So, have I to generate a prime with length = 3200 bits ?, ( the
corresponding exponent will belong to 3200-bit MODP group ) in order to
generate an AES 128 session key ? ( I use 2 as generator ).
Here http://tools.ietf.org/html/rfc3526, it is said :
"The new Advanced Encryption Standard (AES)
That's simple. Thank you again Erik.
On Tue, Apr 19, 2011 at 5:22 PM, Erik Tkal wrote:
> 110419141516Z = 2011 04(April) 19th 14:15:16Z(UTC)
>
>
>
> *Erik Tkal**
> *Juniper OAC/UAC/Pulse Development
>
>
>
> *From:* owner-openssl-us...@openssl.org [mailto:
>
Check out the date and time functions in PHP and there are ways to
format that number into something a little more human readable.
Contact me if you would like to know more. This isn't a php forum so no
point in talking about it here.
On 11-04-19 5:22 PM, Erik Tkal wrote:
> 110419141516Z = 2011 0
110419141516Z = 2011 04(April) 19th 14:15:16Z(UTC)
Erik Tkal
Juniper OAC/UAC/Pulse Development
From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org]
On Behalf Of Matt C
Sent: Tuesday, April 19, 2011 5:19 PM
To: openssl-users@openssl.
I've extracted a date from a public certificate using the PHP command
openssl_x509_parse.
The date looks like this: 110419141516Z
Can someone tell me how to make sense of this date (in PHP if possible).
Thank you!
Matt
It would help if you specified which of the many thousands of releases and
versions of UNIX you are talking about, and what
architecture/processor/bit-width you need. There won't be compiled versions
available for most combinations. You'd need to follow the instructions which
come with it if yo
Thank you Erik and Wim, that's exactly the information I needed!
On Tue, Apr 19, 2011 at 2:27 PM, Wim Lewis wrote:
>
> On 19 Apr 2011, at 10:55 AM, Matt C wrote:
> > Should I be hashing the entire contents of the PEM file, only part, or is
> there additional data I need to add?
>
> The fingerpri
Addendum - depending on the use of DH (usually using the DH shared
secret as a basis for key exchange), the choice of prime is more
important than private exponent length. Safe primes or strong primes
are warranted. Most systems use small generators (e.g., 2).
- M
On Mon, Apr 18, 2011 at 7:25 P
The private exponent length need only be sufficient to make a brute
force search (using the public exponent as a target) computationally
infeasible, since the discrete log problem is still in the "hard"
category.
Cogent DH Private Exponent recommendations are always stated in terms
of P, e.g., x :
Please can anybody help? This is kind of priority issue for me.
I have following set of certificates with X509 extensions defined for code
signing in PKCS7 format.
Root CA - Key usage (critical): Certificate Sign, CRL Sign
CVC Sub-CA - Key usage (critical): Certificate Sign, CRL Sign
CVC cert
On Tue, Apr 19, 2011 at 11:40:56AM +0100, João Alpande wrote:
> Good Morning,
>
> Where can I get a compiled version of OpenSSL for Unix?
>
> how to install openssl in unix ?
>
> Thanks´s
>
>
>
> João Alpande
>
For which Unix box?
--
Member - Liberal International This is doc...@nl2k.a
On 19 Apr 2011, at 10:55 AM, Matt C wrote:
> Should I be hashing the entire contents of the PEM file, only part, or is
> there additional data I need to add?
The fingerprint that openssl computes is the hash of the entire certificate in
DER format. You should be able to recover the DER-formatte
The thumbprint is the hash of the certificate data in DER format. For example,
the following commands would work for both forms:
openssl x509 -in user.pem -fingerprint -md5 -noout
openssl x509 -in user.cer -inform der -fingerprint -md5 -noout
But I f you want to use a raw hash then only the se
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Hello,
I am able to generate an MD5 fingerprint with the following command.
openssl x509 -in user.pem -fingerprint -md5 -noout
This fingerprint matches the fingerprint displayed by Thunderbird/Firefox.
I am trying to generate an MD5 using a hash function in PHP,
http://nl2.php.net/manual/en/fun
From: João Alpande
>Where can I get a compiled version of OpenSSL for Unix?
>how to install openssl in unix ?
It would help if you could specify which unix os?
JD
__
OpenSSL Project http://www.ope
Good Morning,
Where can I get a compiled version of OpenSSL for Unix?
how to install openssl in unix ?
Thanks´s
João Alpande
Am 19.04.2011 09:19, schrieb ch:
hi!
Can I verify a message or just a certificate WITHOUT having all the
issuer certificats (up to the RootCA) in my store??
Is there a option in the commandline tools? I was not able to find one
in the man-pages.
You can verify a message without checking th
hi!
Can I verify a message or just a certificate WITHOUT having all the
issuer certificats (up to the RootCA) in my store??
Is there a option in the commandline tools? I was not able to find one
in the man-pages.
thanks,
chris
__
Hi All,
First off I have a DISKSTATION DS410 in my business and I am trying to set
it up for remote access such that:
(1) Clients can 'map the drive' on their laptops
(2) VPN to their desktops (which are on the local network with the DS410)
I am trying to be secure and use OpenSSL with certifca
20 matches
Mail list logo
