[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
R: Problem about the private key signing with SFL
Hi all,
I did some steps around the problem.
I compiled free3 again but with right options so now
I can debug into CSM_Free3::SMTI_Sign.
This way I was able to understand the cause of the problem.
Free3 recognized EncryptedPrivateKeyInfo SEQUENCE
(the most external structure for PKCS#8) and the value
used for EncryptionAlgorithmIdentifier, member of that
structure. In fact, looking inside Free3 while debugging,
I seen that if PKCS#8 was created using PBE-MD5-DES
(openssl pkcs8 -in keytemp.pem -inform pem -topk8
-v1 PBE-MD5-DES -outform der -out privkey.p8)
or PBE-MD5-RC2
(openssl pkcs8 -in keytemp.pem -inform pem -topk8
-v1 PBE-MD5-RC2 -outform der -out privkey.p8).
the Free3 recognized the algorithm.
If PKCS#8 was created another (e.g PBE-MD2-DES)
Free3 printed out:
"unsupported password encryption"
So the problem is: even if Free3 recognize PBE algorithm
identifier, it doesn't decrypt correctly the encoded
data for PKCS#8 PrivateKeyInfo SEQUENCE.
(I don't know if the problem is on the openssl side,
on the Free3 side or both)
In fact I uncommented the line
// for debug only - to be taken out
bufEncodedPrivateKey.ConvertMemoryToFile(".\\decryptedPrivateKey.log");
in CSM_Free3::DecryptPrivateKey source code
in order to write to a file containing decrypted
PKCS#8 PrivateKeyInfo SEQUENCE.
I created a PKCS#8 only with not encrypted internal
PrivateKeyInfo SEQUENCE.
(openssl pkcs8 -in keytemp.pem -inform pem -topk8
-v1 PBE-MD5-RC2 - nocrypt -outform der -out privkey.p8).
Then I binary compared the PKCS#8 file and
file containing data decrypted by Free3.
This test failed: they are different.
I also used 'openssl asn1parse' command to view
the tagged structure of DER encoded files:
PKCS#8 unencrypted file produced by openssl
is a good PKCS#8 encoded file, instead
'openssl asn1parse' doesn't recognize as
valid ASN.1 encoded data the file containing
Free3 decrypted PrivateKeyInfo SEQUENCE.
So I did another test. I modified
CSM_Free3::DecryptPrivateKey source code
from:
*********************************************
// get the key to be decrypted
CSM_Buffer bufEncryptedKey((char*)(snaccEncryptedX.encryptedData),
snaccEncryptedX.encryptedData.Len());
CSM_Buffer bufEncodedPrivateKey;
SME(RawDecrypt(&bufEncryptedKey, &bufEncodedPrivateKey, cbc_decryption,
blocksize));
// for debug only - to be taken out
//
bufEncodedPrivateKey.ConvertMemoryToFile(".\\decryptedPrivateKey.log");
// ASN.1 decode the private key
DECODE_BUF((&snaccX), bufEncodedPrivateKey);
*********************************************
to:
*********************************************
// get the key to be decrypted
CSM_Buffer bufEncryptedKey((char*)(snaccEncryptedX.encryptedData),
snaccEncryptedX.encryptedData.Len());
//CSM_Buffer bufEncodedPrivateKey; //TO BE UNCOMMENTED FOR RELEASE
VERSION
// ES: the following statement is only for debug (by GR)
CSM_Buffer bufEncodedPrivateKey(".\\grkeynocrypt2.p8");
bufEncodedPrivateKey.ConvertFileToMemory();
//TO BE UNCOMMENTED FOR RELEASE VERSION
//SME(RawDecrypt(&bufEncryptedKey, &bufEncodedPrivateKey, cbc_decryption,
blocksize));
// for debug only - to be taken out
//
bufEncodedPrivateKey.ConvertMemoryToFile(".\\decryptedPrivateKey.log");
// ASN.1 decode the private key
DECODE_BUF((&snaccX), bufEncodedPrivateKey);
*********************************************
in order to make Free3::Sign use the previously
created file containing encoded PrivateKeyInfo
STRUCTURE instead of Free3 decrypted data.
Finally this test gave me a positive result:
CMS object with SignedData was produced
(and also I successfully tried the code for
signature verification)!!!
For the moment using this workaround (trial private key
not encrypted) I can develop and test various features
of my application but I need to solve the problem.
Has anyone a solution?
Or, intermediate solution, has anyone (Bob? Jonathan?)
a free tool tested with SFL&Free3 CTIL for extracting
a private key from a PKCS#12 and putting it
into a PKCS#8?
Thank's
Gianluca
> -----Messaggio originale-----
> Da:
> Inviato: 30 June 2000 13:27
> A: 'imc-sfl@xxxxxxx'
> Oggetto: Problem about the private key signing with SFL
>
> Hi all,
> another problem. About private key.
>
> As I wrote, the goal of my application is
> * sign a blob
> * verify the signature over this blob
> (very innovative ... :-))
>
> I want to use Crypto++ 3.1 free token library, md5RSA or sha1RSA
> signature over that blob and produce a CMS object with or
> without ContentInfo,
> with or without signer's certificate, with or without
> certification path certificates
> Platform: Win32, Compiler VisualC++ 6.0 (within VisualStudio)
> Professional with SP3
> SFL version 1.6 (Free3 CTIL compiled with
> SM_FREE3_RSA_INCLUDED define)
>
> In order to try the application with a standard certificate,
> I got a trial certificate from Verisign
> (with automatic enrollment to the Microsoft
> Enhanced Cryptographic Service Provider, the one
> released with a High Encryption Pack for IE)
> Main features are:
> * Version3
> * Public key algorithm: RSA
> * Public key length: 1024 bit
> * Certificate Signature Algorithm: md5RSA
>
> Then I exported the certificate with a private key from MS
> local repository
> to a PKCS#12 object.
> Finally using openSSL 0.95a I performed following steps:
>
> 1) extraction of the private key from PKCS#12 to PEM format
> (I think base64 encoded RSA format, it is not specified in
> openSSL docs).
> The command used is:
>
> openssl pkcs12 -in mypkcs12.p12 -nocerts -out keytemp.pem
>
> Openssl requested password to open pkcs12 object and password
> to protect pem format private key file
>
>
> * transcoding from PEM format to PKCS#8 (protected with PKCS#5)
> DER encoded.
> The command used is:
>
> openssl pkcs8 -in keytemp.pem -inform pem -topk8 -outform der
> -out privkey.p8
>
> Openssl requested password to pem format key and password
> to protect PKCS#8 object
>
>
> **********************************
> Now the application. Some key source code line:
>
> * For login:
> SME(pES_AppLogin= (CSM_AppLogin *) new
> CSM_AppLogin(FREE3_DLL_NAME,DLLBuildParam));
> pCSMIME = (CSMIME *)pES_AppLogin;
>
> Following previous mails between Bob and Jonathan (about
> default alg - DSA - for
> Free3 CTIL) I added following code
>
> pCSMIME->m_pCSInsts->SetCurrToFirst();
> pCurr_CSInst=pCSMIME->m_pCSInsts->Curr();
> pDigestAlgOID = new CSM_OID(md5);
> pDig_EncAlgOID = new CSM_OID(md5WithRSAEncryption);
> pCurr_CSInst->SetPreferredCSInstAlgs(pDigestAlgOID ,
> pDig_EncAlgOID , NULL, NULL);
>
> Because of the fact that the application had produced a PKCS#7 object
> containing SignedData without SignerInfos/SignerInfo data, I
> debugged the code
> and I saw that before calling SMTI_Sign method it was controlled that
> Applicable bit value within CSM_CInst instance was true.
> So I added following code:
>
> pCurr_CSInst->SetApplicable(true);
>
>
> * For instancing and preparing CSM_MsgToSign object
>
>
> CSM_Buffer *p;
>
> p= new CSM_Buffer(DATA_TO_BE_SIGNED_FILENAME);
> m_pESSignMsg= (CSM_MsgToSign *) new CSM_MsgToSign(p);
>
> // CMS (RFC 2630) OID definition for SignedData type
> m_pESSignMsg->setContentType(CSM_OID("1.2.840.113549.1.7.2"));
>
> m_pESSignMsg->SetIncludeOrigCertsFlag(true);
> m_pESSignMsg->m_bIssOrSki = false;
> //Usa IssuerAndSerialNumber
>
> // for the following flag: true->enveloping signature
> // false->detached signature
> m_pESSignMsg->SetIncludeContentFlag(true);
>
>
> * For signing
>
> if ((ret=m_pESSignMsg->Sign(pCSMIME))==SM_NO_ERROR)
> {
> CSM_Buffer
> *pbufContent=m_pESSignMsg->GetEncodedContentInfo();
> pbufContent->ConvertMemoryToFile(SIGNED_DATA_FILENAME);
> delete pbufContent;
> }
>
> *******************************************************
>
> The problem:
>
>
> The application return to me following exception:
>
> F:\Tesi\es\escmd\lib>escmd
> ERROR INFORMATION AND STACK:
>
> ERROR INFORMATION: PrivateKeyInfo::BDec: ERROR - wrong tag
>
> ERROR CODE: 34 SOURCE LINE NUMBER: 3054
> FILE: f:\tesi\smimer1.6\alg_libs\sm_free3\sm_free3.cpp
> FUNCTION: CSM_Free3::DecryptPrivateKey
>
> CSM_Free3::SMTI_Sign IN
> f:\tesi\smimer1.6\alg_libs\sm_free3\sm_free3.cpp, line 8
> 1.
> CSM_SignBuf::SignBuf IN
> f:\tesi\smimer1.6\libcert\src\sm_signbuf.cpp, line 193.
> ProduceSignerInfo IN
> F:\Tesi\smimeR1.6\libsrc\hilevel\sm_Sign.cpp, line 301.
> UpdateSignedDataSIs IN
> F:\Tesi\smimeR1.6\libsrc\hilevel\sm_Sign.cpp, line 195.
> Sign IN F:\Tesi\smimeR1.6\libsrc\hilevel\sm_Sign.cpp, line -1.
> sign IN f:\tesi\es\escmd\src\escmd.cpp, line -1.
>
>
>
> I can't debug the application within SMTI_Sign (CSM_TokenInterface
> class or, better, CSM_Free3 class) method because
> for the following code in sm_SignBuf.cpp
>
> {
> SME(tmpTokenIF->SMTI_Sign(pSigContentBuf,
> pSigBuf, // returned result
> pDigest)); // data digest (Hash of Content)
> }
>
> the behavior of F11(step into) debug command is similar to
> F10 (step over),
> so I can't see values of various structures within the
> objects (from CSM_AppLogin and
> CSM_MsgToSign classes) just before exception is generated.
>
> I thinked I have compiled SFL with bad options, so
> I tried to verify key management
> using command
> auto_hid.exe lolevel\crypto.cfg:
> it returned to me no message (The meaning is:
> Test passed?).
> I tried to change randomly password in
> a free3 section of the crypto.cfg file
> ant it returned to me no message ...
> So I can't understand if SFL libraries have been built
> correctly
>
> Finally trying to generate a certificate using
> CertificateBuilder:
> 1) Using dialog box I can generate
> certificate only with DSA public key
> (which way for storing generated private key?)
> 2) Using a config file (e.g. DaisyRSA.cfg included
> in SFL package) CertificateBuilder returns an error
> (in libcert)
>
> *****************************************************************
>
> Now the questions:
>
> 1) Is my usage of pCurr_CSInst->SetApplicable(true)
> method correct or the use it's not mandatory (and I
> had to use it because I forgot something else?)
>
> 2) Did I do something wrong while estracting private key
> from PKCS#12 and converting to PKCS#8? Which is the
> right way for obtaining a private key file suitable for
> SFL Free3 CTIL ?
> There is some requirement for the password
> (length and others)?
>
> 3) Which way can I generate a couple private-public key
> RSA and a public key certificate signed using md5RSA
> or sha1RSA algorithms using CertificateBuilder (either
> using dialog windows or config file)?
> I tried to do the above operations but I wasn't able to force
> CertificateBuilder to use RSA algorithm and store private
> key somewhere into a file.
>
>
> The following questions aren't related to private key problem
>
> 3) Using the constructor
> CSM_AppLogin(FREE3_DLL_NAME,DLLBuildParam))
> (with DLLBuildParam="SM_FREE3DLL certsign.der keysign.p8
> password sm_FREE3")
> the last parameter, token ID (sm_FREE3), is ininfluent,
> because is the
>
> *CSM_Free3::AddLoginStatic method which copies ID string
> (FREE3) to a buffer
> pointed by the pointer passed as parameter, in the above case
> pointer to "sm_FREE3"
> parameter.
>
> The only need is passing a string with length equal or
> greather than FREE3
> in order to allocate string buffer memory large enough for th
> copy made
> by AddLoginStatic method
>
> It's true? If yes, why?
>
> 4) What's the difference between sha_1WithRSAEncryption
> and sha_1WithRSAEncryption_ALT AsnOid contants?
>
> 5) Have you (Wang) planned a CTIL for a MSCryptoAPI?
> Someone else had developed it?
>
> Thank's
> Gianluca
>
> ---------------------------------------------------------------------
> Gianluca Ramunno (ramunno@xxxxxxxxx)
>