Re: How to compute crt coefficient (PQ) value of a private key?

Yes, that was the case. It was power -1 instead of subtract. Java BigInteger has a function modInverse that does the required work for me. Now got it loaded onto the smart card.     --- On Wed, 15/12/10, Kannan J wrote: From: Kannan J Subject: Re: How to compute crt coefficient (PQ) value

Re: How to compute crt coefficient (PQ) value of a private key?

On Wed, Dec 15, 2010 at 12:58 AM, Victor Duchovni wrote: > On Tue, Dec 14, 2010 at 09:46:11PM -0800, Kannan J wrote: > >> I'm copying and pasting the text from the smart card guide. It is too > big to attach. > > Please use plain-text (non-HTML) email when sending mail to lists. Agreed. >> The fo

Re: How to compute crt coefficient (PQ) value of a private key?

On Tue, Dec 14, 2010 at 09:55:26PM -0800, Kannan J wrote: > > > From my relentless search on the internet I hit upon this webpage > http://www.mobilefish.com/services/rsa_key_generation/rsa_key_generation.php > which accepts prime values and generates the rest of the exponents and > coefficien

Re: How to compute crt coefficient (PQ) value of a private key?

On Wed, Dec 15, 2010 at 12:55 AM, Kannan J wrote: > > From my relentless search on the internet I hit upon this webpage > http://www.mobilefish.com/services/rsa_key_generation/rsa_key_generation.php > http://groups.google.com/group/sci.crypt/browse_frm/thread/d228e099f78164e3 which accepts prim

Re: Error 20 at 0 depth lookup:unable to get local issuer certificate

Thank you. It worked fine after concatenating cert1.pem and cert2.pem into single file. Regards, Vinay sandeep kiran p wrote: The -untrusted argument to verify command takes a single file containing multiple certificates concatenated together. Try adding cert1.pem and cert2.pem into a single

Re: How to compute crt coefficient (PQ) value of a private key?

On Tue, Dec 14, 2010 at 09:46:11PM -0800, Kannan J wrote: > I'm copying and pasting the text from the smart card guide. It is too big to attach. Please use plain-text (non-HTML) email when sending mail to lists. > The following convention applies for the P, Q, DP1, DQ1, and PQ parameters: > P is

Re: How to compute crt coefficient (PQ) value of a private key?

>From my relentless search on the internet I hit upon this webpage >http://www.mobilefish.com/services/rsa_key_generation/rsa_key_generation.php which accepts prime values and generates the rest of the exponents and coefficients. It mentions "Enter CRT coefficient (qInv)*: qInv = q-1 mod p " I

Re: How to compute crt coefficient (PQ) value of a private key?

  I'm copying and pasting the text from the smart card guide. It is too big to attach. The following convention applies for the P, Q, DP1, DQ1, and PQ parameters: · P is the smallest RSA prime · Q is the other RSA prime · DP1 = D mod (P – 1), where D is the secret RSA exponent · DQ1 = D mod (Q –

Re: How to compute crt coefficient (PQ) value of a private key?

On Tue, Dec 14, 2010 at 07:30:33PM -0800, Kannan J wrote: > I have a private key that I need to load onto the smart card. > The PIV User Guide says PQ = P-1 mod Q Instead of re-interpreting it is best to provide a direct reference, or at least an unedited quote of the specificied requirements wi

Re: openssl and legacy openbsd crypto project

On Tue, Dec 14, 2010 at 05:05:06PM -0800, John R Pierce wrote: > but didn't openssl get its > start with that same openbsd crypto code? No. From the information-free OpenBSD mailing list message: It is alleged that some ex-developers (and the company they worked for) accepted US governm

Re: Using DH parameters from OpenSSL

On Tue, Dec 14, 2010 at 04:14:01PM -0800, Mike Mohr wrote: > How do you mean, an additional 0 byte is prepended? I generated > several DH parameters and exported them to C code ( -C ), some of > which has the MSB set. It looks like BN_bin2bn is used directly on > the raw bytes of the prime witho

How to compute crt coefficient (PQ) value of a private key?

I have a private key that I need to load onto the smart card. The prime P value used being 00CC11DBABBC3648BF4C3800DD73C769580D60B8F45BA41210674FCFB6EDE6C604FD20FBD0EC3125BB9A116238CE4900A0308155971AB606CFB9945551B519ED6F And the prime Q value being 00DF613AEA2FF8438C58766639DCED24D9BCBAF75926734

RE: Using DH parameters from OpenSSL

> From: owner-openssl-us...@openssl.org On Behalf Of Mike Mohr > Sent: Tuesday, 14 December, 2010 19:14 > How do you mean, an additional 0 byte is prepended? I generated > several DH parameters and exported them to C code ( -C ), some of > which has the MSB set. It looks like BN_bin2bn is used d

openssl and legacy openbsd crypto project

this story is going around the net like hotcakes. http://marc.info/?l=openbsd-tech&m=129236621626462&w=2 i have no idea how much 'truth' is in there... but didn't openssl get its start with that same openbsd crypto code? is any of th

Re: Using DH parameters from OpenSSL

How do you mean, an additional 0 byte is prepended? I generated several DH parameters and exported them to C code ( -C ), some of which has the MSB set. It looks like BN_bin2bn is used directly on the raw bytes of the prime without any padding. Mike On Tue, Dec 14, 2010 at 12:54 PM, Erik Tkal

RE: Using DH parameters from OpenSSL

DER encoding of numeric data should always be network byte order MSB...LSB. Note that if the high order bit is set then an additional 0 byte is prepended. Erik Tkal Juniper OAC/UAC/Pulse Development -Original Message- From: owner-openssl-us...@opens

Using DH parameters from OpenSSL

Good afternoon, I'm trying to understand the data format that OpenSSL writes out its DH parameters in. I am aware that the actual data is encoded using ASN.1 DER and have a way to parse the container. My question really amounts to byte ordering when DH parameters are generated like this: openss

Re: Problems building FIPS Openssl under Server 2008 R2

On Mon, Dec 13, 2010, Christopher A Hotchkiss wrote: > > Just a quick note. There was a bug in the 1.2 module which meant Win64 ASM > > builds didn't function properly. A change letter has addressed this and the > > newly uploaded 1.2.2 module should now work fine with Win64 ASM. > > > > Stev

Re: How to disable compression?

On Tue, Dec 14, 2010 at 06:20:54PM +1100, Corin Lawson wrote: > Hi All, > > Is it possible to establish an SSL connection with no compression? How? OpenSSL 1.0.0 provides a new option that can be set via SSL_CTX_set_options() or SSL_set_options(). SSL_OP_NO_COMPRESSION > While I'm at it, i

Re: Error 20 at 0 depth lookup:unable to get local issuer certificate

The -untrusted argument to verify command takes a single file containing multiple certificates concatenated together. Try adding cert1.pem and cert2.pem into a single file and check again. Thanks, Sandeep On Tue, Dec 14, 2010 at 12:00 PM, Vinay Kumar L < vinaykuma...@globaledgesoft.com> wrote: >