mywiki x

Hello Micorsoft security gurus,

I'm currently trying to test a PKI architecture system where I have an OpenSSL-based UNIX SSL client and server and a Windows Server 2003 Standard Edition with Certificate Services for the CA. If I generate a PKCS #10 PEM and use the COM Interop in C# to submit and retrieve the requested certificate programmatically, I can only get the error:

“The certificate has invalid policy. 0x800b0113” “Error Constructing or Publishing Certificate Resubmitted by <DOMAIN/ USER>”

Where <DOMAIN/USER> is a local Administrator for the CA box logged in locally and using the C# program to submit the request file off a USB drive to the Certificate Services, then retrieve the issued certificate into a file on the USB drive.

If I generate PKCS#10 request files using the COM Interop with XEnroll then I can get the certificates to issue properly, but never with the OpenSSL generated ones.

The OpenSSL generated ones look like, using the command:

openssl req -noout -text -inform pem -in <file>.p10

Data: Version: 0 (0x0) Subject: CN=<Fully qualified hostname> Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (1024 bit) Modulus (1024 bit): <snip> Exponent: 17 Attributes: Requested Extensions: X509v3 Extended Key Usage: TLS Web Server Authentication, TLS Web Client Authentication X509v3 Key Usage: Digital Signature, Non Repudiation, Key Encipherment

Signature Algorithm: sha1WithRSAEncryption <snip>

The snipped bits are the hex outputs of the binary portions.

I've tried several different things such as changing the Subject to use just the hostname, adding/removing “critical” from the extended and regular key usage flags, adding/removing a CA=FALSE flag, removing all regular key usage flags and just have the extended flags, etc. Nothing seemed to make any difference, although once I had a different error relating to an ASN1 tag value being invalid.

On Jun 5, 2:18 am, Martin Rublik <martin.rub…[ at ]nospam.com> wrote: [Quoted Text]

Hi,

what kind of CA are you using? Is it standalone CA or enterprise CA?
Could you please post a test PKCS#10 base 64 encoded request that is
failing?

Regards

Martin

I'm using a stand-alone CA. Here is an example request made in OpenSSL. I'm thinking it may have to do with ASN.1 formatting and the use of the OpenSSL API. Our situation demands we can't use the command line utility in OpenSSL to make the requests, so I'm looking at the following page: http://msdn2.microsoft.com/en-US/library/aa379076.aspx

and using Peter Guttman's dumpasn1 utility to view the binary requests: http://www.cs.auckland.ac.nz/~pgut001/dumpasn1.c http://www.cs.auckland.ac.nz/~pgut001/dumpasn1.cfg

—–BEGIN CERTIFICATE REQUEST—– MIIB+DCCAWECAQAwIzEhMB8GA1UEAxMYVy1TTllERVJSMi5oZS5hZC5pZ3QuY29t blabla —

Hi I suppose that this is your problem:

according to certutil -dump request.txt this is what shows up

<snip> Certificate Extensions: 2 2.5.29.37: Flags = 0, Length = 3c Enhanced Key Usage Unknown Extension type

0000 54 4c 53 20 57 65 62 20 53 65 72 76 65 72 20 41 TLS Web Server A 0010 75 74 68 65 6e 74 69 63 61 74 69 6f 6e 2c 20 54 uthentication, T 0020 4c 53 20 57 65 62 20 43 6c 69 65 6e 74 20 41 75 LS Web Client Au 0030 74 68 65 6e 74 69 63 61 74 69 6f 6e thentication

2.5.29.15: Flags = 0, Length = 34 Key Usage Unknown Extension type

0000 44 69 67 69 74 61 6c 20 53 69 67 6e 61 74 75 72 Digital Signatur 0010 65 2c 20 4e 6f 6e 20 52 65 70 75 64 69 61 74 69 e, Non Repudiati 0020 6f 6e 2c 20 4b 65 79 20 45 6e 63 69 70 68 65 72 on, Key Encipher 0030 6d 65 6e 74 ment <snip>

The trouble is “Unknown Extension Type”.

The Enhanced Key Usage should be a sequence of OID rather than a string.

Key Usage is specified as a bit string. Each bit represents different key usage.

keyUsage EXTENSION ::= { SYNTAX KeyUsage IDENTIFIED BY id-ce-keyUsage } KeyUsage ::= BIT STRING { digitalSignature (0), nonRepudiation (1), keyEncipherment (2), dataEncipherment (3), keyAgreement (4), keyCertSign (5), cRLSign (6), encipherOnly (7), decipherOnly (8) }

For example if you want to have key usage digital signature, non repudiation, key encipherment you need to set digitalsignature bit (0) to 1, nonRepudiation bit (1) to 1 and key encipherment bit (2) to 1.

I'm not very familiar with openssl but I suppose you're mixing “req_extensions” with “attributes”. Here is what worked for me.

To generate an OpenSSL request I used:

openssl req -new -config file.cfg -out request.txt

And file.cfg is here:

[ req ] default_bits = 1024 default_keyfile = privkey.pem distinguished_name = req_distinguished_name req_extensions = req_ext prompt = no output_password = 1234

[ req_distinguished_name ] C = GB ST = Test State or Province L = Test Locality O = Organization Name OU = Organizational Unit Name CN = Common Name emailAddress = test[ at ]email.address

[ req_ext ] keyUsage=digitalSignature, nonRepudiation, keyEncipherment extendedKeyUsage=serverAuth, clientAuth

Another alternative how to generate a request from command line is certreq utility. You can find more info about requesting with certreq here: http://www.microsoft.com/technet/prodtechnol/windowsserver2003/technologies/security/advcert.mspx

HTH

Regards

Martin

On Jun 6, 1:01 am, Martin Rublik <martin.rub…[ at ]nospam.com> wrote: [Quoted Text]

Hi I suppose that this is your problem:

according to certutil -dump request.txt this is what shows up

<snip>

The trouble is “Unknown Extension Type”.

The Enhanced Key Usage should be a sequence of OID rather than a string.

Key Usage is specified as a bit string. Each bit represents different key usage.

Yes, you are absolutely correct. I realized that we were building the certificate request in OpenSSL incorrectly, and it was causing the output to be incorrect. By referencing the Apple Darwin OpenSSL documentation and the O'Reilly book “Network Security with OpenSSL” (chapter 3 and 10) we got all the flag names we needed and built the extensions properly on the request.