| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
| |
Signed-off-by: Tim Rühsen <tim.ruehsen@gmx.de>
|
|
|
|
|
|
|
|
|
| |
Change privkey/certificate/CRL/CSR handling to disable text output if
--no-text option was given.
Closes #487
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|
|
|
| |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|
|
|
| |
Signed-off-by: Dmitry Eremin-Solenikov <dbaryshkov@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Serial/CRL numbers can be up to 20 octets in length
as per RFC 5280, so it should be possible to use
such numbers as input to certtool. certtool
only allowed to specify 63-bit numbers in
template file or interactively (even though
it generated larger numbers in batch mode
by default).
This patch allows large numbers to be specified
as a hexadecimal string. Parsing of decimal numbers
larger than native integers would require adding
dependency on libgmp directly to certtool or
extending the API exposed by GnuTLS library with parsing
functions. Since most tools (including GnuTLS) display
serial numbers in hexadecimal, it is not worth the
trouble to support large decimal numbers.
Default values are unified between batch mode and
interactive input and their size is extended.
CA/Browser forum recommends CAs to include at least
64 bits of random data in the certificate serial
numbers in Baseline Requirements[1] section 7.1, but
gnutls adds only 32 bits. Some other
implementations generate default serial numbers
with more entropy as well, here is the current state
as of May 2018:
+----------------+-------------------------------+
| Implementation | Random bits in default serial |
+----------------+-------------------------------+
| OpenSSL [2] | 159 |
| CFSSL [3] | 159 |
| wolfSSL [4] | 128 |
| GnuTLS | 32 |
| Mbed TLS [5] | 0 (defaults to 1) |
+----------------+-------------------------------+
The 20 octet field size can fit numbers up to 159 bits
since the most significant bit must be zero as numbers
in DER encoding are in two's complement and the serial
and CRL numbers must be positive.
Default serial numbers are extended to full 159 bits
allowed by the field size and are completely random,
which matches other implementations.
CRL numbers have the same size requirements, but also
need to be monotonic (RFC 5280, section 5.2.3). That's
why timestamp is used in them. The timestamp portion
is extended from 31 bits to 39 bits as 31 bits will
overflow in year 2038. The rest of the available space
up to 159 bits allowed in the 20 octet limit is filled
with random bits.
Since the new CRL numbers are larger, the requirement for them
to be monotonically increasing is preserved when upgrading to a
newer version. This does not hold the other way around though,
so after using a newer version of certtool to generate a CRL
with default number and publishing it, it's not possible
to use older version anymore to generate subsequent CRLs.
Unfortunately, there is no easy workaround for users of older
certtool, since it is not possible to specify CRL numbers
greater than 63 bits manually prior to this change.
Users intending to downgrade to older version later are advised
to specify the CRL numbers in new version of certtool
manually with values they are smaller than what would get
generated by default in the old version.
grep does not recognize CRLF line endings generated
in tests using MinGW, so we need to convert those to
LF endings for $ in the regex to match test output
correctly.
datefudge 1.21 that is present in Fedora 26
image trims the timestamp to 32 bits. That bug was
fixed in datefudge 1.22 available in the Debian image,
so we check if datefudge behaves correctly
and skip the test that uses more than 32 bits if
datefudge is broken.
[1] https://cabforum.org/wp-content/uploads/CA-Browser-Forum-BR-1.4.2.pdf
[2] https://github.com/openssl/openssl/blob/6ebb49f3f9c9333611192561979bb799fa1eb76d/apps/apps.c#L1513
[3] https://github.com/cloudflare/cfssl/blob/5d63dbd981b5c408effbb58c442d54761ff94fbd/signer/local/local.go#L295
[4] https://github.com/wolfSSL/wolfssl/blob/d60b16c5b8c19cc61db4a5c3f5e085a7a158cd28/wolfcrypt/src/asn.c#L9791
[5] https://github.com/ARMmbed/mbedtls/blob/84a1107818aaddfd2abe4c5a3478cf84ab2e26b4/programs/x509/cert_write.c#L81
Signed-off-by: Martin Sucha <anty.sk+git@gmail.com>
|
|
|
|
|
|
|
|
|
| |
This also improves the password prompt when the password requested
is not for a smart card.
Resolves: #436
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
There is no reason to bug the user with such details by default.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
| |
That allows the provable parameters to be included.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
| |
This adds support for draft-ietf-curdle-pkix-04.
Resolves #25
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
|
|
|
|
|
|
| |
This option allows to directly verify all the members of a certificate
chain.
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch enables RSA-PSS signature scheme in the X.509 functions and
certtool.
When creating RSA-PSS signature, there are 3 different scenarios:
a. both a private key and a certificate are RSA-PSS
b. the private key is RSA, while the certificate is RSA-PSS
c. both the private key and the certificate are RSA
For (a) and (b), the RSA-PSS parameters are read from the certificate.
Any conflicts in parameters between the private key and the certificate
are reported as an error.
For (c), the sign functions, such as gnutls_x509_crt_privkey_sign() or
gnutls_privkey_sign_data(), shall be instructed to generate an RSA-PSS
signature. This can be done with the new flag
GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS.
Verification is similar to signing, except for the case (c), use the
flag GNUTLS_VERIFY_USE_RSA_PSS instead of
GNUTLS_PRIVKEY_SIGN_FLAG_RSA_PSS.
From the command line, certtool has a couple of new options: --rsa-pss
and --rsa-pss-sign. The --rsa-pss option indicates that the generated
private key or certificate is restricted to RSA-PSS, while the
--rsa-pss-sign option indicates that the generated certificate is signed
with RSA-PSS.
For simplicity, there is no means of choosing arbitrary salt length.
When it is not given by a private key or a certificate, it is
automatically calculated from the underlying hash algorithm and the
RSA modulus bits.
[minor naming changes by nmav]
Signed-off-by: Daiki Ueno <dueno@redhat.com>
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
|
|
|
| |
Signed-off-by: Nikos Mavrogiannopoulos <nmav@redhat.com>
|
| |
|
|
|
|
|
| |
That not only simplifies the code, but also allows decoding hex strings
which contain not hex chars (and that allows decoding hex of the form XX:XX:XX)
|
| |
|
|
|
|
|
|
|
| |
This however, will generate provable DSA parameters and import them
as DH parameters.
Resolves #72
|
|
|
|
| |
This option allows printing a compact listing containing only of URLs.
|
|
|
|
|
|
| |
combined with --generate-privkey
Also enhanced the test suite with DSA provable key generation/verification.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
The curve parameter allows to explicitly specify the curve to use
when generating a key.
|
|
|
|
| |
Added --batch parameter to disable interaction.
|
|
|
|
| |
These allow for an non-interactive --initialize process.
|
|
|
|
| |
load-ca-certificate
|
| |
|
|
|
|
|
|
| |
By default when no password is specified, an unencrypted key is output.
The previous behavior of encrypting using an empty password can be
replicated using --empty-password.
|
| |
|
|
|
|
|
| |
"certool --dh-info --outder" produces PEM-encoded output without this
patch.
|
| |
|
|
|
|
|
|
|
|
| |
* Added GNUTLS_CRT_PRINT_FULL_NUMBERS to print bignumbers in an easier to parse format.
* Added gnutls_pubkey_import_x509_crq() to convert a certificate request to a public key.
* Added gnutls_pubkey_print() to simplify public key printing.
* certtool's pubkey-info can be combined with --load-request.
* Added --numbers option to certtool which prints big numbers in an easier to parser format.
|
| |
|
|
|
|
| |
By default generate public key TLSA RR entries. Added --verbose option.
|
|
|
|
|
| |
Ask password when required and only if the '--password' option is not given.
If the '--password' option is given during key generation then assume the PKCS #8 format.
|
|
|
|
| |
Certtool now accepts the option --null-password.
|
| |
|
|
|
|
|
| |
Added new function gnutls_pubkey_import_tpm_raw(). tpmtool can now
print the pubkey key from a TPM key.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Update certtool to export multiple keys in a PKCS12 file so multiple
certificate/key pairs may be included in one file.
- Add load_privkey_list() so that --load-privkey loads multiple keys
- Change generate_pkcs12() to add multiple keys to the PKCS12 file
Signed-off-by: Nikos Mavrogiannopoulos <nmav@gnutls.org>
|
| |
|
| |
|
| |
|