Re: Why 2 DLL's for building OpenSSL

2010-07-05 Thread Emanuele Cesena
on top of crypto, without needing ssl. As far as I know there is no method to build a single dll, but I'm not an expert in Windows programming (read: I don't know if there are generic methods to merge two dlls in one). Best, -- Emanuele Cesena emanuele.ces...@gmail.com Il corpo non ha ideali

Re: ECDSA Encryption

2009-07-24 Thread Emanuele Cesena
/verify, you may encrypt mixing ECDH to generate keys and AES to do symmetric encryption (even at command line: look at ecparam, ecdh, enc), or you may use ECIES but you need a different library. bye! -- Emanuele Cesena emanuele.ces...@gmail.com Il corpo non ha ideali

Re: How to create a non exportable private key certificate using openssl

2009-07-24 Thread Emanuele Cesena
using opencryptoki (pkcs11 software device) with TPM. Use a TPM non-migratable key. bye! -- Emanuele Cesena emanuele.ces...@gmail.com Il corpo non ha ideali __ OpenSSL Project http

Re: RFC 4680 implementation

2009-04-14 Thread Emanuele Cesena
details why do you really need a message between the ServerHello and ServerDone? Best regards, -- Emanuele Cesena emanuele.ces...@gmail.com http://ecesena.dyndns.org Il corpo non ha ideali __ OpenSSL Project

Re: ECC

2009-02-09 Thread Emanuele Cesena
. Any example? for ECC, check apps/ec* bye! -- Emanuele Cesena emanuele.ces...@gmail.com http://ecesena.dyndns.org Il corpo non ha ideali smime.p7s Description: S/MIME cryptographic signature

Re: Client side certificate for using in SSL connection

2009-02-06 Thread Emanuele Cesena
messages). If client authentication is required, the client additionally digitally signs (asymmetric crypto) a particular piece of data. Almost nothing changes in the agreement of the pre-master secret. So, if you don't use client auth, no client private key is used. bye! -- Emanuele Cesena

Re: ECDSA signature verification

2009-01-23 Thread Emanuele Cesena
0.9.9 is required for public-key EVP. * where can I find some good (= simple!) documentation on using OpenSSL for this task. I've not had much luck finding anything relevant in the man page. source code? ECDSA has also doxygen comments :-) bye! -- Emanuele Cesena emanuele.ces

RE: ECDSA signature verification

2009-01-23 Thread Emanuele Cesena
On Fri, 2009-01-23 at 10:13 +, Young, Alistair wrote: We really need to use the FIPS version of OpenSSL, so updating the code isn't a possiblity. ah ok, so maybe you can just skip EVP. bye! -- Emanuele Cesena emanuele.ces...@gmail.com http://ecesena.dyndns.org Il corpo non ha ideali

[BUG] openssl speed and EVP engine

2008-08-20 Thread Emanuele Cesena
Good morning, I found openssl speed does not use any EVP engine I try to set up. It works correctly, e.g., with RSA engines. I'm using OpenSSL 0.9.8g 19 Oct 2007, but the bug (?) seems to apply to other 0.9.8 versions too. Regards -- Emanuele Cesena [EMAIL PROTECTED] http://ecesena.dyndns.org