[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Generating EC keys with certtool
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: Generating EC keys with certtool |
Date: |
Thu, 10 Nov 2011 21:08:46 +0100 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.23) Gecko/20111010 Icedove/3.1.15 |
On 11/10/2011 08:58 PM, Nikos Mavrogiannopoulos wrote:
>>> What do you mean verify a CSR? Verify the self signature? That is being
>>> done automatically when it is signed.
>> Ah yes, I see that. Openssl has a command to verify without signing.
>> The reason I'm not using certtool to generate the request is that I
>> already had a script to generate certs using openssl. The only reason
>> I used certtool for the key was that gnutls does not read openssl ec
>> keys (Thats the issue I reported a few days ago).
>> After investigating, it appears that the problem lies in gnutls
>> generating a bad EC key on the BAD system. Both gnutls and openssl (on
>> both GOOD and BAD systems) will happily generate a CSR using that bad
>> key, but both will fail the verification when trying to sign the CSR.
> Can you send me that (bad) key? What kind of system is the BAD system?
I just noticed it was attached. It is indeed incorrect. Did you run
"make check" on the gnutls source on that system? Could you provide
information about the CPU (32-bit/64-bit, endianness etc.).
regards,
Nikos
- Generating EC keys with certtool, Fabrice Gautier, 2011/11/10
- Re: Generating EC keys with certtool, Nikos Mavrogiannopoulos, 2011/11/10
- Re: Generating EC keys with certtool, Fabrice Gautier, 2011/11/10
- Re: Generating EC keys with certtool, Fabrice Gautier, 2011/11/10
- Re: Generating EC keys with certtool, Nikos Mavrogiannopoulos, 2011/11/10
- Re: Generating EC keys with certtool, Fabrice Gautier, 2011/11/10
- Re: Generating EC keys with certtool, Nikos Mavrogiannopoulos, 2011/11/10
- Re: Generating EC keys with certtool,
Nikos Mavrogiannopoulos <=
- Re: Generating EC keys with certtool, Fabrice Gautier, 2011/11/10
- Re: Generating EC keys with certtool, Fabrice Gautier, 2011/11/10
- Re: Generating EC keys with certtool, Nikos Mavrogiannopoulos, 2011/11/10
- Re: Generating EC keys with certtool, Fabrice Gautier, 2011/11/11
- RE: Generating EC keys with certtool, Hoyt, David, 2011/11/11
- Re: Generating EC keys with certtool, Nikos Mavrogiannopoulos, 2011/11/10