On Mon, Aug 06, 2018 at 04:30:54PM +0200, Jakob Bohm wrote:
> The patch below works around this, porting this to OpenSSL 1.1.x
> is left as an exercise for the reader:
Can you please open a pull request on github for that?
Kurt
--
openssl-users mailing list
To unsubscribe:
>
> Keys in X.509 certiificates are mostly used for signing (e.g. TLS with
> DHE or ECDHE key agreement). But I guess you could mint an encryption-
> only
> certificate that is not useful for signing, and use it exclusively for
> key wrapping.
That is exactly the use case ;-)
I don't know
> On Aug 9, 2018, at 3:21 PM, Stephane van Hardeveld
> wrote:
>
> The certificate is signed with PSS. However, I try to indicate that the
> public key enclosed IN the certificate should be used with the OAEP padding
> mode while decrypting a separate message
Keys in X.509 certiificates are
> -Original Message-
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Viktor Dukhovni
> Sent: donderdag 9 augustus 2018 21:05
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] rsaOAEP OID in X509 certificate
>
>
>
> > On Aug 8, 2018, at
> On Aug 8, 2018, at 12:01 PM, Stephane van Hardeveld
> wrote:
>
> By default, if I create an X 509 certificate with a public key in it, the
> object identifier is rsaEncyption (1.2.840.113549.1.1.1). Is it possible to
> specify a different object identifier, e.g. rsaOAEP
> -Original Message-
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Ken Goldman
> Sent: donderdag 9 augustus 2018 18:52
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] rsaOAEP OID in X509 certificate
>
> On 8/9/2018 10:51 AM, Stephane van
On 8/9/2018 10:51 AM, Stephane van Hardeveld wrote:
I will discuss this, but as far as I understand, these OID are allowed by
the X 509 standard:
4.1.2.7. Subject Public Key Info
[snip]
And in rfc4055, 4.1
Openssl is capable of parsing it, only retrieving it gives an error on
unknown
> -Original Message-
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Ken Goldman
> Sent: donderdag 9 augustus 2018 14:56
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] rsaOAEP OID in X509 certificate
>
> On 8/9/2018 4:14 AM, Stephane van
On 08/09/2018 09:34 AM, Matt Caswell wrote:
On 08/08/18 20:49, Robert Moskowitz wrote:
Finally back on working on my EDDSA pki.
Working on beta Fedora29 which now ships with:
OpenSSL 1.1.1-pre8 (beta) FIPS 20 Jun 2018
To recap, there are challenges on hash specification. In creating
On 08/08/18 20:49, Robert Moskowitz wrote:
> Finally back on working on my EDDSA pki.
>
> Working on beta Fedora29 which now ships with:
>
> OpenSSL 1.1.1-pre8 (beta) FIPS 20 Jun 2018
>
>
> To recap, there are challenges on hash specification. In creating
> certs, I cannot have default_md
On 8/9/2018 4:14 AM, Stephane van Hardeveld wrote:
Hi Ken,
I am trying to do two thing:
1: Generate X 509 certificates, with RSA-PSS signing, with different Hashing
and Masking (SHA1 and SHA256), including an RSA Public key as content. This
RSA 'content key' should specify it will be used for
Hi Ken,
I am trying to do two thing:
1: Generate X 509 certificates, with RSA-PSS signing, with different Hashing
and Masking (SHA1 and SHA256), including an RSA Public key as content. This
RSA 'content key' should specify it will be used for RSA-OAEP decryption.
2: Verify X 509 certificates,
> On 08/08/18 21:15, The Doctor wrote:
> > On Wed, Aug 08, 2018 at 01:46:54PM +0100, Matt Caswell wrote:
>
> On 08/08/18 04:31, Juan Isoza wrote:
> > and final 1.1.1
>
> There is no date yet. We are still waiting on the official publication
> of the TLSv1.3 RFC which we
13 matches
Mail list logo