From: Richard Levitte
> sms>
> http://antinode.info/ftp/openssl/1_0_0d/openssl-SNAP-20110321_s1.zip
>
> Just to clarify, you used openssl-SNAP-20110321.tar.gz for this?
> That's a different branch than the one 1.0.0d comes from...
Yes. (Or "openssl-SNAP-20110321^.tar.gz;1", as it's k
Hi guys,
is it possible to have openssl write EC certs with the implicitCurve option
in the ECParameters ? I need this for a test tool.
In practice:
- EC_KEY_set_asn1_flag(k, 1) => namedCurve
- EC_KEY_set_asn1_flag(k, 0) => specifiedCurve
But what about implicitCurve ? Is there a way ? Shall I
In message <11032216192727_20200...@antinode.info> on Tue, 22 Mar 2011 16:19:27
-0500 (CDT), "Steven M. Schweda" said:
sms> > 64 Automatic choice of "64" or "64=ARGV".
sms> > 64=ARGVManual choice of "64=ARGV".
sms> > 64=Manual choice of plain "64".
sms>
sms
In message <11032017084365_20200...@antinode.info> on Sun, 20 Mar 2011 17:08:43
-0500 (CDT), "Steven M. Schweda" said:
sms> From: Richard Levitte
sms>
sms> > [...] tomorrow's snapshot [...]
sms>
sms>Every time I look at the snapshot Web page, I get confused. README
sms> doesn't describe
> 64 Automatic choice of "64" or "64=ARGV".
> 64=ARGVManual choice of "64=ARGV".
> 64=Manual choice of plain "64".
Seems to be done, and the compiler test activity no longer leaves
junk object and/or listing files lying around. Original (*.*_orig) and
chan
On 3/22/2011 12:31 PM, Massimiliano Pala wrote:
Hi Douglas,
the issue here is to be sure that things are done correctly - e.g., for testing
that the crypto used by the CA issuing a certificate is ok. In any case, the NID
from the signer can be missing (in fact, AFAIK, the curves should be prov
Hi Douglas,
the issue here is to be sure that things are done correctly - e.g., for testing
that the crypto used by the CA issuing a certificate is ok. In any case, the NID
from the signer can be missing (in fact, AFAIK, the curves should be provided
with
explicit params - implicit params are de
On 3/22/2011 10:10 AM, Massimiliano Pala wrote:
Hello Stephen, all,
thanks for all the advices, I ended up doing the following:
1. Grab the Key from the Certificate
2. Cycle through the built-in curves
3. Generate a new point from the Key's group
4. if order(curve[i]) == order(key) and point i
Hello Stephen, all,
thanks for all the advices, I ended up doing the following:
1. Grab the Key from the Certificate
2. Cycle through the built-in curves
3. Generate a new point from the Key's group
4. if order(curve[i]) == order(key) and point is on curve[i]
==> curve found! ; return nid
5. i
On 3/22/2011 9:25 AM, Massimiliano Pala wrote:
Hello Peter, all,
thanks for the hint.. but I was actually looking more at a way to check if
a certificate has been signed with one of the curves you listed. Maybe it is
not possible, but it would be nice to be able to say "this certificate has
be
On Tue, Mar 22, 2011, Massimiliano Pala wrote:
> Hello Peter, all,
>
> thanks for the hint.. but I was actually looking more at a way to check if
> a certificate has been signed with one of the curves you listed. Maybe it is
> not possible, but it would be nice to be able to say "this certificate
Hello Peter, all,
thanks for the hint.. but I was actually looking more at a way to check if
a certificate has been signed with one of the curves you listed. Maybe it is
not possible, but it would be nice to be able to say "this certificate has
been signed with P-256" - since this can be a requir
On 3/21/2011 7:01 PM, Massimiliano Pala wrote:
Hi all,
I was wondering: how do I verify if a pkey used in an ECDSA certificate is
on one specific curve ?
The certificate should have as part of the Public Key Info the OID
of the curve used, (or the parameters of the curve)
Or, better, how t
On Mar 17 09:11, Corinna Vinschen via RT wrote:
> Hi,
>
> the below patch is against current CVS HEAD, but it should be applied
> to all supported branches of OpenSSL, starting with 0.9.8.
>
> On systems running on the Windows platform, there's a DllMain function
> in crypto/cryptlib.c which alwa
In file "ssl/ssl_ciph.c" static array ssl_cipher_methods declared as having
SSL_ENC_NUM_IDX elements.
SSL_ENC_NUM_IDX = 12, but only 11 elements initialized.
Although it may be not critical, it defenitely a bad practice.
Please find attached file: underinit_ssl_chip_array.patch
It add one more NU
15 matches
Mail list logo