Re: mail encryption with ecdsa cert

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 26 Jan 2018, at 18:20, Kyle Hamilton <aerowolf@xxxxxxxxx> wrote:

In order to use Elliptical Curves to encrypt, you would have to use
the "Elliptical Curve Diffie-Hellman" algorithm to perform a key
agreement.  This requires that both the sender and the recipient have
EC keys which are marked in their certificates as being for the
purpose "keyAgreement”.

I have made sure that keyAgreement is in.
I get the following error

Error:
PKCS7_RECIP_INFO_set:encryption not supported for this key type

Key gen happens like this
/usr/local/bin/openssl ecparam -name secp521r1 -out secp521r1.pem
/usr/local/bin/openssl req -x509 -nodes -days 3650 -newkey ec:secp521r1.pem -keyout email-key.pem -out email.ch.pem

Which type of key do I need to generate? (for email signing and encryption).

Thanks a lot for any help !
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux