Re: [openssl-users] OpenSSL 1.1.0 providing new OIDs to source code
yes i can do this. I do it as github issue then. I hope i find time this evening to do this otherwise tomorrow. Von: openssl-users <openssl-users-boun...@openssl.org> im Auftrag von Richard Levitte <levi...@openssl.org> Gesendet: Dienstag, 11. Juli 2017 09:19:04 An: openssl-users@openssl.org Betreff: Re: [openssl-users] OpenSSL 1.1.0 providing new OIDs to source code This all sounds a bit mysterious... would you mind sharing a test program that shows the problem, with detailed step by step instructions (among others what libraries you're running against each time)? Preferably as a github issue, but here is fine as well... Cheers, Richard In message <db6p195mb0182a9c918b5d06cf9a12fd8fb...@db6p195mb0182.eurp195.prod.outlook.com> on Mon, 10 Jul 2017 16:47:28 +, Matthias Ballreich <matthias.ballre...@outlook.de> said: Matthias.Ballreich> Yes, MY_NID is really NID_whatever. I tried it with putting Matthias.Ballreich> OPENSSL_init_crypto(0, NULL); at start of my main(). Matthias.Ballreich> Matthias.Ballreich> Did not make any difference… Matthias.Ballreich> Matthias.Ballreich> The Integer value of MY_NID will be printed out and is the correct Matthias.Ballreich> integer value. Matthias.Ballreich> Matthias.Ballreich> And i tried another thing. I replaced the two dll-libraries with the Matthias.Ballreich> new created ones and then i run my Code and there all will be printed Matthias.Ballreich> out correctly. BUT the whole time i used some older dll-libraries of Matthias.Ballreich> openssl, (1.1.0f) and for development i used the latest 1.1.1-dev and Matthias.Ballreich> then i build this, which has added a new x509 extension (Admission), Matthias.Ballreich> which has a new OID (NID_extX509Admission, etc.) and there the short Matthias.Ballreich> and long name will be printed out correctly after Building the Code. Matthias.Ballreich> So this is a Little bit strange. Matthias.Ballreich> Matthias.Ballreich> Or must i replace the dll-libraries every time i build the Code? But Matthias.Ballreich> when, why has it worked with the old ones and the 1.1.1-dev (master Matthias.Ballreich> branch)? Matthias.Ballreich> Matthias.Ballreich> Best regards Matthias.Ballreich> Matthias.Ballreich> Matthias Matthias.Ballreich> Matthias.Ballreich> Von: Richard Levitte Matthias.Ballreich> Gesendet: Montag, 10. Juli 2017 06:14 Matthias.Ballreich> An: openssl-users@openssl.org Matthias.Ballreich> Betreff: Re: [openssl-users] OpenSSL 1.1.0 providing new OIDs to Matthias.Ballreich> source code Matthias.Ballreich> Matthias.Ballreich> In message Matthias.Ballreich> <am5p195mb018008b87acd89d37b629cf3fb...@am5p195mb0180.eurp195.prod.outlook.com> Matthias.Ballreich> on Sat, 8 Jul 2017 23:31:00 +, Matthias Ballreich Matthias.Ballreich> <matthias.ballre...@outlook.de> said: Matthias.Ballreich> Matthias.Ballreich> matthias.ballreich> Hi there, Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> i want to contribute some more OIDs. Therefore i Matthias.Ballreich> added the OIDs inside Matthias.Ballreich> matthias.ballreich> the „Objects.txt“ inside /crypto/objects Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> Then i run these commands: Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> perl objects.pl objects.txt obj_mac.num . Matthias.Ballreich> matthias.ballreich> ./../include/openssl/obj_mac.h Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> perl obj_dat.pl ../../include/openssl/obj_mac.h Matthias.Ballreich> obj_dat.h Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> perl objxref.pl obj_mac.num obj_xref.txt > Matthias.Ballreich> obj_xref.h Matthias.Ballreich> Matthias.Ballreich> Sure, that looks fine to me Matthias.Ballreich> Matthias.Ballreich> matthias.ballreich> The files are generated / updated. Then i build Matthias.Ballreich> the source which Matthias.Ballreich> matthias.ballreich> builds fine without any exceptions. Then i tried Matthias.Ballreich> to use the generated Matthias.Ballreich> matthias.ballreich> NIDs in my Code. For test purposes i tried to Matthias.Ballreich> print out the short and Matthias.Ballreich> matthias.ballreich> Long Name of my new oid with OBJ_nid2sn(MY_NID) Matthias.Ballreich> and OBJ_nid2(MY_NID). Matthias.Ballreich> matthias.ballreich> But here it prints out an empty string. Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> When o try to use my NID with X509_get_ext_by_NID Matthias.Ballreich> (cert, MY_NID, -1) Matthias.Ballreich> matthias.ballreich> the O
Re: [openssl-users] OpenSSL 1.1.0 providing new OIDs to source code
This all sounds a bit mysterious... would you mind sharing a test program that shows the problem, with detailed step by step instructions (among others what libraries you're running against each time)? Preferably as a github issue, but here is fine as well... Cheers, Richard In message <db6p195mb0182a9c918b5d06cf9a12fd8fb...@db6p195mb0182.eurp195.prod.outlook.com> on Mon, 10 Jul 2017 16:47:28 +, Matthias Ballreich <matthias.ballre...@outlook.de> said: Matthias.Ballreich> Yes, MY_NID is really NID_whatever. I tried it with putting Matthias.Ballreich> OPENSSL_init_crypto(0, NULL); at start of my main(). Matthias.Ballreich> Matthias.Ballreich> Did not make any difference… Matthias.Ballreich> Matthias.Ballreich> The Integer value of MY_NID will be printed out and is the correct Matthias.Ballreich> integer value. Matthias.Ballreich> Matthias.Ballreich> And i tried another thing. I replaced the two dll-libraries with the Matthias.Ballreich> new created ones and then i run my Code and there all will be printed Matthias.Ballreich> out correctly. BUT the whole time i used some older dll-libraries of Matthias.Ballreich> openssl, (1.1.0f) and for development i used the latest 1.1.1-dev and Matthias.Ballreich> then i build this, which has added a new x509 extension (Admission), Matthias.Ballreich> which has a new OID (NID_extX509Admission, etc.) and there the short Matthias.Ballreich> and long name will be printed out correctly after Building the Code. Matthias.Ballreich> So this is a Little bit strange. Matthias.Ballreich> Matthias.Ballreich> Or must i replace the dll-libraries every time i build the Code? But Matthias.Ballreich> when, why has it worked with the old ones and the 1.1.1-dev (master Matthias.Ballreich> branch)? Matthias.Ballreich> Matthias.Ballreich> Best regards Matthias.Ballreich> Matthias.Ballreich> Matthias Matthias.Ballreich> Matthias.Ballreich> Von: Richard Levitte Matthias.Ballreich> Gesendet: Montag, 10. Juli 2017 06:14 Matthias.Ballreich> An: openssl-users@openssl.org Matthias.Ballreich> Betreff: Re: [openssl-users] OpenSSL 1.1.0 providing new OIDs to Matthias.Ballreich> source code Matthias.Ballreich> Matthias.Ballreich> In message Matthias.Ballreich> <am5p195mb018008b87acd89d37b629cf3fb...@am5p195mb0180.eurp195.prod.outlook.com> Matthias.Ballreich> on Sat, 8 Jul 2017 23:31:00 +, Matthias Ballreich Matthias.Ballreich> <matthias.ballre...@outlook.de> said: Matthias.Ballreich> Matthias.Ballreich> matthias.ballreich> Hi there, Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> i want to contribute some more OIDs. Therefore i Matthias.Ballreich> added the OIDs inside Matthias.Ballreich> matthias.ballreich> the „Objects.txt“ inside /crypto/objects Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> Then i run these commands: Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> perl objects.pl objects.txt obj_mac.num . Matthias.Ballreich> matthias.ballreich> ./../include/openssl/obj_mac.h Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> perl obj_dat.pl ../../include/openssl/obj_mac.h Matthias.Ballreich> obj_dat.h Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> perl objxref.pl obj_mac.num obj_xref.txt > Matthias.Ballreich> obj_xref.h Matthias.Ballreich> Matthias.Ballreich> Sure, that looks fine to me Matthias.Ballreich> Matthias.Ballreich> matthias.ballreich> The files are generated / updated. Then i build Matthias.Ballreich> the source which Matthias.Ballreich> matthias.ballreich> builds fine without any exceptions. Then i tried Matthias.Ballreich> to use the generated Matthias.Ballreich> matthias.ballreich> NIDs in my Code. For test purposes i tried to Matthias.Ballreich> print out the short and Matthias.Ballreich> matthias.ballreich> Long Name of my new oid with OBJ_nid2sn(MY_NID) Matthias.Ballreich> and OBJ_nid2(MY_NID). Matthias.Ballreich> matthias.ballreich> But here it prints out an empty string. Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> When o try to use my NID with X509_get_ext_by_NID Matthias.Ballreich> (cert, MY_NID, -1) Matthias.Ballreich> matthias.ballreich> the Output is -2. Matthias.Ballreich> matthias.ballreich> Matthias.Ballreich> matthias.ballreich> So where is the Problem or what i’m doing wrong Matthias.Ballreich> here? Thanks! Matthias.Ballreich> Matthias.Ballreich> If you've come that far, MY_NID (which I assume is really Matthias.Ballreich> NID_whatever) obviously exists, or your code wouldn't even have Matthias.Ballreich>
Re: [openssl-users] OpenSSL 1.1.0 providing new OIDs to source code
Yes, MY_NID is really NID_whatever. I tried it with putting OPENSSL_init_crypto(0, NULL); at start of my main(). Did not make any difference… The Integer value of MY_NID will be printed out and is the correct integer value. And i tried another thing. I replaced the two dll-libraries with the new created ones and then i run my Code and there all will be printed out correctly. BUT the whole time i used some older dll-libraries of openssl, (1.1.0f) and for development i used the latest 1.1.1-dev and then i build this, which has added a new x509 extension (Admission), which has a new OID (NID_extX509Admission, etc.) and there the short and long name will be printed out correctly after Building the Code. So this is a Little bit strange. Or must i replace the dll-libraries every time i build the Code? But when, why has it worked with the old ones and the 1.1.1-dev (master branch)? Best regards Matthias Von: Richard Levitte<mailto:levi...@openssl.org> Gesendet: Montag, 10. Juli 2017 06:14 An: openssl-users@openssl.org<mailto:openssl-users@openssl.org> Betreff: Re: [openssl-users] OpenSSL 1.1.0 providing new OIDs to source code In message <am5p195mb018008b87acd89d37b629cf3fb...@am5p195mb0180.eurp195.prod.outlook.com> on Sat, 8 Jul 2017 23:31:00 +, Matthias Ballreich <matthias.ballre...@outlook.de> said: matthias.ballreich> Hi there, matthias.ballreich> matthias.ballreich> i want to contribute some more OIDs. Therefore i added the OIDs inside matthias.ballreich> the „Objects.txt“ inside /crypto/objects matthias.ballreich> matthias.ballreich> Then i run these commands: matthias.ballreich> matthias.ballreich> perl objects.pl objects.txt obj_mac.num . matthias.ballreich> ./../include/openssl/obj_mac.h matthias.ballreich> matthias.ballreich> perl obj_dat.pl ../../include/openssl/obj_mac.h obj_dat.h matthias.ballreich> matthias.ballreich> perl objxref.pl obj_mac.num obj_xref.txt > obj_xref.h Sure, that looks fine to me matthias.ballreich> The files are generated / updated. Then i build the source which matthias.ballreich> builds fine without any exceptions. Then i tried to use the generated matthias.ballreich> NIDs in my Code. For test purposes i tried to print out the short and matthias.ballreich> Long Name of my new oid with OBJ_nid2sn(MY_NID) and OBJ_nid2(MY_NID). matthias.ballreich> But here it prints out an empty string. matthias.ballreich> matthias.ballreich> When o try to use my NID with X509_get_ext_by_NID(cert, MY_NID, -1) matthias.ballreich> the Output is -2. matthias.ballreich> matthias.ballreich> So where is the Problem or what i’m doing wrong here? Thanks! If you've come that far, MY_NID (which I assume is really NID_whatever) obviously exists, or your code wouldn't even have compiled. One possibility remains, that for some reason, libcrypto hasn't been initialised like it should. This can happen if you only call a very select set of OpenSSL functions. What happens if you add this at the start of your main()? OPENSSL_init_crypto(0, NULL); (note, that should be seen as a temporary measure, as this is called internally in quite a number of spots, so for larger uses of OpenSSL functionality, you shouldn't need that) Cheers, Richard -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL 1.1.0 providing new OIDs to source code
In messageon Sat, 8 Jul 2017 23:31:00 +, Matthias Ballreich said: matthias.ballreich> Hi there, matthias.ballreich> matthias.ballreich> i want to contribute some more OIDs. Therefore i added the OIDs inside matthias.ballreich> the „Objects.txt“ inside /crypto/objects matthias.ballreich> matthias.ballreich> Then i run these commands: matthias.ballreich> matthias.ballreich> perl objects.pl objects.txt obj_mac.num . matthias.ballreich> ./../include/openssl/obj_mac.h matthias.ballreich> matthias.ballreich> perl obj_dat.pl ../../include/openssl/obj_mac.h obj_dat.h matthias.ballreich> matthias.ballreich> perl objxref.pl obj_mac.num obj_xref.txt > obj_xref.h Sure, that looks fine to me matthias.ballreich> The files are generated / updated. Then i build the source which matthias.ballreich> builds fine without any exceptions. Then i tried to use the generated matthias.ballreich> NIDs in my Code. For test purposes i tried to print out the short and matthias.ballreich> Long Name of my new oid with OBJ_nid2sn(MY_NID) and OBJ_nid2(MY_NID). matthias.ballreich> But here it prints out an empty string. matthias.ballreich> matthias.ballreich> When o try to use my NID with X509_get_ext_by_NID(cert, MY_NID, -1) matthias.ballreich> the Output is -2. matthias.ballreich> matthias.ballreich> So where is the Problem or what i’m doing wrong here? Thanks! If you've come that far, MY_NID (which I assume is really NID_whatever) obviously exists, or your code wouldn't even have compiled. One possibility remains, that for some reason, libcrypto hasn't been initialised like it should. This can happen if you only call a very select set of OpenSSL functions. What happens if you add this at the start of your main()? OPENSSL_init_crypto(0, NULL); (note, that should be seen as a temporary measure, as this is called internally in quite a number of spots, so for larger uses of OpenSSL functionality, you shouldn't need that) Cheers, Richard -- Richard Levitte levi...@openssl.org OpenSSL Project http://www.openssl.org/~levitte/ -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL 1.1.0 providing new OIDs to source code
Thanks. I tried it but i got the error Message that make update is not available. I am Building it on windows with nmake under the visual Studio Developer Shell. Why is nmake Update Not working there? Am 09.07.2017 um 08:40 schrieb Billy Brumley: >> i want to contribute some more OIDs. Therefore i added the OIDs inside the >> „Objects.txt“ inside /crypto/objects >> >> >> >> Then i run these commands: >> >> perl objects.pl objects.txt obj_mac.num ../../include/openssl/obj_mac.h >> >> perl obj_dat.pl ../../include/openssl/obj_mac.h obj_dat.h >> >> perl objxref.pl obj_mac.num obj_xref.txt > obj_xref.h > > Try 'make update' instead. > > BBB > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] OpenSSL 1.1.0 providing new OIDs to source code
> i want to contribute some more OIDs. Therefore i added the OIDs inside the > „Objects.txt“ inside /crypto/objects > > > > Then i run these commands: > > perl objects.pl objects.txt obj_mac.num ../../include/openssl/obj_mac.h > > perl obj_dat.pl ../../include/openssl/obj_mac.h obj_dat.h > > perl objxref.pl obj_mac.num obj_xref.txt > obj_xref.h Try 'make update' instead. BBB -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] OpenSSL 1.1.0 providing new OIDs to source code
Hi there, i want to contribute some more OIDs. Therefore i added the OIDs inside the „Objects.txt“ inside /crypto/objects Then i run these commands: perl objects.pl objects.txt obj_mac.num ../../include/openssl/obj_mac.h perl obj_dat.pl ../../include/openssl/obj_mac.h obj_dat.h perl objxref.pl obj_mac.num obj_xref.txt > obj_xref.h The files are generated / updated. Then i build the source which builds fine without any exceptions. Then i tried to use the generated NIDs in my Code. For test purposes i tried to print out the short and Long Name of my new oid with OBJ_nid2sn(MY_NID) and OBJ_nid2(MY_NID). But here it prints out an empty string. When o try to use my NID with X509_get_ext_by_NID(cert, MY_NID, -1) the Output is -2. So where is the Problem or what i’m doing wrong here? Thanks! -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users