If I remember correctly, one possibility could be due to openssl malloc
failure in EVP_DigestInit() which can result in EVP_DigestUpdate to cause
segfault.
Check EVP_DigestInit() return code. Normally this can happen during
longevity or scale, if u'r system has some memory leak or not enough
resour
Hi,
Openssl build by default has -fomit-frame-pointer optimization enabled.
Can somebody plz provide any info on the performance impact in using openssl
built with -fno-omit-frame-pointer on x86 systems.
Thanks
Shafeek
Hi Peter,
The extra string in o/p is due to error in coding. u r passing incorrect
length in EVP_DecryptUpdate.
if (!(EVP_DecryptUpdate(&dctx, dec_outbuf, &decoutlen, enc_outbuf,
output_buf_size)))
change above line to
if (!(EVP_DecryptUpdate(&dctx, dec_outbuf, &decoutlen, enc_outbuf,
encoutlen
Hi Peter,
Add padding for CBC mode encryption.
Or u can use CFB mode. EVB_bf_cfb()
-Shafeek
On Sat, Apr 30, 2011 at 7:26 PM, derleader mail wrote:
> Hi,
>I have a problem with the code below. There is a bug that I can't find
> and fix.
> This is the output when I try to run it:
>
> [root@l
different functions
in my code. So fp handling is fine. Also thanks for pointing out the
discrepancy in encryption algorithm passed to PKCS12_create function.
-Shafeek
On Tue, Feb 1, 2011 at 3:01 AM, Dave Thompson wrote:
> > From: owner-openssl-us...@openssl.org On Behalf Of Mu
Hi,
I've a program that extracts private key and cert from the input pfx file
loaded into the system
and then create a p12 file out of this private key and cert using a
different password to add it to a local keystore.
/*code to extract key*/
p12Key = d2i_PKCS12_fp(fp, NULL);
PKCS12_parse(p12Key,
ne
utility has only one localKeyID in key and cert each with value 01 00 00 00
(openssl pkcs12 -in input.pfx -clcerts -nokeys -out outcert.pem)
(openssl pkcs12 -in input.pfx -nocerts -out outkey.pem)
Please let me know whether PKCS12_parse function has any such know issues.
-Shafeek
On Sun, Jan 23, 2011
Hi All,
The following code is to extract cert from a pfx file.
p12Cert = d2i_PKCS12_fp(fp, NULL); //fp points to a .pfx file.
PKCS12_parse(p12Cert, pass, NULL, oCert, NULL);
Here the resultant oCert has multiple localKeyID as shown below.
MAC verified OK
Bag Attributes
localKeyID: 01 00 00
Hi,
How can I identify the exact openssl version from libssl.
I've a server using libssl.so.0.9.8. I want to know the exact patch version
(eg: 0.9.8j or 0.9.8k) from the lib.
Is it possible?
Thanks in advance
Shafeek
In the Advisory it is mentioned that
"Users of all OpenSSL 0.9.8 releases from 0.9.8f through 0.9.8o should
update
to the OpenSSL 0.9.8p release which contains a patch to correct this issue."
What about users of OpenSSL releases before 0.9.8f ? Isn't the vulnerability
applicable there as well?
Th
Hi,
I'm developing a security product and in the process of selecting the crypto
library.
Can anyone please answer the following queries.
1. Does openssl crypto library supports scatter/gather I/O. The requirement
is to pass bsdnet mbuf cluster to the openssl crypto library for
encryption/decryptio
11 matches
Mail list logo