, Kannan J wrote:
From: Kannan J
Subject: Re: Verify CSR fails for 256 byte modulus, what am I doing wrong?
To: openssl-users@openssl.org
Date: Thursday, 16 December, 2010, 8:34 PM
This is the error message I get when I use openssl to verify my generated CSR:
D:\deleteme>openssl req -no
:75:55:
59:0a:0b:1d:22:f5:ee:23:2d:3c:15:f5:3c:e1:95:d1:2f:c1:
76:5a:46:99:97:02:e1:15:02:61:20:ae:cc:b9:c8:45:f9:09:
1e:be:ca:83:ab:bf:ed:6d:b0:b0:70:04:01:92:cf:af:90:60:
a9:3e:27:ce
Any ideas what the error message means?
Thanks,
Kannan
--- On Thu, 16/12/10, Kannan J
I use the smart card to generate the private-public key pair on the card, get
the public key modulus from the card, generate a CSR for a user, compute the
MD5 Hash using SHA1, give this hash to the card for signing the hash with the
private key, append this signature to the CSR, and verify this
Yes, that was the case. It was power -1 instead of subtract. Java BigInteger
has a function modInverse that does the required work for me. Now got it loaded
onto the smart card.
--- On Wed, 15/12/10, Kannan J wrote:
From: Kannan J
Subject: Re: How to compute crt coefficient (PQ) value
1 mod p "
I wonder if the smart card user guide might have printed P-1 instead of P-1.
Even so I don't know how such a small real number obtained after taking the
inverse can be a big integer. In fact Java BigInteger doesn't allow raising to
a negative exponent value.
--- On Wed,
d, 15/12/10, Victor Duchovni wrote:
From: Victor Duchovni
Subject: Re: How to compute crt coefficient (PQ) value of a private key?
To: openssl-users@openssl.org
Date: Wednesday, 15 December, 2010, 10:08 AM
On Tue, Dec 14, 2010 at 07:30:33PM -0800, Kannan J wrote:
> I have a private key tha
I have a private key that I need to load onto the smart card.
The prime P value used being
00CC11DBABBC3648BF4C3800DD73C769580D60B8F45BA41210674FCFB6EDE6C604FD20FBD0EC3125BB9A116238CE4900A0308155971AB606CFB9945551B519ED6F
And the prime Q value being
00DF613AEA2FF8438C58766639DCED24D9BCBAF75926734
?
thanks
Kannan
--- On Thu, 9/12/10, Kannan J wrote:
From: Kannan J
Subject: p12 file created using openssl doesn't have the certificate stored
against the alias.
To: openssl-users@openssl.org
Date: Thursday, 9 December, 2010, 11:49 PM
I have a certificate file MSCACertificate.cer
I have a certificate file MSCACertificate.cer and the corresponding private key
MSCAPrivateKey.pem from which I created a p12 file MSCACertificateBundle.p12
using the command
D:\>openssl pkcs12 -export -out MSCACertificateBundle.p12 -inkey MSCAPrivateKey.
pem -in MSCACertificate.cer
When I try to
