Perché il CSR contiene una curva esplicita quando si genera la chiave privata con genpkey?

Naviga le tue risposte
2

Quando ho generato la chiave SSL usando ecparam, ho ottenuto un CSR con una curva denominata: 

$ openssl ecparam -genkey -out ecparam.key -name prime256v1
$ openssl req -new -sha256 -key ecparam.key -out ecparam.csr -subj "/CN=Test"
$ openssl req -text -in ecparam.csr 
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: CN=Test
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:c0:10:c0:d2:8a:5d:f3:05:84:94:a5:23:1b:59:
                    35:20:b8:5f:e9:b1:f2:6b:83:15:59:3f:75:93:6b:
                    b6:a5:ce:16:19:04:9d:18:0d:8d:bb:db:2a:2c:e2:
                    05:c1:58:46:42:18:19:7a:c5:71:48:ec:54:a2:2d:
                    4d:6a:e3:14:23
                ASN1 OID: prime256v1
                NIST CURVE: P-256
        Attributes:
            a0:00
    Signature Algorithm: ecdsa-with-SHA256
         30:46:02:21:00:93:1a:fe:90:c7:29:07:d2:b4:c7:c3:b2:fe:
         dc:6a:bf:62:4b:88:4a:98:3f:30:e7:b0:62:55:62:6c:d9:b3:
         bc:02:21:00:a0:3c:2f:1d:c8:28:72:bf:9c:8d:51:87:80:a4:
         a0:17:7c:e8:17:60:63:8f:ea:21:ce:53:af:65:ee:80:25:d0
-----BEGIN CERTIFICATE REQUEST-----
MIHKMHECAQAwDzENMAsGA1UEAwwEVGVzdDBZMBMGByqGSM49AgEGCCqGSM49AwEH
A0IABMAQwNKKXfMFhJSlIxtZNSC4X+mx8muDFVk/dZNrtqXOFhkEnRgNjbvbKizi
BcFYRkIYGXrFcUjsVKItTWrjFCOgADAKBggqhkjOPQQDAgNJADBGAiEAkxr+kMcp
B9K0x8Oy/txqv2JLiEqYPzDnsGJVYmzZs7wCIQCgPC8dyChyv5yNUYeApKAXfOgX
YGOP6iHOU69l7oAl0A==
-----END CERTIFICATE REQUEST-----

Tuttavia, se genero la chiave usando genpkey (o req), il mio CSR ora ha una curva esplicita: 

$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -out genpkey.key
$ openssl req -new -sha256 -key genpkey.key -out genpkey.csr -subj "/CN=Test"
$ openssl req -text -in genpkey.csr 
Certificate Request:
    Data:
        Version: 0 (0x0)
        Subject: CN=Test
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:86:e1:af:90:3d:76:d9:2f:9d:bc:ca:5a:80:0a:
                    fc:6f:a7:75:29:26:5b:60:65:fd:3f:74:b4:5b:09:
                    27:0f:da:45:48:21:46:b4:16:a4:52:0e:c1:97:b4:
                    71:3a:5b:dc:6d:6e:aa:33:81:7b:cb:bd:78:18:6a:
                    62:fa:bf:8f:d3
                Field Type: prime-field
                Prime:
                    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
                    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:ff
                A:   
                    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
                    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
                    ff:ff:fc
                B:   
                    5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
                    bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
                    60:4b
                Generator (uncompressed):
                    04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
                    40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
                    98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
                    7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
                    68:37:bf:51:f5
                Order: 
                    00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
                    ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
                    63:25:51
                Cofactor:  1 (0x1)
                Seed:
                    c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
                    b7:81:9f:7e:90
        Attributes:
            a0:00
    Signature Algorithm: ecdsa-with-SHA256
         30:46:02:21:00:99:a4:3c:85:cb:f0:b0:f5:10:6e:ff:9a:2b:
         9b:81:3a:35:d2:5d:eb:cc:da:26:16:bb:95:ff:bc:b9:3a:06:
         dc:02:21:00:ea:71:91:fb:87:de:49:87:be:8e:84:da:0f:3f:
         33:bf:e4:48:d6:eb:09:99:81:07:e3:39:f3:83:7c:96:b1:e6
-----BEGIN CERTIFICATE REQUEST-----
MIIBwDCCAWUCAQAwDzENMAsGA1UEAwwEVGVzdDCCAUswggEDBgcqhkjOPQIBMIH3
AgEBMCwGByqGSM49AQECIQD/////AAAAAQAAAAAAAAAAAAAAAP//////////////
/zBbBCD/////AAAAAQAAAAAAAAAAAAAAAP///////////////AQgWsY12Ko6k+ez
671VdpiGvGUdBrDMU7D2O848PifSYEsDFQDEnTYIhucEk2pmeOETnSa3gZ9+kARB
BGsX0fLhLEJH+Lzm5WOkQPJ3A32BLeszoPShOUXYmMKWT+NC4v4af5uO5+tKfA+e
FivOM1drMV7Oy7ZAaDe/UfUCIQD/////AAAAAP//////////vOb6racXnoTzucrC
/GMlUQIBAQNCAASG4a+QPXbZL528ylqACvxvp3UpJltgZf0/dLRbCScP2kVIIUa0
FqRSDsGXtHE6W9xtbqozgXvLvXgYamL6v4/ToAAwCgYIKoZIzj0EAwIDSQAwRgIh
AJmkPIXL8LD1EG7/miubgTo10l3rzNomFruV/7y5OgbcAiEA6nGR+4feSYe+joTa
Dz8zv+RI1usJmYEH4znzg3yWseY=
-----END CERTIFICATE REQUEST-----
  1. Cosa mi manca qui? Perché OpenSSL non crea una CSR con la curva denominata quando si utilizza genpkey / req?
  2. C'è qualche motivo per cui dovrei generare una CSR con una curva denominata o esplicita? e perché?
posta Lie Ryan 20.01.2017 - 12:31
fonte

1 risposta

2

valori predefiniti incoerenti

Re. 2.

Re. 2: non so. Ma sembra sbagliato dare una curva nominata in modo esplicito e lasciare che l'altra estremità capisca Ehi! Questa è in realtà una delle curve nominate che supporto!

OpenSSL Wiki ha questo da dire : (la linea rompe la mia)

Parameters and key files can be generated to include the full explicit parameters instead of just the name of the curve if desired.

This might be important if, for example, not all the target systems know the details of the named curve. In OpenSSL version 1.0.2 new named curves have been added such as brainpool512t1. Attempting to use a parameters file or key file in versions of OpenSSL less than 1.0.2 with this curve will result in an error: [...]

Re. 1.

Re. 1: Questo non ha nulla a che fare con la CSR. È già nelle chiavi. "ecparam" imposta automaticamente "named_curve". E "genpkey" imposta automaticamente "esplicito". Non so perché l'abbiano programmato in quel modo.

Esempio di seguito.

Con l'opzione -pkeyopt ec_param_enc:explicit : 

$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -pkeyopt ec_param_enc:explicit  -text
-----BEGIN PRIVATE KEY-----
MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB
AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA
///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV
AMSdNgiG5wSTamZ44ROdJreBn36QBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg
9KE5RdiYwpZP40Li/hp/m47n60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP////8A
AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQg1Hq9Di0uUkZe
J3CTZQzbO8hK+MsJDYFmimsQ9azcCYOhRANCAATrVc+UPOnoZBzs16PiscXKLZzI
Muu342nf1iRBgZbHrsrFptxEnQBpTQV/Vj4EWYHwtzpt6pJmuvaDpcZg3MYE
-----END PRIVATE KEY-----
Private-Key: (256 bit)
priv:
    00:d4:7a:bd:0e:2d:2e:52:46:5e:27:70:93:65:0c:
    db:3b:c8:4a:f8:cb:09:0d:81:66:8a:6b:10:f5:ac:
    dc:09:83
pub:
    04:eb:55:cf:94:3c:e9:e8:64:1c:ec:d7:a3:e2:b1:
    c5:ca:2d:9c:c8:32:eb:b7:e3:69:df:d6:24:41:81:
    96:c7:ae:ca:c5:a6:dc:44:9d:00:69:4d:05:7f:56:
    3e:04:59:81:f0:b7:3a:6d:ea:92:66:ba:f6:83:a5:
    c6:60:dc:c6:04
Field Type: prime-field
Prime:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:ff
A:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:fc
B:
    5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
    bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
    60:4b
Generator (uncompressed):
    04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
    40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
    98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
    7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
    68:37:bf:51:f5
Order:
    00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
    ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
    63:25:51
Cofactor:  1 (0x1)
Seed:
    c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
    b7:81:9f:7e:90

Con l'opzione -pkeyopt ec_param_enc:named_curve : 

$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -pkeyopt ec_param_enc:named_curve  -text
-----BEGIN PRIVATE KEY-----
MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQglWEHQsiU1JdAQx09
r7JE/al6b0ldLUjTrBA6vbfH62WhRANCAASSoDWvKLeEbfuye3qJXxV1bcGwgVGz
FkCn3PE77MDiHukhX1SOI3nbtOISC2kvEEVa7l4MiN1u25y/S5avjLow
-----END PRIVATE KEY-----
Private-Key: (256 bit)
priv:
    00:95:61:07:42:c8:94:d4:97:40:43:1d:3d:af:b2:
    44:fd:a9:7a:6f:49:5d:2d:48:d3:ac:10:3a:bd:b7:
    c7:eb:65
pub:
    04:92:a0:35:af:28:b7:84:6d:fb:b2:7b:7a:89:5f:
    15:75:6d:c1:b0:81:51:b3:16:40:a7:dc:f1:3b:ec:
    c0:e2:1e:e9:21:5f:54:8e:23:79:db:b4:e2:12:0b:
    69:2f:10:45:5a:ee:5e:0c:88:dd:6e:db:9c:bf:4b:
    96:af:8c:ba:30
ASN1 OID: prime256v1
NIST CURVE: P-256

Senza questa opzione, l'impostazione predefinita è l'uso di explicit : 

$ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:prime256v1 -text                             -----BEGIN PRIVATE KEY-----
MIIBeQIBADCCAQMGByqGSM49AgEwgfcCAQEwLAYHKoZIzj0BAQIhAP////8AAAAB
AAAAAAAAAAAAAAAA////////////////MFsEIP////8AAAABAAAAAAAAAAAAAAAA
///////////////8BCBaxjXYqjqT57PrvVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMV
AMSdNgiG5wSTamZ44ROdJreBn36QBEEEaxfR8uEsQkf4vOblY6RA8ncDfYEt6zOg
9KE5RdiYwpZP40Li/hp/m47n60p8D54WK84zV2sxXs7LtkBoN79R9QIhAP////8A
AAAA//////////+85vqtpxeehPO5ysL8YyVRAgEBBG0wawIBAQQg8APlrpjwkK1j
7u8dLFxoZIREseEI6oxigSevcQ5dND2hRANCAARCCQFa8DqsxGDUt4LDgEfms7mK
zhuogqc21G2hPFHBckIIQ7T1lT6w2WNBSsw/UT4LdW09Ch2GAGjUabMB3sqE
-----END PRIVATE KEY-----
Private-Key: (256 bit)
priv:
    00:f0:03:e5:ae:98:f0:90:ad:63:ee:ef:1d:2c:5c:
    68:64:84:44:b1:e1:08:ea:8c:62:81:27:af:71:0e:
    5d:34:3d
pub:
    04:42:09:01:5a:f0:3a:ac:c4:60:d4:b7:82:c3:80:
    47:e6:b3:b9:8a:ce:1b:a8:82:a7:36:d4:6d:a1:3c:
    51:c1:72:42:08:43:b4:f5:95:3e:b0:d9:63:41:4a:
    cc:3f:51:3e:0b:75:6d:3d:0a:1d:86:00:68:d4:69:
    b3:01:de:ca:84
Field Type: prime-field
Prime:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:ff
A:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:fc
B:
    5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
    bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
    60:4b
Generator (uncompressed):
    04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
    40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
    98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
    7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
    68:37:bf:51:f5
Order:
    00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
    ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
    63:25:51
Cofactor:  1 (0x1)
Seed:
    c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
    b7:81:9f:7e:90

E con ecparam le impostazioni predefinite sono il contrario.

Con l'opzione -param_enc explicit : 

$ openssl ecparam -genkey -name prime256v1 -param_enc explicit -text
Field Type: prime-field
Prime:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:ff
A:
    00:ff:ff:ff:ff:00:00:00:01:00:00:00:00:00:00:
    00:00:00:00:00:00:ff:ff:ff:ff:ff:ff:ff:ff:ff:
    ff:ff:fc
B:
    5a:c6:35:d8:aa:3a:93:e7:b3:eb:bd:55:76:98:86:
    bc:65:1d:06:b0:cc:53:b0:f6:3b:ce:3c:3e:27:d2:
    60:4b
Generator (uncompressed):
    04:6b:17:d1:f2:e1:2c:42:47:f8:bc:e6:e5:63:a4:
    40:f2:77:03:7d:81:2d:eb:33:a0:f4:a1:39:45:d8:
    98:c2:96:4f:e3:42:e2:fe:1a:7f:9b:8e:e7:eb:4a:
    7c:0f:9e:16:2b:ce:33:57:6b:31:5e:ce:cb:b6:40:
    68:37:bf:51:f5
Order:
    00:ff:ff:ff:ff:00:00:00:00:ff:ff:ff:ff:ff:ff:
    ff:ff:bc:e6:fa:ad:a7:17:9e:84:f3:b9:ca:c2:fc:
    63:25:51
Cofactor:  1 (0x1)
Seed:
    c4:9d:36:08:86:e7:04:93:6a:66:78:e1:13:9d:26:
    b7:81:9f:7e:90
-----BEGIN EC PARAMETERS-----
MIH3AgEBMCwGByqGSM49AQECIQD/////AAAAAQAAAAAAAAAAAAAAAP//////////
/////zBbBCD/////AAAAAQAAAAAAAAAAAAAAAP///////////////AQgWsY12Ko6
k+ez671VdpiGvGUdBrDMU7D2O848PifSYEsDFQDEnTYIhucEk2pmeOETnSa3gZ9+
kARBBGsX0fLhLEJH+Lzm5WOkQPJ3A32BLeszoPShOUXYmMKWT+NC4v4af5uO5+tK
fA+eFivOM1drMV7Oy7ZAaDe/UfUCIQD/////AAAAAP//////////vOb6racXnoTz
ucrC/GMlUQIBAQ==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MIIBaAIBAQQghke2GCVyix7oDwB/56PI42fOHb+Jg+i2qM8RkkJsAF+ggfowgfcC
AQEwLAYHKoZIzj0BAQIhAP////8AAAABAAAAAAAAAAAAAAAA////////////////
MFsEIP////8AAAABAAAAAAAAAAAAAAAA///////////////8BCBaxjXYqjqT57Pr
vVV2mIa8ZR0GsMxTsPY7zjw+J9JgSwMVAMSdNgiG5wSTamZ44ROdJreBn36QBEEE
axfR8uEsQkf4vOblY6RA8ncDfYEt6zOg9KE5RdiYwpZP40Li/hp/m47n60p8D54W
K84zV2sxXs7LtkBoN79R9QIhAP////8AAAAA//////////+85vqtpxeehPO5ysL8
YyVRAgEBoUQDQgAE6B6QrWh0k+CsBnkrfePLKiD0FblNRlwN+pWWoZ4AVH3/9Px5
C63q9fJ3CZdeo9UlUoGkXqrRqVm1EtUWEHajvg==
-----END EC PRIVATE KEY-----

Con l'opzione -param_enc named_curve : 

$ openssl ecparam -genkey -name prime256v1 -param_enc named_curve -text
ASN1 OID: prime256v1
NIST CURVE: P-256
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEICAk+gW8qz7TbJ1oIp4BGrvGeX2a/gBM6c8A7LjGTg0poAoGCCqGSM49
AwEHoUQDQgAEIIkICva0uhtISmjyosAa1CJnGhoM3fBaYXNTTH5aPwhLKLTWDDAu
V9W0HKMTtBRh4XonaTE/zDesKwRr2ZQYmw==
-----END EC PRIVATE KEY-----

Senza opzione l'impostazione predefinita è l'utilizzo di named_curve : 

$ openssl ecparam -genkey -name prime256v1 -text
ASN1 OID: prime256v1
NIST CURVE: P-256
-----BEGIN EC PARAMETERS-----
BggqhkjOPQMBBw==
-----END EC PARAMETERS-----
-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIH+E5y6cMaUjbnH4kJLOWDtkQ89vG12Jg7oBmdLvmunNoAoGCCqGSM49
AwEHoUQDQgAEBJE0zr7FZyDoFyUgMmYvsViEYAuVz7uCSzEjVVJs2RRbvFQKa3Gt
RX8wAcgfhK0zeAd4xjLfKJq5YTQm2vZ3vQ==
-----END EC PRIVATE KEY-----
    
risposta data 20.01.2017 - 16:10
fonte

Leggi altre domande sui tag

Perché utilizziamo la crittografia asimmetrica solo per l'autenticazione quando si stabilisce una connessione SSH? Poche domande sulla famiglia di chiavi di gruppo in WPA / WPA2