I'm trying to run the SSL examples from boost::asio and I'm getting an "Invalid argument" exception when I run them. I'm on Linux x86_64.
http://www.boost.org/doc/libs/1_46_1/doc/html/boost_asio/example/ssl/client.cpp
http://www.boost.org/doc/libs/1_46_1/doc/html/boost_asio/example/ssl/server.cpp
Compiled with:
g++ server.cpp -o server -lboost_system -lssl
g++ client.cpp -o client -lboost_system -lssl
Run like:
$ ./server
Usage: server <port>
$ ./server 10000
Exception: Invalid argument
$ ./server 1000
Exception: Permission denied
$ sudo ./server 1000
Exception: Invalid argument
Not sure what the problem is :(
Any help would be greatly appreciated.
Thanks!
OK, for anyone finding this in the future, you need to create your certificates and sign them appropriately.
Here are the commands for linux:
//Generate a private key
openssl genrsa -des3 -out server.key 1024
//Generate Certificate signing request
openssl req -new -key server.key -out server.csr
//Sign certificate with private key
openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
//Remove password requirement (needed for example)
cp server.key server.key.secure
openssl rsa -in server.key.secure -out server.key
//Generate dhparam file
openssl dhparam -out dh512.pem 512
Once you've done that, you need to change the filenames in server.cpp and client.cpp.
server.cpp
context_.use_certificate_chain_file("server.crt");
context_.use_private_key_file("server.key", boost::asio::ssl::context::pem);
context_.use_tmp_dh_file("dh512.pem");
client.cpp
ctx.load_verify_file("server.crt");
Then it should all work!
Execute the tests again with strace to see which syscall gets the EINVAL, as a bonus you'll get to see the args for the failing call. It's likely part of the security context setup that's failing, unless you have the right files and data from the example:
context_.use_certificate_chain_file("server.pem");
context_.use_private_key_file("server.pem", boost::asio::ssl::context::pem);
context_.use_tmp_dh_file("dh512.pem");
You were getting EPERM because you were trying to bind to a privileged TCP port (one whose value is less than 1024). That's why ./server 10000 does not get EPERM.
When following the answer of #Shootfast an error appered: 'bad SSL configuration: use_certificate_chain_file: ee key too small'
Changing the first line:
openssl genrsa -des3 -out server.key 1024
to:
openssl genrsa -des3 -out server.key 2048
fixed it for me.
After that I got the error: 'bad SSL configuration: use_private_key_file: no start line' the reason and solution to this is explained here: solution (It is more or less the reason for the last command of #Shootfast answer.)
Related
I have a simple gRPC server / client implementation where I have setup the server to use grpc::SslServerCredentials
Then I have a client that uses the credentials channel grpc::SslCredentials to connect to it successfully.
But to my astonishment I can also connect using grpc::InsecureChannelCredentials to the secure server.
I have probably misunderstood something so it is most likely that I have forgot to call some method in the gRPC API or something that is just conceptually wrong in my code.
What have I missed? I mean why can my insecure channel connect to the secure server?
Is there some kind of exception to the rule since I use "localhost"?
Code sample for server:
void start_server() {
MyServiceServer service;
grpc::EnableDefaultHealthCheckService(true);
grpc::reflection::InitProtoReflctionServerBuilderPlugin();
ServerBuilder builder;
grpc::SslServerCredentialsOptions::PemKeyCertPair keycert;
keycert.private_key = load_as_text("server.key");
keycert.cert_chain = load_as_text("server.crt");
grpc::SslServerCredentialsOptions ssl_opts;
ssl_opts.pem_root_certs = load_as_text("ca.crt");
ssl_opts.pem_key_cert_pairs.push_back(keycert);
std::shared_ptr<grpc::ServerCredentials> channel_creds = grpc::SslServerCredentials(ssl_opts);
builder.AddListeningPort("localhost:50051", channel_creds);
builder.RegisterService(&service);
std::unique_ptr<Server> server(builder.BuildAndStart());
// Wait for the server to shutdown.
server->Wait();
std::cout << "Server shutting down\n";
}
Code sample for client:
void start_client(const std::string& server_address, int num_requests, int packet_size) {
#if 0
std::cout << "Insecure channel\n";
std::shared_ptr<grpc::ChannelCredentials> channel_creds = grpc::InsecureChannelCredentials();
#else
std::cout << "Secure channel\n";
grpc::SslCredentialsOptions ssl_opts = {
load_as_text("ca.crt"),
load_as_text("client.key"),
load_as_text("client.crt")
};
std::shared_ptr<grpc::ChannelCredentials> channel_creds = grpc::SslCredentials ( ssl_opts );
#endif
std::shared_ptr<Channel> channel = grpc::CreateChannel("127.0.0.1:50051", channel_creds);
MyServiceClient client(channel);
Status s = client.HelloThere();
std::cout << MyToString(s) << "\n";
}
I have tried it now several times and it works for both cases.
Anyone can hint what's wrong?
EDIT 2022-01-21:
I am not allowed to share the full source code from my workplace but I can verify that the returned status in the client from the call in both secure/insecure connection is Status::OK.
I've updated the example above with my conceptual printing of the status code.
I want to emphasize that it is probably I who have done something wrong so I will share the code that I use as proof of concept to generate the keys here:
#!/bin/bash
echo
echo "Generate CA"
openssl genrsa -passout pass:1234 -des3 -out ca.key 4096
openssl req -passin pass:1234 -new -x509 -days 365 -key ca.key -out ca.crt -subj "/C=CA/ST=Ontario/L=Ontario/O=Test/OU=Test/CN=Root CA"
echo
echo
echo "Generate Server Key/Cert"
openssl genrsa -passout pass:1234 -des3 -out server.key 4096
openssl req -passin pass:1234 -new -key server.key -out server.csr -subj "/C=CA/ST=Ontario/L=Ontario/O=Test/OU=Server/CN=localhost"
openssl x509 -req -passin pass:1234 -days 365 -in server.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out server.crt
echo
echo
echo "Remove passphrase from the Server Key"
openssl rsa -passin pass:1234 -in server.key -out server.key
echo
echo
echo "Generate Client Key/Cert"
openssl genrsa -passout pass:1234 -des3 -out client.key 4096
openssl req -passin pass:1234 -new -key client.key -out client.csr -subj "/C=CA/ST=Ontario/L=Ontario/O=Test/OU=Client/CN=localhost"
openssl x509 -passin pass:1234 -req -days 365 -in client.csr -CA ca.crt -CAkey ca.key -set_serial 01 -out client.crt
echo
echo
echo "Remove passphrase from Client Key"
openssl rsa -passin pass:1234 -in client.key -out client.key
Maybe it is related to how I generate the certificates?
The server and client programs run on the same machine.
I'm setting up an c++ class for handling tls connections (client and server).
It works except for the tls handshake :
I have generated my self signed root certificate and signed the rsa server key with it.
but i get a client error which is unknown CA
script to generate self signed CA (CA file and CA.pem file)
openssl req -x509 -sha256 -days 3650 -newkey rsa:4096 -keyout CA -out CA.pem
script to generate and sign the server key (key file and key.pem file)
read -p "key and cert name :" x
openssl genrsa -out $(echo $x) 2048
openssl req -new -key $(echo $x) -out $(echo $x).csr
openssl x509 -req -in $(echo $x).csr -CA CA/CA.pem -CAkey CA/CA -CAcreateserial -out $(echo $x).pem -days 3650 -sha256
then I pass CA.pem to client using SSL_CTX_use_certificate_file, key to server using SSL_CTX_use_PrivateKey_file and key.pem using SSL_CTX_use_certificate_file
client is in mode SSL_VERIFY_PEER and server is in mode SSL_VERIFY_NONE so only client checks server certificate.
As the server key is signed using CA and client trust CA.pem it should be working but when handshake is negociated, i get this in wireshark (a message from client to server) :
Alert level Fatal, Description : Unknown CA
If you read OpenSSL's documentation, for a client SSL_CTX_use_certificate_file installs a client certificate. It does not specify the list of trusted CAs that may be used to verify a cert.
For that, on the client side, you want to use SSL_CTX_load_verify_locations:
SSL_CTX_load_verify_locations() specifies the locations for ctx, at
which CA certificates for verification purposes are located.
I'm writing a custom client & server that I want to communicate securely over the public Internet, therefore I want to use OpenSSL and have both ends do peer verification to ensure that my client isn't mis-directed by a MITM, and likewise that an unauthorized client isn't able to connect to the server.
This is the error received from the server during the SSL_connect / SSL_accept phase:
15620:error:14094418:SSL routines:ssl3_read_bytes:tlsv1 alert unknown ca:ssl\record\rec_layer_s3.c:1528:SSL alert number 48
I'm running under Windows 10, using OpenSSL 1.1.1. I'm using the following batch file to create them. I enter the ca private key passphrase by hand for obvious reasons.
openssl genrsa -out -des3 ca.key.pem 2048
openssl genrsa -out server.key.pem 2048
openssl genrsa -out client.key.pem 2048
openssl req -x509 -new -nodes -key ca.key.pem -sha256 -days 365 -out ca.cert.pem -subj /C=US/ST=CA/L=Somewhere/O=Someone/CN=Foobar
openssl req -new -sha256 -key server.key.pem -subj /C=US/ST=CA/L=Somewhere/O=Someone/CN=Foobar -out server.csr
openssl x509 -req -in server.csr -CA ca.cert.pem -CAkey ca.key.pem -CAcreateserial -out server.cert.pem -days 365 -sha256
openssl req -new -sha256 -key client.key.pem -subj /C=US/ST=CA/L=Somewhere/O=Someone/CN=Foobar -out client.csr
openssl x509 -req -in client.csr -CA ca.cert.pem -CAkey ca.key.pem -CAcreateserial -out client.cert.pem -days 365 -sha256
The intent here is to create a self-signed CA, and then have that directly sign both the client and server keys.
ca.key.pem will be stored in a secure place: on an encrypted veracrypt volume.
Both client and server use the following call to enable peer verification:
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, nullptr);
I'm fairly certain this is a certificate issue because the errors go away if I remove that line.
Answering this myself so that it can help anyone else that might arrive here looking for solutions to this problem. The answer was found in another SO question, but is worth repeating here: The Common Name for the CA cannot be the same as the Common Name for the client and server certificates.
So changing the fourth line of the batch file to this:
openssl req -x509 -new -nodes -key ca.key.pem -sha256 -days 365 -out ca.cert.pem -subj /C=US/ST=CA/L=Somewhere/O=Someone/CN=FoobarCA
fixed the problem.
$ openssl req -x509 -new ... -addext basicConstraints=critical,CA:TRUE
This essentially creates a certificate which has 2 basic contrains CA:TRUE extensions:
$ openssl x509 -in ca.cert.pem -text
X509v3 extensions:
...
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Basic Constraints: critical
CA:TRUE
Trying to use the CA to verify the server certificate will not work:
$ openssl verify -CAfile ca.cert.pem server.cert.pem
C = XX, ST = XX, L = XX, O = XX, CN = CA
error 24 at 1 depth lookup: invalid CA certificate
error server.cert.pem: verification failed
Given that this simple check does not work, the client will also not be able to validate the server certificate, resulting in an unknown ca alert:
...:tlsv1 alert unknown ca:...
When skipping the -addext it will create a self-signed certificate as documented, which already has CA:TRUE
$ openssl req -x509 -new ...
...
$ openssl x509 -in ca.cert.pem -text
X509v3 extensions:
...
X509v3 Basic Constraints: critical
CA:TRUE
And using this to verify the server certificate works:
$ openssl verify -CAfile ca.cert.pem server.cert.pem
server.cert.pem: OK
This certificate should also be successfully validated by your client, thus no longer resulting in unknown ca.
I'm using boost ssl for server and client, and I have a model for server/client program in my mind, and I'm not sure it's gonna work.
The model I have in my mind is to be the only authority for certificates of my program. My main question is: How can I do that?
In my server program, I define keys as follows:
context_.use_certificate_chain_file("../sslkeys/server.crt");
context_.use_private_key_file("../sslkeys/server.key", boost::asio::ssl::context::pem);
context_.use_tmp_dh_file("../sslkeys/dh512.pem");
I create/sign those keys/certificates using:
$ openssl genrsa -des3 -out server.key 2048
$ openssl req -new -key server.key -out server.csr
$ openssl x509 -req -days 3650 -in server.csr -signkey server.key -out server.crt
$ cp server.key server.key.secure
$ openssl rsa -in server.key.secure -out server.key
$ openssl dhparam -out dh512.pem 512
For my client program, I would like to create a certificate and sign it by my "server.key", because I think (and I could be wrong, please correct me if I'm) that's the way to do it. The client program requires a key using the command:
ctx.load_verify_file("../sslkeys/client.csr");
So I created a key, which I signed using the server key, with the following commands:
$ openssl genrsa -des3 -out client.key 2048
$ openssl req -new -key client.key -out client.csr
$ openssl x509 -req -days 3650 -in client.csr -signkey ../sslkeys/server.key -out client.crt
Now when I run my client and try to connect the server, I get the error: Handshake failed: certificate verify failed
What is wrong in what I'm doing? And how can I achieve the model I mentioned?
If you require any additional information, please ask.
Thanks for any efforts.
Your signing certificate has no rights to sign, because it has not the CA flag set. Signing will still work, but verification will fail. Since there are already lots of guides on the internet which will show in detail how to do it right so you might just look here or here for more details.
Also, using only a 512 bit Diffie-Hellman reduces the security of the key exchange to 512 bit, which is exploitable today (see also Logjam attack). The 2048 RSA key does not help here. And using 512 bit might not even work if you use the latest version of OpenSSL which just increased the minimal size to 768 bits for security reasons.
I've created an SSL server using the sample code from the Qt documentation. I then connect to it using QSslSocket::connectToHostEncrypted.
The server fails, however, and this is in QSslSocket::errorString()
Cannot provide a certificate with no key,
error:0907B068:PEM routines:PEM_READ_BIO_PRIVATEKEY:bad password read
I set the certificate and private keys with this code:
serverSocket->setLocalCertificate("/home/user/Workspace/openssl/cacert.pem");
serverSocket->setPrivateKey("/home/user/Workspace/openssl/privkey.pem");
I created the cacert.pem and privkey.pem using this command on Ubuntu:
openssl req -x509 -newkey rsa:2048 -out cacert.pem -outform PEM -days 1825
The error was because I didn't specify the password for the private key (the one that openssl asked me for during the certificate creation). So instead of
serverSocket->setPrivateKey("/home/user/Workspace/openssl/privkey.pem");
I now call
serverSocket->setPrivateKey("/home/user/Workspace/openssl/privkey.pem", QSsl::Rsa, QSsl::Pem, "mypassword");
and this fixes the problem.