On Fri, Jan 13, 2017 at 03:26:08PM -0500, Ken Goldman wrote:
> On 1/13/2017 2:02 PM, Viktor Dukhovni wrote:
> > > parameter setting error
> > > 139854491113288:error:06089094:digital envelope
> > > routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:404:
> >
> > In that case, your OpenSSL
On 1/13/2017 2:02 PM, Viktor Dukhovni wrote:
parameter setting error
139854491113288:error:06089094:digital envelope
routines:EVP_PKEY_CTX_ctrl:invalid operation:pmeth_lib.c:404:
In that case, your OpenSSL library is broken, or was built without
EC support. Perhaps you're running the wrong
On Fri, Jan 13, 2017 at 01:49:14PM -0500, Ken Goldman wrote:
> On 1/13/2017 1:21 PM, Viktor Dukhovni wrote:
> > On Fri, Jan 13, 2017 at 06:18:51PM +, Viktor Dukhovni wrote:
>
> Still no success. I think this is exactly what you suggested, and something
> I had already tried.
>
> openssl
On 1/13/2017 1:21 PM, Viktor Dukhovni wrote:
On Fri, Jan 13, 2017 at 06:18:51PM +, Viktor Dukhovni wrote:
Still no success. I think this is exactly what you suggested, and
something I had already tried.
openssl genpkey -out cakeyecc.pem -outform PEM -pass pass: -aes256
-algorithm
On Fri, Jan 13, 2017 at 06:18:51PM +, Viktor Dukhovni wrote:
> Easier to read the documentation and use the appropriate value.
https://www.openssl.org/docs/man1.1.0/apps/genpkey.html
--
Viktor.
--
openssl-users mailing list
To unsubscribe:
On Fri, Jan 13, 2017 at 01:06:10PM -0500, Ken Goldman wrote:
> I gather now that there are two -pkeyopt:
Yes.
> ec_paramgen_curve
> ec_param_enc
>
> I tried prime256v1 for each, and also named_curve and explicit
> for the second, in many combinations.
Easier to read the documentation and use
Thanks for the help. Am I getting closer?
On 1/13/2017 9:44 AM, Viktor Dukhovni wrote:
Also, take a look at test/certs/mkcert.sh:
I looked at that, but what is $bits?
The curve name.
You're sure fond of leaving off the leading "-" in option names.
You'll also really want the
On Fri, Jan 13, 2017 at 09:32:01AM -0500, Ken Goldman wrote:
> > The "aes-256-cbc" argument is wrong. Try "-aes256".
>
> BTW, I got aes-256-cbc from
>
> https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations
>
> and > openssl list-cipher-commands
When cipher names are used
On 13/01/17 14:32, Ken Goldman wrote:
> Thanks, getting closer ...
>
> On 1/12/2017 5:47 PM, Viktor Dukhovni wrote:
>>> My latest attempt is this. It gives me a usage error. Any hints?
>>>
>>> openssl genpkey -out cakeyecc.pem -outform pem -pass pass:
>>> aes-256-cbc -algorithm ec
Thanks, getting closer ...
On 1/12/2017 5:47 PM, Viktor Dukhovni wrote:
My latest attempt is this. It gives me a usage error. Any hints?
openssl genpkey -out cakeyecc.pem -outform pem -pass pass: aes-256-cbc
-algorithm ec pkeyopt ec_paramgen_curve:prime256v1 -text
The "aes-256-cbc"
> On Jan 12, 2017, at 5:34 PM, Ken Goldman wrote:
>
>>> Is there a openssl command that can generate an ECC key pair where the
>>> output file is password protected?
>> openssl genpkey
>
> My latest attempt is this. It gives me a usage error. Any hints?
>
> openssl
On 7/20/2016 10:26 AM, Jakob Bohm wrote:
On 20/07/2016 16:21, Ken Goldman wrote:
From these web pages:
https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations
https://www.openssl.org/docs/manmaster/apps/ecparam.html
the "openssl ecparam -genkey" command does not accept a
From these web pages:
https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations
https://www.openssl.org/docs/manmaster/apps/ecparam.html
the "openssl ecparam -genkey" command does not accept a password. The
(perhaps) equivalent "openssl genrsa" command does.
Is there a
On 20/07/2016 16:21, Ken Goldman wrote:
From these web pages:
https://wiki.openssl.org/index.php/Command_Line_Elliptic_Curve_Operations
https://www.openssl.org/docs/manmaster/apps/ecparam.html
the "openssl ecparam -genkey" command does not accept a password. The
(perhaps) equivalent "openssl
14 matches
Mail list logo