Indeed it would be a good idea, especially for
RSA_generate_key, since people have to generate their
key thru an interface that is extern to OpenSSL, then
sign their CSR with that key using OpenSSL, when
everything could be implemented within OpenSSL.
The major benefit would come for, a PKI
Indeed it would be a good idea, especially for
RSA_generate_key, since people have to generate their
key thru an interface that is extern to OpenSSL, then
sign their CSR with that key using OpenSSL, when
everything could be implemented within OpenSSL.
The major benefit would come for, a PKI
Calling all algebraic coders ...
[snip]
I would suggest the following for checking RSA public keys:
1) that the public exponent e satisfies 3 = e n and that
e is odd (PKCS#1) [this doesn't prevent low exponent
attacks however]
2) that the modulus n is not a probable prime
Hi there,
On Wed, 19 Jun 2002, Giudicelli Frédéric via RT wrote:
The problem is that the use oF engines should be
totaly transparent to the higher API, but apparently
it's not.
The problem is RSA_check_key() is not a general transparent RSA
function, it's designed (it would seem) to check
Date sent: Thu, 20 Jun 2002 15:02:36 -0400 (EDT)
From: Geoff Thorpe [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject:Re: [openssl.org #86] Bug in RSA_check_key
Send reply to: [EMAIL PROTECTED]
Just my two cents
From: Geoff Thorpe [EMAIL PROTECTED]
Reply-To: [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Re: [openssl.org #86] Bug in RSA_check_key Date: Thu, 20 Jun 2002
15:02:36 -0400 (EDT)
.
*Maybe* ... but even then it doesn't solve the case of public keys.
Moreover, how do you
Hi,
On Thu, 20 Jun 2002, a y wrote:
*Maybe* ... but even then it doesn't solve the case of public keys.
Moreover, how do you actually test a public key? What does check
actually mean in this case?
.
Cheers,
Geoff
I would suggest the following for checking RSA public keys:
/06/02 -0500, you wrote:
Date sent: Thu, 20 Jun 2002 15:02:36 -0400 (EDT)
From: Geoff Thorpe [EMAIL PROTECTED]
To:[EMAIL PROTECTED]
Subject: Re: [openssl.org #86] Bug in RSA_check_key
Send reply to: [EMAIL PROTECTED]
Just my two
The problem is that the use oF engines should be
totaly transparent to the higher API, but apparently
it's not.
I don't call RSA_check_key for a hardware key, I call
it for my CA private key, and I don't know if it's a
hardware or software key since it's transparent.
I'm supposed to be able to
This sounds like the same old problem with passing an RSA public key to this
function and getting a segv, which seems to bite new users quite often. Can
this function be fixed to do a sanity check on the key before proceeding? I
assume it's the same with a hardware key. If a user ends up with
openssl-0.9.7-beta1
___
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.com
__
OpenSSL Project
11 matches
Mail list logo
