I am using python for most of my programming. I am trying to sign the <ds:SignedInfo> portion of my XML document. However, I am having a lot of trouble doing so in python. I generated my public and private keys with the following commands in open SSL: (I believe this is an elliptic curve based key pair, please verify)
openssl genpkey -genparam -algorithm ec -pkeyopt ec_paramgen_curve:P-256 -out ECPARAM.pem
openssl req -newkey ec:ECPARAM.pem -keyout privateKeyEC.key -out mycsrEC.csr
I then got the mycsrEC.csr signed by a CA. I saved the certificate in a issued_cert.cer (but I think it was formatted as a PEM file; it has BEGIN CERTIFICATE, END CERITFICATE). Also, my private key has a password associated with it, and the file is stored as BEGIN ENCRYPTED PRIVATE KEY. I believe with this setup, I should be using the ecdsa-with-sha256 signing algorithm, but I am having trouble implementing this.
To be clear, my requirement is to sign the <ds:SignedInfo> element in my XML document, using the issued_cert.cer certificate and the privateKeyEC.key private key, and this should be with the ecdsa-with-sha256 digest.
1.) I would prefer a python solution, but I am okay with a java or c++ solution, in that order of preference.
2.) Do I have the required resources to perform this operation?
3.) How can I convert my certificate to a readable text file? It has some encoding which makes it unreadable?
4.) Any questions for additional context are encouraged
Related
I'm having problems understanding the difference between files produced by openssl and how to detect them.
For example I'm trying to generate Self-signed cert with private key and generate JKS file from p12
format. I'm googling like a madman but I still don't know how to generate it correctly to be able to use following commands.
openssl pkcs12 -export -in user.pem -inkey user.key -certfile user.pem -out testkeystore.p12
keytool -importkeystore -srckeystore testkeystore.p12 -srcstoretype pkcs12 -destkeystore wso2carbon.jks -deststoretype JKS
Source: https://www.ibm.com/support/pages/how-generate-jks-keystore-existing-private-key
I found a couple of different commands to generate Self-signed cert and private key but I don't know how to map resulting files to the commands above and whats worse I don't understand what those commands do.
I mean I see what files they generate and understand that certificate and private key used to sign it ( or maybe the other way around :| ) but what is the difference between those commands and is cert.pem === certificate.crt - Those file extensions are driving me crazy.
openssl req -x509 -sha256 -nodes -days 365 -newkey rsa:2048 -keyout privateKey.key -out certificate.crt
openssl req -newkey rsa:2048 -new -nodes -x509 -days 3650 -keyout key.pem -out cert.pem
This is yet another situation where I'm having similar issues with the openssl command. At this point I'm even ready to read some RFC ( I hope it won't come to this :) )
Thanks in advance for help
Those file names represent different parts of the key generation and verification process. Please note that the names are just convention, you could just as easily call the files pepperoni.pizza and the content will be the same, so do be conscious of how you use the filenames.
A brief primer on PKI - Keys come in two halves, a public key and a private key. The public key can be distributed publicly and widely, and you can use it to verify, but not replicate, information generated using the private key. The private key must be kept secret.
.key files are generally the private key, used by the server to encrypt and package data for verification by clients.
.pem files are generally the public key, used by the client to verify and decrypt data sent by servers. PEM files could also be encoded private keys, so check the content if you're not sure.
.p12 files have both halves of the key embedded, so that administrators can easily manage halves of keys.
.cert or .crt files are the signed certificates -- basically the "magic" that allows certain sites to be marked as trustworthy by a third party.
.csr is a certificate signing request, a challenge used by a trusted third party to verify the ownership of a keypair without having direct access to the private key (this is what allows end users, who have no direct knowledge of your website, confident that the certificate is valid). In the self-signed scenario you will use the certificate signing request with your own private key to verify your private key (thus self-signed). Depending on your specific application, this might not be needed. (needed for web servers or RPC servers, but not much else).
A JKS keystore is a native file format for Java to store and manage some or all of the components above, and keep a database of related capabilities that are allowed or rejected for each key.
The commands you list look fine to me, and I don't see a question beyond asking what the different files are for. If you need more information, please enrich your question.
.key is the private key. This is accessible the key owner and no one else.
.csr is the certificate request. This is a request for a certificate authority to sign the key. (The key itself is not included.)
.crt is the certificate produced by the certificate authority that verifies the authenticity of the key. (The key itself is not included.) This is given to other parties, e.g. HTTPS client.
.pem is a text-based container using base-64 encoding. It could be any of the above files.
-----BEGIN EXAMPLE-----
...
-----END EXAMPLE-----
.p12 is a PKCS12 file, which is a container format usually used to combine the private key and certificate.
There isn't only one extension. For example you may see certificates with either the .crt or a .pem extension.
Just to add more info: .der, another (binary) encoding (either public or private key, or csr)
I am generating two CSRs ( Certificate signing request )
1 . using java keytool i get a .csr format file.
using IBM key management tool i get .arm file.
Though both the files contains the same kind of data ( ie . base64 encoded public key details)
My question "can i rename .csr file to .arm" will it be the same ...
Thanks.
The most common syntax for a CSR is PKCS#10, which can be represented in binary or text formats. A CSR contains a number of pieces of information including: a public key, the subject distinguished name, a signature, and optional attributes. If you can view the files in a text editor and they look similar to this:
-----BEGIN CERTIFICATE REQUEST-----
MIIBnTCCAQYCAQAwXTELMAkGA1UEBhMCU0cxETAPBgNVBAoTCE0yQ3J5cHRvMRIw
EAYDVQQDEwlsb2NhbGhvc3QxJzAlBgkqhkiG9w0BCQEWGGFkbWluQHNlcnZlci5l
eGFtcGxlLmRvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr1nYY1Qrll1r
uB/FqlCRrr5nvupdIN+3wF7q915tvEQoc74bnu6b8IbbGRMhzdzmvQ4SzFfVEAuM
MuTHeybPq5th7YDrTNizKKxOBnqE2KYuX9X22A1Kh49soJJFg6kPb9MUgiZBiMlv
tb7K3CHfgw5WagWnLl8Lb+ccvKZZl+8CAwEAAaAAMA0GCSqGSIb3DQEBBAUAA4GB
AHpoRp5YS55CZpy+wdigQEwjL/wSluvo+WjtpvP0YoBMJu4VMKeZi405R7o8oEwi
PdlrrliKNknFmHKIaCKTLRcU59ScA6ADEIWUzqmUzP5Cs6jrSRo3NKfg1bd09D1K
9rsQkRc9Urv9mRBIsredGnYECNeRaK5R1yzpOowninXC
-----END CERTIFICATE REQUEST-----
then they are text (aka PEM) encoded CSRs. These text encoded CSRs can be decoded and viewed using the following openssl command:
openssl req -in your-csr-filename -noout -text
Renaming the file will not affect openssl's ability to decode them. However, some applications that process CSRs may expect a particular filename extension.
You can inspect your certificate signing request (csr) using OpenSSL with a command such as:
openssl x509 -req -in yourfile.csr -text -noout
I'm assuming that IBM's thingy is a wrapper around openssl so I would expect your .arm to be an x509 certificate going by a different name. Be interested to hear what you get back ...
The answer is yes. The .arm file is the same format as .csr. As you stated, they both contain the same type of data and therefore can simply be renamed. Furthermore, the common types of CSR requests are PKCS#10 and PKCS#12.
#snow60y: You won't see anything with 'openssl x509 -req -in yourfile.csr -text -noout' because there is no private key contained within the CSR and it is not signed, so it is not an x509 yet. A CSR should NEVER contain a private key and therefore, analyzing with that command should fail. You can use that command with a SIGNED cert, but not the request. For the request, use:
openssl req -in your-csr-filename -noout -text
I'm trying to verify detached PKCS#7 signature. A file generated using WIN32 CryptoAPI function CryptSignMessage(). File is signed on client side, but it must be validate on server side FreeBSD. So I cannot use CryptoAPI.
Please help me to determinate how to use OpenSSL for this kind of task. Now I have two files FILENAME.xml and FILENAME.xml.sig which contains a signature information. According to specification this file include "a hash of the specified content, signs the hash, and then encodes both the original message content and the signed hash." As I figured out it also contains certificates. With openssl i can retrieve public key and certificate from this file but I have no idea how to retrieve signature information?
So I'm trying to retrieve information from this file such as public key and signature to use it with openssl command
openssl dgst -verify PUBLIC_KEY_FILE -signature SIGNATURE_FILE -md_gost94 FILENAME.xml
Verification Failure
Also there is service which can read all information from this file. http://notary.cryptopro.ru/Detached.aspx
Information about EDS:
Algortim hashing:
Name:
GOST R 34.11-94
ID:
1.2.643.2.2.9
Algortim public key:
Name:
GOST R 34.10-2001
ID:
1.2.643.2.2.19
Value:
2DEA 8713 5AS2 69AA 34E0 B333 EF61 3773 5CF1
3BC4 BAD0 1745 0DDD 9577 FFAE BA4A A9EB A8CF
64B9 C338 1513 8BDB C478 BA3A 5409 6419 03A6
DD3A 04D2 D132 3319 8031
Serial Number: 1F11 EF05 0001 0000 1032
Maybe I dont understand something. Please help.
Is it posible at all?
If you used CryptSignMessage() function, you have the certificate for this public key. So, you can use openssl cms service (in some distros openssl is built without it, in this case you can recompile them with enable-cms option).
The sample command is:
openssl cms -verify -nointern -noverify -certfile CERTIFICATE_FILE -inform DER -in SIGNATURE_FILE -content CONTENT_FILE -out /dev/null
where CERTIFICATE_FILE is a certificate in Base64 form.
P.S. I'm not sure about GOST algorithms support. Try sha1RSA first.
I'm am trying to create a very simple WCF client application which will send SOAP messages to a 3rd party service. All the messages must be digitally signed. It's really a proof of concept before I add the code to a larger application.
I have a .cer file containing the certificate and a .pem file containing the private key. What I have been trying to do is load the certificate using the .cer file then fire off a message. But I get the following error "The private key is not present in the X.509 certificate".
The problem, well one of the problems, is that I really know almost nothing about WCF, digital certificates, private keys and all that guff. I've done some reading, I've Googled till I'm blue in the face and I've not got anywhere.
If I open the .cert file there is a section labelled "BEGIN ENCRYPTED PRIVATE KEY" which suggests that the private key is included in the certificate. So, why am I getting a message saying that it is not present? Also, if the private key does need to be added to the certificate how do I do it?
Here basically what I'm doing. It's not my actual code, but it includes all the relevant stuff:
MyWSClient c = new MyWSClient();
c.ClientCredentials.ClientCertificate.Certificate = new X509Certificate2(#"pathToFile.cer");
c.SomeValidCall();
How are you creating this cert / key pair? You can combine them into a PKCS#12 certificate using openssl:
openssl pkcs12 -export -in yourcert.crt -inkey yourprivkey.key -out newcert.p12
You may need to play with the input format to get it to work with a .pem private key.
My colleague has found a solution. I don't know why but using a .der file rather than a .cer file solves the problem. This is the command he used to generate the .der file using a certificate, private key and root certificate as.pem files:
openssl pkcs12 -export -in cert.pem -inkey private_key.pem -certfile root_cert.cer -out pkcs12.der
I spent several hours yesterday trying to digitally sign a short file using an X509 certificate (one of the "freemail" certificates from thawte). I finally got openssl to sign it as an SMIME message, but I can't successfully verify it, AND it's in the SMIME format -- I don't have access to a "sendmail" program which can actually send out the SMIME file.
I just want to create some file that is "excerptable" via plain cut & paste, like:
===BEGIN SIGNED DOCUMENT===
===BEGIN DOCUMENT===
blah blah blah this is the plaintext ...
===END DOCUMENT===
===BEGIN SIGNATURE===
AFab12121abadAF ...
===END SIGNATURE===
===END SIGNED DOCUMENT===
Alternatively I guess I could make a .zip file that contains the original file and also the signature.
so I guess my requirements are:
input plaintext = arbitrary file
input signkey = from X509 certificate
output = something I can easily email to someone else by cut&paste or by attaching a single .zip file
program = something that is free & open source like openssl or gpg
program != a magic GUI where I don't understand what's going on
ability to easily use the program to generate output from inputs
ability to easily extract the plaintext from the output (e.g. either directly by eye or as a component of the .zip file)
ability to verify that the plaintext was signed by the grantee of the X509 certificate (i.e. me) and that the grantor (CA) of the certificate is a Well-Known CA... assuming that I am a rational person who keeps the certificate secure from use by other parties (otherwise someone could sign things as me).
Is there a good tutorial for X509 certificates & how they are used in practice for this stuff? I have the 2nd edition of Schneier's "Applied Cryptography" & have a fair amount of experience with cryptographic algorithms + protocols, but don't know much at all about X509 and I'm really confused as to what a certificate actually is in practical terms. (In other words, "a certificate is a cryptographic assertion by the issuing party CA that the party X named in the certificate is an identity known to the CA?" AND "a certificate enables its bearer to _____")
When I get one it shows up in Firefox's "Your Certificates" tab of the Certificate Manager, and I can export it and read it with openssl, but I want to make sure that it's not stored in any way that someone else can use it w/o knowing the cert. passphrase -- and I get really confused because it seems like some certificates only have the public key & others have encrypted private keys.
Is there a good, simple GUI wrapper around openssl that allows you to have it explain what it's doing?
edit: thawte doesn't easily let you use certificate requests directly; instead it talks to web browsers (I use Firefox) & that generatese the private key and handles all the certificate protocol. So I can export that as a PKCS12 file but am not exactly sure how to use that.
So I can export that as a PKCS12 file but am not exactly sure how to use that.
If you use the openssl tool, you can use the command
openssl pkcs12 -in file.p12 -out file.pem
to convert it to pem-format.
EDIT:
I'm having trouble figuring out what PEM and PKCS12 and all these things do differently from each other
A PKCS#12 file is just a container for certificates and keys. If you want to see what it contains (at least except for the encrypted parts), you can use a tool such as dumpasn1. The PKCS#12 file that you export from your browser will contain your private key in an encrypted format, your certificate as well as the CA certificates that are necessary to form a chain up to a trusted CA.
Likewise a PEM file can contain certificates and keys. In a PEM file the certificates and keys are base64 encoded and placed within some text delimiters (a PKCS#12 file uses a binary encoding named ASN.1 to structure the file - you can think of ASN.1 as a binary form of XML. Most cryptographic structures you encounter will have been encoded using ASN.1). Except for that, the only real difference between the formats is that PKCS#12 contains an integrity check - otherwise the formats are equivalent.
OpenSSL works best with PEM, while most browsers and emailapplications will expect PKCS#12, but you can freely convert between the formats.
First you probably need to read up on the difference between a private key, a public key and a certificate. A certificate is a signature with a CAs private key on the statement "The public key XX belongs to the person YY". If you sign something with your private key, the signature can be validated with your public key, and a third party that trusts the CA can conclude that the signature was signed by you.
If you generate a S/MIME message and attach it as a file with the extension .p7s, most mail programs will probably be able to verify it.
If you want total control over what you are doing, my experience is that the tooling around the PGP-format gives you better control (compared to the mail-programs implementing the S/MIME protocol).