OpenSSL TSA (ts) code is still using SHA-1 message digest algorithm,
in even two ways:
* as default message digest algo in the time-stamp query (by default)
* in the time-stamp reply/token signature (hard-coded)
This pull request attempts to fix it:
https://github.com/openssl/openssl/pull/474
https://github.com/openssl/openssl/pull/458
regards,
Michal Bozon
___
openssl-bugs-mod mailing list
openssl-bugs-...@openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
___
openssl-dev
s/Specifiy/Specify/
regards,
Michal Bozon
--- apps/prime.c.0
+++ apps/prime.c
@@ -121,7 +121,7 @@
char *s;
if (!bits) {
-BIO_printf(bio_err, "Specifiy the number of bits.\n");
+BIO_printf(bio_err, "Specify the number of bits.\n");
goto
In dgst man page (doc/apps/dgst.pod),
there's duplicate -hmac option documentation:
-hmac arg
set the HMAC key to arg.
...
-hmac key
create a hashed MAC using key.
Michal Bozon
___
openssl-bugs-mod mailing list
Use tst_info instead of calling TS_RESP_get_tst_info(a) second time.
--
Michal Bozon
--- crypto/ts/ts_rsp_print.c._orig 2015-06-10 17:30:05.160904287 +0200
+++ crypto/ts/ts_rsp_print.c 2015-06-10 17:31:43.760899610 +0200
@@ -87,7 +87,7 @@
BIO_printf(bio, \nTST info:\n);
tst_info =
.. credits should really go (if) to V. Smotlacha in the first place
(and I wonder, why the original Cc header was not preserved)
MB
___
openssl-dev mailing list
openssl-dev@openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
Quick demonstration - doing a statistics on first
decimal place digit of large number of time-stamps:
- sample output:
...
### BEFORE:
0: 0% --- !
1:11%
2:11%
3:11%
4:10%
5:11%
6:11%
7:12%
8:12%
9:11%
### AFTER:
0:10%
1:10%
2:10%
3:10%
4:10%
5:10%
6:10%
7:10%
8:10%
9:10%
-
There is one missing step in the script above:
echo foo | openssl ts -query -out /tmp/x.tsq
(to be added e.g. below the EOF line)
Michal Bozon
__
OpenSSL Project http://www.openssl.org
There is a bug in OpenSSL ts module,
causing the generated high-precision RFC3161 time-stamp
(when clock_precision_digits is set 0) to have the original
microsecond value increased by one or more orders of magnitude,
when that sub-second value is 0.1 s.
In crypto/ts/ts_rsp_sign.c:
hello,
i'm sending you a fix for a (minor) syntax error in several
pod documentation files, causing improper rendering of some
SEE ALSO links
(e.g. err(3),err(3) in CONF_modules_load_file)
regards,
michal bozon
diff --git a/doc/crypto/CONF_modules_free.pod b/doc/crypto/CONF_modules_free.pod
10 matches
Mail list logo