Hi,
Hodie XV Kal. Apr. MMIX, Stephen Lewis scripsit:
I'm trying to create a sub-ca with name constraints for website
certificate generation with the effect that sub-ca can sign only certs
for *.mydomain.com, i.e. anything ending in .mydomain.com
I'm trying to do this using the
On Wed, Mar 18, 2009 at 10:51 PM, Joe Percival j...@bigtreestech.com wrote:
How can I create and verify a RSASSA-PSS signature using openssl command
line?
I have searched for any documentation and/or tutorial on the subject and
have come up empty handed.
I need to be able to set the hash
Thank you for the response and link.
What I am trying to do is use the command line (linux / unix / os x),
rather than the c/c++ libraries. It is not clear (to me) how the C
library calls translate to command line equivalents, but I'll spend
some time trying to figure it out.
If anyone
Hi,
Just to confirm what Ger Hobbelt said in his previous answer: the
openssl command line doesn't support RSASSA-PSS signature generation.
Maybe it will be added in a future release.
In the mean time, you have to use the library to perform this.
Cheers,
--
Mounir IDRASSI
IDRIX
On Thu, Mar 19, 2009 at 04:50:57PM +0100, Mounir IDRASSI wrote:
Hi,
Just to confirm what Ger Hobbelt said in his previous answer: the openssl
command line doesn't support RSASSA-PSS signature generation. Maybe it will
be added in a future release.
This works in the 0.9.9-dev snapshots:
Thanks for the examples. I'm gonna test them now!
Carter Browne wrote:
You need to look at your data to see how the bytes are swapped:
3 common patterns:
1) Even odd bytes are swapped
2) The data was treated as 32 bit, one system is little ended and the
other big ended.
3) The
Working with 0.9.8j, I have cobbled together a function that
verifies a signed S/MIME message and checks the signing cert
against a CRL. Essentially, I've stripped apps/smime.c and
apps/crl.c of all their command-line stuff and anything else
I don't need.
I've noticed that the CRL validation
On Thu, Mar 19, 2009, Mounir IDRASSI wrote:
Hi,
Just to confirm what Ger Hobbelt said in his previous answer: the openssl
command line doesn't support RSASSA-PSS signature generation. Maybe it will
be added in a future release.
In the mean time, you have to use the library to perform
Again, thanks for all the pointers, these are really helpful getting
me going in the right direction.
I am still digesting all of your info, but wanted to discuss this
point further, as it almost sounds like a show-stopper:
be aware that SSL BIO's (and (SSL*) sessions!) are 'threadsafe' in the