come specificare solo la curva nominata nella richiesta CSR?

3

Sto tentando di inviare un CSR a un server e viene firmato con successo quando generato dalla riga di comando ma non riesce con un errore (0 lunghezza ASN.1) quando generato a livello di codice. Sospetto, forse, che sia la forma lunga dei parametri della curva, ma non lo saprò fino a quando / se riuscirò a rimuoverli da quello generato in modo programmatico. Come posso specificare solo l'OID ASN1: secp521r1?

Ecco la versione della riga di comando:

openssl ecparam -out ec521.pem -name secp521r1 -genkey
openssl req -new  -days 3652  -key ec521.pem  -out ec.csr -outform DER
openssl req -in ec.csr -text -inform DER


Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: CN=305419896
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (521 bit)
                pub: 
                    04:00:e3:5d:87:42:16:da:ff:6b:10:35:dc:6a:84:
                    0b:78:5b:4b:d5:df:3b:fc:aa:01:d7:a6:39:57:11:
                    45:4c:9b:45:8e:15:64:c8:61:76:05:a2:cf:c6:e7:
                    23:06:00:a9:b3:a8:88:95:e4:ee:fe:e0:40:d8:d4:
                    9a:50:51:6f:01:2a:af:00:09:37:78:b4:ef:66:08:
                    81:87:19:7d:f4:1b:c7:74:49:cb:ee:bd:21:23:a4:
                    3b:48:a7:6f:f5:aa:d3:cb:31:38:15:2c:d1:ff:96:
                    57:a8:3c:5b:21:27:44:c1:88:0d:df:f9:0f:e2:43:
                    41:94:f2:63:bb:23:b4:e3:98:a3:62:4f:e5
                ASN1 OID: secp521r1
        Attributes:
            a0:00
    Signature Algorithm: ecdsa-with-SHA1
         30:81:87:02:41:04:41:99:91:31:dc:5a:6b:0a:b3:e3:01:c3:
         9a:d5:1a:aa:46:74:8c:09:da:22:60:41:41:df:8e:03:ee:81:
         a4:0b:e6:0a:de:b0:fd:9a:8b:c1:3c:79:5f:f8:87:9a:dd:38:
         6b:e4:4f:eb:3c:a4:9a:d1:6b:a7:a8:4f:a0:94:f0:c3:02:42:
         01:48:e2:6b:f1:fe:9f:3e:2e:d1:2d:65:d9:ea:e0:4e:1c:e5:
         f1:4d:49:f3:f0:a9:e8:e9:7a:ff:70:98:b5:e0:20:47:c6:b8:
         62:75:e9:59:51:64:96:de:eb:2b:bd:30:60:75:09:c5:4c:bb:
         f1:64:c6:c0:87:50:fd:57:91:af:72:29

Ecco la versione programmatica:

openssl req -in tempcsr.der -text -inform DER
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: CN=305419896
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (521 bit)
                pub: 
                    04:00:8f:e8:63:df:83:55:55:34:4d:ec:6b:d8:78:
                    1d:e8:03:65:48:26:3d:1c:1f:da:2a:ed:d9:2d:d5:
                    ed:23:e7:d2:d1:2a:b0:fb:47:57:74:8a:24:8f:0b:
                    81:b7:47:ad:5a:86:73:24:c7:3d:0d:d2:40:42:34:
                    b6:2f:b6:55:3b:a5:15:01:91:71:ca:9f:23:83:a4:
                    27:60:ed:45:ae:44:5c:aa:7c:3f:89:fb:25:68:21:
                    1b:c5:c6:b6:db:d1:59:44:5c:ef:90:b2:84:e2:a7:
                    38:d6:a2:51:02:6a:99:a8:ac:51:64:e6:ff:09:84:
                    9a:25:71:ba:ce:51:13:1c:d7:a5:41:f0:be
                Field Type: prime-field
                Prime:
                    01:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff:ff:ff:ff
                A:   
                    01:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff:ff:ff:fc
                B:   
                    51:95:3e:b9:61:8e:1c:9a:1f:92:9a:21:a0:b6:85:
                    40:ee:a2:da:72:5b:99:b3:15:f3:b8:b4:89:91:8e:
                    f1:09:e1:56:19:39:51:ec:7e:93:7b:16:52:c0:bd:
                    3b:b1:bf:07:35:73:df:88:3d:2c:34:f1:ef:45:1f:
                    d4:6b:50:3f:00
                Generator (uncompressed):
                    04:00:c6:85:8e:06:b7:04:04:e9:cd:9e:3e:cb:66:
                    23:95:b4:42:9c:64:81:39:05:3f:b5:21:f8:28:af:
                    60:6b:4d:3d:ba:a1:4b:5e:77:ef:e7:59:28:fe:1d:
                    c1:27:a2:ff:a8:de:33:48:b3:c1:85:6a:42:9b:f9:
                    7e:7e:31:c2:e5:bd:66:01:18:39:29:6a:78:9a:3b:
                    c0:04:5c:8a:5f:b4:2c:7d:1b:d9:98:f5:44:49:57:
                    9b:44:68:17:af:bd:17:27:3e:66:2c:97:ee:72:99:
                    5e:f4:26:40:c5:50:b9:01:3f:ad:07:61:35:3c:70:
                    86:a2:72:c2:40:88:be:94:76:9f:d1:66:50
                Order: 
                    01:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff:fa:51:86:87:83:bf:2f:96:6b:7f:cc:01:
                    48:f7:09:a5:d0:3b:b5:c9:b8:89:9c:47:ae:bb:6f:
                    b7:1e:91:38:64:09
                Cofactor:  1 (0x1)
                Seed:
                    d0:9e:88:00:29:1c:b8:53:96:cc:67:17:39:32:84:
                    aa:a0:da:64:ba
        Attributes:
            a0:00
    Signature Algorithm: ecdsa-with-SHA1
         30:81:88:02:42:00:b6:d9:11:7b:ff:db:70:e8:a5:f3:3f:67:
         99:1d:97:5e:ae:ed:7e:dc:c4:c7:5b:0e:79:6a:b5:67:23:f8:
         bb:f2:0e:9e:4b:df:43:41:dc:cb:e5:99:00:6e:a4:7e:9c:fe:
         48:3e:8c:97:36:c7:b6:5d:55:4e:f8:2c:8a:c3:ca:b8:47:02:
         42:00:a9:2d:01:58:bc:21:df:88:6b:cb:ba:f3:fc:b9:06:6b:
         9e:1d:31:d5:07:5b:a1:46:51:4c:99:48:38:41:ab:59:1e:55:
         1e:9d:6b:73:23:ee:e9:74:3b:da:97:73:9e:b5:b8:be:23:ef:
         45:6c:61:30:31:61:a9:93:50:7b:cb:82:4d

generato come tale:

EVP_PKEY *privkey;

    if ((privkey = EVP_PKEY_new()) == NULL) {
        printf("Cannot allocate memory for private key.\n");
        finssl();
        exit(1);
    }

    EC_KEY *eckey;


    printf("Generating ECC keypair...\n");
    eckey = EC_KEY_new();
    if (NULL == eckey) {
        printf("Failed to create new EC Key\n");
        return -1;
    }

    EC_GROUP *ecgroup = EC_GROUP_new_by_curve_name(NID_secp521r1);
    if (NULL == ecgroup) {
        printf("Failed to create new EC Group\n");
        return -1;
    }

    int set_group_status = EC_KEY_set_group(eckey, ecgroup);
    const int set_group_success = 1;
    if (set_group_success != set_group_status) {
        printf("Failed to set group for EC Key\n");
        return -1;
    }


    if (!EC_KEY_generate_key(eckey)) {
        printf("Failed to generate EC Key\n");
        finssl();
        exit(1);
    }

    if (!EVP_PKEY_assign_EC_KEY(privkey, eckey)) {
        printf("Cannot assign keypair to private key.\n");
        finssl();
        exit(1);
    }

    X509_REQ *req;
    if ((req = X509_REQ_new()) == NULL) {
        printf("Cannot allocate memory for certificate request.\n");
        finssl();
        exit(1);
    }

    X509_NAME * name;
    name = X509_REQ_get_subject_name(req);
    X509_NAME_add_entry_by_txt(name, "CN", MBSTRING_ASC, (unsigned char *)"305419896", -1, -1, 0);

    X509_REQ_set_pubkey(req, privkey);
    if (!X509_REQ_sign(req, privkey, EVP_ecdsa())) {
        printf("Cannot sign request.\n");
        finssl();
        exit(1);
    }



    const char *keyfn = "tempkey.der";
    const char *csrfn = "tempcsr.der";
    // write to files ...
    FILE * f;
    f = fopen(keyfn, "w");

    i2d_PrivateKey_fp(f, privkey);

    fclose(f);
    f = fopen(csrfn, "w");
    i2d_X509_REQ_fp(f, req);
    fclose(f);
    
posta dma 07.03.2013 - 17:35
fonte

2 risposte

2

puoi specificare solo il nome della curva (OID) nel CSR di seguito:

int asn1_flag = OPENSSL_EC_NAMED_CURVE; EC_GROUP_set_asn1_flag (ecgroup, asn1_flag);

Ma quello non era il mio problema. È strano, ma avevo bisogno di impostare esplicitamente la versione:

509_REQ_set_version (req, 0L)

Anche se la versione sembrava essere predefinita a 0x0 comunque ...

    
risposta data 07.03.2013 - 20:27
fonte
0

Hai trovato la risposta giusta per l'utilizzo del modulo chiave "denominato" (OID per la curva invece di "esplicito" primo, a, b, G ecc.).

openssl dovrebbe infatti essere in grado di creare una CSR, o / e un certificato, per una chiave ECC esplicita; Non so perché stavi ottenendo '0 lunghezza ASN.1' e sono d'accordo che non ha senso impostare in modo ridondante l'impostazione sarebbe importante. Ma un server SSL può usare una chiave ECC esplicita e certare solo se l'elenco support_curves del client include i codici speciali FF01 o FF02 come applicabili, e nessun client che conosca lo fa. Per l'effettiva interoperabilità, è meglio utilizzare il modulo denominato. E probabilmente meglio attenersi al P-256 (noto anche come prime256v1 in openssl) che sembra essere il più popolare.

Questo problema (la sessione TLS non è stata negoziata affatto o non si utilizza ECC suite, a causa della forma esplicita ECC) è comparsa più volte sulle mailing list openssl, più recentemente circa due settimane fa.

Piccola parte: se tu o qualcuno vorreste usare il vostro codice su Windows, i file DER sono binari e devono essere fopenati in C usando il modificatore "b".

    
risposta data 10.03.2014 - 10:36
fonte

Leggi altre domande sui tag