Hi.
I'm trying to transition from using PSK's with ipsec-tools to self-signed certs
(harder to guess, etc) but I've not been very successful. When it fails, it's
not always apparent why it fails... that's the nature of security, of course.
I was wondering if anyone else had done this, and co
On Tue, Sep 21, 2010, Stephan Mller wrote:
> Hello,
>
> I try to understand the encryption of a private rsa key. It was generated
> with
>
> > openssl genpkey -aes-256-cbc -algorithm rsa -out mykey.enc
> -pkeyopt rsa_keygen_bits:2048
>
> (pw: 'admin', file attached)
>
> according to pkcs#8
> From: owner-openssl-us...@openssl.org On Behalf Of Chris Kistner
> Sent: Tuesday, 21 September, 2010 07:52
> There are always an extra null-byte at the beginning, which has an
> effect on the sign of the modulus value. The null-byte character would
> make the modulus a positive value.
>
Not a
Hello,
I try to understand the encryption of a private rsa key. It was generated
with
> openssl genpkey -aes-256-cbc -algorithm rsa -out mykey.enc
-pkeyopt rsa_keygen_bits:2048
(pw: 'admin', file attached)
according to pkcs#8 the result is
EncryptedPrivateKeyInfo ::= SEQUENCE {
encrypt
Jakob Bohm wrote:
1. The current README.WCE and code assumes that you link with one of
two less free libraries (one is LGPL, the other requires reconfiguration
of the target device/phone). I wrote my own more minimal library
under the OpenSSL license to avoid them both. This obviously implied
p
Hi,
On Tue, Sep 21, 2010 at 01:24:01PM +0200, Jan Danielsson wrote:
> Hello,
>
>The PKCS#11 specification stipulates that certificate object should
> have a subject attribute which is DER encoded.
>
>Let's say I have an X509 structure in a C program. Is there an easy
> and direct way to
Hi Michael,
There are always an extra null-byte at the beginning, which has an
effect on the sign of the modulus value. The null-byte character would
make the modulus a positive value.
I've been using the following application with Wine to view my X.509
certificates: http://lipingshare.com/Asn1Ed
Hello,
The PKCS#11 specification stipulates that certificate object should
have a subject attribute which is DER encoded.
Let's say I have an X509 structure in a C program. Is there an easy
and direct way to get a DER encoded subject from it with OpenSSL?
___
HI!
There is a difference when displaying the modulus with command-line tool.
Here's the relevant excerpt of the following command:
openssl x509 -noout -text -modulus -in cert.pem
[..]
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
On 19-07-2010 12:35, Jakob Bohm wrote:
On 16-07-2010 22:50, Mark Bishop wrote:
Thank you very much so far with all the input you have given me. I have
few more questions. I am going to have to give up on interfacing with
the Windows Crypto library and put openssl on my client as well.
However, m
Sorry for this late reply, I have been otherwise busy for some time.
Yes, I did this via Server 2008 R2.
What I actually did was to add the certificate via Group policy, so
it was automatically propagated to the trusted CA store on all computers
in the domain (including Windows 2000/XP/2003/Vist
11 matches
Mail list logo
