Just to clarify for anyone searching the archives in the future:
Is that commit included in release 1.0.1t or not?
(I could probably dig it up myself, but I am not an authoritative
source on the matter, so not good enough for future readers).
On 12/08/2016 21:20, Salz, Rich wrote:
Commit
There are (generally) 3 kinds of asymmetric cryptographic algorithms:
1. Signature algorithms, such as DSS, ECDSS, Ed255, and 3 modes of the
RSA algorithm.
2. Key exchange/generation algorithms such as DH, ECDH and SRP.
3. Key encryption algorithms, such as 2 other modes of the RSA
Sorry, I'm still not quite getting it.
It sounds like you're saying that only RSA supports encrypting with a
public key. But can't any asymmetric encryption algorithm encrypt using
the public key? Why is RSA special in this regard?
Norm Green
On 8/15/2016 5:31 PM, Dr. Stephen Henson
On Mon, Aug 15, 2016, Norm Green wrote:
> Ok, thanks.
>
> What I don't understand is what key transport has to do with
> EV_SealInit() ? Why is key transport important here ?
>
Because EVP_SealInit() generates a random symmetric key and encrypts it using
one or more public keys. For this to
Ok, thanks.
What I don't understand is what key transport has to do with
EV_SealInit() ? Why is key transport important here ?
Norm Green
On 8/15/2016 2:38 PM, Dr. Stephen Henson wrote:
On Mon, Aug 15, 2016, Norm Green wrote:
The man page for EVP_SealInit says:
"The public key must be
On Mon, Aug 15, 2016, Norm Green wrote:
> The man page for EVP_SealInit says:
>
> "The public key must be RSA because it is the only OpenSSL public
> key algorithm that supports key transport."
>
> 1 ) Is this still true?
Yes: the only algorithm we currently support which handles key transport
Ich kehre zurück am 17.08.2016.
Hinweis: Dies ist eine automatische Antwort auf Ihre Nachricht
"[openssl-users] EVP_SealInit question" gesendet am 15.08.2016 21:03:59.
Diese ist die einzige Benachrichtigung, die Sie empfangen werden, während
diese Person abwesend ist.
--
openssl-users
The man page for EVP_SealInit says:
"The public key must be RSA because it is the only OpenSSL public key
algorithm that supports key transport."
1 ) Is this still true?
2) Will this restriction change now that RSA key transport is being
dropped from TLS 1.3 (or so I've read...)?
Norm
On Mon, Aug 15, 2016, Thomas Knauth wrote:
> Hi list,
>
> the EVP_EncryptUpdate function has the option to pass data that is
> only MAC'ed but not encrypted. Is there some similar provision in the
> BIO interface? I have a use case, where I'd like to "inject"
> pre-encrypted/pre-mac'ed data into
> the EVP_EncryptUpdate function has the option to pass data that is only
> MAC'ed but not encrypted. Is there some similar provision in the BIO
> interface? I have a use case, where I'd like to "inject"
> pre-encrypted/pre-mac'ed data into a TLS stream. Any suggestion on a low-
> effort way to
Hello Steve,
I was solved. Actually we had a bit old version of the OpenSSL library in
our repository which didn't contain CTR support. Upgrade resolved the
problem. BTW, e.g. this page https://www.openssl.org/docs/manmaster/crypto/
does not have a reference on EVP_aes_128_ctr.
Thanks,
Vladimir.
Hi list,
the EVP_EncryptUpdate function has the option to pass data that is
only MAC'ed but not encrypted. Is there some similar provision in the
BIO interface? I have a use case, where I'd like to "inject"
pre-encrypted/pre-mac'ed data into a TLS stream. Any suggestion on a
low-effort way to do
12 matches
Mail list logo
