Re: [openssl-dev] OpenSSL and certain PEM formats

On 12/17/2014 11:04 AM, Salz, Rich wrote: Probably also worth documenting the legacy "RSA PRIVATE KEY" defined by openssl and used mainly in legacy pre-pkcs8 support There is a paragraph on "algorithm agility"; the legacy labels (like RSA PRIVATE KEY) are not mentioned because for interchange

Re: [openssl-dev] [openssl.org #3544] Remove MWERKS support

Thanks! Norm On 18/12/2014 9:26 AM, Rich Salz via RT wrote: > MWERKS added back to nw_rand.c > -- > Rich Salz, OpenSSL dev team; rs...@openssl.org > > ___ > openssl-dev mailing list > openssl-dev@openssl.org > https://mta.opensslfoundation.net/mailman/li

Re: [openssl-dev] [openssl.org #3544] Remove MWERKS support

Thanks! Norm On 18/12/2014 9:26 AM, Rich Salz via RT wrote: MWERKS added back to nw_rand.c -- Rich Salz, OpenSSL dev team; rs...@openssl.org ___ openssl-dev mailing list openssl-dev@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openss

Re: [openssl-dev] [openssl.org #3592] bug report. Crash. Critical? Security bug?

Thanks! Great! 6000 calls. No crashes or leaks only messages like this in asterisk [2014-12-18 04:59:20] ERROR[31074][C-13d4] res_rtp_asterisk.c: DTLS failure occurred on RTP instance '0x298c1d68' due to reason 'digest check failed', terminating [2014-12-18 04:59:28] ERROR[31081][C-13d7

[openssl-dev] [openssl.org #3544] Remove MWERKS support

MWERKS added back to nw_rand.c -- Rich Salz, OpenSSL dev team; rs...@openssl.org ___ openssl-dev mailing list openssl-dev@openssl.org https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #3635] Build error with 1.0.2-beta3

Many thanks! -- Paul On Wed, Dec 17, 2014 at 5:32 AM, Richard Levitte via RT wrote: > Hi, > > As far as I can tell, the problem should be fixed as off commit > 8bc8450a26329e3c890df60026f969e7caabff3d (for the 1.0.2 branch, I did apply > the > same changes to master and 1.0.1 branch as well).

Re: [openssl-dev] OpenSSL and certain PEM formats

Le 17/12/2014 20:17, Viktor Dukhovni a écrit : On Wed, Dec 17, 2014 at 10:56:34AM -0800, Sean Leonard wrote: For reference for the group (in case you didn't take a look at the draft), the draft documents the following labels: CERTIFICATE ... Perhaps also "TRUSTED CERTIFICATE"? crypto/pe

Re: [openssl-dev] OpenSSL and certain PEM formats

On Wed, Dec 17, 2014 at 10:56:34AM -0800, Sean Leonard wrote: > For reference for the group (in case you didn't take a look at the draft), > the draft documents the following labels: > > CERTIFICATE > ... Perhaps also "TRUSTED CERTIFICATE"? crypto/pem/pem.h:#define PEM_STRING_X509_TRUSTED

Re: [openssl-dev] Coredump in Openssl Library

On Dec 17, 2014, at 8:06 AM, T@Run..! Polisetty wrote: > Hai All, > > I am reporting one coredump when using openssl library > > Can anyone have some idea on it. > > hread 1 (Thread 28457): > > #0 0x7f1871bb61b5 in raise () from /lib/libc.so.6 > > #1 0x7f1871bb8fc0 in

Re: [openssl-dev] Retrieving DSA public key (Y) in ASN.1 format

On Dec 16, 2014, at 3:34 PM, Dave Thompson wrote: > >>> So, a few questions: >>> >>> (1) what's the quick way to, given a DSA *, compute a hash (given an >> EVP_MD *) over dsa->pub_key as an ASN.1 primitive? I tried: >>> >>> ASN1_item_digest(ASN1_ITEM_ref(BIGNUM), mdtype, dsa->pub_key, md, >

Re: [openssl-dev] OpenSSL and certain PEM formats

Probably also worth documenting the legacy "RSA PRIVATE KEY" defined by openssl and used mainly in legacy pre-pkcs8 support -- Principal Security Engineer, Akamai Technologies IM: rs...@jabber.me Twitter: RichSalz ___ openssl-dev mailing list openss

Re: [openssl-dev] OpenSSL and certain PEM formats

On 12/17/2014 10:00 AM, Dr. Stephen Henson wrote: On Wed, Dec 17, 2014, Sean Leonard wrote: #define PEM_STRING_PARAMETERS"PARAMETERS" (note, this label does not have any algorithms in it, so I presume it refers to some kind of generic parameter structure) It's used internally to indica

Re: [openssl-dev] OpenSSL and certain PEM formats

On 12/17/2014 8:34 AM, Salz, Rich wrote: I am putting the finishing touches on an Internet-Draft for textual encodings of security structures , which OpenSSL refers to as the "PEM format". Cool. You know why it's called PEM format, rig

Re: [openssl-dev] Retrieving DSA public key (Y) in ASN.1 format

On Dec 16, 2014, at 4:14 PM, Dave Thompson wrote: >> [DSAPublicKey] defined where you would expect, in dsa/dsa_asn1.c . >> But it's defined as a "choice" that does either the standard INTEGER >> (from internal BIGNUM) *OR* the above SEQUENCE which is named >> 'dsa_pub_internal' suggesting that i

Re: [openssl-dev] OpenSSL and certain PEM formats

On Wed, Dec 17, 2014, Sean Leonard wrote: > #define PEM_STRING_PARAMETERS"PARAMETERS" > (note, this label does not have any algorithms in it, so I presume > it refers to some kind of generic parameter structure) > It's used internally to indicate to the PEM routines that it should accept a

Re: [openssl-dev] OpenSSL and certain PEM formats

Le 17/12/2014 17:34, Salz, Rich a écrit : #define PEM_STRING_X509_PAIR"CERTIFICATE PAIR" (note, this is supposed to encapsulate a CertificatePair structure from X.509) This is not used anywhere in openssl. I just removed it and did a build :) The fact that the fields are named forward

Re: [openssl-dev] OpenSSL and certain PEM formats

> > I am putting the finishing touches on an Internet-Draft for textual > > encodings of security structures > > , which > > OpenSSL refers to as the "PEM format". Cool. You know why it's called PEM format, right? (RFC 1115 et al) > >

[openssl-dev] Coredump in Openssl Library

Hai All, I am reporting one coredump when using openssl library Can anyone have some idea on it. hread 1 (Thread 28457): #0 0x7f1871bb61b5 in raise () from /lib/libc.so.6 #1 0x7f1871bb8fc0 in abort () from /lib/libc.so.6 #2 0x7f1871bec5bb in ?? () from /lib/libc.so.6 #3 0x000

Re: [openssl-dev] Possible bug in crypto/evp/e_aes.c:aes_cbc_cipher

Hi, > I'was tracking a segfault in EVP_OpneUdate and stumbled on following: > > static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out, > const unsigned char *in, size_t len) > { > EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; > > if (dat->stream.cbc) >

[openssl-dev] Possible bug in crypto/evp/e_aes.c:aes_cbc_cipher

Hello, I'was tracking a segfault in EVP_OpneUdate and stumbled on following: static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out, const unsigned char *in, size_t len) { EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data; if (dat->stream.cbc) (

[openssl-dev] [openssl.org #3631] Bug in the binary search in OBJ_bsearch_ex_ in obj_dat.c (1.0.1j)

Are you using OBJ_bsearch_ex_ directly from your code? It seems to me that you have misunderstood how it works. size is the size of one element of your array, num is the number of elements. The actual size of the array (in bytes) should then be size*num, and you need to make sure that it is. I wou

[openssl-dev] [openssl.org #3635] Build error with 1.0.2-beta3

Hi, As far as I can tell, the problem should be fixed as off commit 8bc8450a26329e3c890df60026f969e7caabff3d (for the 1.0.2 branch, I did apply the same changes to master and 1.0.1 branch as well). I went through all the available xxx_DEBUG macros to make sure they'd all be clear (at least with gc

Re: [openssl-dev] OpenSSL and certain PEM formats

On Wed, Dec 17, 2014 at 02:37:08AM -0800, Sean Leonard wrote: > Hi OpenSSL devs: > > I am putting the finishing touches on an Internet-Draft for textual > encodings of security structures > , which OpenSSL > refers to as the "PEM format".

[openssl-dev] OpenSSL and certain PEM formats

Hi OpenSSL devs: I am putting the finishing touches on an Internet-Draft for textual encodings of security structures , which OpenSSL refers to as the "PEM format". While reviewing OpenSSL's behavior, I noticed a few esoteric labels