Hello
Ihave got one question:
Does exist some way how to compute all attributes of private key from
modulus and private exponent?
I think as public exponent, prime1, prime2, exp1, exp2...
Thanks
--
View this message in context:
http://www.nabble.com/How-to-compute-all-attributes-of-RSA-privat
In the man page for rsautl, OpenSSL 0.9.7l in Mac OS X, I read this
"Note" at the bottom:
"rsautl because it uses the RSA algorithm directly can only be used to
sign or verify small pieces of data."
That seems to imply that there is a better alternative to rsautl for
signing. What is it?
Well, I got this working, although I there are several things that
don't seem to work they way they should. Short summary: Must use
perl function private_encrypt() instead of sign(), even though, to
generate the same signature, the command-line tool must use -sign.
Must use the SHA1 dige
> The only thing that I need is to certify the public key of
> the client by the server, therefore the common name and
> related infos are not used and have no meaning in this
> context. Moreover, the certification chain is local/private,
> so it does not involve interactions with external (public
What you're saying is this:
1) You know who the principal is (and therefore the CN to stick into
your certificate), due to your pre-existing protocol.
2) You know what the public key is, also due to your pre-existing protocol.
3) You've already verified the proof of possession of the private key
(
Silviu VLASCEANU wrote:
Hello,
I am developing an application which also has some CA functions. The
application knows the public key, KpC, of a client which has a priori
proven to this app the possession of KpC through an out-of-band mean.
Therefore, when the application "calls" the CA functi
Hi All
I have been using this API to dump in my statistics logs whether the
SSL session is reused or not in a windows openSSL based client.
Everything was good till i was using 9.7e. The session reuse works
fine and the logs were correctly showing session reused as 1 and
sniffer traces reconfirm
Thanks for your answer, David. Let me explain some more of my problem.
The reason for not wanting to make a "usual" CSR is that my client is not
able to send the CSR to the server (CA) app. In fact, I am extending an
existing communication protocol, where I keep the already defined message
types a
--- On Fri, 8/15/08, Ger Hobbelt <[EMAIL PROTECTED]> wrote:
> Ahh... This brings back memories... I had to do the same
> 'selective compilation' back before 2000 when the USA would
> prohibit cipher export at 128 bit and beyond unless you had a
> specific license.
Ger,
Many thanks for taking
Silviu Vlasceanu wrote:
> To reformulate,
> Is there a way to generate a certificate without a proof of possession?
> Thanks.
Absolutely. Just stuff all the fields that you want into the certificate and
sign it. Simply take the fields from wherever you have them rather than from
the CSR.
Yo
Hodie XIV Kal. Sep. MMVIII est, Kyle Hamilton scripsit:
> X.509 refers to the certificate version. 0 == version 1, 1 == version
> 2, 2 == version 3.
>
> Version 1 certificates have no means for any extensions.
> Version 2 certificates are CRLs.
?
Version 2 certificates have "issuerUniqueIdentif
To reformulate,
Is there a way to generate a certificate without a proof of possession?
Thanks.
2008/8/18 Silviu VLASCEANU <[EMAIL PROTECTED]>
> Hello,
>
> I am developing an application which also has some CA functions. The
> application knows the public key, KpC, of a client which has a prior
X.509 refers to the certificate version. 0 == version 1, 1 == version
2, 2 == version 3.
Version 1 certificates have no means for any extensions.
Version 2 certificates are CRLs.
Version 3 certificates are the current norm, and most likely what you want.
The best reference currently is RFC5280,
Silviu Vlascaenu wrote:
> I am developing an application which also has some CA functions.
> The application knows the public key, KpC, of a client which has
> a priori proven to this app the possession of KpC through an
> out-of-band mean. Therefore, when the application "calls" the CA
> functio
Hi,
I can set a certificate version using function X509_set_version().
Can some one give me a reference to different certificate versions that are
available and the significance of each version number.
-Thanks and Regards,
-Sanjith.
Hi,
I couldnt get a documentation for ASN1_INTEGER_set(). Just want to
know the significance of the second argument of this function. What is the
difference when I provide 0 and PKCS12_DEFAULT_ITER for it?
Thanks and Regards
-Sanjith
16 matches
Mail list logo
