Hi all,
After reading a lot on "small exponents" in RSA public keys, it seems
to me that the issue is only if I am not using libraries like OpenSSL
for signing, but if I use RSA_Sign or EVP_Sign they implement PKCS#1
and that solves that problem even if I sign the same plain text e
times.
So if I
Alright. I'm certainly not suggesting that if you link to a
FIPS-certified module, your entire product becomes FIPS-compliant --
as far as I understand, your app still has to go through the same
testing procedures, it just doesn't have to go through quite the same
crypto validation procedures.
(I
On Thu, Feb 16, 2006, Kyle Hamilton wrote:
> Alright. Can you comment on if the source-level API is going to stay
> the same, at least? (If it's going to stay the same, then giving
> details on how to link with a version of OpenSSL that provides that
> API -- even if it's not the "FIPS-certified
Alright. Can you comment on if the source-level API is going to stay
the same, at least? (If it's going to stay the same, then giving
details on how to link with a version of OpenSSL that provides that
API -- even if it's not the "FIPS-certified" version -- would allow
users to get working on app
On Thu, Feb 16, 2006, Kyle Hamilton wrote:
> Hi, I just figured I'd write something up for your perusal,
> modification, and possible inclusion into the HOWTO list. I'm
> attaching it as a file; if it doesn't come through, please let me
> know, and I'll resend it in a message body.
>
We will be
Hi, I just figured I'd write something up for your perusal,
modification, and possible inclusion into the HOWTO list. I'm
attaching it as a file; if it doesn't come through, please let me
know, and I'll resend it in a message body.
If there are any glaring inaccuracies I would very much like to k
