Xinwen Fu wrote:
Hi,
int RSA_public_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
It seems that there is a bug in RSA_public_encrypt with the padding
method set as RSA_NO_PADDING.
The bug is: when flen is not the RSA key size (e.g., 32 bytes), the
function
During certificate verification in internal_verify() function if certificate
signature and not before time are valid certificate is set valid.
Subsequent call to verification process then assume signature and not before
time valid without check them.
If check time changes (decreased) before
I apologize for my first rt bug report, it was missing some important
details.
this was the 0.9.7d version of the source tarball.
compilier was gcc.something.really.old.that.vxworks.still.uses compiling for
PPC (if that matters but i don't think it does).
the S_IBLK code section mentioned was
I apologize for my first rt bug report, it was missing some important
details.
this was the 0.9.7d version of the source tarball.
compilier was gcc.something.really.old.that.vxworks.still.uses compiling for
PPC (if that matters but i don't think it does).
the S_IBLK code section mentioned was
I have narrowed it down to the function BN_BLINDING_new in
the file crypto\bn\bn_blind.c, the memory allocated for the BN_BLINDING
structure never gets freed. I am assuming that the BIGNUM structures allocated
with BN_new inside of BN_BLINDING never gets freed also.
Here are my test
Hmm, that's not a bug. If RSA_NO_PADDING is used the input must
have the same size as the modulus.
Why? man page (below) does not specify this limitation. RSA
itself does not have this limitation either.
Xinwen Fu
Nils
Hi Ken,
On March 23, 2004 10:05 am, Avery, Ken wrote:
Is there anyone out there willing to help out that understands the big
number code? Can anyone at least tell me if Apache/mod_ssl/OpenSSL
needs to initialize some kind of callback? Like
CRYPTO_set_locking_callback - Just an example, this
First off I'm not all that familiar with the openSSL code base so my comment may be
inappropriate.
A couple years ago I made a post that I felt the memory managment is not done
optimally. I think what you have discovered illustrates this.
IMHO we should have a higher level memory managment
Title: RE: Major memory leak in OpenSSL using threads
0.9.7b I will upgrade to 0.9.7d and run
tests.
From: Diarmuid O'Neill
[mailto:[EMAIL PROTECTED]
Sent: Tuesday, March 23, 2004
10:15 AM
To: [EMAIL PROTECTED]
Cc: Avery,
Ken
Subject: RE: Major memory leak in
OpenSSL using
BTW, this is now heading down a different route to the original thread.
That's ok, but I wanted to mention that we're no longer discussing
BN_BLINDING leaks ...
On March 23, 2004 12:18 pm, you wrote:
First off I'm not all that familiar with the openSSL code base so my
comment may be
Xinwen Fu wrote:
Hi,
int RSA_public_encrypt(int flen, unsigned char *from,
unsigned char *to, RSA *rsa, int padding);
It seems that there is a bug in RSA_public_encrypt with the padding
method set as RSA_NO_PADDING.
The bug is: when flen is not the RSA key size (e.g., 32
It seems that there is a bug in RSA_public_encrypt with the padding
method set as RSA_NO_PADDING.
The bug is: when flen is not the RSA key size (e.g., 32 bytes), the
function returns -1 and no encryption is done.
What is the principle behind this design?
RSA works on input that has the same
On Tue, 2004-03-23 at 10:22, Rich Salz wrote:
RSA works on input that has the same number of bits as the RSA key size.
(An earlier message from you disagreed with this; you're wrong.)
In other words, a 1024-bit RSA key works on 1024 bits of input and
returns 1024 bits of output. If
Therefore, what is a 1,024-bit input?
In terms of the OpenSSL API, the buffer that is passed in will be 128 bytes.
/r$
--
Rich Salz, Chief Security Architect
DataPower Technology http://www.datapower.com
XS40 XML Security Gateway
Hello,
On a private project I am working on a
module that does program command line argument parsing.
(It must be the 658293rd implementation available ;-) )
My module allows to generate and print the help
message from the data that is used to parse
the program arguments.
Is the community
On Tue, 2004-03-23 at 10:49, Rich Salz wrote:
Therefore, what is a 1,024-bit input?
In terms of the OpenSSL API, the buffer that is passed in will be 128 bytes.
/r$
OK. I would like to add to what you (correctly) wrote earlier on: a
1,024-bit RSA key works on 1,024 bits of
On Tue, 23 Mar 2004, Jose Castejon-Amenedo wrote:
On Tue, 2004-03-23 at 10:49, Rich Salz wrote:
Therefore, what is a 1,024-bit input?
In terms of the OpenSSL API, the buffer that is passed in will be 128 bytes.
/r$
OK. I would like to add to what you (correctly) wrote
On March 23, 2004 01:22 pm, Rich Salz wrote:
The bug is: when flen is not the RSA key size (e.g., 32 bytes), the
function returns -1 and no encryption is done.
What is the principle behind this design?
RSA works on input that has the same number of bits as the RSA key
size. (An
I have narrowed it down to the function BN_BLINDING_new in the file
crypto\bn\bn_blind.c, the memory allocated for the BN_BLINDING
structure never gets freed. I am assuming that the BIGNUM structures
allocated with BN_new inside of BN_BLINDING never gets freed also.
Here are my test results
In message [EMAIL PROTECTED] on Tue, 23 Mar 2004 10:48:00 -0800, Jose
Castejon-Amenedo [EMAIL PROTECTED] said:
Jose.Castejon-Amenedo OK. I would like to add to what you
Jose.Castejon-Amenedo (correctly) wrote earlier on: a 1,024-bit RSA
Jose.Castejon-Amenedo key works on 1,024 bits of input and
On Tue, 2004-03-23 at 13:03, Richard Levitte - VMS Whacker wrote:
In message [EMAIL PROTECTED] on Tue, 23 Mar 2004 10:48:00 -0800, Jose
Castejon-Amenedo [EMAIL PROTECTED] said:
Jose.Castejon-AmenedoOK. I would like to add to what you
Jose.Castejon-Amenedo (correctly) wrote earlier
I have ported OpenSSL 0.9.7c to the Stratus VOS operating system. Thanks
for providing such a high-quality porting base; it made my job much easier.
I am attaching the patches to this letter.
I have verified the patches against version 0.9.7d, and this patch file is
against that newer version.
22 matches
Mail list logo
