[guest - Fri Feb 21 02:43:59 2003]:
The patch works, the app no longer crashes while verifying the DSA
signature that it crashed on before.
OK, I've edited the patch to remove some sludge and be a little clearer
in places. It's now committed to the head of CVS and should be visible
in the
[geoff - Sat Feb 15 22:50:51 2003]:
[geoff - Sat Feb 15 21:48:27 2003]:
I've attached a diff that I think addresses the problem but I'll need to
consider the consequences a bit more in terms of how this could affect
existing (and 3rd party and future) DSA implementations. Could you
please
[guest - Thu Feb 20 19:00:47 2003]:
The patch works, the app no longer crashes while verifying the DSA
signature that it crashed on before.
It took me a while to get my app running with 0.9.7a because I couldn't
figure out why the ubsec code wasn't being built in -- I wasn't crashing
when
Hi there,
(1) While testing I found that verification of certain signed
documents crashed OpenSSL. The problem appears to be that
hw_ubsec.c:ubsec_dsa_verify() calls
p_UBSEC_dsa_verify_ioctl() and if this call fails then the code tries
using software crypto, indirectly calling
[geoff - Sat Feb 15 21:48:27 2003]:
The problem is nonetheless still there, and I am looking at it.
OK, I've taken a further look - and some of the issues this problem have
raised apply to other code too (eg. RSA and DH for sure, perhaps
others). The fact that these METHOD's have protected
This is from an email sent to openssl-users:
I'm signing and verifying documents using DSA and have run into a couple of
problems.
I'm working with OpenSSL 0.9.7 on Linux with a Broadcom crypto card based on
the 5821 (so OpenSSL engine type is ubsec). I have version 1.81 of the
Broadcom