Geek Answers Handbook

Generate csr with secp384r1elliptic curve key and sha384 hash signature

I use openssl commands to create a CSR with an secp384r1 elliptic curve and a hash signed with the sha384 algorithm:

openssl ecparam -out ec_client_key.pem -name secp384r1 -genkey

openssl req -new -key ec_client_key.pem -out ec_clientReq.pem

Then I show the CSR in readable format with this command:

openssl req -in ec_clientReq.pem -noout -text

In the signature portion of the CSR, I get the following:

Signature Algorithm: ecdsa-with-SHA1 30:64:02:30:06:a1:f2:5e:1b:34:18:b9:f3:7c:e9:52:c8:78: 99:90:63:d2:1e:d2:f5:7a:25:f3:d6:4d:6d:90:d0:bf:25:45: 15:ad:aa:17:34:ad:1a:b9:1e:67:2b:cf:d7:a6:9b:e5:02:30: 31:fe:76:37:4b:11:3a:e7:2d:63:52:bb:18:2f:8e:43:a7:bb: 65:74:38:a4:92:38:9d:eb:ec:22:8f:77:f3:e4:5f:47:2d:f8: 2a:9b:e1:2c:ba:a7:b0:e6:c2:54:8d:0e

What should I do to get the ecdsa-with-SHA384 signature algorithm instead of ecdsa-with-SHA1? Am I missing something in this process? I tried using -sha384 in the second command

openssl req -new -key ec_client_key.pem -out ec_clientReq.pem -sha384

but I got the same result regarding the signature algorithm

 Signature Algorithm: ecdsa-with-SHA1 30:65:02:30:4e:b4:b6:5f:3a:fc:b7:28:e5:4b:f0:3d:9a:ea: 4a:ba:ce:a4:f1:a6:e8:cd:15:19:23:a6:81:3f:24:01:d7:81: 3c:9d:9a:4c:cd:4b:4a:12:6d:69:48:ec:7e:73:7d:73:02:31: 00:d7:a5:63:9b:21:b2:95:ce:7f:13:3f:c5:1a:ac:99:01:ff: ba:9c:59:93:d5:ee:97:03:b5:9e:c1:7d:03:f8:72:90:65:b5: 08:7c:79:ae:ea:4f:6e:b0:2b:55:1a:11:a5

Another question relates to the format of the signature. In the above examples, the length is 102 bytes, and the second is 103 bytes. The first bytes seem to be a header that includes type, length, and there may be some other things, such as padding. But I can not find the exact definition. Can anyone fix this? Thanks

+7
source share
3 answers

I tried again with the latest version of openssl version 1.0.1e this time (instead of 0.9.8n).

openssl ecparam -out ec_client_key.pem -name secp384r1 -gen

openssl req -config openssl.cnf -new -key ec_client_key.pem -out ec_clientReq.pem -sha384

openssl req -in ec_clientReq.pem -noout -text

Now I get the expected result:

Signature Algorithm: ecdsa-with-SHA384

Version 0.9.8n does not seem to support sha384.

This excerpt from the CHANGES file seems to confirm this:

Changes between 1.0.0h and 1.0.1 [March 14, 2012]: ... *) Add HMAC ECC ciphersuites from RFC5289. Enable support for SHA384 PRF. In accordance with the requirements of RFC5289, these ciphersuites cannot be used if for the TLS version earlier than 1.2. [Steve Henson]

Thanks for the help.

+5
source

When I use the same command as with the -SHA384 parameter, I get this as a result of CSR: "Signature Algorithm: ecdsa-with-SHA384".

Enter this command to view a list of supported digests:

 openssl list-message-digest-algorithms

Hope you see SHA384 on this list.

About your second question, ASN.1 format. "30" indicates a sequence (in this case, a sequence of 2 integers). "65" is the number of octets in the sequence. "02" is an integer, and 30 is the number of octets in this integer. If you skip 0 × 30 (48 in decimal) octets, you will go to the second integer, which is marked as “02” and “31”. So the length of the first integer is 30, and the second is 31. Add 2 octets for each integer, and you get 65, which is the length of the sequence. This page can tell you more about ASN.1.

Since this value is a sequence of 2 integers, this makes sense. The ECDSA signature consists of 2 integers. See RFC6605 in section 4 for more details. There is also a wiki page that explains how to calculate 2 integers.

+1
source

To make the answer more complete, we can mention the creation of non-self-signed certificates with the ecdsa-sha384 signature, because this is slightly different. The trick is to use the "-md sha384" option with the "openssl ca" command.

Example Including Client Certificate

Create a key for a certification authority:

 openssl ecparam -out ca.key -name secp384r1 -genkey

Create your own signed certificate for ca:

 openssl req -x509 -new -key ca.key -out ca-ca.pem -outform pem -sha384

Create a key for the client:

 openssl ecparam -out host1.key -name secp384r1 -genkey

Create a certificate request for a client key:

 openssl req -new -nodes -key host1.key -outform pem -out host1.req -sha384

Create a certificate for the client in response to the request:

 openssl ca -keyfile ca.key -cert ca-ca.pem -in host1.req -out ca-host1-cert.pem -md sha384 -outdir .
0
source

More articles:


All Articles