Re: multi-thread support
Check this link: http://www.openssl.org/docs/crypto/threads.html Thread support is there, but is platform dependent. There is a file called th-lock.c under crypto/threads that contains some definitions for thread support on a few platforms. I haven't tested this but it compiles so it must work :) Randy Turner wrote: Hi All, I just wanted to verify that, as of OpenSSL 0.9.8a, any OpenSSL data facility that utilizes STACK_OF as a container for different types of objects, the routines that reference these stacks do not support multiple threads accessing the same stack. Is this the case? I didn't see any mutex/user callback support in stack.c. Thanks! Randy __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] -- Alain Damiral, I hope this message makes me look like a very intelligent person Université Catholique de Louvain - student alain.damiral'at'student.info.ucl.ac.be __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: function PEM_read_RSAPrivateKey not returning
Kyle Hamilton wrote: Did you make sure to remove %SYSTEMROOT%\system32\ssleay32.dll and libeay32.dll? Just running the uninstaller doesn't get rid of them. No, I forgot that. Sorry, my fault. I now replaced those two DLLs with the ones I compiled myself. Good news: in Release mode my program works as expected. Bad news: in Debug mode it crashes. -- snip -- 11ef2068() libeay32.dll!10051bdd() libeay32.dll!1004fc39() libeay32.dll!1004fb8d() libeay32.dll!100849fb() kernel32.dll!7c81102e() msvcr71d.dll!_write_lk(int fh=1, const void * buf=0x0fa0, unsigned int cnt=270647770) Line 234 + 0x8 C msvcr71d.dll!_write(int fh=1244344, const void * buf=0x1021b45c, unsigned int cnt=1) Line 87 + 0x9 C msvcr71d.dll!_unlock_fhandle(int fh=1244344) Line 477 C 003f1fb8() msvcr71d.dll!_write(int fh=1244392, const void * buf=0x0001, unsigned int cnt=270542996) Line 87 + 0x9 C msvcr71d.dll!_flsbuf(int ch=271042648, _iobuf * str=0x1024755c) Line 180 + 0x11 C msvcr71d.dll!fputc(int ch=10, _iobuf * str=0x1027c858) Line 56 + 0x9 C msvcr71d.dll!_tsopen_lk(int * punlock_flag=0x000a, int * pfh=0x1027c858, const char * path=0x0012fdb8, int oflag=273198671, int shflag=1244426, int pmode=273199175) Line 414 + 0xd C msvcp71d.dll!std::_Fputcchar(char _Byte=' ', _iobuf * _File=0x1048b047) Line 69 + 0xfC++ msvcp71d.dll!std::basic_filebufchar,std::char_traitschar ::overflow(int _Meta=32768) Line 206 + 0x19 C++ 0003() libeay32.dll!1005174d() libeay32.dll!1004fdde() libeay32.dll!10086c39() libeay32.dll!10085490() libeay32.dll!1008547d() CryptoOpenSSLTest5.exe!main(int argc=1, char * * argv=0x003f5a00) Line 82 + 0xf C++ CryptoOpenSSLTest5.exe!mainCRTStartup() Line 398 + 0x11C kernel32.dll!7c816d4f() ntdll.dll!7c925b4f() kernel32.dll!7c8399f3() -- snap -- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: function PEM_read_RSAPrivateKey not returning
The best thing to do, when compiling, is to copy the DLLs to the directory (either Debug or Release) that the rest of your project is going to, and then create empty files named ssleay32.dll.local and libeay32.dll.local in the same directory. (This causes Windows to use the versions of the files in the target directory instead of the system directories.) Are you compiling inside an IDE? What C++ compiler are you using, and what debugger? -Kyle H On 2/20/06, Matthias [EMAIL PROTECTED] wrote: Kyle Hamilton wrote: Did you make sure to remove %SYSTEMROOT%\system32\ssleay32.dll and libeay32.dll? Just running the uninstaller doesn't get rid of them. No, I forgot that. Sorry, my fault. I now replaced those two DLLs with the ones I compiled myself. Good news: in Release mode my program works as expected. Bad news: in Debug mode it crashes. -- snip -- 11ef2068() libeay32.dll!10051bdd() libeay32.dll!1004fc39() libeay32.dll!1004fb8d() libeay32.dll!100849fb() kernel32.dll!7c81102e() msvcr71d.dll!_write_lk(int fh=1, const void * buf=0x0fa0, unsigned int cnt=270647770) Line 234 + 0x8 C msvcr71d.dll!_write(int fh=1244344, const void * buf=0x1021b45c, unsigned int cnt=1) Line 87 + 0x9 C msvcr71d.dll!_unlock_fhandle(int fh=1244344) Line 477 C 003f1fb8() msvcr71d.dll!_write(int fh=1244392, const void * buf=0x0001, unsigned int cnt=270542996) Line 87 + 0x9 C msvcr71d.dll!_flsbuf(int ch=271042648, _iobuf * str=0x1024755c) Line 180 + 0x11 C msvcr71d.dll!fputc(int ch=10, _iobuf * str=0x1027c858) Line 56 + 0x9 C msvcr71d.dll!_tsopen_lk(int * punlock_flag=0x000a, int * pfh=0x1027c858, const char * path=0x0012fdb8, int oflag=273198671, int shflag=1244426, int pmode=273199175) Line 414 + 0xdC msvcp71d.dll!std::_Fputcchar(char _Byte=' ', _iobuf * _File=0x1048b047) Line 69 + 0xfC++ msvcp71d.dll!std::basic_filebufchar,std::char_traitschar ::overflow(int _Meta=32768) Line 206 + 0x19 C++ 0003() libeay32.dll!1005174d() libeay32.dll!1004fdde() libeay32.dll!10086c39() libeay32.dll!10085490() libeay32.dll!1008547d() CryptoOpenSSLTest5.exe!main(int argc=1, char * * argv=0x003f5a00) Line 82 + 0xfC++ CryptoOpenSSLTest5.exe!mainCRTStartup() Line 398 + 0x11C kernel32.dll!7c816d4f() ntdll.dll!7c925b4f() kernel32.dll!7c8399f3() -- snap -- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: function PEM_read_RSAPrivateKey not returning
Also, you didn't compile openssl in debug mode, otherwise the libeay32.dll!(address)() calls in the stack would be showing the function names. To do so, you need to run: perl Configure -d [VC-NT | VC-WIN32] if you're running Visual C++. The -d causes it to build for the debug target, which does a couple of useful things like leave symbols in, not do massive optimizations, leave frame pointers in place, that sort of thing. -Kyle H On 2/20/06, Matthias [EMAIL PROTECTED] wrote: Kyle Hamilton wrote: Did you make sure to remove %SYSTEMROOT%\system32\ssleay32.dll and libeay32.dll? Just running the uninstaller doesn't get rid of them. No, I forgot that. Sorry, my fault. I now replaced those two DLLs with the ones I compiled myself. Good news: in Release mode my program works as expected. Bad news: in Debug mode it crashes. -- snip -- 11ef2068() libeay32.dll!10051bdd() libeay32.dll!1004fc39() libeay32.dll!1004fb8d() libeay32.dll!100849fb() kernel32.dll!7c81102e() msvcr71d.dll!_write_lk(int fh=1, const void * buf=0x0fa0, unsigned int cnt=270647770) Line 234 + 0x8 C msvcr71d.dll!_write(int fh=1244344, const void * buf=0x1021b45c, unsigned int cnt=1) Line 87 + 0x9 C msvcr71d.dll!_unlock_fhandle(int fh=1244344) Line 477 C 003f1fb8() msvcr71d.dll!_write(int fh=1244392, const void * buf=0x0001, unsigned int cnt=270542996) Line 87 + 0x9 C msvcr71d.dll!_flsbuf(int ch=271042648, _iobuf * str=0x1024755c) Line 180 + 0x11 C msvcr71d.dll!fputc(int ch=10, _iobuf * str=0x1027c858) Line 56 + 0x9 C msvcr71d.dll!_tsopen_lk(int * punlock_flag=0x000a, int * pfh=0x1027c858, const char * path=0x0012fdb8, int oflag=273198671, int shflag=1244426, int pmode=273199175) Line 414 + 0xdC msvcp71d.dll!std::_Fputcchar(char _Byte=' ', _iobuf * _File=0x1048b047) Line 69 + 0xfC++ msvcp71d.dll!std::basic_filebufchar,std::char_traitschar ::overflow(int _Meta=32768) Line 206 + 0x19 C++ 0003() libeay32.dll!1005174d() libeay32.dll!1004fdde() libeay32.dll!10086c39() libeay32.dll!10085490() libeay32.dll!1008547d() CryptoOpenSSLTest5.exe!main(int argc=1, char * * argv=0x003f5a00) Line 82 + 0xfC++ CryptoOpenSSLTest5.exe!mainCRTStartup() Line 398 + 0x11C kernel32.dll!7c816d4f() ntdll.dll!7c925b4f() kernel32.dll!7c8399f3() -- snap -- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: function PEM_read_RSAPrivateKey not returning
ignore this, I'm used to the POSIX-system variants. :P -Kyle On 2/20/06, Kyle Hamilton [EMAIL PROTECTED] wrote: Also, you didn't compile openssl in debug mode, otherwise the libeay32.dll!(address)() calls in the stack would be showing the function names. To do so, you need to run: perl Configure -d [VC-NT | VC-WIN32] if you're running Visual C++. The -d causes it to build for the debug target, which does a couple of useful things like leave symbols in, not do massive optimizations, leave frame pointers in place, that sort of thing. -Kyle H On 2/20/06, Matthias [EMAIL PROTECTED] wrote: Kyle Hamilton wrote: Did you make sure to remove %SYSTEMROOT%\system32\ssleay32.dll and libeay32.dll? Just running the uninstaller doesn't get rid of them. No, I forgot that. Sorry, my fault. I now replaced those two DLLs with the ones I compiled myself. Good news: in Release mode my program works as expected. Bad news: in Debug mode it crashes. -- snip -- 11ef2068() libeay32.dll!10051bdd() libeay32.dll!1004fc39() libeay32.dll!1004fb8d() libeay32.dll!100849fb() kernel32.dll!7c81102e() msvcr71d.dll!_write_lk(int fh=1, const void * buf=0x0fa0, unsigned int cnt=270647770) Line 234 + 0x8 C msvcr71d.dll!_write(int fh=1244344, const void * buf=0x1021b45c, unsigned int cnt=1) Line 87 + 0x9 C msvcr71d.dll!_unlock_fhandle(int fh=1244344) Line 477 C 003f1fb8() msvcr71d.dll!_write(int fh=1244392, const void * buf=0x0001, unsigned int cnt=270542996) Line 87 + 0x9 C msvcr71d.dll!_flsbuf(int ch=271042648, _iobuf * str=0x1024755c) Line 180 + 0x11 C msvcr71d.dll!fputc(int ch=10, _iobuf * str=0x1027c858) Line 56 + 0x9 C msvcr71d.dll!_tsopen_lk(int * punlock_flag=0x000a, int * pfh=0x1027c858, const char * path=0x0012fdb8, int oflag=273198671, int shflag=1244426, int pmode=273199175) Line 414 + 0xdC msvcp71d.dll!std::_Fputcchar(char _Byte=' ', _iobuf * _File=0x1048b047) Line 69 + 0xfC++ msvcp71d.dll!std::basic_filebufchar,std::char_traitschar ::overflow(int _Meta=32768) Line 206 + 0x19 C++ 0003() libeay32.dll!1005174d() libeay32.dll!1004fdde() libeay32.dll!10086c39() libeay32.dll!10085490() libeay32.dll!1008547d() CryptoOpenSSLTest5.exe!main(int argc=1, char * * argv=0x003f5a00) Line 82 + 0xfC++ CryptoOpenSSLTest5.exe!mainCRTStartup() Line 398 + 0x11C kernel32.dll!7c816d4f() ntdll.dll!7c925b4f() kernel32.dll!7c8399f3() -- snap -- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: function PEM_read_RSAPrivateKey not returning
To get the debugging symbols for Windows, read the INSTALL.W32 file. Of particular note is this little gem: There are various changes you can make to the Win32 compile environment. By default the library is not compiled with debugging symbols. If you add 'debug' to the mk1mf.pl lines in the do_* batch file then debugging symbols will be compiled in. Note that mk1mf.pl expects the platform to be the last argument on the command line, so 'debug' must appear before that, as all other options. -Kyle H On 2/20/06, Kyle Hamilton [EMAIL PROTECTED] wrote: ignore this, I'm used to the POSIX-system variants. :P -Kyle On 2/20/06, Kyle Hamilton [EMAIL PROTECTED] wrote: Also, you didn't compile openssl in debug mode, otherwise the libeay32.dll!(address)() calls in the stack would be showing the function names. To do so, you need to run: perl Configure -d [VC-NT | VC-WIN32] if you're running Visual C++. The -d causes it to build for the debug target, which does a couple of useful things like leave symbols in, not do massive optimizations, leave frame pointers in place, that sort of thing. -Kyle H On 2/20/06, Matthias [EMAIL PROTECTED] wrote: Kyle Hamilton wrote: Did you make sure to remove %SYSTEMROOT%\system32\ssleay32.dll and libeay32.dll? Just running the uninstaller doesn't get rid of them. No, I forgot that. Sorry, my fault. I now replaced those two DLLs with the ones I compiled myself. Good news: in Release mode my program works as expected. Bad news: in Debug mode it crashes. -- snip -- 11ef2068() libeay32.dll!10051bdd() libeay32.dll!1004fc39() libeay32.dll!1004fb8d() libeay32.dll!100849fb() kernel32.dll!7c81102e() msvcr71d.dll!_write_lk(int fh=1, const void * buf=0x0fa0, unsigned int cnt=270647770) Line 234 + 0x8 C msvcr71d.dll!_write(int fh=1244344, const void * buf=0x1021b45c, unsigned int cnt=1) Line 87 + 0x9 C msvcr71d.dll!_unlock_fhandle(int fh=1244344) Line 477 C 003f1fb8() msvcr71d.dll!_write(int fh=1244392, const void * buf=0x0001, unsigned int cnt=270542996) Line 87 + 0x9 C msvcr71d.dll!_flsbuf(int ch=271042648, _iobuf * str=0x1024755c) Line 180 + 0x11 C msvcr71d.dll!fputc(int ch=10, _iobuf * str=0x1027c858) Line 56 + 0x9 C msvcr71d.dll!_tsopen_lk(int * punlock_flag=0x000a, int * pfh=0x1027c858, const char * path=0x0012fdb8, int oflag=273198671, int shflag=1244426, int pmode=273199175) Line 414 + 0xdC msvcp71d.dll!std::_Fputcchar(char _Byte=' ', _iobuf * _File=0x1048b047) Line 69 + 0xfC++ msvcp71d.dll!std::basic_filebufchar,std::char_traitschar ::overflow(int _Meta=32768) Line 206 + 0x19 C++ 0003() libeay32.dll!1005174d() libeay32.dll!1004fdde() libeay32.dll!10086c39() libeay32.dll!10085490() libeay32.dll!1008547d() CryptoOpenSSLTest5.exe!main(int argc=1, char * * argv=0x003f5a00) Line 82 + 0xfC++ CryptoOpenSSLTest5.exe!mainCRTStartup() Line 398 + 0x11C kernel32.dll!7c816d4f() ntdll.dll!7c925b4f() kernel32.dll!7c8399f3() -- snap -- __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Question about windows environment...
Dr. Henson: I see in Configure that there's VC-NT and VC-WIN32 as targeted platforms. The INSTALL.W32 file says to run ms\do_nt.bat if you want the NT-specific features (logging BIOs would be VERY nice to have)... but wouldn't that be taken care of by the VC-NT target? If not, why not? There's no ms\do_ntnasm.bat, is why I ask. I want to get the benefits of the logging BIOs, but I also want to get the benefit of the assembly versions of the cipher implementations. (then again, I also want debug symbols, so it's like I want my cake, I want to eat it, AND I want seconds all at once. :P) -Kyle H __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Mailing list daily digest
Does anyone know how to get a daily digest version of this mailing list. Mailman supports digests but I am not familiar with Majordomo. I tried the support page of the website but could not find any relevant info. Thanks, Brendan. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Errors when coding X509 attributes - help needed
__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Errors when coding X509 attributes - help needed
__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Errors when coding X509 attributes - help needed
[Sorry for the prior empty mails I am experiencing some problems with mail] Hello, Im implementing some X509 attributes for a Openssl based X509 attribute certificates API (will be available when finished). I have some problems with one attribute, I don't know if I am implementing it correctly or not so I need help. Let me present the problem: fist the definition (by the IETF) of the attribute, then the implementation details (declaration and implementation) and the piece of code that does not work. Any help would be indeed very much grateful. -Definition (IETF) IetfAttrSyntax ::= SEQUENCE { policyAuthority [0] GeneralNamesOPTIONAL, values SEQUENCE OF CHOICE { octetsOCTET STRING, oid OBJECT IDENTIFIER, stringUTF8String } } -Declaration (.h) typedef struct IetfAttrSyntax_st { GENERAL_NAMES *policyAuthority; int type; union{ ASN1_OCTET_STRING *octets; ASN1_OBJECT *oid; ASN1_UTF8STRING *string; }values; } IetfAttrSyntax; DECLARE_ASN1_ITEM(IetfAttrSyntax) DECLARE_ASN1_FUNCTIONS(IetfAttrSyntax) -Implementation (.c) ASN1_CHOICE(IetfAttrValues)= { ASN1_SIMPLE(IetfAttrSyntax ,values.octets , ASN1_OCTET_STRING ), ASN1_SIMPLE(IetfAttrSyntax ,values.oid , ASN1_OBJECT ), ASN1_SIMPLE(IetfAttrSyntax ,values.string , ASN1_UTF8STRING ) }ASN1_CHOICE_END_selector(IetfAttrSyntax, IetfAttrValues, type); ASN1_SEQUENCE(IetfAttrSyntax) = { ASN1_OPT(IetfAttrSyntax, policyAuthority, GENERAL_NAMES, 0), ASN1_EX_COMBINE(0, 0, IetfAttrValues) }ASN1_SEQUENCE_END(IetfAttrSyntax); IMPLEMENT_ASN1_FUNCTIONS(IetfAttrSyntax) IMPLEMENT_ASN1_DUP_FUNCTION(IetfAttrSyntax) -Test code /* creating a IetfAttrSyntax */ attr_val2 = IetfAttrSyntax_new(); attr_val2-policyAuthority = GENERAL_NAMES_new(); gen = GENERAL_NAME_new(); gen-type = GEN_DIRNAME; gen-d.directoryName = X509_NAME_dup(ident_name); sk_GENERAL_NAME_push(attr_val2-policyAuthority,gen); attr_val2-type = 0;//V_ASN1_OCTET_STRING; if( attr_val2-values.octets == NULL ) attr_val2-values.octets = ASN1_OCTET_STRING_new(); ASN1_OCTET_STRING_set(attr_val2-values.octets,data_,24); attr_val2 = IetfAttrSyntax_dup(attr_val2); --- [doesn't work] i2d and d2i also doesn't work (dup depends on them so is logical) Any help would be indeed very much grateful. Thank you very much! Dani -- Daniel Diaz Sanchez Telecommunication Engineer Researcher / Teaching Assistant Dep. Ing. Telemática Universidad Carlos III de Madrid Av. Universidad, 30 28911 Leganés (Madrid/Spain) Tel: (+34) 91-624-8817, Fax: -8749 Web: www.it.uc3m.es/dds web: http://www.it.uc3m.es/pervasive Mail: [EMAIL PROTECTED] [--Remove nospam--] smime.p7s Description: S/MIME cryptographic signature
Re: Errors when coding X509 attributes - help needed
On Mon, Feb 20, 2006, Daniel Daz Snchez wrote: [Sorry for the prior empty mails I am experiencing some problems with mail] Hello, Im implementing some X509 attributes for a Openssl based X509 attribute certificates API (will be available when finished). I have some problems with one attribute, I don't know if I am implementing it correctly or not so I need help. Let me present the problem: fist the definition (by the IETF) of the attribute, then the implementation details (declaration and implementation) and the piece of code that does not work. Any help would be indeed very much grateful. -Definition (IETF) IetfAttrSyntax ::= SEQUENCE { policyAuthority [0] GeneralNamesOPTIONAL, values SEQUENCE OF CHOICE { octetsOCTET STRING, oid OBJECT IDENTIFIER, stringUTF8String } } -Declaration (.h) typedef struct IetfAttrSyntax_st { GENERAL_NAMES *policyAuthority; int type; union{ ASN1_OCTET_STRING *octets; ASN1_OBJECT *oid; ASN1_UTF8STRING *string; }values; } IetfAttrSyntax; DECLARE_ASN1_ITEM(IetfAttrSyntax) DECLARE_ASN1_FUNCTIONS(IetfAttrSyntax) -Implementation (.c) ASN1_CHOICE(IetfAttrValues)= { ASN1_SIMPLE(IetfAttrSyntax ,values.octets , ASN1_OCTET_STRING ), ASN1_SIMPLE(IetfAttrSyntax ,values.oid , ASN1_OBJECT ), ASN1_SIMPLE(IetfAttrSyntax ,values.string , ASN1_UTF8STRING ) }ASN1_CHOICE_END_selector(IetfAttrSyntax, IetfAttrValues, type); ASN1_SEQUENCE(IetfAttrSyntax) = { ASN1_OPT(IetfAttrSyntax, policyAuthority, GENERAL_NAMES, 0), ASN1_EX_COMBINE(0, 0, IetfAttrValues) }ASN1_SEQUENCE_END(IetfAttrSyntax); IMPLEMENT_ASN1_FUNCTIONS(IetfAttrSyntax) IMPLEMENT_ASN1_DUP_FUNCTION(IetfAttrSyntax) There is an attribute certificate ASN1 module in my play area on openssl.org. At least one problem is the policyAuthority syntax. The GENERAL_NAMES type is what is known as an item teplate and you can't apply modifiers to that so the ASN1_OPT line wont work. Instead you use the GENERAL_NAME type and delcare that as a SEQUENCE OF IMPLICIT, OPT. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: function PEM_read_RSAPrivateKey not returning
I deleted all ssl-related DLLs on my system now. When I compile OpenSSL as described in INSTALL.W32, point the include library directory of my example program on openssl\out32dll, recompile my example program, copy the 2 DLLs from openssl\out32dll to my example project directory... ...then my example program will succeed when I run it in Release Mode but will crash when I run it in Debug Mode. When I compile OpenSSL as described in INSTALLW32 with that tweak (*), point the library include directory on openssl\out32dll.dbg, recompile my example program, copy the 2 DLLs from openssl\out32.dbg to my example project directory... ...then my example program will crash when I run it in Release Mode but will succeed when I run it in Debug Mode (so just vice versa). (*) tweak in file ms\do_masm.bat: perl util\mk1mf.pl debug VC-WIN32 ms\nt.mak perl util\mk1mf.pl debug dll VC-WIN32 ms\ntdll.mak Surprisingly the DLLs have exactly the same size, no matter whether compiled with that tweak or not. They are binary different though. libeay32.dll: 1.220.608 Bytes ssleay32.dll: 249.856 Bytes Despite many *.pdb files in the openssl\out32dll.dbg directory I am unfortunately not able to produce a more nice call stack :( So, result is that I have to use the LIBs and DLLs from out32dll when compiling and running in Release mode and the LIBs and DLLs from out32dll.dbg when compiling and running in Debug Mode. In any other mixture it simply crashes. But at least it doesn't just halt/loop anymore. Is it intended and/or expected like that? Kyle Hamilton wrote: Are you compiling inside an IDE? What C++ compiler are you using, and what debugger? I am using Visual Studio .NET 2003 v7.0.3088 - no other compiler or debugger is on my computer. nmake spits out the following version information: C:\myProjects\opensslnmake -f ms\ntdll.mak Microsoft (R) Program Maintenance Utility Version 7.10.3077 Copyright (C) Microsoft Corporation. All rights reserved. Matthias __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: multi-thread support
From the installation notes .. It should already be there if you have things are normal. Note on multi-threading --- For some systems, the OpenSSL Configure script knows what compiler options are needed to generate a library that is suitable for multi-threaded applications. On these systems, support for multi-threading is enabled by default; use the no-threads option to disable (this should never be necessary). On other systems, to enable support for multi-threading, you will have to specify at least two options: threads, and a system-dependent option. (The latter is -D_REENTRANT on various systems.) The default in this case, obviously, is not to include support for multi-threading (but you can still use no-threads to suppress an annoying warning message from the Configure script.) Randy Turner wrote: Hi All, I just wanted to verify that, as of OpenSSL 0.9.8a, any OpenSSL data facility that utilizes STACK_OF as a container for different types of objects, the routines that reference these stacks do not support multiple threads accessing the same stack. Is this the case? I didn't see any mutex/user callback support in stack.c. Thanks! Randy __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: function PEM_read_RSAPrivateKey not returning
Are you making sure to link properly with the multithreaded libraries? (I think that was the default starting with VC++.net 2003, but I can't recall.) Incidentally, you can download a free ISO of VC++ 2005 Express Edition from Microsoft. The IDE doesn't support resource editing, but I'm having no problems with it so far. The debug libraries should have been put in out32dll.dbg\, as I recall -- you may need to edit the settings for your debug versus release builds to import from the correct version. I don't have 2003, so I can't test. -Kyle H On 2/20/06, Matthias [EMAIL PROTECTED] wrote: I deleted all ssl-related DLLs on my system now. When I compile OpenSSL as described in INSTALL.W32, point the include library directory of my example program on openssl\out32dll, recompile my example program, copy the 2 DLLs from openssl\out32dll to my example project directory... ...then my example program will succeed when I run it in Release Mode but will crash when I run it in Debug Mode. When I compile OpenSSL as described in INSTALLW32 with that tweak (*), point the library include directory on openssl\out32dll.dbg, recompile my example program, copy the 2 DLLs from openssl\out32.dbg to my example project directory... ...then my example program will crash when I run it in Release Mode but will succeed when I run it in Debug Mode (so just vice versa). (*) tweak in file ms\do_masm.bat: perl util\mk1mf.pl debug VC-WIN32 ms\nt.mak perl util\mk1mf.pl debug dll VC-WIN32 ms\ntdll.mak Surprisingly the DLLs have exactly the same size, no matter whether compiled with that tweak or not. They are binary different though. libeay32.dll: 1.220.608 Bytes ssleay32.dll: 249.856 Bytes Despite many *.pdb files in the openssl\out32dll.dbg directory I am unfortunately not able to produce a more nice call stack :( So, result is that I have to use the LIBs and DLLs from out32dll when compiling and running in Release mode and the LIBs and DLLs from out32dll.dbg when compiling and running in Debug Mode. In any other mixture it simply crashes. But at least it doesn't just halt/loop anymore. Is it intended and/or expected like that? Kyle Hamilton wrote: Are you compiling inside an IDE? What C++ compiler are you using, and what debugger? I am using Visual Studio .NET 2003 v7.0.3088 - no other compiler or debugger is on my computer. nmake spits out the following version information: C:\myProjects\opensslnmake -f ms\ntdll.mak Microsoft (R) Program Maintenance Utility Version 7.10.3077 Copyright (C) Microsoft Corporation. All rights reserved. Matthias __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
PKCS12 creation
Hi all! I need to create a PKCS#12 file, and what ever I try I can't seem to be able to sign it. I want to create a x509 file and sign it with CA key, and pack it as PKCS12 file. What I have tried to do is the following: EVP_PKEY* pPK = NULL; RSA* pRSA = RSA_generate_key(1024, RSA_F4, NULL, NULL); EVP_PKEY_assign_RSA(pPK, pRSA); FILE* pf = fopen(strCAKey.c_str(), r); RSA* pCA = PEM_read_RSAPrivateKey(pf, NULL, NULL, (void*)strPass.c_str()); pX509 = X509_new(); X509_set_version(pX509, 2); X509_set_pubkey(pX509, pPK); pName = X509_get_subject_name(pX509); -- Add entries for O, OU, CN, E X509_sign(pX509, pCA, EVP_sha1()); PKCS12* p12 = PKCS12_create((char*)strPassword.c_str(), (char*)strUserName.c_str(), pPK, pX509, NULL, 0, 0, 0, 0, 0); I have no idea what am I doing wrong :-( Any help appreciated! And BTW, I don't know almost anything about encryption... TIA, Norbert __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: PKCS12 creation
On Mon, Feb 20, 2006, Norbert Lakatos wrote: Hi all! I need to create a PKCS#12 file, and what ever I try I can't seem to be able to sign it. I want to create a x509 file and sign it with CA key, and pack it as PKCS12 file. What I have tried to do is the following: EVP_PKEY* pPK = NULL; RSA* pRSA = RSA_generate_key(1024, RSA_F4, NULL, NULL); EVP_PKEY_assign_RSA(pPK, pRSA); FILE* pf = fopen(strCAKey.c_str(), r); RSA* pCA = PEM_read_RSAPrivateKey(pf, NULL, NULL, (void*)strPass.c_str()); pX509 = X509_new(); X509_set_version(pX509, 2); X509_set_pubkey(pX509, pPK); pName = X509_get_subject_name(pX509); -- Add entries for O, OU, CN, E X509_sign(pX509, pCA, EVP_sha1()); PKCS12* p12 = PKCS12_create((char*)strPassword.c_str(), (char*)strUserName.c_str(), pPK, pX509, NULL, 0, 0, 0, 0, 0); I have no idea what am I doing wrong :-( Any help appreciated! And BTW, I don't know almost anything about encryption... Try the FAQ. That will tell you how to get meaningful error information and maybe how to fix this... Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Patent Infringement Safe Configuration of Openssl
Hello, I am currently looking into what configuration of openssl that would be patent infringement safe world wide. This is what come up with so far. IDEA should be left out, Ascom holds a patent for this algorithm. RC5 should be left out. RSA security holds a patent for this algorithm MD2, MD4 and MD5 are ok to use. RSA Security has published an IPR disclosure on www.ietf.org stating that these algorithms can be made, used and sold without any license from RSA Security Inc. Is RSA ok to include? The RSA patent has expired in the US, but what about other countries? What about eliptic curves? I have found some discussions on emailing lists about Sun's eliptic curve contribution to Openssl and possible IPR issues? What is the status? Are there other patents or other IPR issues that needs to be considered? Regards Roger _ Nyhet! Hotmail direkt i Mobilen! http://mobile.msn.com/ __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
IPR Infringement Lawsuites
Hello, Are there any known IPR infringement lawsuits as result of using or including openssl in a product? Regards Roger _ Chatt: Träffa nya nätkompisar på Habbo Hotel http://habbohotel.msn.se/habbo/sv/channelizer __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: IPR Infringement Lawsuites
In message [EMAIL PROTECTED] on Mon, 20 Feb 2006 20:26:22 +0100, Roger Boden [EMAIL PROTECTED] said: roger_no_spam Are there any known IPR infringement lawsuits as result roger_no_spam of using or including openssl in a product? None that I know of. And honestly, if there had been a lawsuit, I'm pretty we would have heard of it... Cheers, Richard - Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte [EMAIL PROTECTED] http://richard.levitte.org/ When I became a man I put away childish things, including the fear of childishness and the desire to be very grown up. -- C.S. Lewis __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Different skey size returned by i2d_RSAPrivateKey
Hi there, I want to pack a RSA priv key and this is what I'm doing: ... rsa=RSA_generate_key(1024, RSA_F4, NULL, NULL); len=i2d_RSAPrivateKey(rsa, priv); ... Why isn't `len' always the same? Is it normal? If yes, what is its maximum value for a key of 1024 bits? Is it the same for the public key? Here it is the real code: http://hinezumilabs.org/cgi-bin/viewcvs.cgi/*checkout*/netsukuku/src/crypto.c?rev=HEADcontent-type=text/plain Thanks in advance -- :wq! I don't know nothing The One Who reached the Thinking Matter '.' [ Alpt --- Freaknet Medialab ] [ GPG Key ID 441CF0EE ] [ Key fingerprint = 8B02 26E8 831A 7BB9 81A9 5277 BFF8 037E 441C F0EE ] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: multi-thread support
I just wanted to verify that, as of OpenSSL 0.9.8a, any OpenSSL data facility that utilizes STACK_OF as a container for different types of objects, the routines that reference these stacks do not support multiple threads accessing the same stack. Is this the case? I didn't see any mutex/user callback support in stack.c. I believe OpenSSL's stacks work just like pretty much everything. The results are undefined if you modify an object in one thread while another thread is or might be using it. However, you can read an object in any number of threads at the same time. If you write code where it's possible for a stack to be modified in one thread while another thread might be using that same stack, you will need to use some kind of synchronization. DS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: openssl on arm
thank you for your advice. I do have established my cross-compiling toolchain: arm-linux-gcc(sorry i forget the version num.) Now I want to Re-compile the OpenSSL with it.I don't know exactly how to do this.Should i modify the equation: CC=gcc to CC=arm-linux-gcc? just that simple?It seems that such kind of measure isn't working.do you have any idea about this? thank you !! Sun From:Bear Giles [EMAIL PROTECTED]Reply-To:openssl-users@openssl.orgTo:openssl-users@openssl.orgSubject:Re: openssl on armDate:Fri, 17 Feb 2006 07:06:46 -0700sun yingming wrote: I'm now trying to realize a SSL connection on embedded system.But I had some problems in the beginning.how can i compile the OpenSSL in arm-linux-gcc? Simple by changing the gcc to arm-linux-gcc in the Makefile? But i got the error as in the ScreenShot.png. how can i do with this ?You have to build a full cross-compiling toolchain. For instance, ifyou're running on an i386 (PC) machine your compiler and linker normallyproduces i386 libraries and executables. You need to rebuild thecompiler so it runs on an i386 but produces arm libraries and executables.Have you looked at the NSLU2 project? (nslu2-linux.org) It has amakefile that will build a cross-compiling toolchain for arm _and_ useit to build a complete embedded Linux system ready to be flashed.Actually several scripts - there are two early efforts (SlugOS andUpSlug, iirc), and now two Debian efforts. If nothing else it shouldhave the OpenSSL library somewhere in there -- everyone uses eitherdropbear or openssh.P.S., mine is great. I've thought that it would be an interesting CA.Extremely small and low power so it could be physically securedanywhere, you could store routine files (e.g., CRL) on one USB stick andhigh-value keys on a second USB stick normally kept secured, and o on.Bear__OpenSSL Project http://www.openssl.orgUser Support Mailing Listopenssl-users@openssl.orgAutomated List Manager [EMAIL PROTECTED]免费下 载 MSN Explorer __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]