I am using 0.9.3a. I also found that d2i_ASN1_INTEGER is also messed up with a missing 
p++;
Has this bug also been fixed ? I will try the newer version.
--Steve

Dr Stephen Henson wrote:

> Steve Lihn wrote:
> >
> > Is anybody aware that i2d_ASN1_STRING is buggy when a negative number is assigned?
> > I decared a sequence of two ASN1 integers and i2s function overlapped one byte to 
>the first integer.
> >
>
> I'm aware of the following issues...
>
> OpenSSL 0.9.3, 0.9.3a messed up the lengths of negative integers, this
> would for example cause it to choke on certificates with negative serial
> numbers.
>
> Anything before OpenSSL 0.9.3 (including *all* versions of SSLeay)
> didn't mess up the length but the code was badly broken and didn't
> produce the correct encoding.
>
> There are no known issues with OpenSSL 0.9.4. I've tried your program
> and it seems to produce the correct encoding now.
>
> What version of OpenSSL are you using?
>
> Steve.
> --
> Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
> Personal Email: [EMAIL PROTECTED]
> Senior crypto engineer, Celo Communications: http://www.celocom.com/
> Core developer of the   OpenSSL project: http://www.openssl.org/
> Business Email: [EMAIL PROTECTED] PGP key: via homepage.
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> Development Mailing List                       [EMAIL PROTECTED]
> Automated List Manager                           [EMAIL PROTECTED]

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to