I believe you just load your ECDSA cert and the other stuff – Dhparams!! – is
not needed.
Rich-
Thanks for your reply. At this point I'm 99% sure I have ECDH with RSA working.
My question in the previous post was just to confirm. But I have my RSA cert
and key pair, and a client can successfully connect to my server using
ECDHE_RSA* ciphers.
My questions are more related to ECDSA.
The first thing I would suggest is to separate ECDH, the session key exchange,
from ECDSA, the signature. Try to make ECDH with RSA work. Then just load
your ECDSA cert; you can load one cert of each type (RSA DSA) and the runtime
will figure out what to do, depending on what the client offers
Thanks Matt, this was very helpful. I'll dig into libcurl to understand better.
I appreciated your help.
Kind regards,
Valerio
--
Valerio Di Gregorio
ENGINEER.SOFTWARE ENGINEERING
vadig...@cisco.com | +41 21 694 3840
.:|:.:|:. Cisco Systems International Sàrl
EPFL, Quartier de l'Innovation
Ba
On 11/02/2020 14:49, Valerio Di Gregorio (vadigreg) wrote:
> My understanding is that libcurl's multi interface is async.
I know nothing about curl, but a quick search of the codebase does turn
up some evidence that it seems to be ASYNC aware. At least it is
prepared to accept SSL_ERROR_WANT_AS
My understanding is that libcurl's multi interface is async. That's the
interface I'm using. I configured SSL_CTX_set_mode(ssl_ctx, SSL_MODE_ASYNC) as
you pointed out. I did in the same libcurl callback I used for
SSL_CTX_set_cert_verify_callback(). I can see ASYNC_pause_job() actually
pausing
On 11/02/2020 14:26, Valerio Di Gregorio (vadigreg) wrote:
> Hi Matt, Thanks for your reply. HTTPS request is initiated using
> libcurl. I've installed a callback in libcurl as
> CURLOP_T_SSL_CTX_FUNCTION which in turn installs a callback using
> SSL_CTX_set_cert_verify_callback(). So my applica
Hi Matt,
Thanks for your reply. HTTPS request is initiated using libcurl. I've installed
a callback in libcurl as CURLOP_T_SSL_CTX_FUNCTION which in turn installs a
callback using SSL_CTX_set_cert_verify_callback(). So my application never
calls ASYNC_start_job().
I expected my application to w
On 11/02/2020 13:05, Valerio Di Gregorio (vadigreg) via openssl-users wrote:
> 1. ASYNC_pause_job() can wake up before write(). It will then block on
> the read(), which is too bad in my single-threaded code.
> 2. I fixed case 1 by making read() non-blocking, I then run
> ASYNC_pause_j
Hello,
This is my first post here. I need help with ASYNC_pause_job(). I'm writing an
async engine to delegate certificate validation to a different process.
Validation happens asynchronously through IPCs. To explain what I'm doing I'll
use some "pseudo" code:
// this happens in process #1
ctx
Operations that a private key can do are decrypt and sign. Similarly,
operations that a public key can do are encrypt and verify.
The legacy priv_enc(raw) just refers to raw signing, and is almost same as
sign(with proper padding mechanisms).
It is just a misnomer, as data encrypted with a privat
11 matches
Mail list logo
