Re: OS/2 support

2005-01-14 Thread Brian Havard
On Tue, 11 Jan 2005 10:15:48 +, John Poltorak wrote: >On Sun, Jan 09, 2005 at 10:05:42PM +0100, Andy Polyakov wrote: >> > The reason I ask is that up until v0.9.7c came out, it compiled out of the >> > box. Since then it doesn't. The problem seems to have arisen since the >> > introduction (

Re: CRL verification padding problems

2005-01-14 Thread Dr. Stephen Henson
On Sat, Jan 15, 2005, Massimiliano Pala wrote: > Dr. Stephen Henson wrote: > [...] > >Check to see if the CRL has an authority key id and if so if it matches the > >subject key id of the CA you are using. If not then the problem is that the > >wong CA and hence wrong public key is being used to ve

Re: CRL verification padding problems

2005-01-14 Thread Massimiliano Pala
Dr. Stephen Henson wrote: [...] Check to see if the CRL has an authority key id and if so if it matches the subject key id of the CA you are using. If not then the problem is that the wong CA and hence wrong public key is being used to verify the CRL signature. You are right, unfortunately I have t

[openssl.org #1000] [EMAIL PROTECTED]: Re: pkg/28858: security/openssl build fails on Sparc64 with ASM errors]

2005-01-14 Thread Gert Doering via RT
Hi OpenSSL developers, here's the NetBSD donation :-) - see below for a description what's in there. I won't claim to understand what's going on, but I can say for sure that 0.9.7e with the pkgsrc patches builds fine on NetBSD-Sparc64. regards, Gert Doering - Forwarded message from "Joh

Re: ASN1_INTEGER_get() problem

2005-01-14 Thread Dr. Stephen Henson
On Fri, Jan 14, 2005, Przemek Michalski wrote: > Hi there, > > I am trying to play with large serial numbers, however I found that the > function > ASN1_INTEGER_get() applied with the following code: > > /*--*/ > ASN1_INTEGER_get(X509_get_serialNumber(cert)); > /*--*/ >

ASN1_INTEGER_get() problem

2005-01-14 Thread Przemek Michalski
Hi there, I am trying to play with large serial numbers, however I found that the function ASN1_INTEGER_get() applied with the following code: /*--*/ ASN1_INTEGER_get(X509_get_serialNumber(cert)); /*--*/ where 'cert' is the certificate resource, has limited capabilities,

Duplicate return in x509_vfy.c

2005-01-14 Thread Steve Sonntag
I notice there is an duplicate return statement in x509_vfy.c It causes warnings on our solaris builds: "x509_vfy.c", line 479: warning: statement not reached   *** x509_vfy.c  28 Dec 2004 00:21:32 -  1.70

Re: CRL verification padding problems

2005-01-14 Thread Dr. Stephen Henson
On Fri, Jan 14, 2005, Massimiliano Pala wrote: > > Hello guys, > > I have a problem with X509 certificate and CRL checking. > When using the > X509_CRL_verify(crl, pkey) function (I get an error also > by using the > 'openssl crl -CAfile... ' command), I get the following > Error: > > 7322:e

CRL verification padding problems

2005-01-14 Thread Massimiliano Pala
Hello guys, I have a problem with X509 certificate and CRL checking. When using the X509_CRL_verify(crl, pkey) function (I get an error also by using the 'openssl crl -CAfile... ' command), I get the following Error: 7322:error:0407006A:rsa routines:RSA_padding_check_PKCS1_type_1:block type is