Re[2]: Looks like ECC sign/verify has a bug.

Filed: Bug 535931 [https://bugzilla.mozilla.org/show_bug.cgi?id=535931] On Sat, 19 Dec 2009, Douglas Stebila wrote: Yes, you're correct that it should be done with respect to the size of the group order. If you file a Bugzilla report, you can add me to and I'll put together a patch if no one

Re: Looks like ECC sign/verify has a bug.

Yes, you're correct that it should be done with respect to the size of the group order. If you file a Bugzilla report, you can add me to and I'll put together a patch if no one else does. Douglas On 2009-Dec-18, at 10:51 PM, Konstantin Andreev wrote: > Hello. > > I have noticed, the followin

Re: SSL handshake using NSS Vs using Openssl

On Fri, Dec 18, 2009 at 7:36 AM, Abhishek Rahirikar wrote: > > Ok.. But the tool is able to get all the information using the cipher. It is > able to get the certificate and check the expiry, host of certificate etc. > Do you know what the NSS do if the cipher requested for handshake is not > supp

Re: SSL handshake using NSS Vs using Openssl

Hi, Thank you for the quick reply. Please see my comments below. "Wan-Teh Chang" wrote in message news:mailman.544.1261148552.4112.dev-tech-cry...@lists.mozilla.org... > On Fri, Dec 18, 2009 at 6:33 AM, Abhishek Rahirikar > wrote: >> Hi, >> >> I am a new user of NSS. >> >> I am testing a tool

Re: SSL handshake using NSS Vs using Openssl

On Fri, Dec 18, 2009 at 6:33 AM, Abhishek Rahirikar wrote: > Hi, > > I am a new user of NSS. > > I am testing a tool that checks if any weak cipher are supported by the web > application server. The tool is based on NSS. > The tool reports some ciphers that are supported. It uses SSL_ForceHandshak

SSL handshake using NSS Vs using Openssl

Hi, I am a new user of NSS. I am testing a tool that checks if any weak cipher are supported by the web application server. The tool is based on NSS. The tool reports some ciphers that are supported. It uses SSL_ForceHandshake function to detect if the handshake is possible or not. SSL_ForceHan

Looks like ECC sign/verify has a bug.

Hello. I have noticed, the following method is used in the ECC sign/verify routines to derive 'e' integer from a digest: ( begin cite ) /* In the definition of EC signing, digests are truncated * to the length of n in bits. * (see SEC 1 "Elliptic Curve Digit Signature Algo

Re[4]: Should I use SECITEM_AllocItem or PORT_Arena{,Z}Alloc memory allocation ?

Hello, Nelson. Thank you again for detailed description. This is a valuable piece of information. Best regards, -- Konstantin Andreev, software engineer. Swemel JSC On Fri, 18 Dec 2009, Nelson B Bolyard wrote: On 2009-12-17 13:39 PST, Konstantin Andreev wrote: On Tue, 17 Dec 2009, Nelson B