[Help-gnutls] Encryption using DSA keys

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnutls] Encryption using DSA keys

From:	Miroslav Kratochvil
Subject:	[Help-gnutls] Encryption using DSA keys
Date:	Mon, 20 Apr 2009 15:56:47 +0200

Hi everyone,

well, after I solved the problem at [1], I got to real problems problems:

I want gnutls to negotiate encrypted connection using DSA keys. I
realized that I will have to use DHE_DSS algorithm, but I have no idea
how to generate a certificate for one. Googling failed, and
documentation says only that "DHE_DSS uses DSA keys in certificates."

In OpenSSL world (from where I'm migrating) it was easy, one just
appended "-dsa" to key generating parameters, and it was done.
Nevertheless; with gnutls and --dsa option; I'm getting error -89
(Public key signature verification has failed.). RSA alternative
(--rsa with the same commands) works ok.

So, is there any tutorial or howto on generating suitable DSA keys for
use with encryption? Ideally with a complete certtool script for
generating one selfsigned CA keypair and other that-ca-signed keypair.

If I'm totally wrong and using DSA for encryption is lame, and
therefore it doesn't and won't ever work, please tell me ;)

Thanks in advance

Mirek Kratochvil

-----
[1] is gnutls-devel thread, can be seen at gmane:
http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/3488

[Prev in Thread]

Current Thread

[Next in Thread]

[Help-gnutls] Encryption using DSA keys, Miroslav Kratochvil <=
- [Help-gnutls] Re: Encryption using DSA keys, Simon Josefsson, 2009/04/20
  - [Help-gnutls] Re: Encryption using DSA keys, Miroslav Kratochvil, 2009/04/21

Prev by Date: [Help-gnutls] Re: Welcome to the "Help-gnutls" mailing list
Next by Date: [Help-gnutls] Re: Encryption using DSA keys
Previous by thread: [Help-gnutls] Re: Welcome to the "Help-gnutls" mailing list
Next by thread: [Help-gnutls] Re: Encryption using DSA keys
Index(es):
- Date
- Thread