Theodore Wynnychenko
2021-05-06 17:40:35 UTC
Hi
I posted this to the openssl user list the other day, but now think that was
the wrong place, since it is libressl on openbsd, right?
So, let me ask here:
Hello
I recently decided to change from RSA to EC keys/certs.
I do this primarily as a learning exercise (there is no real corporate or
professional demand to have this working).
I am running OpenBSD current (6.9) from about 1 month ago.
Previously, I have been using "openssl smime" to sign and encrypt emails.
Now that I am migrating to EC keys/certificates, I need to switch to
"openssl cms".
However, I am unable to encrypt using the EC certificate.
When I use:
(I am going to obfuscate the emails in plain text.)
cat text.in | /usr/bin/openssl cms -encrypt -from 'User
<***@example.com>' -to 'Admin <***@example.com>' -subject "Test Email"
-aes256 encryption.pem > encrypted.out
with the old RSA certificate, everything works as expected.
But, when I replace the RSA cert with the EC certificate, it does not.
Instead, I see:
15724089243112:error:2EFFF06F:CMS routines:CRYPTO_internal:ctrl
failure:/usr/src/lib/libcrypto/cms/cms_env.c:124:
15724089243112:error:2EFFF074:CMS routines:CRYPTO_internal:error setting
recipientinfo:/usr/src/lib/libcrypto/cms/cms_env.c:944:
15724089243112:error:2EFFF068:CMS routines:CRYPTO_internal:cms
lib:/usr/src/lib/libcrypto/cms/cms_smime.c:850:
And the output file is zero size.
I tried a more basic command:
openssl cms -encrypt -in text.in -out encrypted.out -recip encryption.pem
Works with RSA certificate, same error with EC certificate.
I also tried (not really understanding):
openssl cms -encrypt -in text.in -out encrypted.out -recip encryption.pem
-keyopt ecdh_kdf_md:sha256
and got the same error.
I then created some very basic self-signed EC certs.
The first, with an email in the DN, and the email as the CN:
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
cd:c8:e1:f4:f8:f7:32:dd
Signature Algorithm: ecdsa-with-SHA384
Issuer: C=US, ST=State, L=City, O=Org, OU=Home,
CN=***@example.com/emailAddress=***@example.com
Validity
Not Before: May 6 17:19:53 2021 GMT
Not After : May 6 17:19:53 2022 GMT
Subject: C=US, ST=State, L=City, O=Org, OU=Home,
CN=***@example.com/emailAddress=***@example.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (384 bit)
pub:
04:8e:11:20:73:c8:8d:5d:61:43:c4:6b:bf:04:fe:
c6:5d:a8:22:79:ae:0a:eb:de:0b:67:e6:32:24:43:
30:56:61:0a:e6:31:e4:82:cc:a8:9c:37:e9:90:01:
df:e7:90:79:dc:d5:f1:c6:0c:6e:2f:bd:51:f8:98:
4e:4b:1b:16:52:73:73:d6:fd:1f:00:a1:f6:39:03:
98:3e:64:43:77:c3:c5:95:61:c3:22:05:3c:e6:d2:
86:29:e1:a3:9c:b9:32
ASN1 OID: secp384r1
NIST CURVE: P-384
Signature Algorithm: ecdsa-with-SHA384
30:64:02:30:38:e0:dc:6d:2a:87:d0:a5:c8:9e:eb:c9:03:f6:
fc:6d:aa:80:8c:cf:8d:11:15:70:ee:1b:b6:29:21:53:40:a4:
3a:29:30:7d:5c:d5:ac:df:44:fc:a9:eb:a9:1a:b8:34:02:30:
15:42:91:ae:e3:2d:b3:3b:bd:78:63:9d:89:1c:5f:28:5c:bb:
c9:a0:01:6a:31:84:94:e0:e7:45:73:0a:51:84:0e:0b:79:a8:
04:eb:62:5b:71:cf:c8:6a:d1:86:3d:e6
The second with the CN as the email, but no email in the DN:
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
e5:fd:15:21:f1:b2:71:de
Signature Algorithm: ecdsa-with-SHA384
Issuer: C=US, ST=State, L=City, O=Org, OU=Home, CN=***@example.com
Validity
Not Before: May 6 17:18:43 2021 GMT
Not After : May 6 17:18:43 2022 GMT
Subject: C=US, ST=State, L=City, O=Org, OU=Home,
CN=***@example.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (384 bit)
pub:
04:8e:11:20:73:c8:8d:5d:61:43:c4:6b:bf:04:fe:
c6:5d:a8:22:79:ae:0a:eb:de:0b:67:e6:32:24:43:
30:56:61:0a:e6:31:e4:82:cc:a8:9c:37:e9:90:01:
df:e7:90:79:dc:d5:f1:c6:0c:6e:2f:bd:51:f8:98:
4e:4b:1b:16:52:73:73:d6:fd:1f:00:a1:f6:39:03:
98:3e:64:43:77:c3:c5:95:61:c3:22:05:3c:e6:d2:
86:29:e1:a3:9c:b9:32
ASN1 OID: secp384r1
NIST CURVE: P-384
Signature Algorithm: ecdsa-with-SHA384
30:64:02:30:3f:06:2c:b1:e1:2f:b1:0b:1e:a1:1a:eb:29:1e:
8c:e5:c4:6a:73:f5:43:4e:24:77:88:bf:b1:99:51:15:02:50:
12:cd:50:ae:d1:7f:4f:e5:3b:ba:38:06:c4:26:ea:4b:02:30:
66:9d:a4:38:7e:45:ed:7d:db:7c:3e:f9:f7:68:80:e0:13:79:
8b:85:9c:5d:b6:29:91:73:59:04:6a:73:8e:bb:bb:15:49:cc:
68:63:25:b9:c6:fe:30:40:39:65:97:57
Both using the same EC secp384r1 key.
When I try to do the most (I think) basic openssl cms -encrypt, I get the
same error.
openssl cms -encrypt -in in.txt -out encrypt.out test.pem
openssl cms -encrypt -in in.txt -out encrypt.out -recip test.pem -keyopt
ecdh_kdf_md:sha256
openssl cms -encrypt -in in.txt -out encrypt.out -recip test.pem -keyopt
ecdh_kdf_md:sha256
with either of the certificates (email in DN or not), they all produce:
11034533897704:error:2EFFF06F:CMS routines:CRYPTO_internal:ctrl
failure:/usr/src/lib/libcrypto/cms/cms_env.c:124:
11034533897704:error:2EFFF074:CMS routines:CRYPTO_internal:error setting
recipientinfo:/usr/src/lib/libcrypto/cms/cms_env.c:944:
11034533897704:error:2EFFF068:CMS routines:CRYPTO_internal:cms
lib:/usr/src/lib/libcrypto/cms/cms_smime.c:850:
I am not sure what this error means, or how to address it.
Any suggestions would be great.
Thanks
Ted
I posted this to the openssl user list the other day, but now think that was
the wrong place, since it is libressl on openbsd, right?
So, let me ask here:
Hello
I recently decided to change from RSA to EC keys/certs.
I do this primarily as a learning exercise (there is no real corporate or
professional demand to have this working).
I am running OpenBSD current (6.9) from about 1 month ago.
Previously, I have been using "openssl smime" to sign and encrypt emails.
Now that I am migrating to EC keys/certificates, I need to switch to
"openssl cms".
However, I am unable to encrypt using the EC certificate.
When I use:
(I am going to obfuscate the emails in plain text.)
cat text.in | /usr/bin/openssl cms -encrypt -from 'User
<***@example.com>' -to 'Admin <***@example.com>' -subject "Test Email"
-aes256 encryption.pem > encrypted.out
with the old RSA certificate, everything works as expected.
But, when I replace the RSA cert with the EC certificate, it does not.
Instead, I see:
15724089243112:error:2EFFF06F:CMS routines:CRYPTO_internal:ctrl
failure:/usr/src/lib/libcrypto/cms/cms_env.c:124:
15724089243112:error:2EFFF074:CMS routines:CRYPTO_internal:error setting
recipientinfo:/usr/src/lib/libcrypto/cms/cms_env.c:944:
15724089243112:error:2EFFF068:CMS routines:CRYPTO_internal:cms
lib:/usr/src/lib/libcrypto/cms/cms_smime.c:850:
And the output file is zero size.
I tried a more basic command:
openssl cms -encrypt -in text.in -out encrypted.out -recip encryption.pem
Works with RSA certificate, same error with EC certificate.
I also tried (not really understanding):
openssl cms -encrypt -in text.in -out encrypted.out -recip encryption.pem
-keyopt ecdh_kdf_md:sha256
and got the same error.
I then created some very basic self-signed EC certs.
The first, with an email in the DN, and the email as the CN:
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
cd:c8:e1:f4:f8:f7:32:dd
Signature Algorithm: ecdsa-with-SHA384
Issuer: C=US, ST=State, L=City, O=Org, OU=Home,
CN=***@example.com/emailAddress=***@example.com
Validity
Not Before: May 6 17:19:53 2021 GMT
Not After : May 6 17:19:53 2022 GMT
Subject: C=US, ST=State, L=City, O=Org, OU=Home,
CN=***@example.com/emailAddress=***@example.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (384 bit)
pub:
04:8e:11:20:73:c8:8d:5d:61:43:c4:6b:bf:04:fe:
c6:5d:a8:22:79:ae:0a:eb:de:0b:67:e6:32:24:43:
30:56:61:0a:e6:31:e4:82:cc:a8:9c:37:e9:90:01:
df:e7:90:79:dc:d5:f1:c6:0c:6e:2f:bd:51:f8:98:
4e:4b:1b:16:52:73:73:d6:fd:1f:00:a1:f6:39:03:
98:3e:64:43:77:c3:c5:95:61:c3:22:05:3c:e6:d2:
86:29:e1:a3:9c:b9:32
ASN1 OID: secp384r1
NIST CURVE: P-384
Signature Algorithm: ecdsa-with-SHA384
30:64:02:30:38:e0:dc:6d:2a:87:d0:a5:c8:9e:eb:c9:03:f6:
fc:6d:aa:80:8c:cf:8d:11:15:70:ee:1b:b6:29:21:53:40:a4:
3a:29:30:7d:5c:d5:ac:df:44:fc:a9:eb:a9:1a:b8:34:02:30:
15:42:91:ae:e3:2d:b3:3b:bd:78:63:9d:89:1c:5f:28:5c:bb:
c9:a0:01:6a:31:84:94:e0:e7:45:73:0a:51:84:0e:0b:79:a8:
04:eb:62:5b:71:cf:c8:6a:d1:86:3d:e6
The second with the CN as the email, but no email in the DN:
Certificate:
Data:
Version: 1 (0x0)
Serial Number:
e5:fd:15:21:f1:b2:71:de
Signature Algorithm: ecdsa-with-SHA384
Issuer: C=US, ST=State, L=City, O=Org, OU=Home, CN=***@example.com
Validity
Not Before: May 6 17:18:43 2021 GMT
Not After : May 6 17:18:43 2022 GMT
Subject: C=US, ST=State, L=City, O=Org, OU=Home,
CN=***@example.com
Subject Public Key Info:
Public Key Algorithm: id-ecPublicKey
Public-Key: (384 bit)
pub:
04:8e:11:20:73:c8:8d:5d:61:43:c4:6b:bf:04:fe:
c6:5d:a8:22:79:ae:0a:eb:de:0b:67:e6:32:24:43:
30:56:61:0a:e6:31:e4:82:cc:a8:9c:37:e9:90:01:
df:e7:90:79:dc:d5:f1:c6:0c:6e:2f:bd:51:f8:98:
4e:4b:1b:16:52:73:73:d6:fd:1f:00:a1:f6:39:03:
98:3e:64:43:77:c3:c5:95:61:c3:22:05:3c:e6:d2:
86:29:e1:a3:9c:b9:32
ASN1 OID: secp384r1
NIST CURVE: P-384
Signature Algorithm: ecdsa-with-SHA384
30:64:02:30:3f:06:2c:b1:e1:2f:b1:0b:1e:a1:1a:eb:29:1e:
8c:e5:c4:6a:73:f5:43:4e:24:77:88:bf:b1:99:51:15:02:50:
12:cd:50:ae:d1:7f:4f:e5:3b:ba:38:06:c4:26:ea:4b:02:30:
66:9d:a4:38:7e:45:ed:7d:db:7c:3e:f9:f7:68:80:e0:13:79:
8b:85:9c:5d:b6:29:91:73:59:04:6a:73:8e:bb:bb:15:49:cc:
68:63:25:b9:c6:fe:30:40:39:65:97:57
Both using the same EC secp384r1 key.
When I try to do the most (I think) basic openssl cms -encrypt, I get the
same error.
openssl cms -encrypt -in in.txt -out encrypt.out test.pem
openssl cms -encrypt -in in.txt -out encrypt.out -recip test.pem -keyopt
ecdh_kdf_md:sha256
openssl cms -encrypt -in in.txt -out encrypt.out -recip test.pem -keyopt
ecdh_kdf_md:sha256
with either of the certificates (email in DN or not), they all produce:
11034533897704:error:2EFFF06F:CMS routines:CRYPTO_internal:ctrl
failure:/usr/src/lib/libcrypto/cms/cms_env.c:124:
11034533897704:error:2EFFF074:CMS routines:CRYPTO_internal:error setting
recipientinfo:/usr/src/lib/libcrypto/cms/cms_env.c:944:
11034533897704:error:2EFFF068:CMS routines:CRYPTO_internal:cms
lib:/usr/src/lib/libcrypto/cms/cms_smime.c:850:
I am not sure what this error means, or how to address it.
Any suggestions would be great.
Thanks
Ted