In the BIO_debug_callback function, we call BIO_snprintf which could return -1
in the case of an error. However, there is no check for this condition, and so
the subsequent code would subtract one from buf and write data there,
overwriting the byte immediately before the static buffer.
This
Andy Polyakov wrote:
> And it's not only that multiplication (and squaring) result is fully
> reduced, it, multiplication (ans squaring) subroutine can actually
> manage partially reduced input. On related note one can point out that
> result of addition (and mul_by_[2|3]) is
Hi,
the 1.0.2 stable branch fails to compile on VC-WIN32 with no-asm, with
the error
.\crypto\pem\pvkfmt.c(279): error C2065: 'PEM_R_HEADER_TOO_LONG':
undeclared identifier
Full build log can be found at
This error showed up
/usr/local/bin/clang38 -I.. -I../.. -I../modes -I../asn1 -I../evp
-I../../include -fPIC -DOPENSSL_PIC -DZLIB_SHARED -DZLIB -DOPENSSL_THREADS
-pthread -D_THREAD_SAFE -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -O3
-Wall -DOPENSSL_EXPERIMENTAL_JPAKE
>>> No, it subtraction subroutine uses *borrow* to determine if modulus is
>>> to be added. I.e. (a >= b) ? (a - b) : (P - (b - a)). If both a and b
>>> are less than P, then result is less than P.
>>
>> Consider the case where a > P and a >= b and b is very small (e.g. 1).
>> For example, a == P
Andy Polyakov wrote:
>> My understand after talking with Vlad that the "sbb \$0, $acc2" makes
>> this equivalent to (r >= 2**256) ? (r - q) : r. If the "sbb \$0,
>> $acc2" line were removed then it would be equivalent to (r >= q) ? (r
>> - q) : r. My understanding is that the
> Let's recall that result of multiplication prior final reduction is
> actually n+1-limb value, with +1 limb being single bit,
This came out wrong. Result is N+1 *bits* wide, it's just in this
particular case you have to spend additional limb on the the additional
bit. It's just that particular
> ... I re-read the code for the conditional subtraction at the
> end of ecp_nistz256_mul_mont (__ecp_nistz256_mul_montq, actually) and
> I couldn't convince myself that the result was always fully reduced.
>
> My concern is that what you say and what Vlad said is contradictory.
> You both
I went back to the 12.4 compiler which works very well, waste of my time
to debug Oracle compiler, as we wont see any patches released anyway (no
support here)
>-- Original Message --
>
>> the issue appears to be not in the compiler, but the newer Soalris linker
>> (ld)
>> I switched back to
> I went back to the 12.4 compiler which works very well, waste of my time
> to debug Oracle compiler, as we wont see any patches released anyway (no
> support here)
And I installed vendor compiler, 12.5, and I don't observe linker
warnings...
On related note one should probably point out that
Hello
We are using libcurl for REST programming, which internally uses openssl
and libcrypto.
curl suggested to implement few callbacks related to locking, which would
be needed for openssl below 1.1 version(which is still in beta).
The following callbacks were implemented:
I tested the following command on fedora 24 and mingw64 (mingw64 installed via
git for windows):
openssl genrsa -des3 -out server.key 1024
On fedora, it's instantaneous.
On mingw64, it's stuck before asking the key:
Generating RSA private key, 1024 bit long modulus
..++
I noticed that we have:
__owur int SSL_CIPHER_get_bits(const SSL_CIPHER *c, int *alg_bits);
__owur const char *SSL_CIPHER_get_version(const SSL_CIPHER *c);
__owur const char *SSL_CIPHER_get_name(const SSL_CIPHER *c);
__owur uint32_t SSL_CIPHER_get_id(const SSL_CIPHER *c);
__owur int
>-- Original Message --
>
>> I went back to the 12.4 compiler which works very well, waste of my time
>> to debug Oracle compiler, as we wont see any patches released anyway (no
>> support here)
>
>And I installed vendor compiler, 12.5, and I don't observe linker
>warnings...
interesting,
> I tested the following command on fedora 24 and mingw64 (mingw64 installed
> via git for windows):
>
> openssl genrsa -des3 -out server.key 1024
>
> On fedora, it's instantaneous.
> On mingw64, it's stuck before asking the key:
>
> Generating RSA private key, 1024 bit long modulus
>
15 matches
Mail list logo