Hello,
I'm trying to use OpenSSL to validate a certificate chain with CRLs. To
achieve this, I create a X509_STORE and add trusted (root) certificates
into it via X509_STORE_add_cert(). I also add CRLs published by root and
intermediate CAs into the store using X509_STORE_add_crl(). Then I create
Assuming that I use the ASN1_SEQUENCE, ASN1_SEQUENCE_END,
DECLARE_ASN1_FUNCTIONS, IMPLEMENT_ASN1_FUNCTIONS macros ...
TYPE_free() says that it frees all sub-objects. Can I
assume that, if the sub-objects are also defined
with those macros, that it will iterate all the way?
TYPE_new() allocates
On 8/27/2021 3:46 PM, Ken Goldman wrote:
I run valgrind on all my software to find memory leaks. This worked for
openssl 1.0.2 and 1.1.1, but fails with 3.0.0. Suggestions?
Sorry, I updated valgrind and all is well.
On Fri, Aug 27, 2021 at 2:47 PM Ken Goldman wrote:
>
> I run valgrind on all my software to find memory leaks. This worked for
> openssl 1.0.2 and 1.1.1, but fails with 3.0.0. Suggestions?
>
> vex amd64->IR: unhandled instruction bytes: 0xF3 0xF 0x1E 0xFA 0x49 0x89 0xD8
> 0x31
> vex amd64->IR:
I run valgrind on all my software to find memory leaks. This worked for
openssl 1.0.2 and 1.1.1, but fails with 3.0.0. Suggestions?
vex amd64->IR: unhandled instruction bytes: 0xF3 0xF 0x1E 0xFA 0x49 0x89 0xD8
0x31
vex amd64->IR: REX=0 REX.W=0 REX.R=0 REX.X=0 REX.B=0
vex amd64->IR: VEX=0 V
Building openssl-1.1.1l with Xcode 10.1 under macOS 10.13.6 fails with this
error
In file included from crypto/rand/rand_unix.c:38:
/usr/include/CommonCrypto/CommonRandom.h:35:9: error: unknown type name
'CCCryptorStatus'
typedef CCCryptorStatus CCRNGStatus;
^
crypto/rand/rand_unix.c:38
Hi,
Does openssl-3.0.0 really does ecdsa KAT ? The post test logs says "ECDSA
KAT :PASS. But when i debuged the code it actually doing ECDSA pairwise
consistency test.
Thanks,
Nagarjun
> From: Nicola Tuveri
> Sent: Friday, 27 August, 2021 07:04
> As such only applications programmatically using the SM2 public key encryption
> algorithm (and decryption in particular) should be affected by the mentioned
> security advisory.
Thanks -- that's exactly what I was looking for.
--
Mi
On 8/24/2021 5:56 AM, Matt Caswell wrote:
On 23/08/2021 20:42, Ken Goldman wrote:
I get warnings on all my ASN1_SEQUENCE_END, a missing prototype for the _it
functions.
The code is working, but I'd like a clean compile.
3.0.0 only, 1.0.2 and 1.1.1 are OK.
Example:
#include
#include
#incl
[CVE-2021-3711] (https://www.openssl.org/news/secadv/20210824.txt) only
applies to SM2 decryption, i.e., it is not related to the digital signature
or key exchange algorithms in the SM2 family.
In the 1.1.1 branch of OpenSSL, libssl does not support RFC 8998, but in
any case RFC 8998 only involves
I imagine I could figure this out by reading the source, but does the SM2 fix
(the high-severity issue for OpenSSL 1.1.1l) apply to TLS using SMx (RFC 8998),
or just to applications that use SM2 directly via the EVP API? It wasn't clear
from the announcement, unless I missed something.
We'll be
On 27/08/2021 08:47, Kumar Mishra, Sanjeev wrote:
Hi All,
I am upgrading the code from OpenSSL 1.0.1 to OpenSSL 3.0.
I am getting compilation errors for deprecated functions and structure
like "EC_KEY_new_by_curve_name()" , "SSL_CTX_set_tmp_ecdh()" and
"EC_KEY"..etc.
The code is like f
Hi All,
I am upgrading the code from OpenSSL 1.0.1 to OpenSSL 3.0.
I am getting compilation errors for deprecated functions and structure like
"EC_KEY_new_by_curve_name()" , "SSL_CTX_set_tmp_ecdh()" and "EC_KEY"..etc.
The code is like follows --
---
---
EC_KEY *ecdh = EC_KEY_new_by_cu
On Thu, 2021-08-26 at 16:27 -0500, William Roberts wrote:
> On Thu, Aug 26, 2021 at 3:01 AM Tomas Mraz wrote:
> >
> > On Wed, 2021-08-25 at 13:20 -0500, William Roberts wrote:
> > > Hello,
> > >
> > > I am trying to verify an HMAC signature with the code below and
> > > the
> > > EVP_DigestVerif
14 matches
Mail list logo
