Technical Info

Viewing .crt and .pem certificate files & elliptic curve technology

Usually interacting with a web site certificate requires clicking through the certificate tabs and fields that can be slow. This article describes how to export the certificate and view the .crt or .pem file.

supportmicrosoftcom

Click ‘Export’ to download the .crt and .pem files from the web site. In our example we have used one from Microsoft:

https://support.microsoft.com

The CertUtil is built into MS Windows and is available at the command prompt. From the MS Windows start menu launch “cmd” to get a command prompt and type the following:

C:\>certutil supportmicrosoftcom.crt > supportmicrosoftcom.txt

View the text file and it looks like this:

X509 Certificate:
Version: 3
Serial Number: 200002287cdc13c03ed292a74300000002287c
Signature Algorithm:
Algorithm ObjectId: 1.2.840.113549.1.1.11 sha256RSA
Algorithm Parameters:
05 00
Issuer:
CN=Microsoft IT TLS CA 2
OU=Microsoft IT
O=Microsoft Corporation
L=Redmond
S=Washington
C=US
Name Hash(sha1): 881a4a74feff4652f354bb510fd3a4eeefe0a1c8
Name Hash(md5): 310cd0eb139f28ab9f55bce673112357

NotBefore: 28/02/2018 10:56 AM
NotAfter: 28/02/2020 10:56 AM

This pipes the output into a text file. It can be useful to view the anatomy of the Microsoft certificate, including:

  • Certicate valid from / to dates.
  • Certificate authority that issued the certificate.
  • Whether it is a wildcard certificate for *.sanitysecurity.com or just for http://www.sanitysecurity.com
  • Public key algorithm is RSA.
  • Public key length is 2048 bits.

We can compare the Microsoft certificate with a certificate from Google for Gmail:

https://mail.google.com

Again, we perform the same command using CertUtil to output the contents:

C:>certutil google-mail.cer > google-mail.txt

We notice the following differences:

  • Public key algorithm is ECC using ECDSA_P256.
  • Public key length is 256 bits.

We can take guidance on key algorithms and key length from NIST in the NIST Special Publication 800-57 Part 3: Recommendation for Key Management. The publication contains the table below that indicates the comparable key lengths for the different key lengths.

Key Type Algorithms and Key Sizes
Digital Signature keys used for
authentication (for Users or Devices)
RSA (2048 bits)
ECDSA (Curve P-256)
Digital Signature keys used for
non-repudiation (for Users or Devices)
RSA (2048 bits)
ECDSA (Curves P-256 or P-384)
CA and OCSP Responder
Signing Keys
RSA (2048 or 3072bits)
ECDSA (Curves P-256 or P-384)
Key Establishment keys
(for Users or Devices)
RSA (2048 bits)
Diffie-Hellman (2048 bits)
ECDH (Curves P-256 or P-384)

Unfortunately, since the disclosures from Edward Snowden on the activities of the NSA there have been some discussion regarding whether Elliptic Curve algorithms can be trusted. The issue is about the source of the seed number that the Elliptic Curve algorithms rely upon. Some background information on elliptic curve technology can be found below. As is often the case with cryptography, the strength of the protection relies upon the encryption algorithm and how it is used.

We hope this helps, @SanitySecurity

Standard
Technical Info

Finding the Hash Value of a File on Microsoft Windows

Many vendors provide a hash value along with the file download itself. These hash values were previously generated using SHA1 or MD5 hash algorithms, but these hash algorithms have become weaker as computers have become faster and vulnerabilities have been identified in the hash algorithms. For these reasons hash values are typically generated using SH256 or stronger hash algorithms.
The idea is to generate the hash value on your computer using the file downloaded and compare it against the hash value published on the vendor’s web site. This validates that the file downloaded has not modified while it was in-transit over the Internet. In other words, have you downloaded the same file onto your computer that the vendor has published on their web site? There are two tools to generate the hash value of a downloaded file on Microsoft Windows. Both FCIV and CertUtil are available from Microsoft for free and are command line utilities.
Of course, an attacker could modify both the file download and the hash value published on their website. In this case there is no indication that the file download and the hash value have been compromised. For example, this happened to Linux Mint in February 2016 in a ‘supply chain’ style attack:

FCIV

FCIV stands for ‘File Checksum Integrity Verifier’ and was released in May 2004. It is a separate utility that can be downloaded from Microsoft. The ‘fciv.exe’ file then needs to be made available through the system environment variables in Microsoft Windows.
FCIV is a short, concise command. However, it can only compute SHA1 and MD5 hash algorithms. This makes it unsuitable for modern hash values that use stronger hash algorithms.
Example:
fciv [hash_algorithm] [hash_file]

C:>fciv -sha1 "./hello-world.txt"
//
// File Checksum Integrity Verifier version 2.05.
//
b6fe6281d53e8a66d6ab47e0a39a809dad901a0e ./hello-world.txt

CertUtil

CertUtil is a powerful command included in Microsoft Windows as part of Certificate Services. No download or modification of the system environment variables is required. More information about the command is available here:
CertUtil is a longer command. However, it supports MD2, MD4, MD5, SHA1, SHA256, SHA384, and SHA512. It also seems to receive updates by Microsoft.
Example:
certutil -hashfile [hash_file] [hash_algorithm]

C:>certutil -hashfile "./hello-world.txt" sha1
SHA1 hash of ./hello-world.txt:
b6fe6281d53e8a66d6ab47e0a39a809dad901a0e
CertUtil: -hashfile command completed successfully.
We hope this helps,
Standard