[openssl-dev] [openssl.org #3946] Enhancement request: Add support for RFC 5816

2015-07-15 Thread Rick Andrews via RT 
The OpenSSL time stamp code (crypto/ts_asn1.c) only supports RFC 3161. There
is no support for any of the data structures such as signingcertificateV2 or
ESSCertIDv2 defined in RFC 5816. Please consider adding support for the
newer RFC. Thanks,

-Rick Andrews



smime.p7s
Description: S/MIME cryptographic signature
___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #3932] Compilation Bug Report

2015-07-15 Thread jean-christophe manciot via RT 
"I can't reproduce the problem"
It's because my report is already 1 week old and in the meantime, some
commits have been made to solve this compilation issue.
I'm now also able to build and install the current version.

"First of all I'd like to point out that this doesn't look like 1.0.2,
rather master branch. 1.0.2 would have a lot of additional lines between
last two lines. This is just to ensure that expectations are correct."

Yes, I've realized after installation that it is version 1.1.0-dev.
I thought the master would be the stable version.



On Tue, Jul 14, 2015 at 10:13 PM, Andy Polyakov via RT 
wrote:

> jean-christophe manciot via RT wrote:
> > *Ubuntu Server 15.04*
> > *OpenSSL 1.0.2d sources from https://github.com/openssl/openssl
> > *
> >
> > root@msi-ge60
> > :/home/actionmystique/Program-Files/Ubuntu/OpenSSL/git-open-ssl#*
> ./config*
> > Operating system: x86_64-whatever-linux2
> > Configuring for linux-x86_64
> > Configuring for linux-x86_64
> > no-deprecated   [default]  OPENSSL_NO_DEPRECATED (skip dir)
> > no-ec_nistp_64_gcc_128 [default]  OPENSSL_NO_EC_NISTP_64_GCC_128
> (skip
> > dir)
> > no-gmp  [default]  OPENSSL_NO_GMP (skip dir)
> > no-jpake[experimental] OPENSSL_NO_JPAKE (skip dir)
> > no-md2  [default]  OPENSSL_NO_MD2 (skip dir)
> > no-rc5  [default]  OPENSSL_NO_RC5 (skip dir)
> > no-rfc3779  [default]  OPENSSL_NO_RFC3779 (skip dir)
> > no-sctp [default]  OPENSSL_NO_SCTP (skip dir)
> > no-shared   [default]
> > no-ssl-trace[default]  OPENSSL_NO_SSL_TRACE (skip dir)
> > no-store[experimental] OPENSSL_NO_STORE (skip dir)
> > no-unit-test[default]  OPENSSL_NO_UNIT_TEST (skip dir)
> > no-zlib [default]
> > no-zlib-dynamic [default]
> > IsMK1MF=0
> > CC=gcc
> > CFLAG =-DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H
> > -Wa,--noexecstack -m64 -DL_ENDIAN -Wall -O3 -DOPENSSL_IA32_SSE2
> > -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m
> > -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM
> > -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM
> > EX_LIBS   =-ldl
> > CPUID_OBJ =x86_64cpuid.o
> > BN_ASM=x86_64-gcc.o x86_64-mont.o x86_64-mont5.o x86_64-gf2m.o
> > rsaz_exp.o rsaz-x86_64.o rsaz-avx2.o
> > EC_ASM=ecp_nistz256.o ecp_nistz256-x86_64.o
> > DES_ENC   =des_enc.o fcrypt_b.o
> > AES_ENC   =aes-x86_64.o vpaes-x86_64.o bsaes-x86_64.o aesni-x86_64.o
> > aesni-sha1-x86_64.o aesni-sha256-x86_64.o aesni-mb-x86_64.o
> > BF_ENC=bf_enc.o
> > CAST_ENC  =c_enc.o
> > RC4_ENC   =rc4-x86_64.o rc4-md5-x86_64.o
> > RC5_ENC   =rc5_enc.o
> > MD5_OBJ_ASM   =md5-x86_64.o
> > SHA1_OBJ_ASM  =sha1-x86_64.o sha256-x86_64.o sha512-x86_64.o
> > sha1-mb-x86_64.o sha256-mb-x86_64.o
> > RMD160_OBJ_ASM=
> > CMLL_ENC  =cmll-x86_64.o cmll_misc.o
> > MODES_OBJ =ghash-x86_64.o aesni-gcm-x86_64.o
> > ENGINES_OBJ   =e_padlock-x86_64.o
> > PROCESSOR =
> > RANLIB=/usr/bin/ranlib
> > ARFLAGS   =
> > PERL  =/usr/bin/perl
> > SIXTY_FOUR_BIT_LONG mode
> > DES_UNROLL used
> > DES_INT used
> > RC4_CHUNK is unsigned long
> >
> > Configured for linux-x86_64.
>
> First of all I'd like to point out that this doesn't look like 1.0.2,
> rather master branch. 1.0.2 would have a lot of additional lines between
> last two lines. This is just to ensure that expectations are correct.
>
> > root@msi-ge60
> :/home/actionmystique/Program-Files/Ubuntu/OpenSSL/git-open-ssl#
> > *make*
> > making all in crypto...
> > ...
> > ake[2]: Entering directory
> > '/home/actionmystique/Program-Files/Ubuntu/OpenSSL/git-open-ssl/apps'
> > ( :; LIBDEPS="${LIBDEPS:--L.. -lssl -L.. -lcrypto -ldl}";
> > LDCMD="${LDCMD:-gcc}"; LDFLAGS="${LDFLAGS:--DOPENSSL_THREADS -D_REENTRANT
> > -DDSO_DLFCN -DHAVE_DLFCN_H -Wa,--noexecstack -m64 -DL_ENDIAN -Wall -O3
> > -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5
> > -DOPENSSL_BN_ASM_GF2m -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM
> > -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM
> > -DECP_NISTZ256_ASM}"; LIBPATH=`for x in $LIBDEPS; do echo $x; done | sed
> -e
> > 's/^ *-L//;t' -e d | uniq`; LIBPATH=`echo $LIBPATH | sed -e 's/ /:/g'`;
> > LD_LIBRARY_PATH=$LIBPATH:$LD_LIBRARY_PATH ${LDCMD} ${LDFLAGS} -o
> > ${APPNAME:=openssl} openssl.o asn1pars.o ca.o ciphers.o cms.o crl.o
> > crl2p7.o dgst.o dhparam.o dsa.o dsaparam.o ec.o ecparam.o enc.o engine.o
> > errstr.o gendsa.o genpkey.o genrsa.o nseq.o ocsp.o passwd.o pkcs12.o
> > pkcs7.o pkcs8.o pkey.o pkeyparam.o pkeyutl.o prime.o rand.o req.o rsa.o
> > rsautl.o s_client.o s_server.o s_time.o sess_id.o smime.o speed.o spkac.o
> > srp.o ts.o verify.o version.o x509.o apps.o opt.o s_cb.o s_socket.o
> > app_rand.o ${LIBDEPS} )
> > speed.o: In function `speed_main':
> > *speed.c:(.text+0x980): undefined reference to `RC4_s

[openssl-dev] (no subject)

2015-07-15 Thread jochma 


Hi guys,

I'm having trouble on creating a Self-Signed Certificate on a Windows CE 6.0 device.
I posted a question on stackoverflow but until now only one person posted a comment.

Can you give more details?

The post is: http://stackoverflow.com/questions/31339690/asn1-time-wrong-on-windows-ce-6-0

Thanks in advance


___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

[openssl-dev] [openssl.org #3945] broken cross-compilation for BSD-x86_64

2015-07-15 Thread Maxim Gorbachyov via RT 
Hello.

I'm trying to cross-build OpenSSL 1.0.2d for BSD-x86_64 (on linux host):

./Configure -no-idea -no-mdc2 -no-rc5 -D_GNU_SOURCE
--cross-compile-prefix=x86_64-pc-freebsd8- BSD-x86_64 -no-asm && make
depend
...
Configured for BSD-x86_64.
making depend in crypto...
make[1]: Entering directory '.../openssl-1.0.2d/crypto'
../util/domd: 30: ../util/domd: makedepend: not found

Indeed, configured for BSD-x86_64 openssl-1.0.2d/Makefile wants
something strange:
MAKEDEPPROG=makedepend

For example, same thing when configured for BSD-x86:
MAKEDEPPROG= $(CROSS_COMPILE)gcc

I think the issue was introduced by this commit:
===
commit f877da9cedb95df94105d7292f8e0963175e58dc
Author: Ben Laurie 
Date:   Fri May 1 15:53:46 2015 +0100

Use cc instead of gcc so either clang or gcc is used as
appropriate. Add clang
flags needed to keep it happy.

Reviewed-by: Richard Levitte 
===

Among other changes it has:

-"BSD-x86_64",  "gcc:-DL_ENDIAN -O3
-Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT
DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
+"BSD-x86_64",  "cc:-DL_ENDIAN -O3
-Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT
DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",

But Configure uses that "gcc" to get MAKEDEPPROG:
s/^MAKEDEPPROG=.*$/MAKEDEPPROG= \$\(CROSS_COMPILE\)$cc/ if $cc eq "gcc";

I'm not sure what is the best way to fix it. I'm able to cross-build
for BSD-x86_64 with this line in Configure:
"BSD-x86_64",  "gcc:-DL_ENDIAN -O3
-Wall::${BSDthreads}:::SIXTY_FOUR_BIT_LONG RC4_CHUNK DES_INT
DES_UNROLL:${x86_64_asm}:elf:dlfcn:bsd-gcc-shared:-fPIC::.so.\$(SHLIB_MAJOR).\$(SHLIB_MINOR)",
, but "cc" is there for a reason, I guess.

Could you please suggest how to fix it?

___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod

___
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev