There's space to create a new random device at /dev if you want too =)
/dev/nbrandom ? no block random? :)
2013/9/24 Richard Könning :
> Am 24.09.2013 02:05, schrieb starlight.201...@binnacle.cx:
>
>> At 12:59 9/23/2013 -0700, Michael Sierchio wrote:
>>>
>>>
>>> I'll repeat myself - the fact that
The "Signature Algorithm" field is the correct field to check.
As clarification: MD5 is not a signature algorithm, it's a hashing
algorithm. A certificate is hashed using the specified hashing algorithm,
and then signed using the specified signature algorithm.
Thus, sha1WithRSAEncryption indi
Thanks :)
Sent from my iPhone
> On Sep 24, 2013, at 4:28 PM, "Steve Marquess-3 [via OpenSSL]"
> wrote:
>
> On 09/24/2013 07:27 AM, Dr. Stephen Henson wrote:
> > ...
> >
> > Future versions of OpenSSL will fail if an attempt is made to use the Dual
> > EC
> > DRBG.
>
> Note we're also lo
On 09/24/2013 07:27 AM, Dr. Stephen Henson wrote:
> ...
>
> Future versions of OpenSSL will fail if an attempt is made to use the Dual EC
> DRBG.
Note we're also looking into removing Dual EC DRBG from the OpenSSL FIPS
Object Module, a more difficult proposition as there are strict
restrictions o
Am 24.09.2013 02:05, schrieb starlight.201...@binnacle.cx:
At 12:59 9/23/2013 -0700, Michael Sierchio wrote:
I'll repeat myself - the fact that the
/dev/random implementation you're using
blocks is a serious design flaw.
Convince Linus, the GPG developers et al.--not me.
No one has to convi
Am 23.09.2013 21:59, schrieb starlight.201...@binnacle.cx:
At 20:27 9/23/2013 +0200, Richard Könning wrote:
/dev/random is a PRNG which blocks when the (crude)
entropy estimation of the entropy pool falls below a
limit. Besides this there are afaik no big
differences between /dev/random and /d
Thanks a lot! :)
Tony
Sent from my iPhone
> On Sep 24, 2013, at 2:27 PM, "Dr. Stephen Henson" wrote:
>
>> On Mon, Sep 23, 2013, yustein wrote:
>>
>> Hi,
>>
>> Does OpenSSL use this by default, if not where do a user choose which method
>> to use for CSPRNG?
>
> The default DRBG for OpenSSL
On Mon, Sep 23, 2013, yustein wrote:
> Hi,
>
> Does OpenSSL use this by default, if not where do a user choose which method
> to use for CSPRNG?
>
The default DRBG for OpenSSL is 256 bit AES CTR_DRBG.
The default can be changed by using the compile time flags:
-DOPENSSL_DRBG_DEFAULT_TYPE=type
On 09/23/2013 04:16 PM, Jim Adams wrote:
> The Security Policy for the FIPS Object Module 2.0 states:
>
> 5.1 Exclusive Use of the FIPS Object Module for Cryptography
> In order for the referencing application to claim FIPS 140-2 validation,
> all cryptographic functions
> utilized by the applica
Hi,
Does OpenSSL use this by default, if not where do a user choose which method
to use for CSPRNG?
Thanks,
Tony
--
View this message in context:
http://openssl.6102.n7.nabble.com/Dual-EC-DRBG-tp46628.html
Sent from the OpenSSL - User mailing list archive at Nabble.com.
__
The Security Policy for the FIPS Object Module 2.0 states:
5.1 Exclusive Use of the FIPS Object Module for Cryptography
In order for the referencing application to claim FIPS 140-2 validation, all
cryptographic functions
utilized by the application must be provided exclusively by the FIPS Object
11 matches
Mail list logo
