RE: error in using EC/DSA cert as server cert

> From: owner-openssl-us...@openssl.org On Behalf Of Bin Lu > Sent: Thursday, 07 June, 2012 19:25 > For ecdh_tmp, should it be the same as what is set in the > pkey in CTX->CERT? What is the purpose of these _tmp keys? > Sent: Thursday, June 07, 2012 4:04 PM > But for a DSA key, what DH do I su

RE: error in using EC/DSA cert as server cert

For ecdh_tmp, should it be the same as what is set in the pkey in CTX->CERT? What is the purpose of these _tmp keys? Regards, -binlu -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Bin Lu Sent: Thursday, June 07, 2012 4:04 P

RE: error in using EC/DSA cert as server cert

But for a DSA key, what DH do I suppose to use? Thanks, -binlu -Original Message- From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Dave Thompson Sent: Thursday, June 07, 2012 2:39 PM To: openssl-users@openssl.org Subject: RE: error in using EC/D

RE: error in using EC/DSA cert as server cert

>From: owner-openssl-us...@openssl.org On Behalf Of Bin Lu >Sent: Thursday, 07 June, 2012 14:53 >I am trying to use an ECDSA certificate >the correct cipher suite is not being chosen >dh_tmp, ecdh_tmp and their callback functions not set >Is some code missing in SSL_CTX_use_PrivateK

error in using EC/DSA cert as server cert

Hi, I am trying to use an ECDSA certificate as the server cert, basically I created an EC_KEY and loaded it into SSL_CTX using SSL_CTX_use_PrivateKey(), after the cert is loaded using SSL_CTX_use_certificate(). The problem I am facing is that during SSL handshaking, the correct cipher suite is

Re: openssl Signature Verification Failure : “RSA_padding_check_PKCS1_type_1:block type is not 01”

I typically divide the problem in two. Do a raw public key operation. If you see something that looks random, then the public key doesn't match the private key used to generate the signature, or either the public key or signature has been altered. If it looks like padding + OID + hash, then

Re: openssl Signature Verification Failure : “RSA_padding_check_PKCS1_type_1:block type is not 01”

Here is the vector and code that is provided in the link: /* VECTOR SOURCE: csrc.nist.gov/groups/STM/cavp/documents/dss/RSAVS.pdf B.1.3 SigVerRSA.req., it's "Result = P" as per B.3.3 SigVerRSA.rsp # CAVS 3.2 # "SigVer RSA (X9.31)" information for "testshas" # Mod sizes selected: 1024 1536 # SHA A

openssl Signature Verification Failure : “RSA_padding_check_PKCS1_type_1:block type is not 01”

I am trying to verify the signature of a sample downloaded from NIST . But I am getting the following output: retval=0 err='error:0407006A:lib(4):func(112):reason(106)' When I collected the detailed description I found: openssl errstr 0407006A error:0407006A:rsa routines:RSA_padding_check_PKCS1_