Re: [openssl-users] When to use a key or password

2016-07-08 Thread Michel 
Hi,

 

You need to remember a password. Passwords should never be stored.

Keys are binary data (even if they look as text because they are hexa or base64 
encoded). 

Secret keys can be 'derived' from a password to be used when encrypting or 
decrypting.

Sometime you need to store an ENCRYPTED secret key (generally using another 
password).

see https://en.wikipedia.org/wiki/Key_(cryptography).

 

IV means 'Initial Vector', which is random binary data needed to 'start' 
encryption or decryption.

See https://en.wikipedia.org/wiki/Initialization_vector

 

Hope it helps,

Regards,

 

Michel.

 

De : openssl-users [mailto:openssl-users-boun...@openssl.org] De la part de 
Warron French
Envoyé : jeudi 7 juillet 2016 22:37
À : openssl-users@openssl.org
Objet : [openssl-users] When to use a key or password

Is there any good rule of thumb for when to use:

-k  versus

-K 

Also, what does the term IV refer to in reference to -iv IV?

Thanks in advance,

Warron

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] ASN1 compiler

2016-07-08 Thread Matt Caswell 


On 08/07/16 14:32, hoku...@gmx.ch wrote:
> Hi All,
>  
> Just a short question.
> Does OpenSSL project use the Objective Systems ASN1C?

A short question with an equally short answer: No.

:-)

Matt

-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] ASN1 compiler

2016-07-08 Thread hokusai 
Hi All,

 

Just a short question.

Does OpenSSL project use the Objective Systems ASN1C?

 

Thanks

Fabrizio
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

Re: [openssl-users] EVP_get_digestbyobj fails for ecdsa-with-SHA256

2016-07-08 Thread Dr. Stephen Henson 
On Thu, Jul 07, 2016, Chris Bare wrote:

> Ok, that makes sense with what I'm seeing. I just tried changing this:
> const EVP_MD* md = EVP_get_digestbyobj(sig_alg_oid);
> to this:
> const EVP_MD* md = EVP_get_digestbyname("SHA256");
> 
> and it all worked correctly.
> so given that I have an OID for ecdsa-with-SHA256, is there a function that
> will return just the digest algorithm?
> I'm trying to be as flexible as possible, so I don't want to hard code this
> or have my own limited lookup table.
> 

OBJ_find_sigid_algs() you pass it the NID of the signature algorithm and it
reurns the public key NID and the digest NID.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users