Doubt regarding EMSA-PKCS1-v1_5

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
13 messages Options
Reply | Threaded
Open this post in threaded view
|

Doubt regarding EMSA-PKCS1-v1_5

Suram Chandra Sekhar
Hi all,
I have a doubt regarding EMSA-PKCS1-v1_5 usage in OpenSSL.

My requirement is that I want to sign some data using a specific Hash
Algorithm (SHA1).

For this Iam trying to do the following steps instead of calling rsa_sign()
function directly.

1. Calculate SHA1 Hash on the data to be signed.
2. Call RSA_private_encrypt with RSA_PKCS1_PADDING.

As per the documentation, this corresponds to EMSA-PKCS1-v1_5 encoding method.

I referred to section 9.2 of rfc 3447(Public-Key Cryptography Standards
(PKCS) #1: RSA Cryptography Specifications Version 2.1)
document which says the following

          EM = 0x00 || 0x01 || PS || 0x00 || T.

where T  for SHA1 is defined as

       SHA-1:   (0x)30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 || H.
(H is the Hash value from Step 1).

My specific question is

     Is it expected that the input I pass to RSA_private_encrypt for "from"
MUST contain the HASH pre-pended with the hex value defined
     or is there any function in OpenSSL which can be called to set this value.

Awaiting your valuable response....

Regards
Suram


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Doubt regarding EMSA-PKCS1-v1_5

Nils Larsch
Suram Chandra Sekhar wrote:

> Hi all,
> I have a doubt regarding EMSA-PKCS1-v1_5 usage in OpenSSL.
>
> My requirement is that I want to sign some data using a specific Hash
> Algorithm (SHA1).
>
> For this Iam trying to do the following steps instead of calling
> rsa_sign() function directly.
>
> 1. Calculate SHA1 Hash on the data to be signed.
> 2. Call RSA_private_encrypt with RSA_PKCS1_PADDING.
>
> As per the documentation, this corresponds to EMSA-PKCS1-v1_5 encoding
> method.
>
> I referred to section 9.2 of rfc 3447(Public-Key Cryptography Standards
> (PKCS) #1: RSA Cryptography Specifications Version 2.1)
> document which says the following
>
>          EM = 0x00 || 0x01 || PS || 0x00 || T.
>
> where T  for SHA1 is defined as
>
>       SHA-1:   (0x)30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 || H.
> (H is the Hash value from Step 1).
>
> My specific question is
>
>     Is it expected that the input I pass to RSA_private_encrypt for
> "from" MUST contain the HASH pre-pended with the hex value defined
>     or is there any function in OpenSSL which can be called to set this
> value.

RSA_private_encrypt adds only the 0x00 || 0x01 || PS || 0x00 padding
(if padding == RSA_PKCS1_PADDING). If you want to let openssl do the
whole encoding/padding use RSA_sign or if you want to create the T
value manually you need to use i2d_X509_SIG, see RSA_sign.

Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Doubt regarding EMSA-PKCS1-v1_5

Ken Goldman
> Date: Tue, 24 May 2005 22:46:57 +0200
> From: Nils Larsch <[hidden email]>
>
> Suram Chandra Sekhar wrote:
> > Hi all,
> > I have a doubt regarding EMSA-PKCS1-v1_5 usage in OpenSSL.
> >
> > My requirement is that I want to sign some data using a specific Hash
> > Algorithm (SHA1).
> >
> > For this Iam trying to do the following steps instead of calling
> > rsa_sign() function directly.
> >
> > 1. Calculate SHA1 Hash on the data to be signed.
> > 2. Call RSA_private_encrypt with RSA_PKCS1_PADDING.
> >
> > As per the documentation, this corresponds to EMSA-PKCS1-v1_5 encoding
> > method.
> >
> > I referred to section 9.2 of rfc 3447(Public-Key Cryptography Standards
> > (PKCS) #1: RSA Cryptography Specifications Version 2.1)
> > document which says the following
> >
> >          EM = 0x00 || 0x01 || PS || 0x00 || T.
> >
> > where T  for SHA1 is defined as
> >
> >       SHA-1:   (0x)30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 || H.
> > (H is the Hash value from Step 1).
> >
> > My specific question is
> >
> >     Is it expected that the input I pass to RSA_private_encrypt for
> > "from" MUST contain the HASH pre-pended with the hex value defined
> >     or is there any function in OpenSSL which can be called to set this
> > value.
>
> RSA_private_encrypt adds only the 0x00 || 0x01 || PS || 0x00 padding
> (if padding == RSA_PKCS1_PADDING). If you want to let openssl do the
> whole encoding/padding use RSA_sign or if you want to create the T
> value manually you need to use i2d_X509_SIG, see RSA_sign.

Correct me if I'm wrong (I'm sure someone will!), but I believe that
signing should use RSA_private_decrypt().

--
Ken Goldman   [hidden email]   914-784-7646
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Doubt regarding EMSA-PKCS1-v1_5

Nils Larsch
Ken Goldman wrote:
...
>>RSA_private_encrypt adds only the 0x00 || 0x01 || PS || 0x00 padding
>>(if padding == RSA_PKCS1_PADDING). If you want to let openssl do the
>>whole encoding/padding use RSA_sign or if you want to create the T
>>value manually you need to use i2d_X509_SIG, see RSA_sign.
>
>
> Correct me if I'm wrong (I'm sure someone will!), but I believe that
> signing should use RSA_private_decrypt().

no, RSA_private_decrypt and RSA_public_encrypt are used for asymmetric
encryption whereas RSA_private_encrypt and RSA_public_decrypt correspond
to RSA_sign and RSA_verify.

Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: Doubt regarding EMSA-PKCS1-v1_5

Steven Reddie
Ken, think of it this way:
1. To send a message for only a specific person to read you want to make it
decryptable with their private key, thus encrypting with their public key.
2. For a signature, the world needs to be able to verify it, so it needs to
be decryptable with the public key, and thus encrypted with the private key.

-----Original Message-----
From: [hidden email]
[mailto:[hidden email]] On Behalf Of Nils Larsch
Sent: Wednesday, 25 May 2005 7:22 AM
To: [hidden email]
Subject: Re: Doubt regarding EMSA-PKCS1-v1_5

Ken Goldman wrote:
...
>>RSA_private_encrypt adds only the 0x00 || 0x01 || PS || 0x00 padding
>>(if padding == RSA_PKCS1_PADDING). If you want to let openssl do the
>>whole encoding/padding use RSA_sign or if you want to create the T
>>value manually you need to use i2d_X509_SIG, see RSA_sign.
>
>
> Correct me if I'm wrong (I'm sure someone will!), but I believe that
> signing should use RSA_private_decrypt().

no, RSA_private_decrypt and RSA_public_encrypt are used for asymmetric
encryption whereas RSA_private_encrypt and RSA_public_decrypt correspond to
RSA_sign and RSA_verify.

Nils
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Doubt regarding EMSA-PKCS1-v1_5

Suram Chandra Sekhar
In reply to this post by Nils Larsch
Hi all,
Thank you very much for the reply.  I was going through the man page of
RSA_sign().  It is indicating as follows...
If type is NID_md5_sha1, an SSL signature (MD5 and SHA1 message digests
with PKCS #1 padding and no algorithm identifier)
is created.

It means that Signature Algorithm is not used in RSA_sign().  If my
understanding is correct, can anyone please point out how to make
RSA_sign() do this job.

Regards
Suram
At 02:16 AM 5/25/2005, Nils Larsch wrote:

>Suram Chandra Sekhar wrote:
>>Hi all,
>>I have a doubt regarding EMSA-PKCS1-v1_5 usage in OpenSSL.
>>My requirement is that I want to sign some data using a specific Hash
>>Algorithm (SHA1).
>>For this Iam trying to do the following steps instead of calling
>>rsa_sign() function directly.
>>1. Calculate SHA1 Hash on the data to be signed.
>>2. Call RSA_private_encrypt with RSA_PKCS1_PADDING.
>>As per the documentation, this corresponds to EMSA-PKCS1-v1_5 encoding
>>method.
>>I referred to section 9.2 of rfc 3447(Public-Key Cryptography Standards
>>(PKCS) #1: RSA Cryptography Specifications Version 2.1)
>>document which says the following
>>          EM = 0x00 || 0x01 || PS || 0x00 || T.
>>where T  for SHA1 is defined as
>>       SHA-1:   (0x)30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 || H.
>>(H is the Hash value from Step 1).
>>My specific question is
>>     Is it expected that the input I pass to RSA_private_encrypt for
>> "from" MUST contain the HASH pre-pended with the hex value defined
>>     or is there any function in OpenSSL which can be called to set this
>> value.
>
>RSA_private_encrypt adds only the 0x00 || 0x01 || PS || 0x00 padding
>(if padding == RSA_PKCS1_PADDING). If you want to let openssl do the
>whole encoding/padding use RSA_sign or if you want to create the T
>value manually you need to use i2d_X509_SIG, see RSA_sign.
>
>Nils
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [hidden email]
>Automated List Manager                           [hidden email]


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Doubt regarding EMSA-PKCS1-v1_5

Dr. Stephen Henson
On Wed, May 25, 2005, Suram Chandra Sekhar wrote:

> Hi all,
> Thank you very much for the reply.  I was going through the man page of
> RSA_sign().  It is indicating as follows...
> If type is NID_md5_sha1, an SSL signature (MD5 and SHA1 message digests
> with PKCS #1 padding and no algorithm identifier)
> is created.
>
> It means that Signature Algorithm is not used in RSA_sign().  If my
> understanding is correct, can anyone please point out how to make
> RSA_sign() do this job.
>

Not sure what you mean there.

NID_md5_sha1 is an exceptional case where the signature format is different.
This format is required for TLS and SSL.

In all other cases the DigestInfo encapsulation is used.

AFAIK there isn't a standard for DigestInfo encapsulation of a TLS/SSL
signature: not sure why you'd want to.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

X509 Cert dates

PJ-7
Hi All,
 

How can I print localised, human readable certificate dates into a null
terminated string buffer?

I wish to present the cert dates to the user as well as the fact that the
dates are valid or invalid.

Can someone point me to a good source for X509 manipulation?

At the moment my function reads:

void dumpCertificate(X509 *cert, char *fileName)

{
            char buf[2044];
            int ret;

            X509_NAME *subj = X509_get_subject_name(cert);
            X509_NAME *issuer = X509_get_issuer_name(cert);

            FILE *fp;
            unlink(fileName);
            fp = fopen(fileName,"w");
            if (!fp) return;


            /* check expiry dates */
            if (X509_cmp_current_time(X509_get_notBefore(cert)) >= 0) {
               fprintf(fp, "DateValid:false:Certificate date not yet
valid\n");
            }
            else if (X509_cmp_current_time(X509_get_notAfter(cert)) <= 0) {
                        fprintf(fp, "DateValid:false:Certificate date
expired\n");
            }
            else
                        fprintf(fp, "DateValid:true\n");

            /* Subject commonName */

            ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
NID_commonName, buf, 1024);
            fprintf(fp, "Subject.CommonName:%s\n",(ret < 1)?"":buf);


            /* Subject Organization name */
            ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
NID_organizationName, buf, 1024);
            fprintf(fp, "Subject.OrganizationName:%s\n",(ret < 1)?"":buf);

            /* Subject Email Address */
            ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
NID_pkcs9_emailAddress, buf, 1024);
            fprintf(fp, "Subject.Email:%s\n",(ret < 1)?"":buf);

 
            /* Issuer Organization name */
            ret = X509_NAME_get_text_by_NID(X509_get_issuer_name(cert),
NID_organizationName, buf, 1024);
            fprintf(fp, "Issuer.OrganizationName:%s\n",(ret < 1)?"":buf);

            fclose(fp);
}

Thanks Heaps!
Phillip.

 


--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.322 / Virus Database: 266.11.17 - Release Date: 25/05/2005
 

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: X509 Cert dates

Tan Eng Ten
Hi,

U could try:

        BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);

        ASN1_TIME_print(bio, X509_get_notBefore(cert));

        BIO_free(bio);

Tell me if it works.

Pj wrote:

> Hi All,
>  
>
> How can I print localised, human readable certificate dates into a null
> terminated string buffer?
>
> I wish to present the cert dates to the user as well as the fact that the
> dates are valid or invalid.
>
> Can someone point me to a good source for X509 manipulation?
>
> At the moment my function reads:
>
> void dumpCertificate(X509 *cert, char *fileName)
>
> {
>             char buf[2044];
>             int ret;
>
>             X509_NAME *subj = X509_get_subject_name(cert);
>             X509_NAME *issuer = X509_get_issuer_name(cert);
>
>             FILE *fp;
>             unlink(fileName);
>             fp = fopen(fileName,"w");
>             if (!fp) return;
>
>
>             /* check expiry dates */
>             if (X509_cmp_current_time(X509_get_notBefore(cert)) >= 0) {
>                fprintf(fp, "DateValid:false:Certificate date not yet
> valid\n");
>             }
>             else if (X509_cmp_current_time(X509_get_notAfter(cert)) <= 0) {
>                         fprintf(fp, "DateValid:false:Certificate date
> expired\n");
>             }
>             else
>                         fprintf(fp, "DateValid:true\n");
>
>             /* Subject commonName */
>
>             ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
> NID_commonName, buf, 1024);
>             fprintf(fp, "Subject.CommonName:%s\n",(ret < 1)?"":buf);
>
>
>             /* Subject Organization name */
>             ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
> NID_organizationName, buf, 1024);
>             fprintf(fp, "Subject.OrganizationName:%s\n",(ret < 1)?"":buf);
>
>             /* Subject Email Address */
>             ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
> NID_pkcs9_emailAddress, buf, 1024);
>             fprintf(fp, "Subject.Email:%s\n",(ret < 1)?"":buf);
>
>  
>             /* Issuer Organization name */
>             ret = X509_NAME_get_text_by_NID(X509_get_issuer_name(cert),
> NID_organizationName, buf, 1024);
>             fprintf(fp, "Issuer.OrganizationName:%s\n",(ret < 1)?"":buf);
>
>             fclose(fp);
> }
>
> Thanks Heaps!
> Phillip.
>
>  
>
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: X509 Cert dates

PJ-7

Thanks Tan! that worked, I'm wondering if there is a way of reading the
dates directly to a string buffer my code now reads:

One more question, how do you read the certificate authority from the cert?

        // Read in certificate dates
        // there must be a better way of doing this!
        char bigBuffer[1024];
        BIO *out;
        char * tmpFile = getTempFile();
        out = BIO_new_file(tmpFile, "w+");
        BIO_printf(out, "DateValid.From:");
        ASN1_TIME_print(out, X509_get_notBefore(cert));
        BIO_printf(out, "\r\nDateValid.To:");
        ASN1_TIME_print(out, X509_get_notAfter(cert));
        BIO_printf(out, "\r\n");
        BIO_free(out);

        FILE *fp = NULL;
        fp = fopen(tmpFile, "rb");
        if (fp) {
                // find file size
                fseek(fp,0,SEEK_END);
                int l = ftell(fp) + 1;
                rewind(fp);
                // read entire file
                fread(bigBuffer, l, 1, fp);
                // null terminate the buffer
                *(bigBuffer + l) = '\0';
                fclose(fp);
        }
        _unlink(tmpFile);
        free(tmpFile);
        //////////////////////////////////////


-----Original Message-----
From: [hidden email]
[mailto:[hidden email]] On Behalf Of Tan Eng Ten
Sent: Thursday, 26 May 2005 10:30 AM
To: [hidden email]
Subject: Re: X509 Cert dates

Hi,

U could try:

        BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);

        ASN1_TIME_print(bio, X509_get_notBefore(cert));

        BIO_free(bio);

Tell me if it works.

Pj wrote:

> Hi All,
>  
>
> How can I print localised, human readable certificate dates into a null
> terminated string buffer?
>
> I wish to present the cert dates to the user as well as the fact that the
> dates are valid or invalid.
>
> Can someone point me to a good source for X509 manipulation?
>
> At the moment my function reads:
>
> void dumpCertificate(X509 *cert, char *fileName)
>
> {
>             char buf[2044];
>             int ret;
>
>             X509_NAME *subj = X509_get_subject_name(cert);
>             X509_NAME *issuer = X509_get_issuer_name(cert);
>
>             FILE *fp;
>             unlink(fileName);
>             fp = fopen(fileName,"w");
>             if (!fp) return;
>
>
>             /* check expiry dates */
>             if (X509_cmp_current_time(X509_get_notBefore(cert)) >= 0) {
>                fprintf(fp, "DateValid:false:Certificate date not yet
> valid\n");
>             }
>             else if (X509_cmp_current_time(X509_get_notAfter(cert)) <= 0)
{

>                         fprintf(fp, "DateValid:false:Certificate date
> expired\n");
>             }
>             else
>                         fprintf(fp, "DateValid:true\n");
>
>             /* Subject commonName */
>
>             ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
> NID_commonName, buf, 1024);
>             fprintf(fp, "Subject.CommonName:%s\n",(ret < 1)?"":buf);
>
>
>             /* Subject Organization name */
>             ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
> NID_organizationName, buf, 1024);
>             fprintf(fp, "Subject.OrganizationName:%s\n",(ret < 1)?"":buf);
>
>             /* Subject Email Address */
>             ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
> NID_pkcs9_emailAddress, buf, 1024);
>             fprintf(fp, "Subject.Email:%s\n",(ret < 1)?"":buf);
>
>  
>             /* Issuer Organization name */
>             ret = X509_NAME_get_text_by_NID(X509_get_issuer_name(cert),
> NID_organizationName, buf, 1024);
>             fprintf(fp, "Issuer.OrganizationName:%s\n",(ret < 1)?"":buf);
>
>             fclose(fp);
> }
>
> Thanks Heaps!
> Phillip.
>
>  
>
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.322 / Virus Database: 266.11.17 - Release Date: 25/05/2005
 

--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.322 / Virus Database: 266.11.17 - Release Date: 25/05/2005
 

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: X509 Cert dates

Tan Eng Ten
Hi Pj,

U could use memory BIO instead - BIO_new(BIO_s_mem()). Data written to
the BIO could be accessed by BIO_get_mem_data().

Pj wrote:

> Thanks Tan! that worked, I'm wondering if there is a way of reading the
> dates directly to a string buffer my code now reads:
>
> One more question, how do you read the certificate authority from the cert?
>
> // Read in certificate dates
> // there must be a better way of doing this!
> char bigBuffer[1024];
> BIO *out;
> char * tmpFile = getTempFile();
> out = BIO_new_file(tmpFile, "w+");
> BIO_printf(out, "DateValid.From:");
> ASN1_TIME_print(out, X509_get_notBefore(cert));
> BIO_printf(out, "\r\nDateValid.To:");
> ASN1_TIME_print(out, X509_get_notAfter(cert));
> BIO_printf(out, "\r\n");
> BIO_free(out);
>
> FILE *fp = NULL;
> fp = fopen(tmpFile, "rb");
> if (fp) {
> // find file size
> fseek(fp,0,SEEK_END);
> int l = ftell(fp) + 1;
> rewind(fp);
> // read entire file
> fread(bigBuffer, l, 1, fp);
> // null terminate the buffer
> *(bigBuffer + l) = '\0';
> fclose(fp);
> }
> _unlink(tmpFile);
> free(tmpFile);
> //////////////////////////////////////
>
>
> -----Original Message-----
> From: [hidden email]
> [mailto:[hidden email]] On Behalf Of Tan Eng Ten
> Sent: Thursday, 26 May 2005 10:30 AM
> To: [hidden email]
> Subject: Re: X509 Cert dates
>
> Hi,
>
> U could try:
>
> BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);
>
> ASN1_TIME_print(bio, X509_get_notBefore(cert));
>
> BIO_free(bio);
>
> Tell me if it works.
>
> Pj wrote:
>
>>Hi All,
>>
>>
>>How can I print localised, human readable certificate dates into a null
>>terminated string buffer?
>>
>>I wish to present the cert dates to the user as well as the fact that the
>>dates are valid or invalid.
>>
>>Can someone point me to a good source for X509 manipulation?
>>
>>At the moment my function reads:
>>
>>void dumpCertificate(X509 *cert, char *fileName)
>>
>>{
>>            char buf[2044];
>>            int ret;
>>
>>            X509_NAME *subj = X509_get_subject_name(cert);
>>            X509_NAME *issuer = X509_get_issuer_name(cert);
>>
>>            FILE *fp;
>>            unlink(fileName);
>>            fp = fopen(fileName,"w");
>>            if (!fp) return;
>>
>>
>>            /* check expiry dates */
>>            if (X509_cmp_current_time(X509_get_notBefore(cert)) >= 0) {
>>               fprintf(fp, "DateValid:false:Certificate date not yet
>>valid\n");
>>            }
>>            else if (X509_cmp_current_time(X509_get_notAfter(cert)) <= 0)
>
> {
>
>>                        fprintf(fp, "DateValid:false:Certificate date
>>expired\n");
>>            }
>>            else
>>                        fprintf(fp, "DateValid:true\n");
>>
>>            /* Subject commonName */
>>
>>            ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
>>NID_commonName, buf, 1024);
>>            fprintf(fp, "Subject.CommonName:%s\n",(ret < 1)?"":buf);
>>
>>
>>            /* Subject Organization name */
>>            ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
>>NID_organizationName, buf, 1024);
>>            fprintf(fp, "Subject.OrganizationName:%s\n",(ret < 1)?"":buf);
>>
>>            /* Subject Email Address */
>>            ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
>>NID_pkcs9_emailAddress, buf, 1024);
>>            fprintf(fp, "Subject.Email:%s\n",(ret < 1)?"":buf);
>>
>>
>>            /* Issuer Organization name */
>>            ret = X509_NAME_get_text_by_NID(X509_get_issuer_name(cert),
>>NID_organizationName, buf, 1024);
>>            fprintf(fp, "Issuer.OrganizationName:%s\n",(ret < 1)?"":buf);
>>
>>            fclose(fp);
>>}
>>
>>Thanks Heaps!
>>Phillip.
>>
>>
>>
>>
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

RE: X509 Cert dates

PJ-7
Thanks guys, you rock!

-----Original Message-----
From: [hidden email]
[mailto:[hidden email]] On Behalf Of Tan Eng Ten
Sent: Thursday, 26 May 2005 12:13 PM
To: [hidden email]
Subject: Re: X509 Cert dates

Hi Pj,

U could use memory BIO instead - BIO_new(BIO_s_mem()). Data written to
the BIO could be accessed by BIO_get_mem_data().

Pj wrote:
> Thanks Tan! that worked, I'm wondering if there is a way of reading the
> dates directly to a string buffer my code now reads:
>
> One more question, how do you read the certificate authority from the
cert?

>
> // Read in certificate dates
> // there must be a better way of doing this!
> char bigBuffer[1024];
> BIO *out;
> char * tmpFile = getTempFile();
> out = BIO_new_file(tmpFile, "w+");
> BIO_printf(out, "DateValid.From:");
> ASN1_TIME_print(out, X509_get_notBefore(cert));
> BIO_printf(out, "\r\nDateValid.To:");
> ASN1_TIME_print(out, X509_get_notAfter(cert));
> BIO_printf(out, "\r\n");
> BIO_free(out);
>
> FILE *fp = NULL;
> fp = fopen(tmpFile, "rb");
> if (fp) {
> // find file size
> fseek(fp,0,SEEK_END);
> int l = ftell(fp) + 1;
> rewind(fp);
> // read entire file
> fread(bigBuffer, l, 1, fp);
> // null terminate the buffer
> *(bigBuffer + l) = '\0';
> fclose(fp);
> }
> _unlink(tmpFile);
> free(tmpFile);
> //////////////////////////////////////
>
>
> -----Original Message-----
> From: [hidden email]
> [mailto:[hidden email]] On Behalf Of Tan Eng Ten
> Sent: Thursday, 26 May 2005 10:30 AM
> To: [hidden email]
> Subject: Re: X509 Cert dates
>
> Hi,
>
> U could try:
>
> BIO *bio = BIO_new_fp(stdout, BIO_NOCLOSE);
>
> ASN1_TIME_print(bio, X509_get_notBefore(cert));
>
> BIO_free(bio);
>
> Tell me if it works.
>
> Pj wrote:
>
>>Hi All,
>>
>>
>>How can I print localised, human readable certificate dates into a null
>>terminated string buffer?
>>
>>I wish to present the cert dates to the user as well as the fact that the
>>dates are valid or invalid.
>>
>>Can someone point me to a good source for X509 manipulation?
>>
>>At the moment my function reads:
>>
>>void dumpCertificate(X509 *cert, char *fileName)
>>
>>{
>>            char buf[2044];
>>            int ret;
>>
>>            X509_NAME *subj = X509_get_subject_name(cert);
>>            X509_NAME *issuer = X509_get_issuer_name(cert);
>>
>>            FILE *fp;
>>            unlink(fileName);
>>            fp = fopen(fileName,"w");
>>            if (!fp) return;
>>
>>
>>            /* check expiry dates */
>>            if (X509_cmp_current_time(X509_get_notBefore(cert)) >= 0) {
>>               fprintf(fp, "DateValid:false:Certificate date not yet
>>valid\n");
>>            }
>>            else if (X509_cmp_current_time(X509_get_notAfter(cert)) <= 0)
>
> {
>
>>                        fprintf(fp, "DateValid:false:Certificate date
>>expired\n");
>>            }
>>            else
>>                        fprintf(fp, "DateValid:true\n");
>>
>>            /* Subject commonName */
>>
>>            ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
>>NID_commonName, buf, 1024);
>>            fprintf(fp, "Subject.CommonName:%s\n",(ret < 1)?"":buf);
>>
>>
>>            /* Subject Organization name */
>>            ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
>>NID_organizationName, buf, 1024);
>>            fprintf(fp, "Subject.OrganizationName:%s\n",(ret < 1)?"":buf);
>>
>>            /* Subject Email Address */
>>            ret = X509_NAME_get_text_by_NID(X509_get_subject_name(cert),
>>NID_pkcs9_emailAddress, buf, 1024);
>>            fprintf(fp, "Subject.Email:%s\n",(ret < 1)?"":buf);
>>
>>
>>            /* Issuer Organization name */
>>            ret = X509_NAME_get_text_by_NID(X509_get_issuer_name(cert),
>>NID_organizationName, buf, 1024);
>>            fprintf(fp, "Issuer.OrganizationName:%s\n",(ret < 1)?"":buf);
>>
>>            fclose(fp);
>>}
>>
>>Thanks Heaps!
>>Phillip.
>>
>>
>>
>>
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]

--
No virus found in this incoming message.
Checked by AVG Anti-Virus.
Version: 7.0.322 / Virus Database: 266.11.17 - Release Date: 25/05/2005
 

--
No virus found in this outgoing message.
Checked by AVG Anti-Virus.
Version: 7.0.322 / Virus Database: 266.11.17 - Release Date: 25/05/2005
 

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Doubt regarding EMSA-PKCS1-v1_5

Suram Chandra Sekhar
In reply to this post by Dr. Stephen Henson
Hi,
Thank you very much for the response.
In one protocol, the signature algorithm is defined to be always SHA1.  The
encoding to be used
is EMSA-PKCS1-v1_5 encoding as defined in PKCS#1 v2.0 document.

In my implementation, Iam using RSA_private_encrypt instead of RSA_sign()
for signing purpose.

I referred to section 9.2 of rfc 3447(Public-Key Cryptography Standards
(PKCS) #1: RSA Cryptography Specifications Version 2.1)
document which says the following

          EM = 0x00 || 0x01 || PS || 0x00 || T.

where T  for SHA1 is defined as

       SHA-1:   (0x)30 21 30 09 06 05 2b 0e 03 02 1a 05 00 04 14 || H.
(H is the Hash value from Step 1).

My specific question is

     Is it expected that the input I pass to RSA_private_encrypt for "from"
MUST contain the HASH pre-pended with the hex value defined
     or is there any function in OpenSSL which can be called to set this value.

Awaiting your valuable response..

Regards
Suram


At 06:32 PM 5/25/2005, you wrote:

>On Wed, May 25, 2005, Suram Chandra Sekhar wrote:
>
> > Hi all,
> > Thank you very much for the reply.  I was going through the man page of
> > RSA_sign().  It is indicating as follows...
> > If type is NID_md5_sha1, an SSL signature (MD5 and SHA1 message digests
> > with PKCS #1 padding and no algorithm identifier)
> > is created.
> >
> > It means that Signature Algorithm is not used in RSA_sign().  If my
> > understanding is correct, can anyone please point out how to make
> > RSA_sign() do this job.
> >
>
>Not sure what you mean there.
>
>NID_md5_sha1 is an exceptional case where the signature format is different.
>This format is required for TLS and SSL.
>
>In all other cases the DigestInfo encapsulation is used.
>
>AFAIK there isn't a standard for DigestInfo encapsulation of a TLS/SSL
>signature: not sure why you'd want to.
>
>Steve.
>--
>Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
>OpenSSL project core developer and freelance consultant.
>Funding needed! Details on homepage.
>Homepage: http://www.drh-consultancy.demon.co.uk
>______________________________________________________________________
>OpenSSL Project                                 http://www.openssl.org
>User Support Mailing List                    [hidden email]
>Automated List Manager                           [hidden email]


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]