Hi guys
i have server certificate used in company Radius server , i how can check
wheather its a md5 sign cert or sha sign certificate .
which attribute that indicate whether its md5 sign or sha sign ? is
iSignature Algorithm: sha1WithRSAEncryptiot attribute
Please advice
Thank You
John
The Security Policy for the FIPS Object Module 2.0 states:
5.1 Exclusive Use of the FIPS Object Module for Cryptography
In order for the referencing application to claim FIPS 140-2 validation, all
cryptographic functions
utilized by the application must be provided exclusively by the FIPS Object
Hi,
Does OpenSSL use this by default, if not where do a user choose which method
to use for CSPRNG?
Thanks,
Tony
--
View this message in context:
http://openssl.6102.n7.nabble.com/Dual-EC-DRBG-tp46628.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
On 09/23/2013 04:16 PM, Jim Adams wrote:
The Security Policy for the FIPS Object Module 2.0 states:
5.1 Exclusive Use of the FIPS Object Module for Cryptography
In order for the referencing application to claim FIPS 140-2 validation,
all cryptographic functions
utilized by the application
On Mon, Sep 23, 2013, yustein wrote:
Hi,
Does OpenSSL use this by default, if not where do a user choose which method
to use for CSPRNG?
The default DRBG for OpenSSL is 256 bit AES CTR_DRBG.
The default can be changed by using the compile time flags:
-DOPENSSL_DRBG_DEFAULT_TYPE=type
Thanks a lot! :)
Tony
Sent from my iPhone
On Sep 24, 2013, at 2:27 PM, Dr. Stephen Henson st...@openssl.org wrote:
On Mon, Sep 23, 2013, yustein wrote:
Hi,
Does OpenSSL use this by default, if not where do a user choose which method
to use for CSPRNG?
The default DRBG for OpenSSL
Am 23.09.2013 21:59, schrieb starlight.201...@binnacle.cx:
At 20:27 9/23/2013 +0200, Richard Könning wrote:
/dev/random is a PRNG which blocks when the (crude)
entropy estimation of the entropy pool falls below a
limit. Besides this there are afaik no big
differences between /dev/random and
Am 24.09.2013 02:05, schrieb starlight.201...@binnacle.cx:
At 12:59 9/23/2013 -0700, Michael Sierchio wrote:
I'll repeat myself - the fact that the
/dev/random implementation you're using
blocks is a serious design flaw.
Convince Linus, the GPG developers et al.--not me.
No one has to
On 09/24/2013 07:27 AM, Dr. Stephen Henson wrote:
...
Future versions of OpenSSL will fail if an attempt is made to use the Dual EC
DRBG.
Note we're also looking into removing Dual EC DRBG from the OpenSSL FIPS
Object Module, a more difficult proposition as there are strict
restrictions on
Thanks :)
Sent from my iPhone
On Sep 24, 2013, at 4:28 PM, Steve Marquess-3 [via OpenSSL]
ml-node+s6102n4664...@n7.nabble.com wrote:
On 09/24/2013 07:27 AM, Dr. Stephen Henson wrote:
...
Future versions of OpenSSL will fail if an attempt is made to use the Dual
EC
DRBG.
The Signature Algorithm field is the correct field to check.
As clarification: MD5 is not a signature algorithm, it's a hashing
algorithm. A certificate is hashed using the specified hashing algorithm,
and then signed using the specified signature algorithm.
Thus, sha1WithRSAEncryption
There's space to create a new random device at /dev if you want too =)
/dev/nbrandom ? no block random? :)
2013/9/24 Richard Könning richard.koenn...@ts.fujitsu.com:
Am 24.09.2013 02:05, schrieb starlight.201...@binnacle.cx:
At 12:59 9/23/2013 -0700, Michael Sierchio wrote:
I'll repeat
12 matches
Mail list logo