Hi Openssl Developers,
I may find one bug for openssl-fips-test-1.2.0 which is downloaded from
ftp://ftp.openssl.org/snapshot/
The machine I used is:
[EMAIL PROTECTED] uname -a
HP-UX sshpa6 B.11.31 U 9000/800 2404418693 unlimited-user license
The steps to reproduct the bug are as below:
1) decompress and untar the source package
2)
[EMAIL PROTECTED] pwd
/home/boqian/fips/openssl-fips-0.9.8f-dev
[EMAIL PROTECTED] ./Configure hpux-cc fipscanisterbuild
3)
[EMAIL PROTECTED] make
Everything is fine!
4)
[EMAIL PROTECTED] cd apps
[EMAIL PROTECTED] pwd
/home/boqian/fips/openssl-fips-0.9.8f-dev/apps
[EMAIL PROTECTED] export SHLIB_PATH=/home/boqian/fips/openssl-fips-0.9.8f-dev
[EMAIL PROTECTED] ldd openssl
/usr/lib/libc.2 => /usr/lib/libc.2
/usr/lib/libdld.2 => /usr/lib/libdld.2
/usr/lib/libc.2 => /usr/lib/libc.2
/usr/lib/libdld.2 => /usr/lib/libdld.2
libcrypto.sl.0.9.8 =>
/home/boqian/fips/openssl-fips-0.9.8f-dev/libcrypto.sl.0.9.8
/usr/lib/libdld.2 => /usr/lib/libdld.2
libssl.sl.0.9.8 =>
/home/boqian/fips/openssl-fips-0.9.8f-dev/libssl.sl.0.9.8
/usr/lib/libdld.2 => /usr/lib/libdld.2
libcrypto.sl.0.9.8 =>
/home/boqian/fips/openssl-fips-0.9.8f-dev/libcrypto.sl.0.9.8
[EMAIL PROTECTED] ./openssl version
OpenSSL 0.9.8f-fips-dev xx XXXX xxxx
5)
[EMAIL PROTECTED] ./openssl ecparam -out eckey_secp112r1.pem -name secp112r1
-genkey
6)
[EMAIL PROTECTED] ./openssl ec -in eckey_secp112r1.pem -des3 -out
key_out_secp112r1.pem -passout pass:pass
read EC key
unable to load Key
16054:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong
tag:tasn_dec.c:1294:
16054:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:nested asn1
error:tasn_dec.c:830:
16054:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1
error:tasn_dec.c:748:Field=n, Type=RSA
16054:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:99:
16054:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1
lib:pem_pkey.c:125:
7)
[EMAIL PROTECTED] cat eckey_secp112r1.pem
-----BEGIN EC PARAMETERS-----
BgUrgQQABg==
-----END EC PARAMETERS-----
-----BEGIN RSA PRIVATE KEY-----
MD4CAQEEDskmCUsQTdBcbtOuhRVgoAcGBSuBBAAGoSADHgAEjUUZPaTq8Rzt1OXu
oVpBPEkeFp1MGK4AGq7nIQ==
-----END RSA PRIVATE KEY-----
8)
Modify eckey_secp112r1.pem (replace "RSA PRIVATE KEY" by "EC PRIVATE KEY")
9)
[EMAIL PROTECTED] ./openssl ec -in eckey_secp112r1.pem -des3 -out
key_out_secp112r1.pem -passout pass:pass
read EC key
writing EC key
It shows the eckey_secp112r1.pem file's format may be wrong.
Is there any workaround? Could you investigate this problem?
Thank you and looking forward to your reply!
boqian
_________________________________________________________________
Windows Live Photo gallery 数码相机的超级伴侣,轻松管理和编辑照片,还能制作全景美图!
http://get.live.cn/product/photo.html
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
