Re: [openssl-users] Creating an X25519-based Certificate

I missed that > part. > > The solution should then be to modify apps/ca.c:certify() function to add > an arg, and avoid the call to X509_REQ_verify when desired. > > Cordialement, > Erwann Abalea > > Le 29 juin 2016 à 19:17, Michael Scott <mike.sc...@miracl.com&g

Re: [openssl-users] Creating an X25519-based Certificate

On Thu, Jun 30, 2016 at 5:11 PM, Matt Caswell wrote: > > > On 30/06/16 16:54, Salz, Rich wrote: > >> Since X25519 is not the first "encrypt-only" algorithm in the > >> OpenSSL universe, how was requesting certificates handled for > >> such algorithms in the past? > > > > It

[openssl-users] Creating an X25519-based Certificate

Hello, How do I do this? Using the OpenSSL command line tool, a certificate request must be self-signed, but the X25519 elliptic curve (newly supported in version 1.1.0), doesn't do signature, it can only be used for key exchange. (Of course the X25519 Montgomery curve is birationally

Re: [openssl-users] Creating an X25519-based Certificate

WellI can help with CFRG - its Crypto Forum Research Group. Mike On Wed, Jun 29, 2016 at 4:10 PM, Jakob Bohm wrote: > On 29/06/2016 16:53, Salz, Rich wrote: > >> How do I do this? Using the OpenSSL command line tool, a certificate >>> request must be self-signed, but

Re: [openssl-users] Creating an X25519-based Certificate

coding for the signature value is defined, so it can >be enclosed into cert.signatureValue > > > All this is being discussed at CFRG. > > Cordialement, > Erwann Abalea > > Le 29 juin 2016 à 16:46, Michael Scott <mike.sc...@miracl.com> a écrit : > > Hello,

Re: [openssl-users] Creating an X25519-based Certificate

On Wed, Jun 29, 2016 at 6:21 PM, Salz, Rich wrote: > > > To repeat: X25519 only supports key exchange. The 25519 signing > > mechanism is not yet defined. > Which I don't have a problem with. But surely the openssl command line tool should provide a mechanism for allowing an