From: Peter Eckersley peter.eckers...@gmail.com
To: openssl-users@openssl.org,
Date: 01/26/2012 04:42 PM
Subject: Separating the digest and signature steps of RSA signing
I have an offline system that needs to compute RSA signatures over
large blobs of data, given only hashes of the data
On Fri, Jan 27, 2012, Dave Thompson wrote:
Is there any way to do that with openssl?
Just call the low-level primitive RSA_sign if you still want
the conventional algid+hash encoding and PKCS1 formatting
(i.e. if you are interoperating with almost anyone) or
even lower-level
Thanks for the reply and apologies for the awkward description of the
problem.
I had moved the SSL initiation until after the exchange of the 1st clear
text request/reply but was getting errors, which prompted the original post.
Subsequently I discovered in the move I had swapped the
I have implemented a server using OpenSSL 0.9.8r. If I use s_client to open a
connection to a listenening SSL port on the server, and use the R commend to
initiate a rehandshake, the rehandshake completes successfully(as expected). I
have verified this using both SSL 3.0 and TLS 1.0.
I have implemented a server using OpenSSL 0.9.8r. If I use s_client to open a
connection to a listenening SSL port on the server, and use the R commend to
initiate a rehandshake, the rehandshake completes successfully(as expected). I
have verified this using both SSL 3.0 and TLS 1.0.
I have implemented a server using OpenSSL 0.9.8r. If I use s_client to open a
connection to a listenening SSL port on the server, and use the R commend to
initiate a rehandshake, the rehandshake completes successfully(as expected). I
have verified this using both SSL 3.0 and TLS 1.0.
Depends which of the OpenSSL APIs you use to do the hashing. Some give
you a usable context pointer where you can access the bytes that need
saving by following pointers into internal structures, others do not.
However note that there is another problem in such cases: When a
connection is
From: owner-openssl-us...@openssl.org On Behalf Of Matt Caswell
(fr...@baggins.org)
Sent: Thursday, 26 January, 2012 18:16
I think that the stream that it writes to is platform specific.
snip
So depending on your platform it will be one of stderr, con
or /dev/tty.
Since you said you've
Hi OpenSSL folks,
Jan Pechanec from Sun used to provide a patch for OpenSSL to allow us to
compile with the Solaris pkcs11 crypto libraries. This disappeared with
Oracle's consumption of Sun. It seems that the crypto co-processing features of
the Sparc T-series is continuing, but not the
Hi Jakob,
Thanks for your info. The openssl version currently we used to is 0.9.8r.
Also we need a clarification for one more thing.
Is there a way to cleanup the missed CTX from memory? Consider the below
scenario.
*File 1*
-- MD5_Init
-- MD5_Update
-- MD5_Update
--
10 matches
Mail list logo