.Cryptography.Engine.GetCSR(SafeEvpPKeyHandle pkey, String ext, HashAlgorithmName name) in /home/plobacz/workspace/OpenSsl.DynamicEngine/Engine.cs:line 72 at Flexgent.Services.CryptoSubsystem.CryptoSubsystem.Configure(String config) in /home/plobacz/workspace/crypto-subsystem/flexgent/extensions/security/crypto-subsystem/src/CryptoSubsystem.cs:line 145 at Flexgent.Core.Service.Flexgent.Core.IService.Configure(String config) in /home/plobacz/workspace/crypto-subsystem/flexgent/core/library/src/Classes/Service.cs:line 42 at Flexgent.Core.ServiceRunner`1.Run(ServiceRunnerOptions options, Action`1 mainLoop, IEnumerable`1 standaloneConnectInterfaces) in /home/plobacz/workspace/crypto-subsystem/flexgent/core/library/src/Classes/ServiceRunner.cs:line 50 at Flexgent.Services.CryptoSubsystem.CryptoSubsystemMain.<>c.
b__1_0(ServiceRunnerOptions o) in /home/plobacz/workspace/crypto-subsystem/flexgent/extensions/security/crypto-subsystem/src/ServiceMain.cs:line 20 at CommandLine.ParserResultExtensions.WithParsed[T](ParserResult`1 result, Action`1 action) at Flexgent.Services.CryptoSubsystem.CryptoSubsystemMain.Main(String[] args) in /home/plobacz/workspace/crypto-subsystem/flexgent/extensions/security/crypto-subsystem/src/ServiceMain.cs:line 19 I suspect that this happens, because the key in SafeEvpPKeyHandle isn't private. But when i cal this: pkcs11-tool --module /usr/lib/libtpm2_pkcs11.so --list-objects -l --pin 1234567890 I can see that there is private and public object: ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:221:Fapi_List_Finish() FAPI not provisioned. ERROR:fapi:src/tss2-fapi/api/Fapi_List.c:81:Fapi_List() ErrorCode (0x00060034) Entities_List ERROR: Listing FAPI token objects failed. Using slot 0 with a present token (0x1) Public Key Object; RSA 1024 bits label: tls ID: cd924ad983bc51ca1f15f446630901fa835f7b45 Usage: encrypt, verify, wrap Access: local Private Key Object; RSA label: tls ID: cd924ad983bc51ca1f15f446630901fa835f7b45 Usage: decrypt, sign, unwrap Access: sensitive, always sensitive, never extractable, local Allowed mechanisms: RSA-X-509,RSA-PKCS-OAEP,RSA-PKCS,SHA1-RSA-PKCS,SHA256-RSA-PKCS,SHA384-RSA-PKCS,SHA512-RSA-PKCS,RSA-PKCS-PSS,SHA1-RSA-PKCS-PSS,SHA256-RSA-PKCS-PSS,SHA384-RSA-PKCS-PSS,SHA512-RSA-PKCS-PSS Maybe i'm giving some wrong parameters for retrievieng the private key from the engine? BR Piotr [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. -------------- next part -------------- An HTML attachment was scrubbed... URL: From selva.nair at gmail.com Fri May 28 18:47:35 2021 From: selva.nair at gmail.com (Selva Nair) Date: Fri, 28 May 2021 14:47:35 -0400 Subject: CSR creation using pkcs11 dynamic engine In-Reply-To: References: Message-ID: Hi, On Fri, May 28, 2021 at 1:44 PM Piotr Lobacz wrote: > > Ok, i have found out that dotnet OpenSsl library has it's own code for verification is key private. For this it needs the whole data of private key from which this method: > > static int HasNoPrivateKey(RSA* rsa) > > which is in ./src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.c of dotnet verifies occurence of all private parameters. Unfortunately from what i know private keys are not extractable from tokens because of CKA_EXTRACTABLE=false parameter. > > Correct me if i'm wrong but from what i know about openssl, when i'm switching to a closed engine the whole cryptography is being made by the engine module. I think that there should be some other method verifing if key is private. Maybe somebody could give me a hint? Its not verifying, but signing operation that is failing. This sounds like something wrong in the way you are using the dotnet interface or possibly a bug in (or limitation of) that implementation itself. Like its not meant to be used when keys are "external". I have no idea having never used C#. But you are right, when the private key is loaded through the pkcs11 engine the key is external (can stay non-extractable), and the signing operation gets delegated to the engine. Are you sure that the pkey returned by the ENGINE_get_private_key() and rsa handle generated from that pkey are valid? I see no error checks in your code unless dotnet will automatically trigger exceptions on error. You may get more relevant help in the dotnet community. Selva From piotr.lobacz at softgent.com Fri May 28 19:40:32 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Fri, 28 May 2021 19:40:32 +0000 Subject: ODP: CSR creation using pkcs11 dynamic engine In-Reply-To: References: , Message-ID: Hi Selva, i have found the cause of the problem. It is the HasNoPrivateKey function which is in dotnet OpenSsl ./src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.c implementation. The crux of the problem is in these lines: // The method has descibed itself as having the private key external to the structure. // That doesn't mean it's actually present, but we can't tell. #pragma clang diagnostic push #pragma clang diagnostic ignored "-Wcast-qual" if (RSA_meth_get_flags((RSA_METHOD*)meth) & RSA_FLAG_EXT_PKEY) #pragma clang diagnostic pop { return 0; } For some reason i suspect that i do not have this RSA_FLAG_EXT_PKEY flag set. Btw. when i am calling ENGINE_load_private_key method, the arguments i'm passing are the engine and the key. Both ui_method and callback_data are passed as NULLs. I talked with guys from dotnet in here https://github.com/dotnet/runtime/issues/53345 and i need to check RSA flags.But the thing that puzzles me is that shouldn't that flag be inserted by the engine during the call of ENGINE_load_private_key? BR Piotr ________________________________ Od: Selva Nair Wys?ane: pi?tek, 28 maja 2021 20:47 Do: Piotr Lobacz DW: openssl-users at openssl.org Temat: Re: CSR creation using pkcs11 dynamic engine Hi, On Fri, May 28, 2021 at 1:44 PM Piotr Lobacz wrote: > > Ok, i have found out that dotnet OpenSsl library has it's own code for verification is key private. For this it needs the whole data of private key from which this method: > > static int HasNoPrivateKey(RSA* rsa) > > which is in ./src/Native/Unix/System.Security.Cryptography.Native/pal_rsa.c of dotnet verifies occurence of all private parameters. Unfortunately from what i know private keys are not extractable from tokens because of CKA_EXTRACTABLE=false parameter. > > Correct me if i'm wrong but from what i know about openssl, when i'm switching to a closed engine the whole cryptography is being made by the engine module. I think that there should be some other method verifing if key is private. Maybe somebody could give me a hint? Its not verifying, but signing operation that is failing. This sounds like something wrong in the way you are using the dotnet interface or possibly a bug in (or limitation of) that implementation itself. Like its not meant to be used when keys are "external". I have no idea having never used C#. But you are right, when the private key is loaded through the pkcs11 engine the key is external (can stay non-extractable), and the signing operation gets delegated to the engine. Are you sure that the pkey returned by the ENGINE_get_private_key() and rsa handle generated from that pkey are valid? I see no error checks in your code unless dotnet will automatically trigger exceptions on error. You may get more relevant help in the dotnet community. Selva [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. -------------- next part -------------- An HTML attachment was scrubbed... URL: From Michael.Wojcik at microfocus.com Fri May 28 20:50:00 2021 From: Michael.Wojcik at microfocus.com (Michael Wojcik) Date: Fri, 28 May 2021 20:50:00 +0000 Subject: FW: X509_verify_cert() rejects all trusted certs with "default" X509_VERIFY_PARAM References: <1D5ACC3B-7D04-4CAA-A642-FC61D65E7552@sharp.fm> Message-ID: Just realized I sent this directly to Graham instead of to the list. -----Original Message----- From: Michael Wojcik Sent: Friday, 28 May, 2021 09:37 To: 'Graham Leggett' Subject: RE: X509_verify_cert() rejects all trusted certs with "default" X509_VERIFY_PARAM > From: openssl-users On Behalf Of Graham > Leggett via openssl-users > Sent: Friday, 28 May, 2021 06:30 > > I am lost - I can fully understand what the code is doing, but I can?t see > why openssl only trusts certs with ?anyExtendedKeyUsage?. Interesting. I wondered if this might be enforcing some RFC 5280 or CA / Browser Forum Baseline Requirements rule. 5280 4.2.1.12 says: In general, this extension will appear only in end entity certificates. and If the extension is present, then the certificate MUST only be used for one of the purposes indicated. Your certificate has serverAuth and emailProtection, yes? So it cannot be used to sign other certificates, and OpenSSL is correct as far as that goes. 5280 doesn't define an EKU for signing certificates; so perhaps the intent of the OpenSSL code is "if EKU is present, this probably can't be used as a CA cert without violating 5280, but I'll look for this 'any' usage just in case and allow that". The errata for 5280 and the RFCs which update it do not appear to affect this section. The CA/BF BR 7.1.2.1, the part of the certificate profile that covers root certificates, says: d. extKeyUsage This extension MUST NOT be present. Now, there's no particular reason for OpenSSL to enforce CA/BF BR, and good reason for it not to (the "CA" part refers to commercial CAs, and not all clients are browsers). But it's more evidence that root certificates, at least, should not have extKeyUsage because browsers can correctly reject those. The CA/BF profile is more complicated regarding what it calls "subordinate" certificates, aka intermediates, so for non-root trust anchors there are cases where you can get away with extKeyUsage. But a good rule is "only put extKeyUsage on entity [leaf] certificates". So that really leaves us with the question "do we want OpenSSL enforcing the extKeyUsage rules of RFC 5280?". And I'm tempted to say yes. In principle, the basicConstraints CA flag and the keyUsage keyCertSign option should suffice for this, but defense in depth, and in cryptographic protocols consistency is extremely important. -- Michael Wojcik From openssl-users at dukhovni.org Fri May 28 21:39:04 2021 From: openssl-users at dukhovni.org (Viktor Dukhovni) Date: Fri, 28 May 2021 17:39:04 -0400 Subject: X509_verify_cert() rejects all trusted certs with "default" X509_VERIFY_PARAM In-Reply-To: <1D5ACC3B-7D04-4CAA-A642-FC61D65E7552@sharp.fm> References: <1D5ACC3B-7D04-4CAA-A642-FC61D65E7552@sharp.fm> Message-ID: On Fri, May 28, 2021 at 01:30:14PM +0200, Graham Leggett via openssl-users wrote: > While running code that calls X509_verify_cert(), the trusted root > certificates (?BEGIN TRUSTED CERTIFICATE?) loaded into the > verification are failing verification with ?certificate rejected?: Typically, certififcates in the OpenSSL trust stores used by most users aren't wrapped up as "TRUSTED CERTIFICATES" that are annotated with explicit trust EKUs. What sort of trust store are you using that has these annotations? Can you be more explicit about the "default" X509_VERIFY_PARAM? Are you referring to the default "purpose"? If your root is CA is tagged with a restricted set of trust EKUs, verification will only succeed for a purpose that matches one of those trust EKUs. > for (i = 0; i < sk_ASN1_OBJECT_num(ax->trust); i++) { > ASN1_OBJECT *obj = sk_ASN1_OBJECT_value(ax->trust, i); > int nid = OBJ_obj2nid(obj); > > if (nid == id || (nid == NID_anyExtendedKeyUsage && > (flags & X509_TRUST_OK_ANY_EKU))) > return X509_TRUST_TRUSTED; > } > > We iterate through the above loop twice for our root certificate, once with a nid of: > > (lldb) print OBJ_nid2sn(nid) > (const char *) $2 = 0x000000010067b13d ?emailProtection" > > and a second time with a nid of: > > (lldb) print OBJ_nid2sn(nid) > (const char *) $3 = 0x000000010067b0d2 ?serverAuth" Looks like your CA cert is annotated with "emailProtection" and "serverAuth", and so can only be used to verify TLS server and SMIME certficates, which don't match the "default" (unrestricted) purpose. > Neither ?emailProtection? nor ?serverAuth? are equal to > ?anyExtendedKeyUsage?, and so we drop to this line which triggers the > rejection of our root certificate: Specify a matching purpose, or use a root CA that is not annotated with a limited set of trust EKUs. > Can anyone explain why openssl would reject this certificate? > > I am using the ?default? X509_VERIFY_PARAM. If you're using verify(1), you can set the purpose via the "-purpose" option to one of: - any - crlsign - nssslserver - ocsphelper - smimeencrypt - smimesign - sslclient - sslserver - timestampsign > Alas the source code apps/verify.c makes no attempt to set the trust > parameter, This is set indirectly via the "-purpose" option. -- Viktor. From anshepherd02 at gmail.com Sat May 29 05:02:52 2021 From: anshepherd02 at gmail.com (Amber Shepherd) Date: Sat, 29 May 2021 01:02:52 -0400 Subject: Remove from mailing list Message-ID: Hi, Can you please let me know what I need to do in order to unsubscribe from this list? Thank you Amber shepherd -------------- next part -------------- An HTML attachment was scrubbed... URL: From guru at unixarea.de Sat May 29 05:12:49 2021 From: guru at unixarea.de (Matthias Apitz) Date: Sat, 29 May 2021 07:12:49 +0200 Subject: Remove from mailing list In-Reply-To: References: Message-ID: El d?a s?bado, mayo 29, 2021 a las 01:02:52a. m. -0400, Amber Shepherd escribi?: > Hi, > Can you please let me know what I need to do in order to unsubscribe > from this list? Look into the header lines of the mails from the list for List-Unsubscribe: matthias -- Matthias Apitz, ? guru at unixarea.de, http://www.unixarea.de/ +49-176-38902045 Public GnuPG key: http://www.unixarea.de/key.pub ?Con Cuba no te metas! ?? Don't mess with Cuba! ?? Leg Dich nicht mit Kuba an! http://www.cubadebate.cu/noticias/2020/12/25/en-video-con-cuba-no-te-metas/ From piotr.lobacz at softgent.com Sat May 29 18:12:53 2021 From: piotr.lobacz at softgent.com (Piotr Lobacz) Date: Sat, 29 May 2021 18:12:53 +0000 Subject: ODP: CSR creation using pkcs11 dynamic engine In-Reply-To: References: , Message-ID: Hi, unfortunately that is not that simple :( These methods are not being exposed by the dotnet. Porting them would take to much time because of the method struct. Recompiling the whole dotnet sdk is also not an option. You know, i've been reading your mail and keep thinking and for now i see that the fastest way is to simply modify libp11 proxy engine in EVP_load_private_key method. First i can verify there the EVP_test_flag on the key and second modify the engine flags. This way i will be 100% sure that the problem is on dotnet side. Because when i was testing this key on the token i was generating 1024 bit length key and written it's length to the console. Than i have erased it completly and generated a new key pair with modified key length to 2048. The output result was changed: 1024 -> 2048. So the conclusion was that the key i taken correclty. I will check this on monday and keep you inform. Have a nice weekend. BR Piotr ________________________________ Od: Selva Nair Wys?ane: sobota, 29 maja 2021 03:34 Do: Piotr Lobacz Temat: Re: CSR creation using pkcs11 dynamic engine Hi, I will also check these flags of my RSA object using RSA_test_flags and give you the answer. In the meantime as you have already told, the experts in here can share their knowledge, but i rather suspect that all you said is correct :] and the bug is in the dotnet implementation... You could probably work around it by getting the method from the key using meth = RSA_get_method(rsa) and then setting the flag on the method using RSA_meth_set_flags(meth, flags). May not be a nice thing to do to a method owned by the engine, but should work if those API are exposed via dotnet. If this is indeed the problem, you could try lobbying two places: dotnet devs to add a check for flags in the key, and libp11/pkcs11 engine devs to also set the flags on the method. One of them may oblige, depending on their thoughts on what is "right". Selva [https://softgent.com/wp-content/uploads/2020/01/Zasob-14.png] Softgent Sp. z o.o., Budowlanych 31d, 80-298 Gdansk, POLAND KRS: 0000674406, NIP: 9581679801, REGON: 367090912 www.softgent.com S?d Rejonowy Gda?sk-P??noc w Gda?sku, VII Wydzia? Gospodarczy Krajowego Rejestru S?dowego KRS 0000674406, Kapita? zak?adowy: 25 000,00 z? wp?acony w ca?o?ci. -------------- next part -------------- An HTML attachment was scrubbed... URL: From mike.mckenney at scsiraidguru.com Sun May 30 12:05:50 2021 From: mike.mckenney at scsiraidguru.com (Michael McKenney) Date: Sun, 30 May 2021 12:05:50 +0000 Subject: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? Message-ID: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? My biggest compliant with Linux is it is so difficult to get best practice installations for services like OpenSSL. Ubuntu is still on 1.1.1f. I have been trying to upgrade to 1.1.1k. Openssl version -a states I am on 1.1.1k. When programs in Wordpress that use OpenSSL show I am using 1.1.1.f. Spending hours of time on various sites like AskUbuntu.com, only to be disappointed. Microsoft has best practices guides for installations. Why can't we get them for Linux. Michael A. McKenney mike.mckenney at scsiraidguru.com https://wp.scsiraidguru.com -------------- next part -------------- An HTML attachment was scrubbed... URL: From public at enkore.de Mon May 31 08:26:51 2021 From: public at enkore.de (d0) Date: Mon, 31 May 2021 10:26:51 +0200 Subject: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? In-Reply-To: References: Message-ID: Ubuntu isn't on 1.1.1f. 20.04 is on 1.1.1f-1ubuntu2.4, 20.10 is on 1.1.1f-1ubuntu4.4 and 21.04 is on 1.1.1j-1ubuntu3.1. The "1ubuntuX.Y" bits mean that there are additional patches on top of the vanilla 1.1.1f release in there. Likely backports of security patches. For details, Ubuntu has a package changelog. Cheers, Marian Am So., 30. Mai 2021 um 14:06 Uhr schrieb Michael McKenney < mike.mckenney at scsiraidguru.com>: > Why can't we get a proper installation method to keep OpenSSL at the > latest revision for Linux? > > My biggest compliant with Linux is it is so difficult to get best practice > installations for services like OpenSSL. Ubuntu is still on 1.1.1f. I > have been trying to upgrade to 1.1.1k. Openssl version -a states I am on > 1.1.1k. When programs in Wordpress that use OpenSSL show I am using > 1.1.1.f. Spending hours of time on various sites like AskUbuntu.com, only > to be disappointed. Microsoft has best practices guides for > installations. Why can?t we get them for Linux. > > > > Michael A. McKenney > mike.mckenney at scsiraidguru.com > https://wp.scsiraidguru.com > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From janjust at nikhef.nl Mon May 31 09:54:30 2021 From: janjust at nikhef.nl (Jan Just Keijser) Date: Mon, 31 May 2021 11:54:30 +0200 Subject: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? In-Reply-To: References: Message-ID: On 30/05/21 14:05, Michael McKenney wrote: > > Why can't we get a proper installation method to keep OpenSSL at the > latest revision for Linux? > > My biggest compliant with Linux is it is so difficult to get best > practice installations for services like OpenSSL. Ubuntu is still on > 1.1.1f.??? I have been trying to upgrade to 1.1.1k.?? Openssl version > -a states I am on 1.1.1k.?? When programs in Wordpress that use > OpenSSL show I am using 1.1.1.f.?? Spending hours of time on various > sites like AskUbuntu.com, only to be disappointed.?? Microsoft has > best practices guides for installations.?? Why can?t we get them for > Linux. > > this is both very hard and undesirable: openssl can be regarded as a low-level system library that is used by many applications across the entire Linux distribution. You cannot simply upgrade this low-level system library without breaking these applications. Admittedly, for an upgrade from 1.1.1f -> 1.1.1k the risk of introducing an API change is quite low, but for anything else (e.g. 1.1.0x -> 1.1.1k) you will almost certainly have to rebuild and relink all applications that depend on the OpenSSL libraries. This is not something you can expect from the Linux distro maintainers. For them, it is far less risky to backport security fixes to the version of OpenSSL that they built their distro on (e.g. Ubuntu 20 > 1.1.1f; CentOS 7 -> 1.0.2k (yes!), etc). Note that most update woes that Windows 10 has had over the past few years were related to library updates breaking applications - so even microsoft has problems with "best practices". HTH, JJK -------------- next part -------------- An HTML attachment was scrubbed... URL: From mike.mckenney at scsiraidguru.com Mon May 31 11:01:35 2021 From: mike.mckenney at scsiraidguru.com (Michael McKenney) Date: Mon, 31 May 2021 11:01:35 +0000 Subject: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? In-Reply-To: References: Message-ID: My wordpress servers are under constant attack. My Fortinet 60E firewall logs are filled. Openssl is constantly reported on The Hacker News and other sites. So I don't need to worry about upgrading OpenSSL in the future to 1.1.1k or above? I can just use what the distro has to offer by apt? Ubuntu 20.04 started with 1.1.1f. My Kali server is mainly used for Try Hack Me challenges and learn cyber security. From: Jan Just Keijser Sent: Monday, May 31, 2021 5:55 AM To: Michael McKenney ; openssl-users at openssl.org Subject: Re: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? On 30/05/21 14:05, Michael McKenney wrote: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? My biggest compliant with Linux is it is so difficult to get best practice installations for services like OpenSSL. Ubuntu is still on 1.1.1f. I have been trying to upgrade to 1.1.1k. Openssl version -a states I am on 1.1.1k. When programs in Wordpress that use OpenSSL show I am using 1.1.1.f. Spending hours of time on various sites like AskUbuntu.com, only to be disappointed. Microsoft has best practices guides for installations. Why can't we get them for Linux. this is both very hard and undesirable: openssl can be regarded as a low-level system library that is used by many applications across the entire Linux distribution. You cannot simply upgrade this low-level system library without breaking these applications. Admittedly, for an upgrade from 1.1.1f -> 1.1.1k the risk of introducing an API change is quite low, but for anything else (e.g. 1.1.0x -> 1.1.1k) you will almost certainly have to rebuild and relink all applications that depend on the OpenSSL libraries. This is not something you can expect from the Linux distro maintainers. For them, it is far less risky to backport security fixes to the version of OpenSSL that they built their distro on (e.g. Ubuntu 20 > 1.1.1f; CentOS 7 -> 1.0.2k (yes!), etc). Note that most update woes that Windows 10 has had over the past few years were related to library updates breaking applications - so even microsoft has problems with "best practices". HTH, JJK -------------- next part -------------- An HTML attachment was scrubbed... URL: From tomas at openssl.org Mon May 31 11:43:54 2021 From: tomas at openssl.org (Tomas Mraz) Date: Mon, 31 May 2021 13:43:54 +0200 Subject: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? In-Reply-To: References: Message-ID: <576f2955642e09ec0c89c1f298927ccbea5dd0cf.camel@openssl.org> If you use a supported distro (i.e., one that is not out of life) then the distro is expected to supply CVE issue fixes in form of updates. They usually do not upgrade the version to the upstream one but just backport the security fixes and that's the reason why the version does not change. Tomas On Mon, 2021-05-31 at 11:01 +0000, Michael McKenney via openssl-users wrote: > My wordpress servers are under constant attack. My Fortinet 60E > firewall logs are filled. Openssl is constantly reported on The > Hacker News and other sites. So I don?t need to worry about > upgrading OpenSSL in the future to 1.1.1k or above? I can just use > what the distro has to offer by apt? Ubuntu 20.04 started with > 1.1.1f. My Kali server is mainly used for Try Hack Me challenges > and learn cyber security. > > From: Jan Just Keijser > Sent: Monday, May 31, 2021 5:55 AM > To: Michael McKenney ; > openssl-users at openssl.org > Subject: Re: Why can't we get a proper installation method to keep > OpenSSL at the latest revision for Linux? > > On 30/05/21 14:05, Michael McKenney wrote: > > Why can't we get a proper installation method to keep OpenSSL at > > the latest revision for Linux? > > > > My biggest compliant with Linux is it is so difficult to get best > > practice installations for services like OpenSSL. Ubuntu is still > > on 1.1.1f. I have been trying to upgrade to 1.1.1k. Openssl > > version -a states I am on 1.1.1k. When programs in Wordpress that > > use OpenSSL show I am using 1.1.1.f. Spending hours of time on > > various sites like AskUbuntu.com, only to be disappointed. > > Microsoft has best practices guides for installations. Why can?t > > we get them for Linux. > > > > > > this is both very hard and undesirable: > openssl can be regarded as a low-level system library that is used by > many applications across the entire Linux distribution. You cannot > simply upgrade this low-level system library without breaking these > applications. Admittedly, for an upgrade from 1.1.1f -> 1.1.1k the > risk of introducing an API change is quite low, but for anything else > (e.g. 1.1.0x -> 1.1.1k) you will almost certainly have to rebuild and > relink all applications that depend on the OpenSSL libraries. > This is not something you can expect from the Linux distro > maintainers. For them, it is far less risky to backport security > fixes to the version of OpenSSL that they built their distro on (e.g. > Ubuntu 20 > 1.1.1f; CentOS 7 -> 1.0.2k (yes!), etc). > > Note that most update woes that Windows 10 has had over the past few > years were related to library updates breaking applications - so even > microsoft has problems with "best practices". > > HTH, > > JJK -- Tom?? Mr?z No matter how far down the wrong road you've gone, turn back. Turkish proverb [You'll know whether the road is wrong if you carefully listen to your conscience.] From raubvogel at gmail.com Mon May 31 11:44:54 2021 From: raubvogel at gmail.com (Mauricio Tavares) Date: Mon, 31 May 2021 07:44:54 -0400 Subject: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? In-Reply-To: References: Message-ID: On Mon, May 31, 2021 at 7:02 AM Michael McKenney via openssl-users wrote: > > My wordpress servers are under constant attack. My Fortinet 60E firewall logs are filled. Openssl is constantly reported on The Hacker News and other sites. So I don?t need to worry about upgrading OpenSSL in the future to 1.1.1k or above? I can just use what the distro has to offer by apt? Ubuntu 20.04 started with 1.1.1f. My Kali server is mainly used for Try Hack Me challenges and learn cyber security. > Security is a series of compromises based on understanding your needs and defense in depth. For instance, do you run something like fail2ban? Do you monitor your logs and network traffic? > > From: Jan Just Keijser > Sent: Monday, May 31, 2021 5:55 AM > To: Michael McKenney ; openssl-users at openssl.org > Subject: Re: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? > > > > On 30/05/21 14:05, Michael McKenney wrote: > > Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? > > My biggest compliant with Linux is it is so difficult to get best practice installations for services like OpenSSL. Ubuntu is still on 1.1.1f. I have been trying to upgrade to 1.1.1k. Openssl version -a states I am on 1.1.1k. When programs in Wordpress that use OpenSSL show I am using 1.1.1.f. Spending hours of time on various sites like AskUbuntu.com, only to be disappointed. Microsoft has best practices guides for installations. Why can?t we get them for Linux. > > > > > > this is both very hard and undesirable: > openssl can be regarded as a low-level system library that is used by many applications across the entire Linux distribution. You cannot simply upgrade this low-level system library without breaking these applications. Admittedly, for an upgrade from 1.1.1f -> 1.1.1k the risk of introducing an API change is quite low, but for anything else (e.g. 1.1.0x -> 1.1.1k) you will almost certainly have to rebuild and relink all applications that depend on the OpenSSL libraries. > This is not something you can expect from the Linux distro maintainers. For them, it is far less risky to backport security fixes to the version of OpenSSL that they built their distro on (e.g. Ubuntu 20 > 1.1.1f; CentOS 7 -> 1.0.2k (yes!), etc). > > Note that most update woes that Windows 10 has had over the past few years were related to library updates breaking applications - so even microsoft has problems with "best practices". > > HTH, > > JJK From mike.mckenney at scsiraidguru.com Mon May 31 11:46:56 2021 From: mike.mckenney at scsiraidguru.com (Michael McKenney) Date: Mon, 31 May 2021 11:46:56 +0000 Subject: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? In-Reply-To: <576f2955642e09ec0c89c1f298927ccbea5dd0cf.camel@openssl.org> References: <576f2955642e09ec0c89c1f298927ccbea5dd0cf.camel@openssl.org> Message-ID: I follow the LTS Enablement Stack and LTS versions. I am on 20.04.2. I guess I wait for 22.04 next year. Your Hardware Enablement Stack (HWE) is supported until April 2025. -----Original Message----- From: Tomas Mraz Sent: Monday, May 31, 2021 7:44 AM To: Michael McKenney ; Jan Just Keijser ; openssl-users at openssl.org Subject: Re: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? If you use a supported distro (i.e., one that is not out of life) then the distro is expected to supply CVE issue fixes in form of updates. They usually do not upgrade the version to the upstream one but just backport the security fixes and that's the reason why the version does not change. Tomas On Mon, 2021-05-31 at 11:01 +0000, Michael McKenney via openssl-users wrote: > My wordpress servers are under constant attack. My Fortinet 60E > firewall logs are filled. Openssl is constantly reported on The > Hacker News and other sites. So I don?t need to worry about > upgrading OpenSSL in the future to 1.1.1k or above? I can just use > what the distro has to offer by apt? Ubuntu 20.04 started with > 1.1.1f. My Kali server is mainly used for Try Hack Me challenges > and learn cyber security. > > From: Jan Just Keijser > Sent: Monday, May 31, 2021 5:55 AM > To: Michael McKenney ; > openssl-users at openssl.org > Subject: Re: Why can't we get a proper installation method to keep > OpenSSL at the latest revision for Linux? > > On 30/05/21 14:05, Michael McKenney wrote: > > Why can't we get a proper installation method to keep OpenSSL at the > > latest revision for Linux? > > > > My biggest compliant with Linux is it is so difficult to get best > > practice installations for services like OpenSSL. Ubuntu is still > > on 1.1.1f. I have been trying to upgrade to 1.1.1k. Openssl > > version -a states I am on 1.1.1k. When programs in Wordpress that > > use OpenSSL show I am using 1.1.1.f. Spending hours of time on > > various sites like AskUbuntu.com, only to be disappointed. > > Microsoft has best practices guides for installations. Why can?t > > we get them for Linux. > > > > > > this is both very hard and undesirable: > openssl can be regarded as a low-level system library that is used by > many applications across the entire Linux distribution. You cannot > simply upgrade this low-level system library without breaking these > applications. Admittedly, for an upgrade from 1.1.1f -> 1.1.1k the > risk of introducing an API change is quite low, but for anything else > (e.g. 1.1.0x -> 1.1.1k) you will almost certainly have to rebuild and > relink all applications that depend on the OpenSSL libraries. > This is not something you can expect from the Linux distro > maintainers. For them, it is far less risky to backport security fixes > to the version of OpenSSL that they built their distro on (e.g. > Ubuntu 20 > 1.1.1f; CentOS 7 -> 1.0.2k (yes!), etc). > > Note that most update woes that Windows 10 has had over the past few > years were related to library updates breaking applications - so even > microsoft has problems with "best practices". > > HTH, > > JJK -- Tom?? Mr?z No matter how far down the wrong road you've gone, turn back. Turkish proverb [You'll know whether the road is wrong if you carefully listen to your conscience.] From mike.mckenney at scsiraidguru.com Mon May 31 11:52:15 2021 From: mike.mckenney at scsiraidguru.com (Michael McKenney) Date: Mon, 31 May 2021 11:52:15 +0000 Subject: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? In-Reply-To: References: Message-ID: This is at my house in my basement. My Fortinet 60E firewall is kept on the latest software. I am waiting now for 7.0.1 or 7.0.2 to be released. Fortinet engineers usually email me when to upgrade to the new revision. I have 4 NFRs open on IPv6 and DHCPv6. UTM is fully enabled. Geofencing is configured for many countries. I keep the certificates up to date. I spend time on The Hacker News looking at reporting bugs. I actually ran Nessus on my servers and they came back clean. SSL Labs reports on my web site configurations. I started learning more about cryptology. The OpenSSL bugs state to upgrade beyond 1.1.1f. -----Original Message----- From: openssl-users On Behalf Of Mauricio Tavares Sent: Monday, May 31, 2021 7:45 AM To: openssl-users at openssl.org Subject: Re: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? On Mon, May 31, 2021 at 7:02 AM Michael McKenney via openssl-users wrote: > > My wordpress servers are under constant attack. My Fortinet 60E firewall logs are filled. Openssl is constantly reported on The Hacker News and other sites. So I don?t need to worry about upgrading OpenSSL in the future to 1.1.1k or above? I can just use what the distro has to offer by apt? Ubuntu 20.04 started with 1.1.1f. My Kali server is mainly used for Try Hack Me challenges and learn cyber security. > Security is a series of compromises based on understanding your needs and defense in depth. For instance, do you run something like fail2ban? Do you monitor your logs and network traffic? > > From: Jan Just Keijser > Sent: Monday, May 31, 2021 5:55 AM > To: Michael McKenney ; > openssl-users at openssl.org > Subject: Re: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? > > > > On 30/05/21 14:05, Michael McKenney wrote: > > Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? > > My biggest compliant with Linux is it is so difficult to get best practice installations for services like OpenSSL. Ubuntu is still on 1.1.1f. I have been trying to upgrade to 1.1.1k. Openssl version -a states I am on 1.1.1k. When programs in Wordpress that use OpenSSL show I am using 1.1.1.f. Spending hours of time on various sites like AskUbuntu.com, only to be disappointed. Microsoft has best practices guides for installations. Why can?t we get them for Linux. > > > > > > this is both very hard and undesirable: > openssl can be regarded as a low-level system library that is used by many applications across the entire Linux distribution. You cannot simply upgrade this low-level system library without breaking these applications. Admittedly, for an upgrade from 1.1.1f -> 1.1.1k the risk of introducing an API change is quite low, but for anything else (e.g. 1.1.0x -> 1.1.1k) you will almost certainly have to rebuild and relink all applications that depend on the OpenSSL libraries. > This is not something you can expect from the Linux distro maintainers. For them, it is far less risky to backport security fixes to the version of OpenSSL that they built their distro on (e.g. Ubuntu 20 > 1.1.1f; CentOS 7 -> 1.0.2k (yes!), etc). > > Note that most update woes that Windows 10 has had over the past few years were related to library updates breaking applications - so even microsoft has problems with "best practices". > > HTH, > > JJK From janjust at nikhef.nl Mon May 31 12:45:10 2021 From: janjust at nikhef.nl (Jan Just Keijser) Date: Mon, 31 May 2021 14:45:10 +0200 Subject: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? In-Reply-To: References: Message-ID: Hi, On 31/05/21 13:01, Michael McKenney wrote: > > My wordpress servers are under constant attack.? My Fortinet 60E > firewall logs are filled. ?Openssl is constantly reported on The > Hacker News and other sites.?? So I don?t need to worry about > upgrading OpenSSL in the future to 1.1.1k or above? I can just use > what the distro has to offer by apt?? Ubuntu 20.04 started with > 1.1.1f.??? My Kali server is mainly used for Try Hack Me challenges > and learn cyber security. > if you use an LTS distro then you can trust the distro makers - if not, then there are thousands of servers out there that are vulnerable ;) I run several public Wordpress sites on CentOS 7 and have locked them down quite rigorously - I have not had any breakins for the past 7 years or so, whilst relying fully on the RH/CentOS-supplied openssl library. HTH, JJK > *From:*Jan Just Keijser > *Sent:* Monday, May 31, 2021 5:55 AM > *To:* Michael McKenney ; > openssl-users at openssl.org > *Subject:* Re: Why can't we get a proper installation method to keep > OpenSSL at the latest revision for Linux? > > On 30/05/21 14:05, Michael McKenney wrote: > > Why can't we get a proper installation method to keep OpenSSL at > the latest revision for Linux? > > My biggest compliant with Linux is it is so difficult to get best > practice installations for services like OpenSSL. Ubuntu is still > on 1.1.1f.??? I have been trying to upgrade to 1.1.1k.?? Openssl > version -a states I am on 1.1.1k. When programs in Wordpress that > use OpenSSL show I am using 1.1.1.f.?? Spending hours of time on > various sites like AskUbuntu.com, only to be disappointed.?? > Microsoft has best practices guides for installations.?? Why can?t > we get them for Linux. > > this is both very hard and undesirable: > openssl can be regarded as a low-level system library that is used by > many applications across the entire Linux distribution. You cannot > simply upgrade this low-level system library without breaking these > applications. Admittedly, for an upgrade from 1.1.1f -> 1.1.1k the > risk of introducing an API change is quite low, but for anything else > (e.g. 1.1.0x -> 1.1.1k) you will almost certainly have to rebuild and > relink all applications that depend on the OpenSSL libraries. > This is not something you can expect from the Linux distro > maintainers. For them, it is far less risky to backport security fixes > to the version of OpenSSL that they built their distro on (e.g. Ubuntu > 20 > 1.1.1f; CentOS 7 -> 1.0.2k (yes!), etc). > > Note that most update woes that Windows 10 has had over the past few > years were related to library updates breaking applications - so even > microsoft has problems with "best practices". > > HTH, > > JJK > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mike.mckenney at scsiraidguru.com Mon May 31 12:51:18 2021 From: mike.mckenney at scsiraidguru.com (Michael McKenney) Date: Mon, 31 May 2021 12:51:18 +0000 Subject: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? In-Reply-To: References: Message-ID: I have never had a break in. The Fortinet 60E firewall does an amazing job. I will just leave it up to Ubuntu to provide the best OpenSSL solutions. Many people complain Ubuntu LTS is never on the latest kernel and lacks other things the 9 month distros like 21.04 and 21.10 give you. I tend to stay on LTS solutions. I do patch weekly. From: Jan Just Keijser Sent: Monday, May 31, 2021 8:45 AM To: Michael McKenney ; openssl-users at openssl.org Subject: Re: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? Hi, On 31/05/21 13:01, Michael McKenney wrote: My wordpress servers are under constant attack. My Fortinet 60E firewall logs are filled. Openssl is constantly reported on The Hacker News and other sites. So I don't need to worry about upgrading OpenSSL in the future to 1.1.1k or above? I can just use what the distro has to offer by apt? Ubuntu 20.04 started with 1.1.1f. My Kali server is mainly used for Try Hack Me challenges and learn cyber security. if you use an LTS distro then you can trust the distro makers - if not, then there are thousands of servers out there that are vulnerable ;) I run several public Wordpress sites on CentOS 7 and have locked them down quite rigorously - I have not had any breakins for the past 7 years or so, whilst relying fully on the RH/CentOS-supplied openssl library. HTH, JJK From: Jan Just Keijser Sent: Monday, May 31, 2021 5:55 AM To: Michael McKenney ; openssl-users at openssl.org Subject: Re: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? On 30/05/21 14:05, Michael McKenney wrote: Why can't we get a proper installation method to keep OpenSSL at the latest revision for Linux? My biggest compliant with Linux is it is so difficult to get best practice installations for services like OpenSSL. Ubuntu is still on 1.1.1f. I have been trying to upgrade to 1.1.1k. Openssl version -a states I am on 1.1.1k. When programs in Wordpress that use OpenSSL show I am using 1.1.1.f. Spending hours of time on various sites like AskUbuntu.com, only to be disappointed. Microsoft has best practices guides for installations. Why can't we get them for Linux. this is both very hard and undesirable: openssl can be regarded as a low-level system library that is used by many applications across the entire Linux distribution. You cannot simply upgrade this low-level system library without breaking these applications. Admittedly, for an upgrade from 1.1.1f -> 1.1.1k the risk of introducing an API change is quite low, but for anything else (e.g. 1.1.0x -> 1.1.1k) you will almost certainly have to rebuild and relink all applications that depend on the OpenSSL libraries. This is not something you can expect from the Linux distro maintainers. For them, it is far less risky to backport security fixes to the version of OpenSSL that they built their distro on (e.g. Ubuntu 20 > 1.1.1f; CentOS 7 -> 1.0.2k (yes!), etc). Note that most update woes that Windows 10 has had over the past few years were related to library updates breaking applications - so even microsoft has problems with "best practices". HTH, JJK -------------- next part -------------- An HTML attachment was scrubbed... URL: