The following code added in 1.0.0h causes CRYPTO_LOCK_EVP_PKEY lock to be
requested twice with no intervening unlock when there is a race between 2 or
more threads to create the EVP_PKEY associated with the X509_PUBKEY. The second
lock request occurs in EVP_PKEY_free().
This is an enhancement request for the test suite.
I ran the tests from a directory /Users/dillo/scratch/updated
libraries/openssl-1.0.1c and the tests failed. Once I changed a parent
directory name to remove its space character, the script worked and all
tests passed.
Version: 1.0.1c
Platform:
When attempting to build openssl-1.0.1c in fips compliant mode, the file
crypto/ec/ec2_smpl.c attempts to return the results of function
fips_ec_gf2m_simple_method(). This function is not defined in either
projects.
When attempting to build openssl-1.0.1c in fips compliant mode, the file
[lee.bayd...@gmail.com - Mon Nov 05 14:57:30 2012]:
When attempting to build openssl-1.0.1c in fips compliant mode, the file
crypto/ec/ec2_smpl.c attempts to return the results of function
fips_ec_gf2m_simple_method(). This function is not defined in either
projects.
Did you compile
[vpodz...@redhat.com - Tue Oct 30 17:34:05 2012]:
Description of problem:
Running
$ openssl genpkey -genparam -outform DER -out dh_params.der -algorithm
DH
generates data in the PEM format instead of the requested DER format.
Version-Release number of selected component (if
--On Monday, November 05, 2012 2:55 PM +0100 Richard Skinner via RT
r...@openssl.org wrote:
The following code added in 1.0.0h causes CRYPTO_LOCK_EVP_PKEY lock to be
requested twice with no intervening unlock when there is a race between 2
or more threads to create the EVP_PKEY associated with
I resolved this issue. When building OpenSSL for FIPS, in addition to adding
the fips parameter to the Configure command, you must also add the
--with-fipslibdir and --with-fipsdir switches so the necessary files can be
located. If you do not, the compiles report no error, but the link fails
On Mon, 2012-11-05 at 17:44 +0100, Stephen Henson via RT wrote:
[vpodz...@redhat.com - Tue Oct 30 17:34:05 2012]:
Description of problem:
Running
$ openssl genpkey -genparam -outform DER -out dh_params.der -algorithm
DH
generates data in the PEM format instead of the
Can the same pointer safely be used for the input and output buffers in
encrypt and decrypt operations ?
i.e. is something like AES_encrypt(out,out,key) guaranteed not to rewrite
the input before it's been processed ?
The following IMPLIES this is safe but lingering doubts remain.
(from