A few years ago, we did some experiments on finding problems in error
handling in OpenSSL using Coccinelle:
Finding Error Handling Bugs in OpenSSL using Coccinelle
Julia Lawall, Ben Laurie, René Rydhof Hansen, Nicolas Palix, Gilles
Muller.
Eighth European Dependable Computing Conference, EDCC
I've had 2 users report a crash in RC4() on x86_64. The
backtrace looks like:
#0 RC4 () at rc4-x86_64.s:343
#1 0x012d in ?? ()
#2 0x00df in ?? ()
#3 0x020b5660 in ?? ()
#4 0x7fc075f6a9c9 in rc4_hmac_md5_cipher (ctx=optimized out,
out=0x20aae98
Any takers? Should I be able to build a FIPS-capable OpenSSL and have some of
the implementation be provided via an ENGINE (e.g. let's say I have a hardware
module to perform AES) but some by the OpenSSL FIPS canister? Or is it truly
all or nothing?
Thanks.
Hello,
Installation of openssl-1.0.0e fails if SCRIPTS environment variable is defined
(export SCRIPTS=/home/xxx/scripts for example).
making install in apps...
installing openssl
installing /home/xxx/scripts
In apps/Makefile, SCRIPTS is defined (SCRIPTS=CA.sh CA.pl tsget), but it
seems
On Wed, Apr 18, 2012, Erik Tkal wrote:
Any takers? Should I be able to build a FIPS-capable OpenSSL and have some
of the implementation be provided via an ENGINE (e.g. let's say I have a
hardware module to perform AES) but some by the OpenSSL FIPS canister? Or is
it truly all or nothing?