On 2/13/2015 12:23 PM, Dr. Stephen Henson wrote:
On Fri, Feb 13, 2015, Sean Leonard wrote:
Using the openssl pkcs12 -export command, how can one specify a
different friendlyName attribute for the private key?
For example, consider the command:
openssl pkcs12 -export -out pkcs12.p12 -name "sean
On 2/13/2015 12:12 PM, Dr. Stephen Henson wrote:
On Fri, Feb 13, 2015, Sean Leonard wrote:
Using the openssl pkcs12 -export command, is it possible to specify
a "-certpbe" value that does not do encryption? Perhaps you only
want integrity protection--you don't care whether the certificates
are
Hello Dave,
Based on your input, have stopped calling i2d_ECDSA_SIG() and used
BN_bn2bin() to overcome the der headers.
And now, my verification is working fine.
Is there any function at openssl, to get the HASH used for the digest at
ECDSA_verify()?
I see that, for ECDSA_verify(), first argume
Yes, I am sure that some folks find known plaintext in an encrypted object
to be helpful.
[apologies for top-posting... dumb smart phone]
- M
On Feb 13, 2015 1:21 PM, "Viktor Dukhovni"
wrote:
> On Fri, Feb 13, 2015 at 12:02:06PM -0800, Michael Sierchio wrote:
>
> > Whenever I hear someone talki
MS> On Fri, Feb 13, 2015 at 11:33 AM, Sean Leonard
wrote:
>> Using the openssl pkcs12 -export command, is it possible to specify a
>> "-certpbe" value that does not do encryption? Perhaps you only want
>> integrity protection--you don't care whether the certificates are shrouded.
>> The PKCS #1
On Fri, Feb 13, 2015 at 12:02:06PM -0800, Michael Sierchio wrote:
> Whenever I hear someone talking about encrypting a certificate, I
> conclude that they are horribly confused. A cert is signed, over the
> entire contents, so integrity is reducible to the cryptographic
> algorithms employed. A ce
On Fri, Feb 13, 2015, Sean Leonard wrote:
> Using the openssl pkcs12 -export command, how can one specify a
> different friendlyName attribute for the private key?
>
> For example, consider the command:
> openssl pkcs12 -export -out pkcs12.p12 -name "sean key 2015" -inkey
> key.txt -in user.crt -
On Fri, Feb 13, 2015, Sean Leonard wrote:
> Using the openssl pkcs12 -export command, is it possible to specify
> a "-certpbe" value that does not do encryption? Perhaps you only
> want integrity protection--you don't care whether the certificates
> are shrouded. The PKCS #12 standard seems to imp
On Fri, Feb 13, 2015 at 08:17:40PM +0530, Rajeswari K wrote:
> We would like to use our internal verification logics for the key exchange
> message received at SSL client.
That sounds like a bad idea. Let OpenSSL do the work for you,
configure appropriate trust anchors, or trusted leaf certifica
On Fri, Feb 13, 2015 at 11:33 AM, Sean Leonard wrote:
> Using the openssl pkcs12 -export command, is it possible to specify a
> "-certpbe" value that does not do encryption? Perhaps you only want
> integrity protection--you don't care whether the certificates are shrouded.
> The PKCS #12 standard
> From: openssl-users On Behalf Of Rajeswari K
> Sent: Friday, February 13, 2015 09:48
> As part of [ECDSA] signature verification, we first take lenght_of_signature
> received
> and compare with double the size of number_of_bytes from curve parameter.
> Have converted the ECDSA_SIG to unsigned
Using the openssl pkcs12 -export command, is it possible to specify a
"-certpbe" value that does not do encryption? Perhaps you only want
integrity protection--you don't care whether the certificates are
shrouded. The PKCS #12 standard seems to imply that "certBags" can be
used as-is; however,
Using the openssl pkcs12 -export command, how can one specify a
different friendlyName attribute for the private key?
For example, consider the command:
openssl pkcs12 -export -out pkcs12.p12 -name "sean key 2015" -inkey
key.txt -in user.crt -name "sean user cert 2015" -certfile othercerts.txt
I have successfully built OpenSSL 1.0.0..., 1.0.1..., and 1.0.2 also on
an ARM926EJ linux based system. I used the 'no-ssl2 no-ssl3 linux-armv4
shared' options (plus some others). I found that it works with and
without the ARM assembly accelerations (no-asm option), even though the
ARM926EJ i
> From: Michael Wojcik [mailto:michael.woj...@microfocus.com]
Thanks for the detailed and thoughtful response. I only want to respond to a
few of your points.
> One is simply that we're seeing a lot of
> OpenSSL roadmap announcements. That's good in the sense that before the
> funding boost, pr
I am upgrading an embedded linux board's BSP from 1.0.0m to 1.0.1l due to a
requirement for TLS v1.1. Version 1.0.1 will cross compile without errors
using my 1.0.0 configuration but I have identified the following errors on
the board (so far) with the build using 1.0.1:
1.) Cannot create a RSA key
Hello Openssl Team,
Currently am seeing an issue as follows.
We would like to use our internal verification logics for the key exchange
message received at SSL client.
As part of this, we have registered with our function pointers.
ECDSA_verify() is now calling our registered function to perfor
17 matches
Mail list logo