Read RFC4055 for RSA with various hashes, OAEP, and PSS combinations.
- Tolga
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Alex Alten
Sent: Tuesday, October 10, 2006 9:47 AM
To: Russ Housley; cryptography@metzdowd.com
Cc: [EMAIL PROTECTED];
Anton,
Here is what I compute in Maple.
I wonder if you are running into an old BC bug. I don't remember the
details, but bc had a bug some 10 years or so ago with big numbers.
with(numtheory):
s:=convert(`00D3CDA91B578B6DF29AEB140272BD9198759F79FA10DC410B5D10362048AC7A
You need to have one zero octet after bunch of FFs and before DER encoded
has blob in order to have a proper PKCS#1v1.5 signature encoding.
Based on what you say below, I used this cert and my key to sign an
end-entity certificate which I used to set up an webserver, it appears that
Try Intel's open-sourced CDSA, available at SourceForge.
- Tolga
-Original Message-
From: [EMAIL PROTECTED] [mailto:owner-
[EMAIL PROTECTED] On Behalf Of Trei, Peter
Sent: Tuesday, November 30, 2004 7:16
To: Sandeep N; [EMAIL PROTECTED]
Subject: RE: RSA Implementation in C language
On a second thought, that there is no key management algorithm
certified, how would one set up a SSL connection in FIPS mode?
It seems to me that, it is not possible to have a FIPS 140 certified
SSL/TLS session using the OpenSSL's certification.
- Tolga
Joshua Hill wrote:
On Fri, Sep 05, 2003 at 04:05:07PM -0400, Rich Salz wrote:
It is the first *source code* certification.
The ability to do this runs counter to my understanding of FIPS 140-2.
. and to experiences with the previous FIPS 140-1 certifications I was
involved in, including