search for: secg

..., issuing csr, signing certs with that particular curve. Printing certs and verifying certs against keys is panning out too, comparing md5 hashes also no errors. So why would openssl not accept (limit) keys is has generated and verified with no error? [ openssl ecparam -list_curves ] ? secp112r1 : SECG/WTLS curve over a 112 bit prime field ? secp112r2 : SECG curve over a 112 bit prime field ? secp128r1 : SECG curve over a 128 bit prime field ? secp128r2 : SECG curve over a 128 bit prime field ? secp160k1 : SECG curve over a 160 bit prime field ? secp160r1 : SECG curve over a 160 bit prime field ?...

> On 30 July 2018 at 20:37 ????? <vtol at gmx.net> wrote: > > > > >>>>>>> facing [ no shared cipher ] error with EC private keys. > >>>>>> the client connecting to your instance has to support ecdsa > >>>>>> > >>>>>> > >>>>> It does - Thunderbird 60.0b10 (64-bit) >

...<div> would openssl not accept (limit) keys is has generated and verified with </div> <div> no error? </div> <div> <br> </div> <div> [ openssl ecparam -list_curves ] </div> <div> secp112r1 : SECG/WTLS curve over a 112 bit prime field </div> <div> secp112r2 : SECG curve over a 112 bit prime field </div> <div> secp128r1 : SECG curve over a 128 bit prime field </div> <div> secp128r2 : SECG curve over a 128 bit prime field...

...4 RC) with IP: 10.1.0.4 192.168.5.146 asterisk-11.21.0 patched to work around https://issues.asterisk.org/jira/browse/ASTERISK-25659 openssl-1.0.1e-51.el7_2.2.x86_64 [root at elx4 ~]# openssl version OpenSSL 1.0.1e-fips 11 Feb 2013 [root at elx4 ~]# openssl ecparam -list_curves secp384r1 : NIST/SECG curve over a 384 bit prime field secp521r1 : NIST/SECG curve over a 521 bit prime field prime256v1: X9.62/SECG curve over a 256 bit prime field Client: Fedora 23 x86_64 Linphone (linphone-3.6.1-10.fc23.x86_64) Firefox 43 (firefox-43.0.3-1.fc23.x86_64) Google Chrome (google-chrome-stable-47.0...

...l) against the NSA potentially weakening crypto around the globe. This time it is about a cipher that is/will be used in the new tinc protocol: ECDSA According to https://github.com/gsliepen/tinc/blob/1.1/src/openssl/ecdsagen.c you use the secp521r1 curve, which is derived (according to http://www.secg.org/collateral/sec2_final.pdf - page 18) from the seed value "D09E8800 291CB853 96CC6717 393284AA A0DA64BA". There is suspicion around, that this seed value might weaken a ECDSA curve (as it is not explained where it actually comes from and how/why it was selected) to an attack not yet kn...