[If this is posted a 2nd time, my apologies, I believe my subscription was
broken]
We are starting our FIPS implementation soon (FIPS OM 2.0 and OpenSSL 1.0.1)
and I'd like to test out this set of assumptions (or maybe they are
'assertions')
- In the context of OpenSSL, FIPS
protocol.
(2) SHA-1 and HMAC are as specified in FIPS 180-3 and
198-1, respectively.
Note that MD5 and HMAC-MD5 shall not be used as a general
hash function or HMAC function, respectively.
FIPS compliance/acceptance testing is another can of worms. I've been
in shops
...@openssl.org]
On Behalf Of Jeffrey Walton
Sent: Wednesday, November 14, 2012 3:57 PM
To: openssl-users@openssl.org
Subject: Re: OpenSSL/FIPS Object Module and FIPS compliance - testing some
assertions
On Wed, Nov 14, 2012 at 3:25 PM, mclellan, dave dave.mclel...@emc.com wrote:
...
We are starting our
Object Module and FIPS compliance - testing some
assertions
On Wed, Nov 14, 2012 at 3:25 PM, mclellan, dave dave.mclel...@emc.com wrote:
...
We are starting our FIPS implementation soon (FIPS OM 2.0 and OpenSSL 1.0.1)
and I’d like to test out this set of assumptions (or maybe
On 11/14/2012 04:21 PM, mclellan, dave wrote:
Thanks for that clarification. It's not so cut and dry, I see.
About this: ... and don't even bother to build fipscanister.o... Then on
what grounds could they claim FIPS compliance?
There is a common confusion between FIPS compliant
Hi Steve,
Thanks, that certainly corrected it. I guess I'm perplexed as to why using
ecgroup = EC_GROUP_new_by_curve_name(NID_X9_62_prime256v1);
would not automatically set that flag since I'm explicitly giving the curve
name already?
Thanks,
Erik
Sent: Wednesday, August 01, 2012 4:33 PM
To: openssl-users@openssl.org
Subject: ECDSA testing with s_client/s_server
I'm playing around to see if I can observe client and server under various
conditions when negotiating TLS 1.2 with newer certs. I created a root and
server cert as ecdsa
On Fri, Aug 03, 2012, Erik Tkal wrote:
I debugged this to see what is happening, and it seems that the server is
looking at the configured certificate and key and deciding that the client
needs to be sending 0xFF01 (it is finding NID_X9_62_prime_field as the field
type). However, the
Development
-Original Message-
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Dr. Stephen Henson
Sent: Friday, August 03, 2012 5:57 PM
To: openssl-users@openssl.org
Subject: Re: ECDSA testing with s_client/s_server
On Fri, Aug 03, 2012, Erik Tkal
On Fri, Aug 03, 2012, Erik Tkal wrote:
Hi Steve, here's the cert:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 34474 (0x86aa)
Signature Algorithm: ecdsa-with-SHA256
Issuer: CN=eRoot1, OU=Engineering, O=Juniper Networks, Inc.,
L=Westford, ST=MA,
From: owner-openssl-us...@openssl.org On Behalf Of Erik Tkal
Sent: Wednesday, 01 August, 2012 16:33
I'm playing around to see if I can observe client and server
under various conditions when negotiating TLS 1.2 with newer
certs. I created a root and server cert as ecdsa-with-SHA256.
I'm playing around to see if I can observe client and server under various
conditions when negotiating TLS 1.2 with newer certs. I created a root and
server cert as ecdsa-with-SHA256.
openssl s_server -CAfile eroot1.pem -cert eserver1.pem -key eserver1.key -debug
openssl s_client -CAfile
Hello,
We have added SSL/TLS support into our legacy FTP server using OpenSSL.
Thanks for the great code BTW :)
We are able to test SSL/TLS renegotiation for FTP control channel (port 21)
using openssl s_client but looking for a way to test data channel (port
20) renegotiation too.
Are you
Dear Folks,
I am looking for What are the possible TLS/SSL testing suite? Is there
any link/docs which i can follow to get an idea about what are the possible
TLS/SSL Testing specification ?
Thanks in Advance.
Best Regards,
S S Rout
--
View this message in context:
http://old.nabble.com
Hi,
While installing the openssl utility, I run the following commands as mentioned
in the INSTALL/README file,
1. make
2. make test
While executing make test, I observe the following error many times ,
ERROR in CLIENT
18874:error:1407E086:SSL routines:SSL2_SET_CERTIFICATE:certificate verify
Dear All,
I am doing HTTPS Testing using Openssl Squid proxy.
We are implemented TLS client which supports TLSv1.0 only.
Can some body please suggest me What are the Silence points we need to
verify for HTTPS Testing?.
Any comments would help me a lot.
-Regards,
Rout
--
View this message
if there is any standard way to do interoperability testing
with SSL clients and servers, to be as confident as possible that it will
work with as many other systems as possible? For example, is there a widely
used test suite or torture-test program that will flush out most common
bugs? Or do people
I also tried the same, and although wireshark labeled these data as
"encrypted application data", the text next to hex data in bottom window
contained unencrypted data. There were something added in the end, though.
(negotiated ciphersuite were NULL-SHA).
2) Getting back to the client
openssl-users@openssl.org
Sent: Wednesday, 27 July 2011, 20:20
Subject: Re: testing null encryption
On Wed, Jul 27, 2011 at 02:53:09AM -0700, navin gopalakrishnan wrote:
a) testing NULL Encryption:
While building openssl i modified the macro SSL_DEFAULT_CIPHER_LIST to
#define
On Thu, Jul 28, 2011 at 09:14:34AM -0700, navin gopalakrishnan wrote:
1) When i use my own applications (client server) which uses
the openssl library a separate client program and a separate server
program, both configured to use only eNULL as above. (i.e. with only
NULL_SHA NULL_MD5),
Hi,
I am using openssl-1.0.0d. downloaded the source and built the library.
Can anyone suggest how to do the following:
a) testing NULL Encryption:
While building openssl i modified the macro SSL_DEFAULT_CIPHER_LIST to
#define SSL_DEFAULT_CIPHER_LIST eNULL
My understanding is the above
On Wed, Jul 27, 2011 at 02:53:09AM -0700, navin gopalakrishnan wrote:
a) testing NULL Encryption:
While building openssl i modified the macro SSL_DEFAULT_CIPHER_LIST to
#define SSL_DEFAULT_CIPHER_LIST eNULL
That was unwise, don't do that.
My understanding is the above modification? would
Hi Steve,
Is there a Summary notes of what's new in FIPS module 2.0?
Thanks,
Prakash
- Original Message -
From: Steve Marquess marqu...@opensslfoundation.com
To: openssl-...@openssl.org; openssl-users@openssl.org
Sent: Friday, July 08, 2011 1:54 AM
Subject: Call for testing - FIPS
On 07/07/2011 06:54 PM, Nilesh Vaghela wrote:
Hi,
We are interested in testing FIPS + DTLS. Can we test DTLS + FIPS ?
DTLS is handled by the FIPS capable OpenSSL and is compatible with the
restricted set of algorithms permitted in the FIPS mode of operation, so
it should work.
In general
Hi,
We are interested in testing FIPS + DTLS. Can we test DTLS + FIPS ?
--Nilesh.
Stratacache Inc.(Santa Clara Office)
Systems Architect
O: 408-844-9810(2110)
M: 408-202-5401
- Original Message -
From: Steve Marquess marqu...@opensslfoundation.com
To: openssl-...@openssl.org
module in any significant way.
In the interest of minimizing the total time to formal validation award
we usually submit the FIPS module for testing as soon as possible, at
which point the code is frozen and subsequent changes are difficult or
impossible. This delay provides us
Destination unreachable tells you that you're not running a server or it's
blocked by a firewall.
Hi, Robin!
Have you updated your OpenSSL installation? Ubuntu 10.04 comes with an old
0.9.8 release in which the DTLS implementation is entirely broken. You need to
update OpenSSL to at least
Hello Robin!
So the message that both server and client have is Resource temporarily
unavailable.
Did someone have the same problem? How can this be solved?
Which operating system are you using? Do you have a firewall active? Make sure
nothing is blocking either server or client. If its
Hi Sebastian,
On Jan 24, 2011, at 2:27 PM, Sebastian Proca wrote:
I'm using Ubuntu 10.04 with 2.6.32-27 kernel.
So, I've been following your advice and put wireshark to check the packages
on the lo wire. Besides the Destination unreachable(Host unreachable)
message that I receive I can
Hi Sebastian,
On Jan 19, 2011, at 11:50 AM, Sebastian Proca wrote:
Thank you for your help! I understand now the way that this application
should be used. Yet, I didn't manage to obtain a working dtls session.
After I start the server :
# ./dtls_udp_echo
I start the client, but I
Hi Sebastian,
On Jan 17, 2011, at 4:12 PM, Sebastian Proca wrote:
It's strange for me how comes that, depending on the
specified arguments, I get two different errors:
I case :
# ./dtls_udp_echo 127.0.0.1
SSL_connect: Connection refused
Hi Sebastian,
On Jan 17, 2011, at 4:12 PM, Sebastian Proca wrote:
It's strange for me how comes that, depending on the specified arguments, I
get two different errors:
I case :
# ./dtls_udp_echo 127.0.0.1
SSL_connect: Connection refused
error::lib(0):func(0):reason(0)
I listened to your email using DriveCarefully and will respond as soon as I can.
Download DriveCarefully for free at www.drivecarefully.com
__
OpenSSL Project http://www.openssl.org
User Support
Hi all,
After giving up my Openssl 0.9.8k, I've installed Openssl 1.0.0c version with
latest patches for dtls support. All went well. After that, I tried to search
for some DTLS tests (other than openssl s_server/s_client) and this is what I
found :
, 9/15/10, Michael Tüxen michael.tue...@lurchi.franken.de wrote:
From: Michael Tüxen michael.tue...@lurchi.franken.de
Subject: Re: ubuntu testing dtls capabilities
To: openssl-users@openssl.org
Date: Wednesday, September 15, 2010, 1:45 PM
Hi Sebastian,
which version of openssl are you using
blocking the communication.
Best regards
Michael
Best reagrds,
Sebastian Proca
--- On Wed, 9/15/10, Michael Tüxen michael.tue...@lurchi.franken.de wrote:
From: Michael Tüxen michael.tue...@lurchi.franken.de
Subject: Re: ubuntu testing dtls capabilities
To: openssl-users@openssl.org
way of testing dtls capabilities than this one?
Or, do you think that this way of testing is enough to trust the good behaviour
of this functionality?
Thank you in advance,
Sebastian
__
OpenSSL Project
is really working.
Could someone tell me another way of testing dtls capabilities than this one?
Or, do you think that this way of testing is enough to trust the good
behaviour of this functionality?
Thank you in advance,
Sebastian
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Ian jonhson schrieb:
| Besides certificate verification and session reconnect I don't
| know any details what you have to retest.
|
|
| You imply that the mechanism of X509-based certificate verification
| has been embedded in openssh mainstream,
On Thu, Mar 06, 2008 at 01:15:03PM -0600, [EMAIL PROTECTED] wrote:
So we're testing out an upgrade from OpenSSL 0.9.7e to 0.9.8g,
and we're mostly using the SSL network connection functionality,
not the crypto lib.
I am supposed to help with a test plan to make sure our stuff works
So we're testing out an upgrade from OpenSSL 0.9.7e to 0.9.8g,
and we're mostly using the SSL network connection functionality,
not the crypto lib.
I am supposed to help with a test plan to make sure our stuff works
properly, but I'm not sure what to test. I imagine that it has to be
backward
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Victor Duchovni schrieb:
| On Thu, Mar 06, 2008 at 01:15:03PM -0600,
[EMAIL PROTECTED] wrote:
|
| So we're testing out an upgrade from OpenSSL 0.9.7e to 0.9.8g,
| and we're mostly using the SSL network connection functionality,
| not the crypto lib
On Thu, Mar 06, 2008 at 11:00:07PM +0100, Goetz Babin-Ebell wrote:
| I am supposed to help with a test plan to make sure our stuff works
| properly, but I'm not sure what to test. I imagine that it has to be
| backward compatible, since everyone using HTTPS has to be, but am not
| sure.
|
Besides certificate verification and session reconnect I don't
know any details what you have to retest.
You imply that the mechanism of X509-based certificate verification
has been embedded in openssh mainstream, right?
__
should do or something specific I should test?
I'd focus on testing your application to be sure it does what you want
it to do. I'd start by designing a series of tests designed to stress
your application, and in turn, openssl. If that means setting up a
duplicate, but test environment, I
Hello,
I've been testing with the Fips 1.2 drop with no problem. Now I've
discovered that I can't switch back and forth between FIPS and non-FIPS
mode. We use a FIPS enabled library with a client that must be able to
switch between modes. This works with openssl-fips-1.1.1. Is there any
way
Thank you for your fast replies!
To jimmy bahuleyan :
Yes I already looked through ulimit -a and tried to increase maximum open
files.
With no results.
To Marek Marcola :
Do you have thread callbacks initialized for pthread functionality ?
My thread callback - is static function of
Hi there! I just downloaded openssl sources and wanted to play around with
s_server and s_client. I've managed to get s_server running with the
following command:
openssl s_server -accept 1043 -nocert
Now when trying to connect using s_client I get this:
openssl s_client -connect localhost:1043
Hi,
I went through FIPS-197 for AES. Now if I want to test
void AES_cbc_encrypt(const unsigned char *in, unsigned
char *out,
const unsigned long length, const AES_KEY *key,
unsigned char *ivec, const int enc) function.
Hello,
I went through FIPS-197 for AES. Now if I want to test
void AES_cbc_encrypt(const unsigned char *in, unsigned
char *out,
const unsigned long length, const AES_KEY *key,
unsigned char *ivec, const int enc) function.
Thank you very much for the quick reply.
Regards,
Jaya.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola
Sent: Wednesday, September 06, 2006 3:31 PM
To: openssl-users@openssl.org
Subject: RE: Aes-256 /testing of AES_cbc_encrypt
Hello
PM
To: openssl-users@openssl.org
Subject: Testing private key - public key consistency
Hello,
is there a quick way/function to verify that a private (EVP_PKEY) key
matches a X509 certificate's public key?
thanks,
looks like:
int X509_verify(X509 *a, EVP_PKEY *r);
does the trick
On Wed, Mar 15, 2006, Julien ALLANOS wrote:
int X509_verify(X509 *a, EVP_PKEY *r);
No that will check to see if the certfiicate a was signed by public key r.
The function:
int X509_check_private_key(X509 *x, EVP_PKEY *k)
is the right one.
Steve.
--
Dr Stephen N. Henson. Email, S/MIME
Okay. Out of curiosity, what're the functions for:
1) Verifying that a given public key (not part of an X509 structure)
matches a given EVP_PKEY?
2) Extracting the public key from the EVP_PKEY (since, as I understand
it, the public key is stored as part of the private key structure)?
-Kyle H
Dr. Stephen Henson a écrit :
On Wed, Mar 15, 2006, Julien ALLANOS wrote:
int X509_verify(X509 *a, EVP_PKEY *r);
No that will check to see if the certfiicate a was signed by public key r.
The function:
int X509_check_private_key(X509 *x, EVP_PKEY *k)
is the right one.
Steve.
Thank
Hello,
is there a quick way/function to verify that a private (EVP_PKEY) key
matches a X509 certificate's public key?
thanks,
--
Julien ALLANOS
__
OpenSSL Project http://www.openssl.org
User
Probably you can try the openssl verify command?
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] Behalf Of Julien ALLANOS
Sent: Monday, February 06, 2006 6:38 PM
To: openssl-users@openssl.org
Subject: Testing private key - public key consistency
Hello
@openssl.org
Subject: Testing private key - public key consistency
Hello,
is there a quick way/function to verify that a private (EVP_PKEY) key
matches a X509 certificate's public key?
thanks,
--
Alain Damiral,
I hope this message makes me look like a very intelligent person
Université
Dear All,
We are actually testing SSL, need some
particulars scenarios which where OpenSSL have not taken care of and which are
not suggest in OpenSSL.
Any help in this regard is highly
valuable.
Thanks
raman
Testing my signed email, please send me an encrypted email.
Thanks.
Anthony
smime.p7s
Description: S/MIME Cryptographic Signature
Anthony Azzopardi wrote:
Testing my signed email, please send me an encrypted email.
Thanks.
Anthony
I would likt to, but I know of no way to tell my Mozilla that it can
trust your certificate (should someone else know a way please tell me).
And Mozilla refuses to use untrusted certificates
On 2005.11.09 at 20:50:39 -0500, Victor Duchovni wrote:
On Wed, Nov 09, 2005 at 08:38:02PM -0500, Warrick FitzGerald wrote:
Hi Guys,
I'm trying to test a connection to a TLS enabled SMTP server. Is it
possible to use use OpenSSL to setup the TLS sessison and then interact
with the
Subject: Testing TLS
Hi Guys,
I'm trying to test a connection to a TLS enabled SMTP server. Is it possible to
use use OpenSSL to setup the TLS sessison and then interact with the mail
server as if I'd telnet'd to port 25?
Thanks
Warrick
I've tried one of the 0.9.8 snapshots and make test is failing, after running
for an enormous amount
of time. (openssl-0.9.8-stable-SNAP-20050613.tar.gz)
Two questions:
1. what's the output supposed to look like, these days? Specifically, is it
supposed to run a long time?
2. where's the
Rodney Thayer wrote:
I've tried one of the 0.9.8 snapshots and make test is failing, after
running for an enormous amount
of time. (openssl-0.9.8-stable-SNAP-20050613.tar.gz)
Two questions:
1. what's the output supposed to look like, these days?
what do you get ?
Specifically, is it
Rodney Thayer wrote:
I've tried one of the 0.9.8 snapshots and make test is failing, after
running for an enormous amount
of time. (openssl-0.9.8-stable-SNAP-20050613.tar.gz)
Two questions:
1. what's the output supposed to look like, these days? Specifically,
is it supposed to run a long
Forwarded to openssl-users...
- Forwarded message from Jyothi [EMAIL PROTECTED] -
X-Original-To: [EMAIL PROTECTED]
X-Original-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
From: Jyothi [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Open SSL: Testing Demo
Date: Fri, 19 Mar 2004
Dear list,
did anyone implement a test for a given A an X exists that
X ^ k == A (mod N)
for a composite N = p*q with q and q being known primes?
Any good math paper?
thank you,
Vadim
__
OpenSSL Project
Hi there,
I am very new to SSL. I am testing a client application which is built over
OpenSSL. I would like to write a PERL application to test the same. Is there
any way to test the SSL Handshake stuffs?
With an SSL echo server i am able to check only the Positive flow of the
application
Robinson, Richard L (Rick) wrote:
I checked the RSA web site and could not find the paper you
are referencing. Could you please forward me a link?
I really don't see how you could have missed it. It is only the
10th listing on their Technical Notes page:
Thanks.
Found the paper after some additional searching.
Met Rivest at RSA Conf. Nice guy.
No need for long teeth.
Rick
-Original Message-
From: Charles B Cranston [mailto:[EMAIL PROTECTED]
Sent: Wednesday, June 04, 2003 7:33 AM
To: [EMAIL PROTECTED]
Subject: Re: testing
I checked the RSA web site and could not find the paper you are referencing. Could
you please forward me a link?
Thanks,
Rick
-Original Message-
From: Charles B Cranston [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 03, 2003 10:04 AM
To: [EMAIL PROTECTED]
Subject: Re: testing
Hi Markus,
it's very easy,
Mak a new root ca (e.g. with script MakeRootCA.sh from openvalidation.org)
make a openssl.cnf- file with some place-holders for name an orgunit and so
on.
put in the req-section promt = no
build a simple (perl) skript
do
parse config and replace place-holders
I see that this never went out.
Regards,
Steve Romero
Date: Thu, 06 Jun 2002 14:57:28 -0500
To: [EMAIL PROTECTED]
From: Steve Romero [EMAIL PROTECTED]
Subject: openssl-0.9.7-beta1 testing
Cc: [EMAIL PROTECTED]
Hi all,
Didn't see a bug list, but wanted to let everyone know that I had problems
On Wed, Jun 19, 2002 at 01:25:15PM -0500, Steve Romero wrote:
I see that this never went out.
+ openssl-0.9.7-beta1
When compiling openssl I get:
evp_test.c: In function `main':
evp_test.o(.text+0x11bc): undefined reference to `strsep'
Has been corrected in OpenSSL-0.9.7-beta2.
+
On Thu, Jun 06, 2002 at 02:57:28PM -0500, Steve Romero wrote:
Didn't see a bug list, but wanted to let everyone know that I had problems
with this beta release under the following conditions:
+ gcc
+ Solaris 8 (patched)
+ rsaref-2.0
+ openssl-0.9.7-beta1
When compiling openssl I get:
On Thu, Jun 06, 2002 at 02:57:28PM -0500, Steve Romero wrote:
Hi all,
Didn't see a bug list, but wanted to let everyone know that I had problems
with this beta release under the following conditions:
+ gcc
+ Solaris 8 (patched)
+ rsaref-2.0
+ openssl-0.9.7-beta1
When compiling
Hi all,
Didn't see a bug list, but wanted to let everyone know that I had problems
with this beta release under the following conditions:
+ gcc
+ Solaris 8 (patched)
+ rsaref-2.0
+ openssl-0.9.7-beta1
When compiling openssl I get:
evp_test.c: In function `main':
evp_test.c:361: warning:
I am trying to set up openssl 0.9.6b on an ancient sun3 with SunOS
4.1.1_U1, intending to set up openssh once openssl is working.
The openssl build appears to be OK (after hacking the config
to not assume that sunos necessarily implies sparc :)
I am getting two complaints from make test, and
I wondering if someone could giude me on obtaining
some code just to see if OpenSSL works on Apache?
Sakui
OpenSSL
Project
http://www.openssl.orgUser Support
Mailing
List
[EMAIL PROTECTED]Automated
List
Manager
[EMAIL PROTECTED]
hi Sakui,
It is onboard in the base install of OpenBSD.. see..
/etc/rc.conf
read the comments there on httpd..
bye
Sakui wrote:
I
wondering if someone could giude me on obtaining some code just to see
if OpenSSL works on Apache?Sakui
OpenSSL
Hello All,
Some days ago I subscribed to the [EMAIL PROTECTED], or so
Majordomo advised me. So far I
have seen no messages . This is to
test the that I am indeed subscribed.
Cheers
--
Michael Czapski
Senior Consultant
SeeBeyond Pty. Ltd.
+61 2 9409-5403
"Michael Czapski" [EMAIL PROTECTED] wrote:
[snip]
Michael, please DO NOT post in HTML email with that horrid
notebook background image, please.
If you want anyone to respond to your posts, switch to plain
text email.
- Dan
__
Hi
__
OpenSSL Project http://www.openssl.org
User Support Mailing List[EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
Right,
I've got to the point where I can happily generate keys and sign
data. Hurrah! Now all I need to do is find a way to store keys.
Looking in the rsa.h file you can see the structure is as follows:
struct rsa_st
{
/* The first parameter is used to pickup errors where
I've got to the point where I can happily generate keys and sign
data. Hurrah! Now all I need to do is find a way to store keys.
look at the d2i and i2d functions declared in rsa.h
In general, for any complicated structure you need to serialize (also
known as flattening or marshalling
pewing out to all of you. There should be no need for any more
"testing" mails :-)
Thanks,
Geoff
__
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL
According to the test script 'test.bat', my Windows NT 4.0 code is broken.
I have two Windows builds - one with MSVC, and the other with Borland C++.
Both of these builds fail running 'randtest', 'dhtest', 'exptest',
'dsatest', and the tests that use 'openssl.exe' to do their work.
I get zero
Hello !
I installed openssl 0.9.4 on WinNT. The tests are OK.
But how can I test the ssl by connecting an ssl-server via URL (https)?
Do you know a little application for this test?
I've got Problems with SSLeay 0.16, so I wanna be sure if openssl works.
Maybe I don't need SSLeay, but
Greetings.
I'm implementing elliptic curve software on top of OpenSSL Bignum
library. When testing it on NIST's standard curves, I found a problem that
seems not to be in my code: Bignum reports that NIST's 384-bit prime is not
prime! I've checked the value with MIRACL and Java (which
Paulo S. L. M. Barreto wrote:
Greetings.
I'm implementing elliptic curve software on top of OpenSSL Bignum
library.
Interesting. Will you be making the code public?
When testing it on NIST's standard curves, I found a problem that
seems not to be in my code: Bignum reports that NIST's
Dr Stephen Henson wrote:
When testing it on NIST's standard curves, I found a problem that
seems not to be in my code: Bignum reports that NIST's 384-bit prime is not
prime!
Do you have a URL referencing these NIST standard curves?
Ignore that. I've found the URL. On NISTs site
"Paulo S. L. M. Barreto" wrote:
Greetings.
I'm implementing elliptic curve software on top of OpenSSL Bignum
library. When testing it on NIST's standard curves, I found a problem that
seems not to be in my code: Bignum reports that NIST's 384-bit prime is not
prime! I'
I was wondering if someone could provide me with a short tutorial of how to
sign a certificate as though I were a CA.
Thanks
Joe H.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Raul Gutierrez
Sent: Thursday, June 03, 1999 3:37 PM
To: [EMAIL
I was wondering if someone could provide me with a short tutorial of how to
sign a certificate as though I were a CA.
you may take a look to the excellent mod_ssl manual for examples for use
with www/ssl servers. Other Certs are similar. The mod_ssl manual would be
a good position to start I
I've seen such error when I made wrong certificate. Are you sure that you
entered FQDN of your server when was asked about "Your name:" by Ope
This seems to be a common confusion -- why not change the question in
OpenSSL to say "Your domain name" instead?
Maybe the default config could
101 - 196 of 196 matches
Mail list logo
