[openssl.org #86] Bug in RSA_check_key

If the key is loaded via an ENGINE, openssl crashes because of a segfault (function BN_num_bits crypto/bn/bn_lib.c:252). Explanation: When loading a key from an engine the p q and d members of the RSA struct are never set. However RSA_check_key never checked to make sure those members a present

Bug in RSA_check_key

If the key is loaded via an ENGINE, openssl crashes because of a segfault (function BN_num_bits crypto/bn/bn_lib.c:252). Explanation: When loading a key from an engine the p q and d members of the RSA struct are never set. However RSA_check_key never checked to make sure those members a present

Re: openssl-0.9.7-beta1 Win32 build error

On Fri, Jun 07, 2002 at 11:02:19AM +0530, Bhavin Shah wrote: > I was trying to build the OpenSSL 0.9.7 beta1 source. > Finally, changed evp_test.c. On line 361 of crypto\evp\evp_test.c changed > the function call from strsep() to sstrsep() which is an existing function. > The code compiled this

openssl-0.9.7-beta1 Win32 build error

Hello, I was trying to build the OpenSSL 0.9.7 beta1 source. The steps that I went through were perl Configure VC-WIN32 ms\do_ms nmake /f ms\ntdll.mak I was able to build libeay32.dll and ssleay32.dll but the make process failed while building evp_test.c. The exact message produced was :

newer MacOS X versions do not have ftime() any more...

It seems like there might be some problems on newer versions of OpenSSL, where times() should be used rather than ftime() for certain time measurements. Does anyone know from which version of MacOS X times() exists? -- Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] Redakteur@Stacken

pkcs12 problem with Java keytool

Hi, I have generated PKCS12 files using openSSL pkcs12. I am now trying to access these files programmatically through Java KeyStore and am getting (in Java 1.4): java.security.UnrecoverableKeyException: Could not perform unpadding: invalid pad byte. at com.sun.net.ssl.internal.ssl.PKCS

[openssl.org #85] Re: [wvstreams-dev] list dead??

On Wed, Jun 05, 2002 at 10:05:08PM -0400, Dusty Phillips wrote: > Is there no action on this list? Well, no, there isn't. One reason is that Patrick hasn't had time to get nightly snapshots working, so I'm embarrassed to talk about changes immediately when we do them (eg. the recent really coo

digest too big for rsa key -

Hi I am getting this erro when I tried. 128 Bit. "digest too big for rsa key" Here is my code sinppet = RSA *key; /* Key Generated */ unsigned char *sigret=NULL; /* Signature Return */ unsigned int siglen;/* Signature length */

pkcs12 problem with keytool

Hi, I have generated PKCS12 files using openSSL pkcs12. I am now trying to access these files programmatically through Java KeyStore and am getting (in Java 1.4): java.security.UnrecoverableKeyException: Could not perform unpadding: invalid pad byte. at com.sun.net.ssl.internal.ssl.PKCS

Re: cvs commit: openssl/test Makefile.ssl

On Thu, Jun 06, 2002 at 11:29:13AM +0200, Richard Levitte - VMS Whacker wrote: > In message <[EMAIL PROTECTED]> on Thu, 6 Jun 2002 >11:17:18 +0200, Lutz Jaenicke <[EMAIL PROTECTED]> said: > > Lutz.Jaenicke> The correct solution would therefore be, to pass all > Lutz.Jaenicke> options back from w

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Thu, Jun 06, 2002 at 12:39:50PM +0300, Mike Pechkin wrote: > On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote: > > > > Also, markus@ created this temp patch: > > > +@@ -102,6 +104,13 @@ > > > + !ERROR This module requires OpenSSL 0.9.5a or higher > > > + #endif /* OPENSSL_

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote: > > Also, markus@ created this temp patch: > > +@@ -102,6 +104,13 @@ > > + !ERROR This module requires OpenSSL 0.9.5a or higher > > + #endif /* OPENSSL_VERSION_NUMBER */ > > + #endif /* SSLDLL */ > > ++ > > ++#if OPENSSL_VERSI

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote: > > Also, markus@ created this temp patch: > > +@@ -102,6 +104,13 @@ > > + !ERROR This module requires OpenSSL 0.9.5a or higher > > + #endif /* OPENSSL_VERSION_NUMBER */ > > + #endif /* SSLDLL */ > > ++ > > ++#if OPENSSL_VERSIO

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first usein this function)

Lutz Jaenicke via RT wrote: >I would like to see more discussions about this issue. I have looked >around some more and still find referrals like > http://www.alvestrand.no/objectid/2.5.4.45.html >with the UniqueIdentifier term instead of X500UniqueIdentifier. > This is the original name of this

Re: cvs commit: openssl/test Makefile.ssl

In message <[EMAIL PROTECTED]> on Thu, 6 Jun 2002 11:17:18 +0200, Lutz Jaenicke <[EMAIL PROTECTED]> said: Lutz.Jaenicke> The correct solution would therefore be, to pass all Lutz.Jaenicke> options back from withing test/Makefile (which would Lutz.Jaenicke> call crypto/ and ssl/ builds in case li

[openssl.org #75] DJGPP (DOS) Patch for 0.9.7

[[EMAIL PROTECTED] - Tue Jun 4 19:47:25 2002]: OK, I've a few comments: > --- openssl-0.9.7/Configure.orig 2002-05-30 10:08:08.0 -0800 > +++ openssl-0.9.7/Configure 2002-06-02 15:23:38.0 -0800 > @@ -513,6 +513,9 @@ > "Cygwin-pre1.3", "gcc:-DTERMIOS -DL_ENDIAN -fomit-fr

Re: cvs commit: openssl/test Makefile.ssl

On Wed, Jun 05, 2002 at 03:15:18PM +0200, Lutz Jaenicke wrote: > On Wed, Jun 05, 2002 at 02:47:24PM +0200, Bodo Moeller wrote: > > On Wed, Jun 05, 2002 at 09:01:53AM +0200, [EMAIL PROTECTED] wrote: > > > > > Log: > > > The correct PERL interpreter is passed via commandline. > > > > > RCS f

make depend from Configure?

In revision 1.81 of Configure, the automatic run of 'make depend' was commented out. IIRC, this was done because we had a dependency rebuild war happening a little now and then back then. Since then, we've unified the results of dependency generation with the domd script, so this kind of war doe

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first usein this function)

Mike Pechkin via RT wrote: >On Wed, Jun 05, 2002 at 03:10:58PM +0200, Lutz Jaenicke via RT wrote: > > >>The problem is caused by inconsistent definitions for the OID values. >>According to RFC2256, the OID 2.5.4.45 is assigned to >>X500UniqueIdentifier. UniqueIdentifier was assigned to >>pilotA

[openssl.org #77] Openssl 0.9.6d coredumps

[[EMAIL PROTECTED] - Thu Jun 6 08:52:53 2002]: > Great! Please clarify this for me, can I say F-secure is not > compatible > with standards or has the vendor possibility to choose the key format? F-secure doesn't seem to be compatible with standards. There are a number of structures that a

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Thu, Jun 06, 2002 at 11:27:11AM +0300, Mike Pechkin wrote: > On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote: > > > > For instance, mod_ssl 2.8.8-1.3.24 use workaround: > > > #ifndef NID_uniqueIdentifier > > > #define NID_uniqueIdentifier 102 > > > #endif > >

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote: > > For instance, mod_ssl 2.8.8-1.3.24 use workaround: > > #ifndef NID_uniqueIdentifier > > #define NID_uniqueIdentifier 102 > > #endif > > I don't like this option. As it is now, the new (correct) > NID_uniqueIde

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Thu, Jun 06, 2002 at 09:46:28AM +0200, Lutz Jaenicke via RT wrote: > > For instance, mod_ssl 2.8.8-1.3.24 use workaround: > > #ifndef NID_uniqueIdentifier > > #define NID_uniqueIdentifier 102 > > #endif > > I don't like this option. As it is now, the new (correct) > NID_uniqueIden

Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken onNeXTSTEP/OpenStep

In message <[EMAIL PROTECTED]> on Wed, 5 Jun 2002 23:48:36 -0700 (PDT), Doug Kaufman <[EMAIL PROTECTED]> said: dkaufman> Or perhaps, if you want to use perl, use File::Basename. This dkaufman> implementation works for unix, DOS, Cygwin, VMS, etc. Excellent! -- Richard Levitte \ Spannvägen 3

Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken onNeXTSTEP/OpenStep

In message <[EMAIL PROTECTED]> on Wed, 5 Jun 2002 08:05:10 -0700 (PDT), Doug Kaufman <[EMAIL PROTECTED]> said: dkaufman> On Wed, 5 Jun 2002, Richard Levitte via RT wrote: dkaufman> dkaufman> > Can I assume that sed exists and works properly? dirname can be dkaufman> > coded like this: dkaufma

Re: [openssl.org #81] Bug Report 0.9.7b1: make install broken onNeXTSTEP/OpenStep

On Thu, 6 Jun 2002, Richard Levitte - VMS Whacker wrote: > dkaufman> On Wed, 5 Jun 2002, Richard Levitte via RT wrote: > dkaufman> > dkaufman> > Can I assume that sed exists and works properly? dirname can be > dkaufman> > coded like this: > dkaufman> ... > dkaufman> This won't work in systems

[openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

[[EMAIL PROTECTED] - Thu Jun 6 08:55:05 2002]: > On Wed, Jun 05, 2002 at 03:10:58PM +0200, Lutz Jaenicke via RT wrote: > > > > [[EMAIL PROTECTED] - Wed Jun 5 14:48:52 2002]: > > > > > ck_ssl.c: In function k_tn_tls_negotiate': > > > ck_ssl.c:3232: ID_uniqueIdentifier' undeclared (first use i

Re: [openssl.org #82] `NID_uniqueIdentifier' undeclared (first use in this function)

On Wed, Jun 05, 2002 at 03:10:58PM +0200, Lutz Jaenicke via RT wrote: > > [[EMAIL PROTECTED] - Wed Jun 5 14:48:52 2002]: > > > ck_ssl.c: In function k_tn_tls_negotiate': > > ck_ssl.c:3232: ID_uniqueIdentifier' undeclared (first use in this > > function) > > ck_ssl.c:3232: (Each undeclared id

[openssl.org #84] small problem with openssl 0.9.7.b1 and the ocsp function

The doc says : "Create an OCSP request and write it to a file: openssl ocsp -issuer issuer.pem -cert c1.pem -cert c2.pem -reqout req.der " In my test, I try to do exactly that with : openssl ocsp -issuer ocsp_ca.pem -cert ocsp_valide.cer -cert ocsp_revoque.cer -reqout req.der But no req.d

[openssl.org #83] Pseudonym

Thanks, the new OID has been added for 0.9.7 and later. Best regards, Lutz __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automa

Re: [openssl.org #77] Openssl 0.9.6d coredumps

Great! Please clarify this for me, can I say F-secure is not compatible with standards or has the vendor possibility to choose the key format? Thanks for quick resolve. Regards, Jarmo Richard Levitte via RT wrote: > > OK, there are several issues here. > > First of all, your private key is b