Can the same pointer safely be used for the input and output buffers in
encrypt and decrypt operations ?
i.e. is something like AES_encrypt(out,out,key) guaranteed not to rewrite
the input before it's been processed ?
The following IMPLIES this is safe but lingering doubts remain.
(from crypto/ae
On Mon, 2012-11-05 at 17:44 +0100, Stephen Henson via RT wrote:
> > [vpodz...@redhat.com - Tue Oct 30 17:34:05 2012]:
> >
> > Description of problem:
> > Running
> >
> > $ openssl genpkey -genparam -outform DER -out dh_params.der -algorithm
> > DH
> >
> > generates data in the PEM format inste
I resolved this issue. When building OpenSSL for FIPS, in addition to adding
the fips parameter to the Configure command, you must also add the
--with-fipslibdir and --with-fipsdir switches so the necessary files can be
located. If you do not, the compiles report no error, but the link fails a
--On Monday, November 05, 2012 2:55 PM +0100 Richard Skinner via RT
wrote:
The following code added in 1.0.0h causes CRYPTO_LOCK_EVP_PKEY lock to be
requested twice with no intervening unlock when there is a race between 2
or more threads to create the EVP_PKEY associated with the X509_PUBKEY.
> [vpodz...@redhat.com - Tue Oct 30 17:34:05 2012]:
>
> Description of problem:
> Running
>
> $ openssl genpkey -genparam -outform DER -out dh_params.der -algorithm
> DH
>
> generates data in the PEM format instead of the requested DER format.
>
> Version-Release number of selected component
> [lee.bayd...@gmail.com - Mon Nov 05 14:57:30 2012]:
>
> When attempting to build openssl-1.0.1c in fips compliant mode, the file
> crypto/ec/ec2_smpl.c attempts to return the results of function
> fips_ec_gf2m_simple_method(). This function is not defined in either
> projects.
>
>
Did you co
When attempting to build openssl-1.0.1c in fips compliant mode, the file
crypto/ec/ec2_smpl.c attempts to return the results of function
fips_ec_gf2m_simple_method(). This function is not defined in either
projects.
When attempting to build openssl-1.0.1c in fips compliant mode, the file crypto/
This is an enhancement request for the test suite.
I ran the tests from a directory "/Users/dillo/scratch/updated
libraries/openssl-1.0.1c" and the tests failed. Once I changed a parent
directory name to remove its space character, the script worked and all
tests passed.
Version: 1.0.1c
Platform:
The following code added in 1.0.0h causes CRYPTO_LOCK_EVP_PKEY lock to be
requested twice with no intervening unlock when there is a race between 2 or
more threads to create the EVP_PKEY associated with the X509_PUBKEY. The second
lock request occurs in EVP_PKEY_free().
crypto/asn1/x_pubkey.c: