Hello Openssl, is there any update? Do you need more information?
Thank you Cheers Mario Scalabrino Untitled Document *Certify Doc <http://www.certifydoc.eu>* *MARIO SCALABRINO * Founder & CEO (+34) 680 128 282 [email protected] <mailto:[email protected]> www.certifydoc.eu <http://www.certifydoc.eu> Linkedin <https://www.linkedin.com/in/andifyou>Facebook <https://www.facebook.com/certifydoc>Twitter <https://twitter.com/certifydoc> On 28/01/2016 17:16, The default queue via RT wrote: > Greetings, > > This message has been automatically generated in response to the > creation of a trouble ticket regarding: > "Possible bug - ts -verify -digest, error:ts_rsp_verify.c:291:", > a summary of which appears below. > > There is no need to reply to this message right now. Your ticket has been > assigned an ID of [openssl.org #4276]. > > Please include the string: > > [openssl.org #4276] > > in the subject line of all future correspondence about this issue. To do so, > you may reply to this message. > > Thank you, > [email protected] > > ------------------------------------------------------------------------- > > Good afternoon Openssl, > > please forward this email to whomever it may concern. > > I receive an error and the Timestamping provider suspects it is a > Openssl bug. > Could you please check if it is openssl or the certificate? > > > This is when the error occurr > /openssl ts -verify -digest > e16db7d30581e44a5540f19553852b5a4e4e26f9adc365cc846f94038ee33025 -in > /tmp/namirial.tsr -CAfile /tmp/NamirialCATSA.pem > (result:) > ************* > *Verification: FAILED** > **140236013643424:error:2F067065:time stamp > routines:TS_CHECK_SIGNING_CERTS:ess signing certificate > error:ts_rsp_verify.c:291:*/ > > > I attach a complete reproduction scenario. I don't know if it is a > problem of this TSA certificate or in Openssl due to sha256 digest, > please help. > > > (in the curl command I cannot provide you the username and password, it > is a paid service) > > Attached are the files resulting from the below commands in sequence and > the certificate of the TSA, but I'm sure you can check yourself the last > command where the error occur and advice. > > you can copy and paste the commands below if you're in Linux Ubuntu and > the files are in the /tmp/ folder > > *Reproduction scenario:* > > OS: Ubuntu 14.04 > Openssl version: OpenSSL 1.0.1f 6 Jan 2014 > > > > Generate tsq: > openssl ts -query -digest > e16db7d30581e44a5540f19553852b5a4e4e26f9adc365cc846f94038ee33025 -sha256 > -cert -out /tmp/namirial.tsq > > Readable tsq: > openssl ts -query -in /tmp/namirial.tsq -text > (result:) > ************ > Hash Algorithm: sha256 > Message data: > 0000 - e1 6d b7 d3 05 81 e4 4a-55 40 f1 95 53 85 2b 5a [email protected].+Z > 0010 - 4e 4e 26 f9 ad c3 65 cc-84 6f 94 03 8e e3 30 25 NN&...e..o....0% > Policy OID: unspecified > Nonce: 0x8CA62B5766A29A8B > Certificate required: yes > Extensions: > **************** > > > Generate tsr (using curl) > curl -u xxxxxxx:yyyyyy -s --data-binary @/tmp/namirial.tsq -H > 'Content-Type: application/timestamp-query' -H 'Pragma: no-cache' -H > 'Accept: application/timestamp-reply' --output /tmp/namirial.tsr > http://timestamp.firmacerta.it > > Readable tsr > openssl ts -reply -in /tmp/namirial.tsr -out /tmp/readable_tsr.txt -text > > (result:) > ****************** > Status info: > Status: Granted. > Status description: Operation Okay > Failure info: unspecified > > TST info: > Version: 1 > Policy OID: 1.3.6.1.4.1.36203.2.1 > Hash Algorithm: sha256 > Message data: > 0000 - e1 6d b7 d3 05 81 e4 4a-55 40 f1 95 53 85 2b 5a [email protected].+Z > 0010 - 4e 4e 26 f9 ad c3 65 cc-84 6f 94 03 8e e3 30 25 NN&...e..o....0% > Serial number: 0x1947FD96B97A42DE > Time stamp: Jan 28 14:56:16 2016 GMT > Accuracy: unspecified seconds, 0x01F4 millis, unspecified micros > Ordering: no > Nonce: 0x8CA62B5766A29A8B > TSA: unspecified > Extensions: > ************************ > > > Verify > openssl ts -verify -digest > e16db7d30581e44a5540f19553852b5a4e4e26f9adc365cc846f94038ee33025 -in > /tmp/namirial.tsr -CAfile /tmp/NamirialCATSA.pem > (result:) > ************* > *Verification: FAILED** > **140236013643424:error:2F067065:time stamp > routines:TS_CHECK_SIGNING_CERTS:ess signing certificate > error:ts_rsp_verify.c:291:* > *************** > > > -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4276 Please log in as guest with password guest if promptedTitle: Untitled Document
|
Hello Openssl, is there any update? Do you need more information? Thank you Cheers Mario Scalabrino
On 28/01/2016 17:16, The default queue
via RT wrote:
| |||||
-- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
