Ok,
can you expain me how ec_compute_key work and specially this last argument.
Why its need hash value to calculate the secret key.
I need to generate the 56 BYtes shred key.
On 18 December 2012 10:32, Jeffrey Walton wrote:
> On Mon, Dec 17, 2012 at 11:50 PM, jeetendra gangele
> wrote:
>> U me
On Mon, Dec 17, 2012 at 11:50 PM, jeetendra gangele
wrote:
> U mean to say I can generate 64 bytes and then I can ignore last 8
> bytes? so I will get 56 bytes.
> This value then I have to use as secret key for ECDH
https://www.google.com/#q=truncated+hash
Be careful of ECDH because its anonymous
U mean to say I can generate 64 bytes and then I can ignore last 8
bytes? so I will get 56 bytes.
This value then I have to use as secret key for ECDH
On 18 December 2012 09:57, Jeffrey Walton wrote:
> On Mon, Dec 17, 2012 at 11:16 PM, jeetendra gangele
> wrote:
>> Hi,
>> Do we have support fo
On Mon, Dec 17, 2012 at 11:16 PM, jeetendra gangele
wrote:
> Hi,
> Do we have support for 448 bit hash value generation in openssl.?
> I looked into the header file and I did not find functiobn related to that.
>
> Actually I need to compute shared key for ecdh and that should be 56 Bytes
> long.
Actaully here I need to write the hash function which generate the 448
bit hash value.
By looking into openssl I did not find any hash function which can
generate the 448 bit.
Do we have any library function for generating 448 bit hash value?
On 18 December 2012 08:18, jeetendra gangele wrote:
>
Yes i used from ec/ecdhtest.c.
If you see the ECDH_compute_key in last argument It need some hash
function to sign the shared secret.
And here I need 256 bit secret key,that will be point on curve?.
That why I tried to use here sha256,because sha1 is 20bytes .
Also ECDH_compute_key for this fun I
Thanks Mat - that info really helps. I validated your input and queried the
private key file - which indeed pointed to handles on the HSM. For further
validation - i tried to sign using the sautil output key file on another box
w/o hsm and it failed.
- Simon Charles -
> From: argemat1...@gm
> From: owner-openssl-us...@openssl.org On Behalf Of engineereeyore
> Sent: Monday, 17 December, 2012 15:52
> Anyone have any ideas? Still haven't found a solution.
> View this message in context:
> http://openssl.6102.n7.nabble.com/Problem-reading-public-key-f
> rom-PEM-tp42657p42794.html
> Se
> From: owner-openssl-us...@openssl.org On Behalf Of jeetendra gangele
> Sent: Monday, 17 December, 2012 08:26
> To: openssl-users@openssl.org
> Subject: Re: Need help in loading private key for ECDSA
>
> Thanks for ur help .
>
>
> Can you guide me how can I use ECDH for exachnaging of the
>
>From: owner-openssl-us...@openssl.org On Behalf Of
massimiliano.m...@gmail.com
>Sent: Monday, 17 December, 2012 12:00
>Sorry, wrong error. The actual error is:
> ./openssl smime -verify -in message.txt.signed -text -CAfile
cacert.pem
>Verification failure
>2897402476:error:0D0D50CE:asn1 encodi
> From: owner-openssl-us...@openssl.org On Behalf Of Salz, Rich
> Sent: Monday, 17 December, 2012 12:45
> Thanks for the detailed response, Dave.
>
> > As the authenticator you know your own cert already. As the
> verifier you can get the cert and look at it.
> > ... You should be able to know w
> From: owner-openssl-us...@openssl.org On Behalf Of jeetendra gangele
> Sent: Monday, 17 December, 2012 13:17
> HI for ECDH can I use the HAs256 algorithm.
>
> I have gone through the inside DS and written this piece of code and
> it worked also.
> But here how can U sesha256 ,when i used i am g
>From: owner-openssl-...@openssl.org On Behalf Of Thirumal, Karthikeyan
>Sent: Monday, 17 December, 2012 13:12
I don't believe this belongs on -dev or -cvs.
>We added the OpenSSL to our TCP Windows application, for Client -
>Server communication.
>Looks like few machines are not able to access
On Mon, Dec 17, 2012, Giovani Milanez wrote:
> Hello,
> i was trying to extract Authority Information Access extension from a
> certificate and realize that my code was leaking memory.
>
> You can try:
>
> X509 *cert; //you should load your certificate and place here
> X509_EXTENSION *ex
On 12/17/2012 04:15 PM, Jerry Blasdel wrote:
> Steve,
>
> Thank you for your quick reply. We are trying to follow the User's
> Guide when building.
>
> We did the following:
>
> For OpenSSLFips (openssl-fips-1.2)
>
> ./config
>
> make
> make install
>
> For OpenSSL (openssl-1.0.1c)
Ah. The
Steve,
Thank you for your quick reply. We are trying to follow the User's Guide
when building.
We did the following:
For OpenSSLFips (openssl-fips-1.2)
./config
make
make install
For OpenSSL (openssl-1.0.1c)
./configure fips --prefix=/WWW/openssl
--withfipslibdir=/usr/local/ssl/fips-2.0/l
On 12/17/2012 12:32 PM, Jerry Blasdel wrote:
> All,
>
> We are trying to get a FIPS enabled Apache 2.4.3 built with OpenSSL 1.01.
>
> Everything appeared to build correctly but when we try to start Apache
> with SSLFIPS on directive we get the following error:
>
> ...
> Library Error: error:2D0
Anyone have any ideas? Still haven't found a solution.
--
View this message in context:
http://openssl.6102.n7.nabble.com/Problem-reading-public-key-from-PEM-tp42657p42794.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
HI for ECDH can I use the HAs256 algorithm.
I have gone through the inside DS and written this piece of code and
it worked also.
But here how can U sesha256 ,when i used i am getting the error.
How can i use here sha256?
int alen = 0;
int blen = 0;
int aout = 0;
int bout = 0;
Thanks for the detailed response, Dave.
> As the authenticator you know your own cert already. As the verifier you can
> get the cert and look at it.
> ... You should be able to know what you configured.
In general, yes. But in the context of a large proxy server fronting hundreds
of servers an
All,
We are trying to get a FIPS enabled Apache 2.4.3 built with OpenSSL 1.01.
Everything appeared to build correctly but when we try to start Apache
with SSLFIPS on directive we get the following error:
[Mon Dec 17 17:22:15.355149 2012] [mpm_worker:notice] [pid 10612:tid 1]
AH00292: Apache/2
Hi,
Sorry, wrong error. The actual error is:
max@spirit6 ~/Downloads/openssl-1.0.1c/apps $ ./openssl smime -verify
-in message.txt.signed -text -CAfile cacert.pem
Verification failure
2897402476:error:0D0D50CE:asn1 encoding routines:SMIME_text:mime no content
type:asn_mime.c:586:
2897402476:erro
Hi All!
I have been working on an OpenSSL PKI tutorial, and the time has come where I
would like to solicit feedback from the community. The tutorial takes a
somewhat novel approach without ever referring to openssl.cnf or CA.pl (yuck).
You can find it here:
https://pki-tutorial.readthedocs.or
I need to use ECDH to derive the shared key using public and private key given.
On 17 December 2012 18:56, jeetendra gangele wrote:
> Thanks for ur help .
>
>
> Can you guide me how can I use ECDH for exachnaging of the secret key.
> I have to implement in two phases.
> 1.i have private key o
Thanks for ur help .
Can you guide me how can I use ECDH for exachnaging of the secret key.
I have to implement in two phases.
1.i have private key of 256 bit lenght need to get phase i1 value wx,wy
2.In second I have phase1 value and private key and need to get secret
key or public key.
Tha
On Friday 14. December 2012 17:08:02 you wrote:
> Hi Patrick ,
>
>
> I actually don't want to use the file that is generated from
> sautil. For security reasons - i delete the private key from disk and
> rely on the one stored inside the HSM partition. I've been directed to
> use the fol
> From: owner-openssl-us...@openssl.org On Behalf Of jeetendra gangele
> Sent: Monday, 17 December, 2012 02:48
> Yes i am talking about signature.
> ECDSA_SIG this ouptput structure will have r and s componet
> of 28 bytes each. [for 224-bit curve]
> So if I merge both r and s I will get 56 bytes
> From: owner-openssl-us...@openssl.org On Behalf Of jeetendra gangele
> Sent: Monday, 17 December, 2012 01:58
> Its generating 64 bytes when I print with ECDSA_size(eckey)
> But i neeed 56 bytes signature. [for secp224r1]
>
ECDSA_size is the *maximum* length of the encoded signature,
see the ma
28 matches
Mail list logo