--
And possibly relevant here, the standard Suncle JCE provider actually
uses DSA paramgen for DH and thus imposes the DSA size restrictions
on DH -- 512 to 1024 in steps of 64 -- although they aren't required
by any standard I know of. I don't recall if JCE also restricts
*existing* (received)
On 19 March 2013 09:01, azhar jodatti azhar...@gmail.com wrote:
And possibly relevant here, the standard Suncle JCE provider actually
uses DSA paramgen for DH and thus imposes the DSA size restrictions
on DH -- 512 to 1024 in steps of 64 -- although they aren't required
by any standard I know
Thanks for great answer and explanation.
Without a deeper knowledge I had ask the TSA (as possible solution) to
move the ESSCertiId (or whatever) of TAC in signed attributes as
separate attribute (== out of certs list). Nice to see that was not so
bad Idea.
Unfortunately their conclusion
On Tue, Mar 19, 2013 at 2:58 PM, Matt Caswell fr...@baggins.org wrote:
On 19 March 2013 09:01, azhar jodatti azhar...@gmail.com wrote:
And possibly relevant here, the standard Suncle JCE provider actually
uses DSA paramgen for DH and thus imposes the DSA size restrictions
on DH -- 512 to
On 19 March 2013 10:37, azhar jodatti azhar...@gmail.com wrote:
On Tue, Mar 19, 2013 at 2:58 PM, Matt Caswell fr...@baggins.org wrote:
On 19 March 2013 09:01, azhar jodatti azhar...@gmail.com wrote:
And possibly relevant here, the standard Suncle JCE provider actually
uses DSA paramgen
Well, to roll out the possibility of network error's, JSON values not
being passed properly and blah blah blah I just dropped that approach.
instead of that I am running C program which prints the prime,generator and
public key. I have another program on same machine which is written in java
On 19 March 2013 12:22, azhar jodatti azhar...@gmail.com wrote:
PEM_write_bio_DHparams(out, temp);//this prints public key in base64
(this is what i think :) )
This is NOT a base64 representation of the public key. This is
printing out the parameters only (which does not include the
On Tue, Mar 19, 2013 at 6:24 PM, Matt Caswell fr...@baggins.org wrote:
On 19 March 2013 12:22, azhar jodatti azhar...@gmail.com wrote:
PEM_write_bio_DHparams(out, temp);//this prints public key in
base64
(this is what i think :) )
This is NOT a base64 representation of the public
On 19 March 2013 14:18, azhar jodatti azhar...@gmail.com wrote:
On Tue, Mar 19, 2013 at 6:24 PM, Matt Caswell fr...@baggins.org wrote:
On 19 March 2013 12:22, azhar jodatti azhar...@gmail.com wrote:
PEM_write_bio_DHparams(out, temp);//this prints public key in
base64
(this is what i
Hello All,
I am using openssl 0.9.8r on one Linux box (BoxA) communicating with another
Linux box running openssl 1.0.0e (BoxB).
There are certain curl uploads that need to occur fromBoxA -- BoxB.
Usually we don't have any problems. But in a simulated environment, where there
could
Hello All,
I'm using openssl 1.0.1e.
I want to use these two example functions
X509_ATTRIBUTE *add_seq2string(PKCS7_SIGNER_INFO *si, char *str1, char
*str2);
int sk_get_seq2string(STACK_OF(X509_ATTRIBUTE) *sk, char **str1, char
**str2);
included in the file
I have written a few posts about this timestamp format on this list
before, here are my supplemental comments to your description and
experiment:
On 3/17/2013 6:14 PM, Walter H. wrote:
Hello,
has anybody got an idea, how to programm/get such a timestamp server -
is not RFC 3161 conform -
with
On 3/18/2013 10:29 PM, Santhosh Kokala wrote:
Hi,
The application I am working on should not support TLS 1.1 and above
protocols. I am using SSL_CTX_set_options( ctx, SSL_OP_NO_TLSv1_1); to
disable the same after creating the SSL context. But it doesn’t seem to
disable the TLS1.1 and TLS1.2
Also this might be useful for implementers:
http://msdn.microsoft.com/en-us/library/windows/desktop/bb931395(v=vs.85).as
px
-Original Message-
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Jakob Bohm
Sent: Tuesday, March 19, 2013 12:07 PM
To:
Hi,
thanks for your infos
can you please tell me, where I can find your postings to this topic,
you made in the past?
On 19.03.2013 20:07, Jakob Bohm wrote:
Won't work (as you saw), this function doesn't take the actual
ContentInfo structure as input, but data which it will (mis)treat
as
(No need to CC me, I get the list e-mails in the same inbox).
You could use any of the archives of the mail lists that are mentioned
on openssl.org.
However, I think I have repeated all the stuff you didn't already
discover in
todays post, just to keep everything together in one place.
On
16 matches
Mail list logo