Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

On 23. maí 2018, at 10:08 f.h., redpath wrote: > SO if I add this RAND usage below, em I seeding to assure a different RSA key > pair each time run of creating a RSA pair. > > I would certainly replace the time with the UUID of the device to be unique > to the device. You

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of redpath > Sent: Wednesday, May 23, 2018 16:02 > To: openssl-users@openssl.org > Subject: Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure > Randomness of PK > > Oh I am using openssl-1.0.2o just for

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

Oh I am using openssl-1.0.2o just for development But I certainly will take a recommendation of version. Thats always appreciated. -- Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html -- openssl-users mailing list To unsubscribe:

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

>Well what I was alluding to is this the correct use of the RAND_add > function to seed the Key generation. Its a bit confusing certainly. You are calling the API correctly. That should have been clear from the manpage. You still did not tell us what version of OpenSSL you are using.

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

Well what I was alluding to is this the correct use of the RAND_add function to seed the Key generation. Its a bit confusing certainly. I will use more than the UUID of the device but you have to have the device in hand to know that and know it came from a device. I certainly will use better

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

On 23.05.2018 20:39, Michael Wojcik wrote: From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf Of redpath Sent: Wednesday, May 23, 2018 13:08 To: openssl-users@openssl.org Subject: Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK SO if I add this RAND

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of redpath > Sent: Wednesday, May 23, 2018 13:08 > To: openssl-users@openssl.org > Subject: Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure > Randomness of PK > > SO if I add this RAND usage below, em I seeding to

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

What version of OpenSSL are you using? Using the time to seed the RNG is horrible; DO NOT DO THAT. Not trying to be insulting, but if you think time is a good source, then you really don't know what you're doing for RNG's. Consider looking at the master branch, with its highly-improve seeding

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

> On May 23, 2018, at 1:08 PM, redpath wrote: > > SO if I add this RAND usage below, em I seeding to assure a different RSA key > pair each time run of > creating a RSA pair. > > I would certainly replace the time with the UUID of the device to be unique > to the device. >

Re: [openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

SO if I add this RAND usage below, em I seeding to assure a different RSA key pair each time run of creating a RSA pair. I would certainly replace the time with the UUID of the device to be unique to the device. You would have to acquire the device to know the seeding. Hey keep the Time one too.

Re: [openssl-users] how to seed PRNG

Ya me too did you ever get the info on this? -- Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] Facing issue while reading RSA private key (DER format)

On 23/05/18 12:10, Ruchi Tyagi wrote: > Hi, > >   > > I am working on a project where we are trying to Replace RSA Bsafe > crypto C library with openssl. I have a RSA key pair (attaching the key > files) generated using RSA Bsafe library. > > I am  able to read the public key using the below

Re: [openssl-users] Call for testing TLS 1.3

On 23/05/18 12:39, John Jiang wrote: > Hi, > If just using s_server and s_client, can I test the TLS 1.3 features, > likes HelloRetryRequest and resumption? Yes. To create a normal (full handshake) TLSv1.3 connection just use s_server/s_client in the normal way, e.g. $ openssl s_server -cert

Re: [openssl-users] Call for testing TLS 1.3

Hi, If just using s_server and s_client, can I test the TLS 1.3 features, likes HelloRetryRequest and resumption? 2018-04-29 18:43 GMT+08:00 Kurt Roeckx : > The upcomming OpenSSL 1.1.1 release will have TLS 1.3 support. TLS > 1.3 brings a lot of changes that might cause

[openssl-users] PEM_write_bio_RSAPrivateKey assure Randomness of PK

My question is: I have this handy function to create a Private and Public key But what is the magic I put around it to make sure it is random not the same Private and Public key when I run this program each time? I am using openSSL on OSX and Android. I am not familiar with the random API