aboutsummaryrefslogtreecommitdiffstats
path: root/doc/HOWTO
diff options
context:
space:
mode:
authorJung-uk Kim <jkim@FreeBSD.org>2018-09-13 19:18:07 +0000
committerJung-uk Kim <jkim@FreeBSD.org>2018-09-13 19:18:07 +0000
commita43ce912fc025d11e1395506111f75fc194d7ba5 (patch)
tree9794cf7720d75938ed0ea4f499c0dcd4b6eacdda /doc/HOWTO
parent02be298e504b8554caca6dc85af450e1ea44d19d (diff)
downloadsrc-a43ce912fc025d11e1395506111f75fc194d7ba5.tar.gz
src-a43ce912fc025d11e1395506111f75fc194d7ba5.zip
Import OpenSSL 1.1.1.vendor/openssl/1.1.1
Notes
Notes: svn path=/vendor-crypto/openssl/dist/; revision=338658 svn path=/vendor-crypto/openssl/1.1.1/; revision=338659; tag=vendor/openssl/1.1.1
Diffstat (limited to 'doc/HOWTO')
-rw-r--r--doc/HOWTO/certificates.txt2
-rw-r--r--doc/HOWTO/keys.txt59
-rw-r--r--doc/HOWTO/proxy_certificates.txt225
3 files changed, 166 insertions, 120 deletions
diff --git a/doc/HOWTO/certificates.txt b/doc/HOWTO/certificates.txt
index 65f8fc8296cd..c2efdca8dc1a 100644
--- a/doc/HOWTO/certificates.txt
+++ b/doc/HOWTO/certificates.txt
@@ -90,7 +90,7 @@ Your key most definitely is if you have followed the examples above.
However, some (most?) certificate authorities will encode them with
things like PKCS7 or PKCS12, or something else. Depending on your
applications, this may be perfectly OK, it all depends on what they
-know how to decode. If not, There are a number of OpenSSL tools to
+know how to decode. If not, there are a number of OpenSSL tools to
convert between some (most?) formats.
So, depending on your application, you may have to convert your
diff --git a/doc/HOWTO/keys.txt b/doc/HOWTO/keys.txt
index ba0314fafce0..9f0967cf5577 100644
--- a/doc/HOWTO/keys.txt
+++ b/doc/HOWTO/keys.txt
@@ -27,12 +27,6 @@ With this variant, you will be prompted for a protecting password. If
you don't want your key to be protected by a password, remove the flag
'-des3' from the command line above.
- NOTE: if you intend to use the key together with a server
- certificate, it may be a good thing to avoid protecting it
- with a password, since that would mean someone would have to
- type in the password every time the server needs to access
- the key.
-
The number 2048 is the size of the key, in bits. Today, 2048 or
higher is recommended for RSA keys, as fewer amount of bits is
consider insecure or to be insecure pretty soon.
@@ -62,11 +56,50 @@ With this variant, you will be prompted for a protecting password. If
you don't want your key to be protected by a password, remove the flag
'-des3' from the command line above.
- NOTE: if you intend to use the key together with a server
- certificate, it may be a good thing to avoid protecting it
- with a password, since that would mean someone would have to
- type in the password every time the server needs to access
- the key.
---
-Richard Levitte
+4. To generate an EC key
+
+An EC key can be used both for key agreement (ECDH) and signing (ECDSA).
+
+Generating a key for ECC is similar to generating a DSA key. These are
+two-step processes. First, you have to get the EC parameters from which
+the key will be generated:
+
+ openssl ecparam -name prime256v1 -out prime256v1.pem
+
+The prime256v1, or NIST P-256, which stands for 'X9.62/SECG curve over
+a 256-bit prime field', is the name of an elliptic curve which generates the
+parameters. You can use the following command to list all supported curves:
+
+ openssl ecparam -list_curves
+
+When that is done, you can generate a key using the created parameters (several
+keys can be produced from the same parameters):
+
+ openssl genpkey -des3 -paramfile prime256v1.pem -out private.key
+
+With this variant, you will be prompted for a password to protect your key.
+If you don't want your key to be protected by a password, remove the flag
+'-des3' from the command line above.
+
+You can also directly generate the key in one step:
+
+ openssl ecparam -genkey -name prime256v1 -out private.key
+
+or
+
+ openssl genpkey -algorithm EC -pkeyopt ec_paramgen_curve:P-256
+
+
+5. NOTE
+
+If you intend to use the key together with a server certificate,
+it may be reasonable to avoid protecting it with a password, since
+otherwise someone would have to type in the password every time the
+server needs to access the key.
+
+For X25519 and X448, it's treated as a distinct algorithm but not as one of
+the curves listed with 'ecparam -list_curves' option. You can use
+the following command to generate an X25519 key:
+
+ openssl genpkey -algorithm X25519 -out xkey.pem
diff --git a/doc/HOWTO/proxy_certificates.txt b/doc/HOWTO/proxy_certificates.txt
index d78be2f142bf..18b3e0340f1d 100644
--- a/doc/HOWTO/proxy_certificates.txt
+++ b/doc/HOWTO/proxy_certificates.txt
@@ -18,7 +18,7 @@ rights to some other entity (a computer process, typically, or sometimes to the
user itself). This allows the entity to perform operations on behalf of the
owner of the EE certificate.
-See http://www.ietf.org/rfc/rfc3820.txt for more information.
+See https://www.ietf.org/rfc/rfc3820.txt for more information.
2. A warning about proxy certificates
@@ -164,138 +164,151 @@ You need the following ingredients:
Here is some skeleton code you can fill in:
- /* In this example, I will use a view of granted rights as a bit
- array, one bit for each possible right. */
+ #include <string.h>
+ #include <netdb.h>
+ #include <openssl/x509.h>
+ #include <openssl/x509v3.h>
+
+ #define total_rights 25
+
+ /*
+ * In this example, I will use a view of granted rights as a bit
+ * array, one bit for each possible right.
+ */
typedef struct your_rights {
- unsigned char rights[total_rights / 8];
+ unsigned char rights[(total_rights + 7) / 8];
} YOUR_RIGHTS;
- /* The following procedure will create an index for the ex_data
- store in the X509 validation context the first time it's called.
- Subsequent calls will return the same index. */
- static int get_proxy_auth_ex_data_idx(void)
+ /*
+ * The following procedure will create an index for the ex_data
+ * store in the X509 validation context the first time it's called.
+ * Subsequent calls will return the same index. */
+ static int get_proxy_auth_ex_data_idx(X509_STORE_CTX *ctx)
{
- static volatile int idx = -1;
- if (idx < 0)
- {
- CRYPTO_w_lock(CRYPTO_LOCK_X509_STORE);
- if (idx < 0)
- {
- idx = X509_STORE_CTX_get_ex_new_index(0,
- "for verify callback",
- NULL,NULL,NULL);
+ static volatile int idx = -1;
+ if (idx < 0) {
+ X509_STORE_lock(X509_STORE_CTX_get0_store(ctx));
+ if (idx < 0) {
+ idx = X509_STORE_CTX_get_ex_new_index(0,
+ "for verify callback",
+ NULL,NULL,NULL);
}
- CRYPTO_w_unlock(CRYPTO_LOCK_X509_STORE);
+ X509_STORE_unlock(X509_STORE_CTX_get0_store(ctx));
}
- return idx;
+ return idx;
}
/* Callback to be given to the X509 validation procedure. */
static int verify_callback(int ok, X509_STORE_CTX *ctx)
{
- if (ok == 1) /* It's REALLY important you keep the proxy policy
- check within this section. It's important to know
- that when ok is 1, the certificates are checked
- from top to bottom. You get the CA root first,
- followed by the possible chain of intermediate
- CAs, followed by the EE certificate, followed by
- the possible proxy certificates. */
- {
- X509 *xs = ctx->current_cert;
-
- if (xs->ex_flags & EXFLAG_PROXY)
- {
- YOUR_RIGHTS *rights =
- (YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
- get_proxy_auth_ex_data_idx());
- PROXY_CERT_INFO_EXTENSION *pci =
- X509_get_ext_d2i(xs, NID_proxyCertInfo, NULL, NULL);
-
- switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage))
- {
+ if (ok == 1) {
+ /*
+ * It's REALLY important you keep the proxy policy
+ * check within this section. It's important to know
+ * that when ok is 1, the certificates are checked
+ * from top to bottom. You get the CA root first,
+ * followed by the possible chain of intermediate
+ * CAs, followed by the EE certificate, followed by
+ * the possible proxy certificates.
+ */
+ X509 *xs = X509_STORE_CTX_get_current_cert(ctx);
+
+ if (X509_get_extension_flags(xs) & EXFLAG_PROXY) {
+ YOUR_RIGHTS *rights =
+ (YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
+ get_proxy_auth_ex_data_idx(ctx));
+ PROXY_CERT_INFO_EXTENSION *pci =
+ X509_get_ext_d2i(xs, NID_proxyCertInfo, NULL, NULL);
+
+ switch (OBJ_obj2nid(pci->proxyPolicy->policyLanguage)) {
case NID_Independent:
- /* Do whatever you need to grant explicit rights to
- this particular proxy certificate, usually by
- pulling them from some database. If there are none
- to be found, clear all rights (making this and any
- subsequent proxy certificate void of any rights).
- */
- memset(rights->rights, 0, sizeof(rights->rights));
- break;
+ /*
+ * Do whatever you need to grant explicit rights to
+ * this particular proxy certificate, usually by
+ * pulling them from some database. If there are none
+ * to be found, clear all rights (making this and any
+ * subsequent proxy certificate void of any rights).
+ */
+ memset(rights->rights, 0, sizeof(rights->rights));
+ break;
case NID_id_ppl_inheritAll:
- /* This is basically a NOP, we simply let the current
- rights stand as they are. */
- break;
+ /*
+ * This is basically a NOP, we simply let the current
+ * rights stand as they are.
+ */
+ break;
default:
- /* This is usually the most complex section of code.
- You really do whatever you want as long as you
- follow RFC 3820. In the example we use here, the
- simplest thing to do is to build another, temporary
- bit array and fill it with the rights granted by
- the current proxy certificate, then use it as a
- mask on the accumulated rights bit array, and
- voilĂ , you now have a new accumulated rights bit
- array. */
- {
- int i;
- YOUR_RIGHTS tmp_rights;
- memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights));
-
- /* process_rights() is supposed to be a procedure
- that takes a string and it's length, interprets
- it and sets the bits in the YOUR_RIGHTS pointed
- at by the third argument. */
- process_rights((char *) pci->proxyPolicy->policy->data,
- pci->proxyPolicy->policy->length,
- &tmp_rights);
-
- for(i = 0; i < total_rights / 8; i++)
- rights->rights[i] &= tmp_rights.rights[i];
- }
- break;
+ /* This is usually the most complex section of code.
+ * You really do whatever you want as long as you
+ * follow RFC 3820. In the example we use here, the
+ * simplest thing to do is to build another, temporary
+ * bit array and fill it with the rights granted by
+ * the current proxy certificate, then use it as a
+ * mask on the accumulated rights bit array, and
+ * voilĂ , you now have a new accumulated rights bit
+ * array.
+ */
+ {
+ int i;
+ YOUR_RIGHTS tmp_rights;
+ memset(tmp_rights.rights, 0, sizeof(tmp_rights.rights));
+
+ /*
+ * process_rights() is supposed to be a procedure
+ * that takes a string and it's length, interprets
+ * it and sets the bits in the YOUR_RIGHTS pointed
+ * at by the third argument.
+ */
+ process_rights((char *) pci->proxyPolicy->policy->data,
+ pci->proxyPolicy->policy->length,
+ &tmp_rights);
+
+ for(i = 0; i < total_rights / 8; i++)
+ rights->rights[i] &= tmp_rights.rights[i];
+ }
+ break;
}
- PROXY_CERT_INFO_EXTENSION_free(pci);
- }
- else if (!(xs->ex_flags & EXFLAG_CA))
- {
- /* We have a EE certificate, let's use it to set default!
- */
- YOUR_RIGHTS *rights =
- (YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
- get_proxy_auth_ex_data_idx());
-
- /* The following procedure finds out what rights the owner
- of the current certificate has, and sets them in the
- YOUR_RIGHTS structure pointed at by the second
- argument. */
- set_default_rights(xs, rights);
+ PROXY_CERT_INFO_EXTENSION_free(pci);
+ } else if (!(X509_get_extension_flags(xs) & EXFLAG_CA)) {
+ /* We have an EE certificate, let's use it to set default! */
+ YOUR_RIGHTS *rights =
+ (YOUR_RIGHTS *)X509_STORE_CTX_get_ex_data(ctx,
+ get_proxy_auth_ex_data_idx(ctx));
+
+ /* The following procedure finds out what rights the owner
+ * of the current certificate has, and sets them in the
+ * YOUR_RIGHTS structure pointed at by the second
+ * argument.
+ */
+ set_default_rights(xs, rights);
}
}
- return ok;
+ return ok;
}
static int my_X509_verify_cert(X509_STORE_CTX *ctx,
YOUR_RIGHTS *needed_rights)
{
- int i;
- int (*save_verify_cb)(int ok,X509_STORE_CTX *ctx) = ctx->verify_cb;
- YOUR_RIGHTS rights;
-
- X509_STORE_CTX_set_verify_cb(ctx, verify_callback);
- X509_STORE_CTX_set_ex_data(ctx, get_proxy_auth_ex_data_idx(), &rights);
- X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
- ok = X509_verify_cert(ctx);
-
- if (ok == 1)
- {
- ok = check_needed_rights(rights, needed_rights);
+ int ok;
+ int (*save_verify_cb)(int ok,X509_STORE_CTX *ctx) =
+ X509_STORE_CTX_get_verify_cb(ctx);
+ YOUR_RIGHTS rights;
+
+ X509_STORE_CTX_set_verify_cb(ctx, verify_callback);
+ X509_STORE_CTX_set_ex_data(ctx, get_proxy_auth_ex_data_idx(ctx), &rights);
+ X509_STORE_CTX_set_flags(ctx, X509_V_FLAG_ALLOW_PROXY_CERTS);
+ ok = X509_verify_cert(ctx);
+
+ if (ok == 1) {
+ ok = check_needed_rights(rights, needed_rights);
}
- X509_STORE_CTX_set_verify_cb(ctx, save_verify_cb);
+ X509_STORE_CTX_set_verify_cb(ctx, save_verify_cb);
- return ok;
+ return ok;
}
+
If you use SSL or TLS, you can easily set up a callback to have the
certificates checked properly, using the code above: