Collaborate Disseminate
Having issue with x509 certificate verification.
Steps I followed.
Generated the root certificate.
created the Intermediate certificate.
signed the Intermediate certificate with root certificate.
Signing was success.
verification failed…. Continue reading x509 certificate verification issue
CRL lists the revoked certificates of a CA by sending back to the user the Serial Number of each certificate, nothing related to the public key. I don’t know how it works for OCSP.
Is there a technical way on the CA side (beyond the organi… Continue reading How can I ensure that a CSR doesn’t rely on a revoked private key
It seems that Firefox and Chrome both support x25519 keys, but they do not accept keys signed using Ed25519. Am I correct?
If so, where can I find the official source of this information?
In the Windows Certificate Store, during a request creation, there are options given for the private key to be ECDH (Key Usage: keyAgreement) and for RSA for encryption only (Key Usage: keyEncipherment):
ECDH,Microsoft Software Key Storag… Continue reading Microsoft Software Key Storage Provider for ECDH (Key Usage: keyAgreement) and for RSA encryption (Key Usage: keyEncipherment)
The windows certificate store, during the creation of a request, gives the following options for the private key:
ECDSA_nistP384,Microsoft Software Key Storage Provider (KSP)
ECDSA_secP384,Microsoft Software Key Storage Provider (KSP)
During the creation of a certificate request through the Windows Certificate Store, at the options for the private key, there are the following options for choosing a KSP:
ECDSA_brainpoolP512,Microsoft Software Key Storage Provider (KSP)
… Continue reading ECDSA_bainpoolP512 vs ECDSA Microsoft Software Key Storage Provider (KSP) / ECDSA_nistP384 vs ECDSA_secP384 vs ECDSA_P384
I have the following JavaScript code, is this safe to do?
Generate sibling public/private key pair.
Derive shared key using said key pair.
I am asking this because typically, a shared key is generated using your own private key and someo… Continue reading ECDH algorithm – Is it safe and secure to calculate shared key using sibling public/private key pair? [closed]
I have a small ARM M0 SoC and a smartphone as actors. Encryption keys used are Elliptic curve.
My current security is implemented such that:
the SoC has 128 bit hashes of phone public keys (vs 512 bit – due to storage space constraints)
t… Continue reading Does partial public key pre-sharing and partial public key exchange improve security vs one-sided public key sharing [migrated]
I’m trying to setup a custom order of TLS cipher suites according to this Microsoft list, on Windows Server 2022 but the outcome is not the one that I was expecting.
After using the powershell to disable a bunch, and set a preferred order… Continue reading Cipher Suites settings wrong order?
I have created a ECDSA key and now need to convert this to SSH2 key.
final KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ECDSA");
ECGenParameterSpec params = new ECGenParameterSpec("secp384r1");
key… Continue reading Given a Java ECPublicKey ECDSA PublicKey, how can I build an SSH2 public key?