Hello Dave,
What you said is right. Have checked ecs_ossl.c and implemented similar way
to truncate the digest based on the order.
Now, handshake is successful even for TLS1.2.
Thanks alot.
Rajeswari.
On Mon, Feb 16, 2015 at 11:53 PM, Dave Thompson
wrote:
> > From: openssl-users On Behalf Of
> From: openssl-users On Behalf Of Rajeswari K
> Sent: Friday, February 13, 2015 23:50
> Hello Dave,
> Based on your input, have stopped calling i2d_ECDSA_SIG()
> and used BN_bn2bin() to overcome the der headers.
> And now, my verification is working fine.
ECDSA_verify in ecs_vrf.c only uses i2d
> From: openssl-users On Behalf Of Rajeswari K
> Sent: Monday, February 16, 2015 03:05
> Our current signature and verification logics are working just fine
> with TLS1.0 and TLS1.1 for ECDHE_ECDSA cipher suite.
> But, when tested the same cipher suite with TLS1.2, SSL handshake
> always failin
Hello Dave,
Our current signature and verification logics are working just fine with
TLS1.0 and TLS1.1 for ECDHE_ECDSA cipher suite.
But, when tested the same cipher suite with TLS1.2, SSL handshake always
failing with "bad signature".
Do we need to take care of anything specific for TLS1.2 hand
Hello Dave,
Based on your input, have stopped calling i2d_ECDSA_SIG() and used
BN_bn2bin() to overcome the der headers.
And now, my verification is working fine.
Is there any function at openssl, to get the HASH used for the digest at
ECDSA_verify()?
I see that, for ECDSA_verify(), first argume
On Fri, Feb 13, 2015 at 08:17:40PM +0530, Rajeswari K wrote:
> We would like to use our internal verification logics for the key exchange
> message received at SSL client.
That sounds like a bad idea. Let OpenSSL do the work for you,
configure appropriate trust anchors, or trusted leaf certifica
> From: openssl-users On Behalf Of Rajeswari K
> Sent: Friday, February 13, 2015 09:48
> As part of [ECDSA] signature verification, we first take lenght_of_signature
> received
> and compare with double the size of number_of_bytes from curve parameter.
> Have converted the ECDSA_SIG to unsigned
Hello Openssl Team,
Currently am seeing an issue as follows.
We would like to use our internal verification logics for the key exchange
message received at SSL client.
As part of this, we have registered with our function pointers.
ECDSA_verify() is now calling our registered function to perfor
Hello Dave,
Am really thankful to you. I am unaware that i2d_EC_PUBKEY() or i2d_x
function will move the pointer to after the encoded data. Due to which am
seeing unexpected data.
Based on your reply, i tried to print the data from the memory address
which i allocated. Now the data is exactly
> From: openssl-users On Behalf Of Rajeswari K
> Sent: Thursday, February 12, 2015 00:40
> I have a query on d2i_PUBKEY() and i2d_PUBKEY().
> i have a EC public key in form of character buffer.
> Have inputted this character buffer to d2i_PUBKEY() and got EVP_PKEY format
> EC key.
To be exact
Hello Openssl users,
I have a query on d2i_PUBKEY() and i2d_PUBKEY().
i have a EC public key in form of character buffer.
Have inputted this character buffer to d2i_PUBKEY() and got EVP_PKEY format
EC key.
Now i tried to input this EVP_PKEY to i2d_PUBKEY() to compare will i get
exactly same data
11 matches
Mail list logo
