Re: [openssl-users] rsaOAEP OID in X509 certificate

2018-08-16 Thread Stephane van Hardeveld
> > On Aug 14, 2018, at 4:55 PM, Stephane van Hardeveld > wrote: > > > > If I would try this endeavour, what would be the best interface to set this? > > For creation, use the EVP_PKEY type with the EVP_PKEY_CTX, and set > > attributes there? > > You

Re: [openssl-users] rsaOAEP OID in X509 certificate

2018-08-14 Thread Stephane van Hardeveld
> > > On Aug 9, 2018, at 3:21 PM, Stephane van Hardeveld > wrote: > > > > The certificate is signed with PSS. However, I try to indicate that the > > public key enclosed IN the certificate should be used with the OAEP > padding > > mode while decryptin

Re: [openssl-users] rsaOAEP OID in X509 certificate

2018-08-09 Thread Stephane van Hardeveld
> > Keys in X.509 certiificates are mostly used for signing (e.g. TLS with > DHE or ECDHE key agreement). But I guess you could mint an encryption- > only > certificate that is not useful for signing, and use it exclusively for > key wrapping. That is exactly the use case ;-) I don't know whe

Re: [openssl-users] rsaOAEP OID in X509 certificate

2018-08-09 Thread Stephane van Hardeveld
> > On Aug 8, 2018, at 12:01 PM, Stephane van Hardeveld > wrote: > > > > By default, if I create an X 509 certificate with a public key in it, the > > object identifier is rsaEncyption (1.2.840.113549.1.1.1). Is it possible to > > specify a different object identi

Re: [openssl-users] rsaOAEP OID in X509 certificate

2018-08-09 Thread Stephane van Hardeveld
> -Original Message- > From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Ken Goldman > Sent: donderdag 9 augustus 2018 18:52 > To: openssl-users@openssl.org > Subject: Re: [openssl-users] rsaOAEP OID in X509 certificate > > On 8/9/201

Re: [openssl-users] rsaOAEP OID in X509 certificate

2018-08-09 Thread Stephane van Hardeveld
> -Original Message- > From: openssl-users [mailto:openssl-users-boun...@openssl.org] On Behalf > Of Ken Goldman > Sent: donderdag 9 augustus 2018 14:56 > To: openssl-users@openssl.org > Subject: Re: [openssl-users] rsaOAEP OID in X509 certificate > > On 8/9/20

Re: [openssl-users] rsaOAEP OID in X509 certificate

2018-08-09 Thread Stephane van Hardeveld
> > BTW, the only time I ever saw rsaAOEP was for TPM 1.2 EK certificates. > If you're working with the TPM, I can supply a lot of sample code. > > On 8/8/2018 12:01 PM, Stephane van Hardeveld wrote: > > Hello all, > > > > By default, if I create an X 509 ce

[openssl-users] rsaOAEP OID in X509 certificate

2018-08-08 Thread Stephane van Hardeveld
functions, and other places in code, but the only place this object ID is specified is in obj_dat.h, and not used anywhere else (as far as I can see...) Regards, Stephane van Hardeveld -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users