Upgrading OpenSSL

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

Upgrading OpenSSL

Leon Brits

Hi all,

 

I am task to update two machines from v0.9.8z to v1.0.2 (since it is LTS).

 

With the minimal changes, I’ve been able to get the application on the machines to compile with the newer version and generate RSA 4096 key pairs. The applications are able to successfully use their respective private keys and certificates to establish TLS connection between them. However, when I used the CLI to check a dumped privatekey i got the following output:


% openssl rsa -check -in privkey.pem

unable to load Private Key

1995859152:error:0D078079:asn1 encoding routines:ASN1_ITEM_EX_D2I:field missing:tasn_dec.c:489:Field=d, Type=RSA

1995859152:error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib:rsa_ameth.c:121:

1995859152:error:0606F091:digital envelope routines:EVP_PKCS82PKEY:private key decode error:evp_pkey.c:92:

1995859152:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:pem_pkey.c:141:

 

Any suggestions at what is wrong with the key?

Note that an ID is stored in the RSA extended data since the private key may be stored in HSM.

 

Thanks for your time

LJB


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: Upgrading OpenSSL

Leon Brits

Thanks for the help.

 

I’ve come to learn that my problem is the HSM. It removes the RSA values p,q and d from the EVP key before returning it. This is normal since it is protecting the key by keeping it in the HSM – duh. Anyway so, I cannot use it as a normal key. “Live and learn”

 

So this bring me to the next question: Is there any changes I need to make in the OpenSSL Engine for my upgrade (0.9.8 -> 1.0.2) to be complete?

 

Regards,

 

Leon Brits
System Engineer
Mobile: +27 84 250 2855

76 Regency Drive Route 21 Corporate Park Irene 0157

Tel +27 12 678 9740 (ext. 9767) | Fax +27 12 345 2561

www.parsec.co.za

 

From: openssl-dev [mailto:[hidden email]] On Behalf Of Leon Brits
Sent: 23 August 2017 11:52 AM
To: [hidden email]
Subject: [openssl-dev] Upgrading OpenSSL

 

Hi all,

 

I am task to update two machines from v0.9.8z to v1.0.2 (since it is LTS).

 

With the minimal changes, I’ve been able to get the application on the machines to compile with the newer version and generate RSA 4096 key pairs. The applications are able to successfully use their respective private keys and certificates to establish TLS connection between them. However, when I used the CLI to check a dumped privatekey i got the following output:


% openssl rsa -check -in privkey.pem

unable to load Private Key

1995859152:error:0D078079:asn1 encoding routines:ASN1_ITEM_EX_D2I:field missing:tasn_dec.c:489:Field=d, Type=RSA

1995859152:error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib:rsa_ameth.c:121:

1995859152:error:0606F091:digital envelope routines:EVP_PKCS82PKEY:private key decode error:evp_pkey.c:92:

1995859152:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:pem_pkey.c:141:

 

Any suggestions at what is wrong with the key?

Note that an ID is stored in the RSA extended data since the private key may be stored in HSM.

 

Thanks for your time

LJB


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: Upgrading OpenSSL

Leon Brits

The upgrade is now working fine in one of the applications which make TLS connections. I can see the engine functions being called when some action (sign/verify) which require the privatekey.

 

However, this engine is also used in a patched version of Racoon2.

In one of the files (crypto_openssl.c) a function is called by the IKE daemon (iked) during setup with:

            :

EVP_SignInit(&ctx, md);

EVP_SignUpdate(&ctx, octets->v, octets->l);

EVP_SignFinal(&ctx, (unsigned char*)sig->v, &siglen, pkey);

:

With the upgraded OpenSSL v1.0.2, the last function now fails with the error:

2017-08-28 15:44:14 [INTERNAL_ERR]: crypto_openssl.c:1238:eay_rsassa_pkcs1_v1_5_sign(): RSA_sign failed: 30972:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:123:

 

Q: I assume it is looking for one of the missing parameters (p) in the RSA structure – correct?

Q: If so, how did it work in v0.9.8?

 

If I change the first command to:

EVP_SignInit_ex(&ctx, md, engine);

Then it segfaults in the “SignFinal” command :(

 

The engine is dynamically loaded the same way in both my TLS connection application and in the Racoon2 application.

 

Thanks for your time - any help is appreciated!

 

Leon Brits
System Engineer
Mobile: +27 84 250 2855

76 Regency Drive Route 21 Corporate Park Irene 0157

Tel +27 12 678 9740 (ext. 9767) | Fax +27 12 345 2561

www.parsec.co.za

 

From: openssl-dev [mailto:[hidden email]] On Behalf Of Leon Brits
Sent: 28 August 2017 08:08 AM
To: [hidden email]
Subject: Re: [openssl-dev] Upgrading OpenSSL

 

Thanks for the help.

 

I’ve come to learn that my problem is the HSM. It removes the RSA values p,q and d from the EVP key before returning it. This is normal since it is protecting the key by keeping it in the HSM – duh. Anyway so, I cannot use it as a normal key. “Live and learn”

 

So this bring me to the next question: Is there any changes I need to make in the OpenSSL Engine for my upgrade (0.9.8 -> 1.0.2) to be complete?

 

Regards,

 

Leon Brits
System Engineer
Mobile: +27 84 250 2855

76 Regency Drive Route 21 Corporate Park Irene 0157

Tel +27 12 678 9740 (ext. 9767) | Fax +27 12 345 2561

www.parsec.co.za

 

From: openssl-dev [[hidden email]] On Behalf Of Leon Brits
Sent: 23 August 2017 11:52 AM
To: [hidden email]
Subject: [openssl-dev] Upgrading OpenSSL

 

Hi all,

 

I am task to update two machines from v0.9.8z to v1.0.2 (since it is LTS).

 

With the minimal changes, I’ve been able to get the application on the machines to compile with the newer version and generate RSA 4096 key pairs. The applications are able to successfully use their respective private keys and certificates to establish TLS connection between them. However, when I used the CLI to check a dumped privatekey i got the following output:


% openssl rsa -check -in privkey.pem

unable to load Private Key

1995859152:error:0D078079:asn1 encoding routines:ASN1_ITEM_EX_D2I:field missing:tasn_dec.c:489:Field=d, Type=RSA

1995859152:error:04093004:rsa routines:OLD_RSA_PRIV_DECODE:RSA lib:rsa_ameth.c:121:

1995859152:error:0606F091:digital envelope routines:EVP_PKCS82PKEY:private key decode error:evp_pkey.c:92:

1995859152:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib:pem_pkey.c:141:

 

Any suggestions at what is wrong with the key?

Note that an ID is stored in the RSA extended data since the private key may be stored in HSM.

 

Thanks for your time

LJB


--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: Upgrading OpenSSL

Dr. Stephen Henson
On Mon, Aug 28, 2017, Leon Brits wrote:

> The upgrade is now working fine in one of the applications which make TLS connections. I can see the engine functions being called when some action (sign/verify) which require the privatekey.
>
> However, this engine is also used in a patched version of Racoon2.
> In one of the files (crypto_openssl.c) a function is called by the IKE daemon (iked) during setup with:
>             :
> EVP_SignInit(&ctx, md);
> EVP_SignUpdate(&ctx, octets->v, octets->l);
> EVP_SignFinal(&ctx, (unsigned char*)sig->v, &siglen, pkey);
> :
> With the upgraded OpenSSL v1.0.2, the last function now fails with the error:
> 2017-08-28 15:44:14 [INTERNAL_ERR]: crypto_openssl.c:1238:eay_rsassa_pkcs1_v1_5_sign(): RSA_sign failed: 30972:error:0606B06E:digital envelope routines:EVP_SignFinal:wrong public key type:p_sign.c:123:
>
> Q: I assume it is looking for one of the missing parameters (p) in the RSA structure - correct?
> Q: If so, how did it work in v0.9.8?
>
> If I change the first command to:
> EVP_SignInit_ex(&ctx, md, engine);
> Then it segfaults in the "SignFinal" command :(
>
> The engine is dynamically loaded the same way in both my TLS connection application and in the Racoon2 application.
>
> Thanks for your time - any help is appreciated!
>

Have you recompiled the application? Some structures have changed between
OpenSSL 0.9.8 and 1.0.2 so you'll get problems with applications (or an
ENGINE) compiled against the wrong headers.

If that isn't the problem then what is "md" set to?

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: Upgrading OpenSSL

Leon Brits
Hi Steve,


> Have you recompiled the application? Some structures have changed between
> OpenSSL 0.9.8 and 1.0.2 so you'll get problems with applications (or an
> ENGINE) compiled against the wrong headers.

In a build VM, both the TLS application and Racoon2 is compiled against freshly compiled OpenSSL 1.0.2L


> If that isn't the problem then what is "md" set to?
In the TLS application I only use SHA256, but in Racoon2 I can see it requesting SHA1 (in gdb).

Thanks for your time
LJB

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: Upgrading OpenSSL

Leon Brits
Hi all,

I've was able to get the private key from the HSM (added below). Testing it from the commandline shows:

% openssl rsa -noout -check -in /etc/racoon2/Local/refB.pem
RSA key ok

Next I started from the default Racoon2 source code (20100526a) with NO patches. It now reads the private key from file. It however still fails with same error at "p_sign.c:123"!?

Since I know this will be a RSA key I added code after where the file is read as EVP_PKEY (within ifdef):

evp = PEM_read_PrivateKey(fp, NULL, NULL, NULL);
#ifdef TEST
RSA *rsa = EVP_PKEY_get1_RSA(evp);
printf("\nRSA modulus: %d\n\n", RSA_size(rsa));
#endif

The output is: "RSA modulus: 512" (WTF!)

Output from CLI says modulus is:

$openssl rsa -text -in /etc/racoon2/Local/refB.pem
Private-Key: (4096 bit)
:
:

I also read the file directly with PEM_read_RSAPrivateKey() and also got the modulus as 512.

I also tested that the private key and public certificate matches by singing and verifying random data. So the private key must be correct - right?

I've added a line to the Racoon2 init function to print the OpenSSL version and the output is: "OpenSSL version: 100020cf". OpenSSL and Racoon2 are both configured with specific parameters to point to "/usr/local/ssl" as the path to OpenSSL.

Based on search results, I've added "OpenSSL_add_all_algorithms()" to the init code, but this did not make a difference. The other "add" and "load" stuff was there already.
 
Thanks for all the help so far
LJB

-----BEGIN RSA PRIVATE KEY-----
MIIJKAIBAAKCAgEA5B36X3g6AtbnELtkoKUfAmwAXfFsk8kH0U+vRcuRLQ0VIVHI
FTZBIP4Ao68JPBh+fqS3eCtF5Ra1AxSTHH5+QkkN+c5j+iWbvlT55/gtrGz25dyW
A+xJ1LyvBuLxgczgCTIdvegMQNlo8r/fm492tXI/X3pMJufdMD8ddpBPc+rD1MbX
HcOYuWRdeDic0BepH1cvMnb9nCLz7lHv0j18NFYNYPeB0htu+jzP3EZndVtP3Zt3
C1gdjZf8j4SCI7gGtP/1kQ4lmemLCQhQG7sOgmqrNcX4Xk35sTEfn3ICE6p5vbsB
2hCCKpG8BaLS6jyoXecoXhtsbK4qLtexJdtJmDbKUm1dvFxr5qpes/pcQQR3KxIf
4woZmp24vT08WZHwCsmJd1WZffODBxCcEPn8ZdAABYUTsGlvjTEWnJCr+fJyUz6M
K/J85+sCilvOKVWvTldyleFfe7RFNLRPxxx9KeoSszb4lWe3Ic33vn5W8PthEvkY
ZwK36K4ripjksb0ROzTvFrhl4hgopnpMN5lu8eQExzktC+wyNbDHN3msy4UsQpou
mZq9WfRbvfqOCs/z3hh/bO5efxXhJCTt/5y4fh0qBRjXVCLkZcnaJ0cwaCfF+v/B
AHtJ8/Un3Aon7kFvVaaw7eMz6kC4y4mYMN6Zc+oYom9So+3wU1us5ezCr2UCAwEA
AQKCAgAWXR4DqAy/5IOor0ZxPV7p5N6wVw/W+Tlr+szrIcbszMCKkLL16Wi/LEex
xGI6YwhbsBhQjqV+jRhX4fd+LqSAKRtWpzZD+tXm9fu+EyWfJtuZs2N9pPekBI+A
NFWK7SP1otUpngs9fFL+oXLxlEIGDdpKqPm4Qrj7luRzkDhJ2/Uw8gF66Icbfcxw
EdTFzdwFt41n/CRm30Jc1emWCfMYSmtrWzh9+bSKkdWq+bgA2F/fEPO9x/i1vfXD
uDDuAYeezQ0tGF71VOENlKQN4+vLO1vnnK35yNk21uMLxaiQdwESabgHweCQ/dKa
Ftlon2O+OQBLIZMioHyANSMn2/S96RT6qiiJrf8leIsRRVmvNnSGC9ScPfGqZHHc
/Rh7zifRIDaoRi1/AB9GLoF01musmvULmv0AW2JOomm7Rxp71kED9pKJN/nrZkLT
mftAPBm/4pmrVt28bLQE0sn8JgtSaeP4Z5Y1VV3UHKit8rgY2AdAOCVeHYDeCZwy
n4OGeed6GxJIK0NHa9qTlhznPVvK5WB+vzNIqpd4eQPZ3ETX3fXp0CgEymyGQZIY
+rXkkR7XHPLcey7iEEdhmUdxXLMffuzvj5s1oOL7JY0rRLG6QoLhwNQX/kmmncZw
J24zrGz3KOfQcw1KKTuu/g8iwna3b/PYT15gIhlx1YvdvH34QQKCAQEA9kkoaQGR
fC56Uy9X+HrafDBj+JZc5+qM+9NVx9yigc9AS+Hw31eM9g2+ZotairL++X3ExSTP
0zJZQG5Af/oueX7PO7JpYJywMErymKTEjRnSa31RWgNy0SENWztGnshVjoBkC18U
fiTKrp/mEC3LEnjWG47NP7XnP6kwlZJf5vXyN0ystJXx4CUUHdKiFZ/+Ji8918jP
MADLHIqx6C8wF1nw3rsw7xbfj8hdL2uXc+ccTHaITEM49zf1NY6Y5FlEADmK8PHl
nW+KLz4p1FePP3+7j0vgmPPRAzH+26c+2SkBVLG9tZ4nRQFFoXu3DUZ/yR/kcj6d
6iF7WLg4IZ0M1QKCAQEA7R1dNihL7OrY2V/6F9YkWGThTaChfAlY2qoEzjU+tSN9
Oz4T4ErmNRwZne1bZS+KrDVAT2NyuHqP/d8UCH7+4dPUrCtUa2uocR2ZkCB/8YE0
MBwUGLVvEg9p5UzN8oLi5HYgplXuQyKjNKsOXRsFT+asiIaufGeB6SQH3YsO9d1J
cnFQ+I7syXIpgNVU4Hwva/A6OMn3F5ctHqSPcefoDrjJvZvuxNv2Q+OkfygOwIVl
fG0+cM33TRoHBkgRFsiluxB+HmHvnPruyacnVJr4iMMHoP55o2WFLzLyviCdxWfG
esI2UcYp//yGRomJfhH4ryo352AlZK+6XiGxFhsgUQKCAQEAoU+HfUd+r9SNYGC5
ANIOuprDT/XEQk55KxPfsnlLozRIy6rgJpjkheC4ndeWZRQaNvVuZSXYTV9D4BSW
gHwv5nntaA9SP+pA6FCeluYMqtKH5Ml++DMcB+fbJK8tcSCMETr8zAnplTmp2zh1
6pDj2mR08DXXL2yIW0UIwl7OG6tpi1jYIau4cfQ3OdVVPk69musEWYp4UdujLT2W
ixolKJZLUsdOpLrZkQZOKpoQ5+Quv9I/MZwx+pKXNA4DDEV/aZpG68u0diqxWoIf
yanT9GZIRfIP2H6RnsMnR11Cp9/YtE16kTNWSzcrETrDyZksZ2JRMZbbvZdSf+ih
Mzr3RQKCAQAoDEabCBFS0ZOQm1pFPmDjIR7AmrnLllSQkhi/r1SJCZZ0NBbtUhkx
rS5Scy11mKMGVPQotHZC3EiHq27ZxIFOKRYJgkP+5K8Nc99k7WhOpPDok0V9qt84
oKvVE7TRGfQyfBUlouvcIPSJx75kUVUDWsWXRZAg6OaTNwexDnSXaCmoj6UKZjFu
EL8byGxOggsMYwWiY9I9BMaVH1wu8+lI20MPqE+apkAg1UkKRPzA3Yb3jgf2y4LS
XewDzpY8T+VWBAIZJZdv3x4HpxjIfGgvySj3syNeSp5FC4jePeoH1nA6eaTtCNg9
KSyQq1gyl9x10V6h0KZgLCIBFhWv0yMRAoIBAE9i9Llefme5ZHDcXiJa7x7d11Et
KpHkMfrYwmCCPsZdijwAyN4oBfcfDbfASzSTtcK13qnzwq34xLSe7JgefbR0prws
PsFEx1kSZHxPuCl3/L7cZSTJ3ZrNcdHtcqiGHX4zR3AJ8Vy8dB/w9ip3IDE6+/8L
dujQ2kWHOYAKoQ7+pV8qzfBSVs07COFm73bz7omasZaHPsGH9cmTbgGZSJiUAo36
jAK27hnXSQzqD2Jtmr95wAVJk2PYxtgsCbGFrE1STj9ZHp1OEoZqAdnlOKQEz1S0
ZfzdAMnD2ntpROVrvEEuLT68oePoXgwlG+1C4njPlpwCb0WlHfCM60RcllU=
-----END RSA PRIVATE KEY-----

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: Upgrading OpenSSL

Leon Brits
Hi all,

I need to correct my WTF comment - RTFM !!!! RSA_size return bytes. Sorry

LJB
 
> evp = PEM_read_PrivateKey(fp, NULL, NULL, NULL); #ifdef TEST RSA *rsa =
> EVP_PKEY_get1_RSA(evp); printf("\nRSA modulus: %d\n\n", RSA_size(rsa));
> #endif
>
> The output is: "RSA modulus: 512" (WTF!)

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Reply | Threaded
Open this post in threaded view
|

Re: Upgrading OpenSSL

Leon Brits
In reply to this post by Dr. Stephen Henson
I now have Racoon2 working. Steve's comment made me think about the digests used in Racoon2 and I went searching for any commands using SHA1. I found two hardcoded as string "SHA1". I changed it to SHA256 and bobs-your-uncle.

I guess this is due to the phasing-out of the SHA1 hash which was not true in the days of v0.9.8?

Sorry for using you guys as a soundboard, but I have no other option.
Thanks for all your help
Regards,
LJB

--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev