Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

pkcs12 command does not work in FIPS mode

2,227 views
Skip to first unread message

Lior Aharoni

unread,
Jun 18, 2009, 11:19:21 AM6/18/09
to
--0016368e269d999efc046ca0d46b
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

Hello,

I have encountered a problem when trying to use OpenSSL command to decode
PKCS12 file, I am using OpenSSL 0.9.8j that was build with FIPS support
enabled.

When working in non FIPS mode I perform the following operation
successfully:
*

K:\>openssl

OpenSSL> pkcs12 -in k:\server.p12.pfx
*

When I am in FIPS mode and perform the same operation I get the following
error:
*

Error outputting keys and certificates

7956:error:0607B090:digital envelope routines:EVP_CipherInit_ex:disabled for
fips:.\crypto\evp\enc_min.c:306:

7956:error:06074078:digital envelope routines:EVP_PBE_CipherInit:keygen
failure:.\crypto\evp\evp_pbe.c:101:

7956:error:23077073:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit
error:.\crypto\pkcs12\p12_decr.c:83:

7956:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt
error:.\crypto\pkcs12\p12_decr.c:123:

error in pkcs12
*

Can someone shed light on why this does not work in FIPS mode? How does this
functionality contradict the FIPS requirements?

Is there and alternative that I can use that will work in FIPS mode?

Thanks a lot,

Lior

--0016368e269d999efc046ca0d46b
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

<div dir="ltr"><font size="2">
<p>Hello,</p>
<p>I have encountered a problem when trying to use OpenSSL command to decode PKCS12 file, I am using OpenSSL 0.9.8j that was build with FIPS support enabled. </p>
<p>When working in non FIPS mode I perform the following operation successfully:</p><b>
<p>K:\&gt;openssl</p>
<p>OpenSSL&gt; pkcs12 -in k:\server.p12.pfx</p></b>
<p>When I am in FIPS mode and perform the same operation I get the following error:</p><b>
<p>Error outputting keys and certificates</p>
<p>7956:error:0607B090:digital envelope routines:EVP_CipherInit_ex:disabled for fips:.\crypto\evp\enc_min.c:306:</p>
<p>7956:error:06074078:digital envelope routines:EVP_PBE_CipherInit:keygen failure:.\crypto\evp\evp_pbe.c:101:</p>
<p>7956:error:23077073:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit error:.\crypto\pkcs12\p12_decr.c:83:</p>
<p>7956:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt error:.\crypto\pkcs12\p12_decr.c:123:</p>
<p>error in pkcs12</p></b>
<p>Can someone shed light on why this does not work in FIPS mode? How does this functionality contradict the FIPS requirements? </p>
<p>Is there and alternative that I can use that will work in FIPS mode?</p>
<p>Thanks a lot,</p>
<p>Lior </p></font></div>

--0016368e269d999efc046ca0d46b--
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openss...@openssl.org
Automated List Manager majo...@openssl.org

David Schwartz

unread,
Jun 18, 2009, 11:33:44 AM6/18/09
to

Lior Aharoni wrote:

> I have encountered a problem when trying to use OpenSSL command to
> decode PKCS12 file, I am using OpenSSL 0.9.8j that was build with FIPS
> support enabled.

> When working in non FIPS mode I perform the following operation
successfully:

> K:\>openssl
> OpenSSL> pkcs12 -in k:\server.p12.pfx

> When I am in FIPS mode and perform the same operation I get the following
error:


> Error outputting keys and certificates
> 7956:error:0607B090:digital envelope routines:EVP_CipherInit_ex:disabled
for fips:.\crypto\evp
> \enc_min.c:306:

This means your PKCS12 file uses some algorithm that is not permitted in
FIPS mode.

> Can someone shed light on why this does not work in FIPS mode?

In FIPS mode, only algorithms permitted in FIPS mode are permitted.
Algorithms that are not permitted in FIPS mode are not permitted.

> How does this functionality contradict the FIPS requirements?

It's hard to say without seeing the PKCS12 file. MD5 would be my guess.

> Is there and alternative that I can use that will work in FIPS mode?

This is a crazy question. It is doing what you asked it to do. You want to
know how to get it to do something else without changing what you are
asking?

This is working. When you ask for FIPS mode, you are specifically saying you
would prefer failure to using an insecure algorithm. It is failing rather
than using an insecure algorithm, which is exactly what you asked for.

If you want something else, you have to ask for something else.

Again, correct operation in FIPS mode is to fail when interoperability that
is prohibited by FIPS is attempted. It is one of the major requirements of
FIPS mode.

DS

Dr. Stephen Henson

unread,
Jun 18, 2009, 1:50:32 PM6/18/09
to
On Thu, Jun 18, 2009, Lior Aharoni wrote:

> Hello,


>
> I have encountered a problem when trying to use OpenSSL command to decode
> PKCS12 file, I am using OpenSSL 0.9.8j that was build with FIPS support
> enabled.
>
> When working in non FIPS mode I perform the following operation
> successfully:

> *


>
> K:\>openssl
>
> OpenSSL> pkcs12 -in k:\server.p12.pfx

> *


>
> When I am in FIPS mode and perform the same operation I get the following
> error:

> *


>
> Error outputting keys and certificates
>
> 7956:error:0607B090:digital envelope routines:EVP_CipherInit_ex:disabled for
> fips:.\crypto\evp\enc_min.c:306:
>

> 7956:error:06074078:digital envelope routines:EVP_PBE_CipherInit:keygen
> failure:.\crypto\evp\evp_pbe.c:101:
>
> 7956:error:23077073:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherinit
> error:.\crypto\pkcs12\p12_decr.c:83:
>
> 7956:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe crypt
> error:.\crypto\pkcs12\p12_decr.c:123:
>
> error in pkcs12
> *
>

> Can someone shed light on why this does not work in FIPS mode? How does this


> functionality contradict the FIPS requirements?
>

Most browser output PKCS#12 files use 40 bit RC2 to encrypt certificates. That
algorithm is not permitted in FIPS mode.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Homepage: http://www.drh-consultancy.demon.co.uk

Carl Young

unread,
Jun 18, 2009, 2:19:51 PM6/18/09
to

----- Original Message -----
From: "Dr. Stephen Henson" <st...@openssl.org>
> On Thu, Jun 18, 2009, Lior Aharoni wrote:
>
>> I have encountered a problem when trying to use OpenSSL command to decode
>> PKCS12 file, I am using OpenSSL 0.9.8j that was build with FIPS support
>> enabled.
>>
>>snip

>> *
>>
>> Can someone shed light on why this does not work in FIPS mode? How does
>> this
>> functionality contradict the FIPS requirements?
>>
>
> Most browser output PKCS#12 files use 40 bit RC2 to encrypt certificates.
> That
> algorithm is not permitted in FIPS mode.
>
> Steve.

Aren't PKCS#12 files, when they use password bases key-derivation,
incompatible with FIPS 140-2 full stop?

Carl

Victor Duchovni

unread,
Jun 18, 2009, 4:23:37 PM6/18/09
to
On Thu, Jun 18, 2009 at 12:16:21PM -0700, Kyle Hamilton wrote:

> Mozilla Firefox, when the Platform Security Module is in FIPS mode.
>

Just in case anyone is confused, the 40-bit RC2 encrypts the certificate,
not the private key. From the pkcs12(1) manpage:

-descert
encrypt the certificate using triple DES, this may render the
PKCS#12 file unreadable by some "export grade" software. By
default the private key is encrypted using triple DES and the cer-
tificate using 40 bit RC2.

so the FIPs vs. non-FIPS mode is of little security relevance, just an
interoperability headache.

--
Viktor.

Jim Adams

unread,
Jun 18, 2009, 5:05:00 PM6/18/09
to
--_000_94C476C03BFF5E42AC3518FDAC9643C4E2BD9F9840HQMAILrockets_
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

The private key is probably encoded with a non-FIPS-compliant algorithm.
Try encoding the private key with PKCS8.


Jim Adams
Principal Software Developer
Rocket Software
Email: jad...@rs.com<mailto:jsh...@rocketsoftware.com>
Web: bluezone.rocketsoftware.com<http://www.bluezonesoftware.rocketsoftware=
.com/>

________________________________
From: owner-ope...@openssl.org [mailto:owner-openssl-users@openssl.o=
rg] On Behalf Of Lior Aharoni
Sent: Thursday, June 18, 2009 11:12 AM
To: openss...@openssl.org
Subject: pkcs12 command does not work in FIPS mode


Hello,

I have encountered a problem when trying to use OpenSSL command to decode P=
KCS12 file, I am using OpenSSL 0.9.8j that was build with FIPS support enab=
led.

When working in non FIPS mode I perform the following operation successfull=
y:

K:\>openssl

OpenSSL> pkcs12 -in k:\server.p12.pfx

When I am in FIPS mode and perform the same operation I get the following e=
rror:

Error outputting keys and certificates

7956:error:0607B090:digital envelope routines:EVP_CipherInit_ex:disabled fo=
r fips:.\crypto\evp\enc_min.c:306:

7956:error:06074078:digital envelope routines:EVP_PBE_CipherInit:keygen fai=


lure:.\crypto\evp\evp_pbe.c:101:

7956:error:23077073:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipherini=
t error:.\crypto\pkcs12\p12_decr.c:83:

7956:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe cryp=
t error:.\crypto\pkcs12\p12_decr.c:123:

error in pkcs12

Can someone shed light on why this does not work in FIPS mode? How does thi=
s functionality contradict the FIPS requirements?

Is there and alternative that I can use that will work in FIPS mode?

Thanks a lot,

Lior

--_000_94C476C03BFF5E42AC3518FDAC9643C4E2BD9F9840HQMAILrockets_
Content-Type: text/html; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=3DContent-Type content=3D"text/html; charset=3Dus-ascii">
<META content=3D"MSHTML 6.00.6000.16825" name=3DGENERATOR></HEAD>
<BODY>
<DIV><SPAN class=3D095302615-18062009><FONT face=3DVerdana size=3D2>The pri=
vate key is=20
probably encoded with a non-FIPS-compliant algorithm.</FONT></SPAN></DIV>
<DIV><SPAN class=3D095302615-18062009><FONT face=3DVerdana size=3D2>Try enc=
oding the=20
private key with PKCS8.</FONT></SPAN></DIV>
<DIV><SPAN class=3D095302615-18062009><FONT face=3DVerdana=20
size=3D2></FONT></SPAN>&nbsp;</DIV>
<DIV><SPAN class=3D095302615-18062009><!-- Converted from text/rtf format -=
->
<P><B><I><SPAN lang=3Den-us><FONT face=3DVerdana color=3D#000000 size=3D2>J=
im=20
Adams<BR></FONT></SPAN></I><SPAN lang=3Den-us><FONT face=3DVerdana color=3D=
#000000=20
size=3D2>Principal Software Developer<BR>Rocket=20
Software<BR></FONT></SPAN></B><SPAN lang=3Den-us><FONT face=3DVerdana color=
=3D#000000=20
size=3D2>Email:</FONT><FONT face=3DVerdana color=3D#000080 size=3D2> </FONT=
></SPAN><A=20
href=3D"mailto:jsh...@rocketsoftware.com"><SPAN lang=3Den-us><U><FONT face=
=3DVerdana=20
color=3D#0000ff size=3D2>jad...@rs.com</FONT></U></SPAN></A><SPAN lang=3Den=
-us><FONT=20
face=3DVerdana color=3D#000080 size=3D2><BR></FONT><FONT face=3DVerdana col=
or=3D#000000=20
size=3D2>Web:</FONT><FONT face=3DVerdana color=3D#000080 size=3D2> </FONT><=
/SPAN><A=20
href=3D"http://www.bluezonesoftware.rocketsoftware.com/"><SPAN lang=3Den-us=
><U><FONT=20
face=3DVerdana color=3D#0000ff=20
size=3D2>bluezone.rocketsoftware.com</FONT></U></SPAN></A><SPAN lang=3Den-u=
s></SPAN>=20
</P></SPAN></DIV><BR>
<DIV class=3DOutlookMessageHeader lang=3Den-us dir=3Dltr align=3Dleft>
<HR tabIndex=3D-1>
<FONT face=3DTahoma size=3D2><B>From:</B> owner-ope...@openssl.org=20
[mailto:owner-ope...@openssl.org] <B>On Behalf Of </B>Lior=20
Aharoni<BR><B>Sent:</B> Thursday, June 18, 2009 11:12 AM<BR><B>To:</B>=20
openss...@openssl.org<BR><B>Subject:</B> pkcs12 command does not work i=
n=20
FIPS mode<BR></FONT><BR></DIV>
<DIV></DIV>
<DIV dir=3Dltr><FONT size=3D2>
<P>Hello,</P>
<P>I have encountered a problem when trying to use OpenSSL command to decod=
e=20
PKCS12 file, I am using OpenSSL 0.9.8j that was build with FIPS support ena=
bled.=20
</P>
<P>When working in non FIPS mode I perform the following operation=20
successfully:</P><B>
<P>K:\&gt;openssl</P>
<P>OpenSSL&gt; pkcs12 -in k:\server.p12.pfx</P></B>
<P>When I am in FIPS mode and perform the same operation I get the followin=
g=20
error:</P><B>
<P>Error outputting keys and certificates</P>
<P>7956:error:0607B090:digital envelope routines:EVP_CipherInit_ex:disabled=
for=20
fips:.\crypto\evp\enc_min.c:306:</P>
<P>7956:error:06074078:digital envelope routines:EVP_PBE_CipherInit:keygen=
=20
failure:.\crypto\evp\evp_pbe.c:101:</P>
<P>7956:error:23077073:PKCS12 routines:PKCS12_pbe_crypt:pkcs12 algor cipher=
init=20
error:.\crypto\pkcs12\p12_decr.c:83:</P>
<P>7956:error:2306A075:PKCS12 routines:PKCS12_item_decrypt_d2i:pkcs12 pbe c=
rypt=20
error:.\crypto\pkcs12\p12_decr.c:123:</P>
<P>error in pkcs12</P></B>
<P>Can someone shed light on why this does not work in FIPS mode? How does =
this=20
functionality contradict the FIPS requirements? </P>
<P>Is there and alternative that I can use that will work in FIPS mode?</P>
<P>Thanks a lot,</P>
<P>Lior </P></FONT></DIV></BODY></HTML>

--_000_94C476C03BFF5E42AC3518FDAC9643C4E2BD9F9840HQMAILrockets_--

Victor Duchovni

unread,
Jun 18, 2009, 7:25:54 PM6/18/09
to
On Thu, Jun 18, 2009 at 11:28:48AM -0400, Jim Adams wrote:

> The private key is probably encoded with a non-FIPS-compliant algorithm.
> Try encoding the private key with PKCS8.

No. See my previous post. In any case, the browser is generating the
container. The container can be re-encoded, to use stronger keys, and
the browser will probably be able to read it, even if it does not
generate the key that way. Of course the code doing the conversion
needs to be non-FIPS code, as it needs to access the non-FIPS cert.

--
Viktor.

0 new messages