I now have Racoon2 working. Steve's comment made me think about the digests
used in Racoon2 and I went searching for any commands using SHA1. I found two
hardcoded as string "SHA1". I changed it to SHA256 and bobs-your-uncle.
I guess this is due to the phasing-out of the SHA1 hash which was not
Hi all,
I need to correct my WTF comment - RTFM RSA_size return bytes. Sorry
LJB
> evp = PEM_read_PrivateKey(fp, NULL, NULL, NULL); #ifdef TEST RSA *rsa =
> EVP_PKEY_get1_RSA(evp); printf("\nRSA modulus: %d\n\n", RSA_size(rsa));
> #endif
>
> The output is: "RSA modulus: 512" (WTF!)
--
Hi all,
I've was able to get the private key from the HSM (added below). Testing it
from the commandline shows:
% openssl rsa -noout -check -in /etc/racoon2/Local/refB.pem
RSA key ok
Next I started from the default Racoon2 source code (20100526a) with NO
patches. It now reads the private key
Hi Steve,
> Have you recompiled the application? Some structures have changed between
> OpenSSL 0.9.8 and 1.0.2 so you'll get problems with applications (or an
> ENGINE) compiled against the wrong headers.
In a build VM, both the TLS application and Racoon2 is compiled against freshly
compiled
On Mon, Aug 28, 2017, Leon Brits wrote:
> The upgrade is now working fine in one of the applications which make TLS
> connections. I can see the engine functions being called when some action
> (sign/verify) which require the privatekey.
>
> However, this engine is also used in a patched
07F0]
From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Leon
Brits
Sent: 28 August 2017 08:08 AM
To: openssl-dev@openssl.org
Subject: Re: [openssl-dev] Upgrading OpenSSL
Thanks for the help.
I've come to learn that my problem is the HSM. It removes the RSA values p,q
and
7
Tel +27 12 678 9740 (ext. 9767) | Fax +27 12 345 2561
www.parsec.co.za<http://www.parsec.co.za>
[cid:image002.png@01D31FD4.CD5D06B0]
From: openssl-dev [mailto:openssl-dev-boun...@openssl.org] On Behalf Of Leon
Brits
Sent: 23 August 2017 11:52 AM
To: openssl-dev@openssl.org
Su
Hi all,
I am task to update two machines from v0.9.8z to v1.0.2 (since it is LTS).
With the minimal changes, I've been able to get the application on the machines
to compile with the newer version and generate RSA 4096 key pairs. The
applications are able to successfully use their respective
