On Fri, Sep 9, 2011 at 01:56, Nikos Mavrogiannopoulos wrote:
> On 09/06/2011 03:38 PM, Martin Paljak wrote:
>
>>> I'm trying to use the opensc 0.12.x ECDSA support, to allow ECDSA
>>> signing in gnutls via PKCS #11. However I have no such cards to test it.
>>> Do you have any suggestion on which
On 09/06/2011 03:38 PM, Martin Paljak wrote:
>> I'm trying to use the opensc 0.12.x ECDSA support, to allow ECDSA
>> signing in gnutls via PKCS #11. However I have no such cards to test it.
>> Do you have any suggestion on which card to use? (My only requirement is
>> that it must be obtainable
It works =). I've tested sign/verify with p-192, p-224, p-256, p-384 and
p-521. No problems found.
Thank you for your attention.
2011/9/8 Douglas E. Engert
> Try the attached patch. It compiles, but I have not tested it.
>
>
> On 9/8/2011 11:48 AM, Felipe Blauth wrote:
>
>> I've found where the
Try the attached patch. It compiles, but I have not tested it.
On 9/8/2011 11:48 AM, Felipe Blauth wrote:
I've found where the problem is coming from. It is from OpenSSL's function
*o2i_ECPublicKey*, that is used to convert the asn1 octet string from PKCS#11
*CKA_EC_POINT* attribute to intern
Yes the problem is
128/* TODO we have asn1 octet string, need to
strip off 04 len */
129
130 a = ec_point + 2;
131 o2i_ECPublicKey(&ec, &a, ec_pointlen-2);
It is assuming the ASN1 is an octet string,
I've found where the problem is coming from. It is from OpenSSL's function *
o2i_ECPublicKey*, that is used to convert the asn1 octet string from
PKCS#11 *CKA_EC_POINT* attribute to internal OpenSSL stuff. This function is
called, like you said, at the file src/p11_ec.c from function *
pkcs11_get_
-Original Message-
From: martin.pal...@gmail.com [mailto:martin.pal...@gmail.com] On Behalf Of
Martin Paljak
Sent: Thursday, September 08, 2011 3:35 PM
To: Witvliet, J, CDC/IVENT/OPS/I&S/HIN
Cc: opensc-devel@lists.opensc-project.org
Subject: Re: [opensc-devel] serialnumber
Hello,
On Thu,
Hello,
On Thu, Sep 8, 2011 at 13:27, wrote:
> According to the openvpn-docu, (at the server-side) one of their environment
> variables, "tls_id_0" should contain the hexadecimal value of the certificate.
> In reality in contains completely other fields, like CN=, OU=, O= and C=.
I guess the tl
Typo, I meant tls_serial_0 instead of tls_id_0
-Original Message-
From: opensc-devel-boun...@lists.opensc-project.org
[mailto:opensc-devel-boun...@lists.opensc-project.org] On Behalf Of
j.witvl...@mindef.nl
Sent: Thursday, September 08, 2011 12:27 PM
To: opensc-devel@lists.opensc-projec
Hi all,
I'm realizing that I'm probably at the wrong list, but I guess I'll find here
the largest population of smartcard users ;-)
We are using smartcards for setting up OpenVPN tunnels, which works quite nice.
However, I detect some strange behavior.
According to the openvpn-docu, (at the ser
10 matches
Mail list logo
