search for: rsa_sign

...etails The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_4 src/crypto/openssl/crypto/rsa/rsa_sign.c 1.1.1.1.2.6 RELENG_4_11 src/UPDATING 1.73.2.91.2.22 src/sys/conf/newvers.sh 1.44.2.39.2.25 src/crypto/openssl/crypto/rsa/rsa_sign.c 1.1.1.1.2.5.6.1 RELENG_5 src/crypto/openssl/cr...

...dle but > that is very easy in CentOS7 > Thank you, Marc. We created our own CA and certificates just fine. The problem is that SSL does not seem to like them giving the error I mentioned in the previous message: dovecot: imap-login: Error: SSL: Stacked error: error:04075070:rsa routines:RSA_sign:digest too big for rsa key What would an SSL+Dovecot expert do if this error was encountered? A 1024 bit key works just fine but we have to stick to 256.

...ng with: Security status not satisfied sec.c:53:sc_compute_signature: returning with: Security status not satisfied pkcs15-sec.c:285:sc_pkcs15_compute_signature: sc_compute_signature() failed: Security status not satisfied sc_pkcs15_compute_signature() failed: Security status not satisfied ssh_rsa_sign: RSA_sign failed: error:00000000:lib(0):func(0):reason(0) This is happen because openssh never prompt for the pin. If I use the openssh-agent and ssh-add everything works well. ssh-add -s 0 ssh localhost :) --> Have a lot of fun The question now: Does Smartcards only work, if I use the ssh-...

Hi list! For some reason I need to use a really weak server key (256 bit) with dovecot for imaps access. Is this possible? I tried but getting this error: dovecot: imap-login: Error: SSL: Stacked error: error:04075070:rsa routines:RSA_sign:digest too big for rsa key This is on an Ubuntu 14.04 on x64. Thank you! Stavros

...f=0x1990300 "\0205:\t\026\217????\206b#??nG?\177??\002U*P^9\0213?]??f\225?:?m\005\215\225??n????\205?\205?'?\220??,e#?\2150\025K\em?\022Wn\177[@?\fQ?4w3g?yX???\024\b\2222????F[p??n??r?(??\017?\214\177\220;qI?Z,.Bv\026$R?", siglen=128, rsa=0x198b700) at bsd/tools/openssl/crypto/rsa/rsa_sign.c:147 147 if (siglen != (unsigned int)RSA_size(rsa)) (gdb) x/40x 0x198b7a0: 0x00000041 0x00000000 0x00008000 0x00000000 0x198b7b0: 0x00000000 0x00000000 0x00000000 0x00008000 0x198b7c0: 0xe5b83d65 0x00000001 0x5555686d 0x61632d...

Functionality request for supporting Digital Signatures for RSA and DSS Public Key Algorithms in alignment with NIST SP800-131A. I assume this has been asked before, but I could not find in the archives. Support of "ssh-rsa-sha256" and "ssh-dss-sha256" public key algorithms for OpenSSH? I know Suite B Algorithms and x509 SSH Extension Algorithms are supported, but not a

...Status: NEW Severity: normal Priority: P5 Component: ssh Assignee: unassigned-bugs at mindrot.org Reporter: tomas.kuthan at oracle.com After code refactoring for library-like interfaces, error messages are no longer printed for DSA_do_sign() or RSA_sign() failures in some code paths. When investigating error messaging for signing failures I also noticed, that incorrect messages are printed for sshkey_from_blob() and sshkey_sign() errors in ssh-agent.c. -- You are receiving this mail because: You are watching the assignee of the bug.

...t;/div> <div> <br> </div> <div> I tried but getting this error: </div> <div> <br> </div> <div> dovecot: imap-login: Error: SSL: Stacked error: error:04075070:rsa </div> <div> routines:RSA_sign:digest too big for rsa key </div> <div> <br> </div> <div> This is on an Ubuntu 14.04 on x64. </div> <div> <br> </div> <div> Thank you! </div> <div> <br> </div>...

...seem to like them giving the error I mentioned in the </div> <div> previous message: </div> <div> <br> </div> <div> dovecot: imap-login: Error: SSL: Stacked error: error:04075070:rsa </div> <div> routines:RSA_sign:digest too big for rsa key </div> <div> <br> </div> <div> What would an SSL+Dovecot expert do if this error was encountered? A </div> <div> 1024 bit key works just fine but we have to stick to 256. </div> </blockq...

I wasn't having much luck getting a key and certificate stored on a hardware token to work until I made this fix. The ssh_rsa_sign key was not using either overloading. I used the rsa.meth way, instead of the engine. With this patch ssh-add works. I'm working on getting ssh to take a PIN, but when I put in a call to read_passphrase in the appropriate place, it muddies the waters for stdin, I think. I get errors in...

> > If you can convince openssl to use it. Does anybody have any hints on how it may be done, if possible at all? Stavros

...te type res_crypto.c:268: dereferencing pointer to incomplete type res_crypto.c: In function `ast_sign': res_crypto.c:391: dereferencing pointer to incomplete type res_crypto.c:397: warning: implicit declaration of function `SHA1' res_crypto.c:400: warning: implicit declaration of function `RSA_sign' res_crypto.c:400: `NID_sha1' undeclared (first use in this function) res_crypto.c:400: (Each undeclared identifier is reported only once res_crypto.c:400: for each function it appears in.) res_crypto.c:400: dereferencing pointer to incomplete type res_crypto.c:403: dereferencing pointer to...

...`COMP_expand_block' /usr/local/ssl/lib/libssl.so: undefined reference to `BIO_snprintf' /usr/local/ssl/lib/libssl.so: undefined reference to `d2i_RSAPrivateKey_bio' /usr/local/ssl/lib/libssl.so: undefined reference to `ASN1_dup' /usr/local/ssl/lib/libssl.so: undefined reference to `RSA_sign' /usr/local/ssl/lib/libssl.so: undefined reference to `ERR_peek_error' /usr/local/ssl/lib/libssl.so: undefined reference to `PEM_read_bio_PrivateKey' /usr/local/ssl/lib/libssl.so: undefined reference to `lh_retrieve' /usr/local/ssl/lib/libssl.so: undefined reference to `X509_get_pub...

...local/lib/libmusclepkcs11.so debug1: Authentications that can continue: publickey,keyboard-interactive debug1: Offering public key: /usr/local/lib/libmusclepkcs11.so debug1: Server accepts key: pkalg ssh-rsa blen 151 Enter PIN for 'MuscleCard Applet': C_FindObjects failed (0 nfound): 0 ssh_rsa_sign: RSA_sign failed: error:00000000:lib(0):func(0):reason(0) debug1: Trying private key: /home/dbenoy/.ssh/id_rsa debug1: Trying private key: /home/dbenoy/.ssh/id_dsa debug1: Next authentication method: keyboard-interactive Password: ---------- This PKCS#11 module works fine with Evolution, Firefox,...

...-r1.26 key.h --- key.h 3 Aug 2006 03:34:42 -0000 1.26 +++ key.h 15 Nov 2006 14:14:33 -0000 @@ -53,6 +53,7 @@ int flags; RSA *rsa; DSA *dsa; + u_char *cert; }; Key *key_new(int); @@ -83,5 +84,7 @@ int ssh_dss_verify(const Key *, const u_char *, u_int, const u_char *, u_int); int ssh_rsa_sign(const Key *, u_char **, u_int *, const u_char *, u_int); int ssh_rsa_verify(const Key *, const u_char *, u_int, const u_char *, u_int); + +int cert_verify(const u_char *cert, const Key *, const Key *, const u_char *); #endif Index: monitor.c ===================================================...

...+ sizeof_TPM_CURRENT_TICKS(currentTicks)); -- memcpy(&info[30], digestToStamp->digest, sizeof(TPM_DIGEST)); -- p = &info[30 + sizeof(TPM_DIGEST)]; -- length = sizeof_TPM_CURRENT_TICKS(currentTicks); -- if (tpm_marshal_TPM_CURRENT_TICKS(&p, &length, currentTicks) -- || rsa_sign(&key->key, RSA_SSA_PKCS1_SHA1, info, info_length, *sig)) { -- tpm_free(*sig); -- tpm_free(info); -- return TPM_FAIL; -- } -- return TPM_SUCCESS; -+ return TPM_DISABLED_CMD; - } - - void tpm_update_ticks(void) - { -- if (tpmData.stany.data.currentTicks.tag == 0) { -- tpmData...