Here are the changes I made to compile openssl-0.9.6c on UWIN.
UWIN is a UNIX-like operating system that runs on top of
Windows.
Configure==
--- Configure.orig Thu Dec 06 08:11:39 2001
+++ Configure Thu May 30 11:30:26 2002
@@ -458,6 +458,9 @@
# and its library f
Hello folks,
there seems to be a bug in pkcs12/p12_kiss.c:
PKCS12_parse():
if you enter the function with an allocated
ca stack and the parse fails,
the ca stack will be deallocated and the pointer not cleared.
this is bad because the stack was external allocated and
ist normally would be the
I've just installed openssl-0.9.6c on Linux, and I'm trying to figure out
the libcrypto API set by looking at the 'demos' examples.
Compiling the maurice examples gives the compilation error
In function ReadPublicKey: too few arguments to function PEM_ASN1_read,
and indeed, the funct
>> "Steven Bade <[EMAIL PROTECTED]>
>> I'm not sure about the second question, but we found that the eracom
>> engine submission was much more generic. When one of my co-workers
>> tried to get our PKCS#11 libraries (openCryptoki) used by the Trustway
>> module there were many issues, as well as
"Steven Bade" <[EMAIL PROTECTED]> wrote
> We generate all keys within our "tokens" Some tokens such as the
> 4758 keep all the token objects within the secure boundary, and rely on
> the proper PKCS#11 attributes to control selection, keys generated stay
> within the FIPS4 boundary. Others
Zoran,
could you please send me source code of Eracom
PKCS11 engine for openssl?
regards
__[EMAIL PROTECTED]Bull
Technologies -Trustway R&D - Networking & Securityhttp://www.servers.bull.com/trustway
- Original Message -
From:
Zoran Rade
I believe that I have found a bug in the above file and would like for someone
else to santiy check it.
At line 290 in a_utctm.c, a separate code block is being used if the library
needs to call gmtime_r() to get the time structure. The value is stored in a
temporary (data) that is declared i
hey folks,
I've got an interesting one. I have a simple server/client application set I'm working
on and it seems that during a read block on SSL_read if I realize that the clients
application has gone I run into a seg fault on that particular read call. When I check
the core file the fault s
"Götz Babin-Ebell via RT" wrote:
Oups.
It seems I didn't mention the OpenSSL version:
0.9.6c / 0.9.7 (snap from 28.05.2002)
Sorry...
> Hello folks,
>
> there seems to be a bug in pkcs12/p12_kiss.c:
>
> PKCS12_parse():
>
> if you enter the function with an allocated
> ca stack and the parse
"Götz Babin-Ebell via RT" wrote:
Oups.
It seems I didn't mention the OpenSSL version:
0.9.6c / 0.9.7 (snap from 28.05.2002)
Sorry...
> Hello folks,
>
> there seems to be a bug in pkcs12/p12_kiss.c:
>
> PKCS12_parse():
>
> if you enter the function with an allocated
> ca stack and the parse
OpenSSL 0.9.6d 9 May 2002
built on: Mon May 27 13:45:53 2002
platform: VC-WIN32
options: bn(64,32) md2(int) rc4(idx,int) des(idx,cisc,4,long) idea(int)
blowfish(idx)
compiler: cl /MD /W3 /WX /G5 /Ox /O2 /Ob2 /Gs0 /GF /Gy /nologo -DWIN32
-DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 /Fdout32dll
I believe that I have found a bug in the above file and would like for someone
else to santiy check it.
At line 290 in a_utctm.c, a separate code block is being used if the library
needs to call gmtime_r() to get the time structure. The value is stored in a
temporary (data) that is declared
PEM_ASN1_write_bio calls RAND_pseudo_bytes to generate iv, skipping the message
digesting process described in section 6.1 of PKCS #5, which EVP_BytesToKey optionally
supports.
Should PEM_ASN1_write_bio be modified to get its iv via EVP_BytesToKey's last
argument? Thanks.
Frank
--
This e-m
I should have added that modifying PEM_ASN1_write_bio to use the PKCS #5-generated IV,
not the salt as the IV, would cause problems reading encrypted files written prior to
this change. So I should have really asked, "Is there any value in complying with PKCS
#5?"
Frank
On Fri, May 31, 2002, Frank Balluffi wrote:
>
> I should have added that modifying PEM_ASN1_write_bio to use the PKCS #5-generated
>IV, not the salt as the IV, would cause problems reading encrypted files written
>prior to this change. So I should have really asked, "Is there any value in comp
15 matches
Mail list logo
