On 12/03/2011 17:27, Dr. Stephen Henson wrote:
OpenSSL CVS Repository
http://cvs.openssl.org/
Server: cvs.openssl.org Name: Dr. Stephen Henson
Root: /v/openssl/cvs
On 12/03/2011 18:06, Dr. Stephen Henson wrote:
On Sat, Mar 12, 2011, Ben Laurie wrote:
On 12/03/2011 17:27, Dr. Stephen Henson wrote:
OpenSSL CVS Repository
http://cvs.openssl.org/
Server:
If I run
openssl pkcs12 -nomacver -in bomb.p12 -info
on 1.0.0-stable, I get
1211807336:error:0D07209B:asn1 encoding routines:ASN1_get_object:too
long:asn1_lib.c:142:
1211807336:error:0D068066:asn1 encoding routines:ASN1_CHECK_TLEN:bad object
header:tasn_dec.c:1306:
Perhaps the bomb.p12 got corrupted in transit? That looks a lot like feeding a
non-ASN.1 file to openssl.
jim@rattus:~$ ls -l *.p12 ; md5sum *.p12
-rw-r--r-- 1 jim jim 718 Mar 13 12:57 bomb.p12
-rw-r--r-- 1 jim jim 1587 Mar 13 12:56 nomac.p12
41a2c4c8b8a78d906fd1ad7c14c06071 bomb.p12
[j...@studt.net - Sun Mar 13 19:15:48 2011]:
Perhaps the bomb.p12 got corrupted in transit? That looks a lot like
feeding a non-ASN.1 file to openssl.
It's easy enough to recreate such a file with:
openssl pkcs12 -out foo.p12 -export -nomac -in foo.pem
Fixed now.
Steve.
--
Dr
On 13/03/2011 18:21, Stephen Henson via RT wrote:
[j...@studt.net - Sun Mar 13 19:15:48 2011]:
Perhaps the bomb.p12 got corrupted in transit? That looks a lot like
feeding a non-ASN.1 file to openssl.
It's easy enough to recreate such a file with:
openssl pkcs12 -out foo.p12 -export
We are pleased to announce that PKWARE, Inc. (http://www.pkware.com/)
has committed to sponsor a new platform for the upcoming FIPS 140-2
validation of the OpenSSL FIPS Object Module v2.0:
HP-UX 11i on Itanium 32bit with asm optimization
HP-UX 11i on Itanium 64bit with asm optimization