I try to create a certificate signing request with openssl:
openssl req -key my.key -out out.csr -new -subj "XXXXXXX" -config openssl-san.cnf
but get this error:
req: Unknown digest sha-512
req: Use -help for summary.
I'm working under Ubuntu 18.04, all files are there and are autogenerated, so I don't think the config or the key files are the problem.
Fix your openssl-san.cnf configuration file to reference digest as sha512 and not sha-512.
Have a look at https://www.openssl.org/docs/manmaster/man1/openssl-req.html
-digest
This specifies the message digest to sign the request. Any digest supported by the OpenSSL dgst command can be used. This overrides the digest algorithm specified in the configuration file.
and
default_md
This option specifies the digest algorithm to use. Any digest supported by the OpenSSL dgst command can be used. This option can be overridden on the command line. Certain signing algorithms (i.e. Ed25519 and Ed448) will ignore any digest that has been set.
If you look at https://www.openssl.org/docs/manmaster/man1/openssl-dgst.html it tells you that you can run
openssl list --digest-commands
to see which digests, and their names, are available in your build of OpenSSL.
For example:
openssl list --digest-commands
blake2b512 blake2s256 gost md4
md5 rmd160 sha1 sha224
sha256 sha384 sha512
Which are then the names you must use everywhere, on the command line or in your configuration files.
Related
I need to create a custom certificate for my dynamics portal to use implicit grant flow. I create certificate with command
certbot certonly --manual --preferred-challenge dns
I then create pfx with the openssl command
openssl pkcs12 -export -out bundle.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -password pass:SOMEPASSWORDHERE
However I get the error when trying to upload it to the power platform admin centre
The password entered is incorrect or the encryption method used by the
certificate is not supported.
So then tried the following command to create the pfx with triple des using
openssl pkcs12 -export -descert -out bundle.pfx -inkey privkey.pem -in cert.pem -certfile chain.pem -password pass:SOMEPASSWORDHERE
But am still getting the same error. As far as I can see the certificate meets requirements of:
Signed by a trusted certificate authority.
Exported as a password-protected PFX file.
Contains private key at least 2048 bits long.
Contains all intermediate certificates in the certificate chain.
Must be SHA2 enabled; SHA1 support is being removed from popular browsers.
PFX file must be encrypted with TripleDES encryption. Power Apps portals doesn't support AES-256 encryption
The only thing I can think is the pfx isn't getting encrypted with 3des but looking at the openssl documentation the -descert command should take care of that. Am I missing something here?
I am able to sign and verify an ECDSA signature with the commands:
openssl dgst -sha256 -sign privateKey.pem data.txt > sign_data,txt
openssl dgst -sha256 -verify publicKey.pem -signature sign_data.txt data.txt
The output for the verification command is:
Verified OK
However, when I am sending my signed request to the server, I am getting an error saying that my signature was invalid. In my application, I am calling the above sign commands and then I am reading the signature (using python) as:
signature = open('sign_data.txt','rb').read()
Given these circumstances, can I be sure that there is no problem with the signature value and that another processing error occurred. In other words, could it be possible that the receiver can still reject a signature even if the above openssl passed the tests?
I know there are many commands (openssl) to export pfx to pem BUT I need one thing different: I need to export the public key to a pem file and the private key to another file. Most of the commands and sites (some sites convert the pfx format to anyone I need) will only generate a single *.pem file.
Thanks.
Meta: this isn't a programming or development question, and will likely be closed as offtopic.
If you want the privatekey and the certificate (which contains the publickey but is not the publickey as such), this is a dupe of several questions in other Stacks where it is ontopic, including at least:
https://security.stackexchange.com/questions/3779/how-can-i-export-my-private-key-from-a-java-keytool-keystore/
https://serverfault.com/questions/715827/how-to-generate-key-and-crt-file-from-jks-file-for-httpd-apache-server
https://serverfault.com/questions/806141/is-the-alert-ssl3-read-bytessslv3-alert-bad-certificate-indicating-that-the-s (disclosure: my answer)
Alternatively since PEM files are structured text, you can parse the output of a single pkcs12 command by any number of text-handling programs such as awk:
openssl pkcs12 <p12 | awk '/-BEGIN ENC/,-END ENC/{print >"privkey"} \
/-BEGIN CERT/,/-END CERT/{if(!n)print >"cert"} /-END CERT/{n++}'
# for unencrypted privatekey add -nodes and select BEGIN/END PRIV
If you truly want the publickey, you can create it in algorithm-generic X.509 SubjectPublicKeyInfo form, from either the privatekey or the certificate:
# from the certificate
openssl x509 <certfile -noout -pubkey >pubkey
openssl pkcs12 <p12file -nokeys -clcerts | openssl x509 -noout -pubkey >pubkey
# from the privatekey
openssl pkey <privkey -pubout >pubkey
openssl pkcs12 <p12file -nocerts -nodes | openssl pkey -pubout >pubkey
This format is used by some OpenSSL functions (which calls it PUBKEY to distinguish from the several algorithm-specific PublicKey's), and low-level Java (which calls it X509EncodedKeySpec), and pretty much nothing else. Note systems using the bare public key are often insecure; that's exactly why most systems embed the publickey in a certificate.
If the key is RSA and you want the algorithm-specific (PKCS1 RSAPublicKey) format, in OpenSSL 1.1.0 (and presumably up) then use:
# from the SPKI publickey as above
openssl rsa <RSApub_spki [-inform DER] -pubin -RSAPublicKey_out [-outform DER] >RSApub_pkcs1
# from the privatekey
openssl rsa <RSAprivate [-inform DER] -RSAPublicKey_out [-outform DER] >RSApub_pkcs1
This is used rarely by a few OpenSSL functions and AFAIK nothing else; see caveat above.
I don't know if this is the correct place to ask it, but I will try.
I am trying to run http.ListenAndServeTLS with ECDSA certificate generated from OpenSSL.
It fail with this error message: tls: failed to parse private key
Go understand elliptic.P256(), in the code it has this comment See FIPS 186-3, section D.2.3.
In this link: http://www.ietf.org/rfc/rfc5480.txt, it says it is also called secp256r1.
As you can see below, OpenSSL undestand this as prime256v1.
$ openssl ecparam -name secp256r1 -text -noout
using curve name prime256v1 instead of secp256r1
ASN1 OID: prime256v1
NIST CURVE: P-256
So what is wrong?
How can I generate ECDSA certificate from OpenSSL and use it on my Go code?
Using generate_cert.go to generate a P256 ECDSA certificate, my code works, but if I try to read the key file with OpenSSL it fail also.
$ openssl ecparam -text -noout -in key.pem
unable to load elliptic curve parameters
140377431725720:error:0906D06C:PEM routines:PEM_read_bio:no start line:pem_lib.c:701:Expecting: EC PARAMETERS
I couldn't figured out what is the problem between OpenSSL and Go.
But my main problem is, how to generate ECDSA certificate to use with Go code!
Using CFSSL (https://cfssl.org/) I can generate ECDSA certificate and sign it with my internal CA certificate generated from OpenSSL. The certificate generated from CFSSL works fine with my Go code, so for me it solves my main problem!
I don't know if there is a format problem between OpenSSL and Go, but as CFSSL is written in Go, the certificate generated on it works fine in my code and in browser.
Here is an example of OpenSSL generated ECDSA keys working with Go.
https://play.golang.org/p/MS_FQ8cqqA8.
As clarified in this issue - https://github.com/golang/go/issues/23591, go does not recognize EC keys that are generated with the -param_enc explicit flag in Openssl.
# openssl ecparam -name prime256v1 -genkey -noout -out priv2.pem
# openssl req -new -x509 -key priv2.pem -out EC_server2.pem -days 365
Hope this solves your problem.
Run:
go run `go env GOROOT`/src/crypto/tls/generate_cert.go --host=localhost --ecdsa-curve=P256
This will generate cert.pem and key.pem in the current directory.
I'm trying to verify detached PKCS#7 signature. A file generated using WIN32 CryptoAPI function CryptSignMessage(). File is signed on client side, but it must be validate on server side FreeBSD. So I cannot use CryptoAPI.
Please help me to determinate how to use OpenSSL for this kind of task. Now I have two files FILENAME.xml and FILENAME.xml.sig which contains a signature information. According to specification this file include "a hash of the specified content, signs the hash, and then encodes both the original message content and the signed hash." As I figured out it also contains certificates. With openssl i can retrieve public key and certificate from this file but I have no idea how to retrieve signature information?
So I'm trying to retrieve information from this file such as public key and signature to use it with openssl command
openssl dgst -verify PUBLIC_KEY_FILE -signature SIGNATURE_FILE -md_gost94 FILENAME.xml
Verification Failure
Also there is service which can read all information from this file. http://notary.cryptopro.ru/Detached.aspx
Information about EDS:
Algortim hashing:
Name:
GOST R 34.11-94
ID:
1.2.643.2.2.9
Algortim public key:
Name:
GOST R 34.10-2001
ID:
1.2.643.2.2.19
Value:
2DEA 8713 5AS2 69AA 34E0 B333 EF61 3773 5CF1
3BC4 BAD0 1745 0DDD 9577 FFAE BA4A A9EB A8CF
64B9 C338 1513 8BDB C478 BA3A 5409 6419 03A6
DD3A 04D2 D132 3319 8031
Serial Number: 1F11 EF05 0001 0000 1032
Maybe I dont understand something. Please help.
Is it posible at all?
If you used CryptSignMessage() function, you have the certificate for this public key. So, you can use openssl cms service (in some distros openssl is built without it, in this case you can recompile them with enable-cms option).
The sample command is:
openssl cms -verify -nointern -noverify -certfile CERTIFICATE_FILE -inform DER -in SIGNATURE_FILE -content CONTENT_FILE -out /dev/null
where CERTIFICATE_FILE is a certificate in Base64 form.
P.S. I'm not sure about GOST algorithms support. Try sha1RSA first.