On Mon, Aug 06, 2018 at 04:30:54PM +0200, Jakob Bohm wrote:
> The patch below works around this, porting this to OpenSSL 1.1.x
> is left as an exercise for the reader:
Can you please open a pull request on github for that?
Kurt
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.
>
> Keys in X.509 certiificates are mostly used for signing (e.g. TLS with
> DHE or ECDHE key agreement). But I guess you could mint an encryption-
> only
> certificate that is not useful for signing, and use it exclusively for
> key wrapping.
That is exactly the use case ;-)
I don't know whe
> On Aug 9, 2018, at 3:21 PM, Stephane van Hardeveld
> wrote:
>
> The certificate is signed with PSS. However, I try to indicate that the
> public key enclosed IN the certificate should be used with the OAEP padding
> mode while decrypting a separate message
Keys in X.509 certiificates are m
> -Original Message-
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Viktor Dukhovni
> Sent: donderdag 9 augustus 2018 21:05
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] rsaOAEP OID in X509 certificate
>
>
>
> > On Aug 8, 2018, at 12:0
> On Aug 8, 2018, at 12:01 PM, Stephane van Hardeveld
> wrote:
>
> By default, if I create an X 509 certificate with a public key in it, the
> object identifier is rsaEncyption (1.2.840.113549.1.1.1). Is it possible to
> specify a different object identifier, e.g. rsaOAEP (1.2.840.113549.1.1.
> -Original Message-
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Ken Goldman
> Sent: donderdag 9 augustus 2018 18:52
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] rsaOAEP OID in X509 certificate
>
> On 8/9/2018 10:51 AM, Stephane van
On 8/9/2018 10:51 AM, Stephane van Hardeveld wrote:
I will discuss this, but as far as I understand, these OID are allowed by
the X 509 standard:
4.1.2.7. Subject Public Key Info
[snip]
And in rfc4055, 4.1
Openssl is capable of parsing it, only retrieving it gives an error on
unknown algo
> -Original Message-
> From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf
> Of Ken Goldman
> Sent: donderdag 9 augustus 2018 14:56
> To: openssl-users@openssl.org
> Subject: Re: [openssl-users] rsaOAEP OID in X509 certificate
>
> On 8/9/2018 4:14 AM, Stephane van Hard
On 08/09/2018 09:34 AM, Matt Caswell wrote:
On 08/08/18 20:49, Robert Moskowitz wrote:
Finally back on working on my EDDSA pki.
Working on beta Fedora29 which now ships with:
OpenSSL 1.1.1-pre8 (beta) FIPS 20 Jun 2018
To recap, there are challenges on hash specification. In creating
cert
On 08/08/18 20:49, Robert Moskowitz wrote:
> Finally back on working on my EDDSA pki.
>
> Working on beta Fedora29 which now ships with:
>
> OpenSSL 1.1.1-pre8 (beta) FIPS 20 Jun 2018
>
>
> To recap, there are challenges on hash specification. In creating
> certs, I cannot have default_md li
On 8/9/2018 4:14 AM, Stephane van Hardeveld wrote:
Hi Ken,
I am trying to do two thing:
1: Generate X 509 certificates, with RSA-PSS signing, with different Hashing
and Masking (SHA1 and SHA256), including an RSA Public key as content. This
RSA 'content key' should specify it will be used for RS
Hi Ken,
I am trying to do two thing:
1: Generate X 509 certificates, with RSA-PSS signing, with different Hashing
and Masking (SHA1 and SHA256), including an RSA Public key as content. This
RSA 'content key' should specify it will be used for RSA-OAEP decryption.
2: Verify X 509 certificates, prod
> On 08/08/18 21:15, The Doctor wrote:
> > On Wed, Aug 08, 2018 at 01:46:54PM +0100, Matt Caswell wrote:
>
> On 08/08/18 04:31, Juan Isoza wrote:
> > and final 1.1.1
>
> There is no date yet. We are still waiting on the official publication
> of the TLSv1.3 RFC which we anti
13 matches
Mail list logo