I've noticed that iOS RSA keys (which I believe are generated using openssl
underneath it all) are created with P larger than Q, which is posing a
problem for me.
When I export the 512-bit private key from iOS, I get a PKCS#1 formatted
key. When I decode that into RSAParameters, I see that P
Hi All,
I have updated the OpenSSL PKI Tutorial at Read the Docs. The tutorial provides
three complete PKI examples you can play through and the prettiest
configuration files this side of Neptune. Check it out!
https://pki-tutorial.readthedocs.org/
Cheers,
Stefan
--
Stefan H. Holek
Good day,
can somebody please say me, how to cleanup OpenSSL_add_all_algorithms()?
I have a constant memory leak with the code in the attatchment.
The valgrind log is also there.
My secound problem:
==32205== Conditional jump or move depends on uninitialised value(s)
==32205==at 0x51424D9:
Ok, i did manage the secound problem with the suppression file in the
attatchment. Memory Leak Problem still remains.
Am 21.03.2014 12:02, schrieb 1...@gmx.net:
Good day,
can somebody please say me, how to cleanup OpenSSL_add_all_algorithms()?
I have a constant memory leak with the code
I've configured for solaris64-sparcv9-gcc and shared libs; the build
chokes looking for something called fips_premain.c; I feel like I'm not
passing it some LIBDIR it needs (from the Makefile):
: hera:/usr/cs/src/openssl-1.0.1f ; find ./ -name Makefile -a -exec grep
fips_premain.c {} \;
Hello list,
I've compiled latest openssl manually to make it as valgrind-friendly as
possible, using no-asm and -DPURIFY:
$ openssl version -a
OpenSSL 1.1.0-dev xx XXX
built on: Fri Mar 21 18:12:11 CET 2014
platform: linux-x86_64
options: bn(64,64) rc4(ptr,int) des(idx,cisc,16,int)
I am working with OpenSSL and trying to trust multiple certificates with the
same subject but different hashes. The reason for this is I want to be able to
transition seamlessly from one certificate to the next on the host, and so for
a small period of time I want my devices to trust both the
On Fri, Mar 21, 2014 at 07:21:50PM +, Kyle Tinker wrote:
*How do I trust two certificates with an identical subject (but
different hashes) at the same time?*
Give them different key identifiers. When determining whether a
given certificate is issued by a given authority, OpenSSL will
To be clear: it is conventional to generate P with a larger *value* than Q,
AIR so that
CRT qinv-modp works right. There are several ways to do this; openssl just
generates
two suitable primes and chooses the larger one as P. Your issue is that P
has *more
significant bits*, 257 instead of
Streaming mode exists to allow unbounded data, whose length is not known and
may not fit in memory.
DER requires that the data be available and fit in memory and its length
known.
If you want DER dont use streaming. apps/cms.c has options for both, if you
trace it through.
But why do
On Fri, Mar 21, 2014, Dave Thompson wrote:
To be clear: it is conventional to generate P with a larger *value* than Q,
AIR so that
CRT qinv-modp works right. There are several ways to do this; openssl just
generates
two suitable primes and chooses the larger one as P. Your issue is
Hi Dave,
Thanks for your reply. I've attached a simple console app that attempts to
import the key data into a .NET RSACryptoServiceProvider. Internally this class
just sends it straight onto the Windows OS crypto library, which includes the
checks that P and Q must have equal lengths. The
Is there any way to accomplish building OpenSSL FIPS under the iOS 7 sdk? It
seems Apple now only supports clang and that the FIPS module has a hard
dependency on the iOS folder I downloaded from the FIPS 2.0 document containing
clang, which it does not ( looks like it only supports LLVM-GCC)
Hi Steve,
I'm on Windows 8.1 when I see this error. But your comment about older Windows
reporting this suggests that perhaps there's a newer API I could use to get the
job done?
Sent from Surface Pro
From: Dr. Stephen Henson
Sent: Friday, March 21, 2014 4:30 PM
To:
On Fri, Mar 21, 2014 at 8:06 PM, Thomas Leavy tombu...@gmail.com wrote:
Is there any way to accomplish building OpenSSL FIPS under the iOS 7 sdk?
See the OpenSSL FIPS User Guide, Appendix E.2.
http://www.openssl.org/docs/fips/UserGuide-2.0.pdf.
I’d like to try the PKCS12 idea. Can you tell me how you put this private key
in a PKCS12 cert so I can see if I can adapt that to get this working in my
.NET app?
I tried generating dozens of 512 bit keys in a row on iOS. Every time, the P
was longer than the Q. It seems that iOS may be
16 matches
Mail list logo
