[openssl-users] openssl-users Digest, Vol 46, Issue 46
Vinay Mummadi
vinay.mummadi at digicert.com
Wed Sep 26 02:47:51 UTC 2018
Hi Richard,
CC = /u/build/build1/engtools/linux/2.6.18-8.el5/x86_64/gcc/versions/4.3.2/bin/gcc
CXX = /u/build/build1/engtools/linux/2.6.18-8.el5/x86_64/gcc/versions/4.3.2/bin/g++
I was using these for openssl 1.1.0h and it compiled with this option " enable-ec_nistp_64_gcc_128"
Any other possibility, Please suggest.
------
Vinay
9008855944
On 9/25/18, 10:52 PM, "openssl-users on behalf of openssl-users-request at openssl.org" <openssl-users-bounces at openssl.org on behalf of openssl-users-request at openssl.org> wrote:
Send openssl-users mailing list submissions to
openssl-users at openssl.org
To subscribe or unsubscribe via the World Wide Web, visit
https://clicktime.symantec.com/a/1/SXS5XgWCQv7_XKjynYvihvgWkHBXM75USaaY43D_lOU=?d=7U6BPcrfpQINoyAkaWunm-Zlxgg6nczKEb9ZYXUfcNhzNfvR2d74CjA_35NwXwCg2RmGxDD2gqG7TcqIzSct_FMsWOb9VEMhQqKgoGJyVI_ItuSei6LGnLenR9YJi6TsTKsDHJo6bTNEgQNuVYFDBsNp1aCcfNYAiYfSl1J3xd_9ybL1pedLE7cfRJuAWroMNo3zsb40q9IP2dL2nqyGLQWlF5Oyy0_0IliS1xgXE6-mWi-BS2Eu0EhPWhSPbuHFpq3s7Spfo8D88OojTXiT8GAu0BoQ7E0tonETjZ3kpBq3CY74WaE6CtoirEO-zWarTsJDrJqrDExmOAWKaeSQNNw4Pvefo2hLZfYK-wfTeildTjU0j5dNkkbOtMSGOlg7sM10mgp1zuxpwiY0-I3PRPmMVPA%3D&u=https%3A%2F%2Fmta.openssl.org%2Fmailman%2Flistinfo%2Fopenssl-users
or, via email, send a message with subject or body 'help' to
openssl-users-request at openssl.org
You can reach the person managing the list at
openssl-users-owner at openssl.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of openssl-users digest..."
Today's Topics:
1. Re: Build issues with openssl-1.1.1 (Richard Levitte)
2. Certificate format question? (Scott Neugroschl)
3. Re: Certificate format question? (Viktor Dukhovni)
4. Re: Certificate format question? (Scott Neugroschl)
5. Re: Certificate format question? (Hubert Kario)
----------------------------------------------------------------------
Message: 1
Date: Mon, 24 Sep 2018 15:42:48 +0200 (CEST)
From: Richard Levitte <levitte at openssl.org>
To: openssl-users at openssl.org
Subject: Re: [openssl-users] Build issues with openssl-1.1.1
Message-ID: <20180924.154248.2078713038705571598.levitte at openssl.org>
Content-Type: Text/Plain; charset=us-ascii
I'm noticing these from the dump:
Recorded environment:
...
CC = /u/build/build1/engtools/linux/2.6.18-8.el5/x86_64/gcc/versions/4.3.2/bin/gcc
CXX = /u/build/build1/engtools/linux/2.6.18-8.el5/x86_64/gcc/versions/4.3.2/bin/g++
Could it be that those compilers don't have support for 128 bit
integers on your platform? In that case, you should remove
'enable-ec_nistp_64_gcc_128' from your configuration command.
Cheers,
Richard
In message <4B3E5BE8-18C9-4847-A71F-10EE9B410D8A at digicert.com> on Mon, 24 Sep 2018 13:12:51 +0000, Vinay Mummadi <vinay.mummadi at digicert.com> said:
> Hi team,
>
> I have downloaded openssl-1.1.1.tar.gz and executed the build it fails during make with this error.
>
> Following are the steps.
>
> 1 "./config
> --prefix=/u/build/build2/openssl/openssl.SYMC-1.1.1.shared/root/app/symc/packages/openssl.SYMC-1.1.1.shared
> shared zlib -L$baseLinkDir/lib -lz enable-ec_nistp_64_gcc_128"
>
> 2 "make depend"
>
> 1 "make"
>
> I see this error
>
> crypto/ec/ecp_nistp224.c:48:4: error: #error "Your compiler doesn't appear to support 128-bit
> integer types"
>
> crypto/ec/ecp_nistp224.c:75: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'widelimb'
>
> crypto/ec/ecp_nistp224.c:78: error: expected '=', ',', ';', 'asm' or '__attribute__' before 'widefelem'
>
> crypto/ec/ecp_nistp224.c:426: error: expected ')' before 'out'
>
> crypto/ec/ecp_nistp224.c:454: error: expected ')' before 'out'
>
> crypto/ec/ecp_nistp224.c:491: error: expected ')' before 'out'
>
> crypto/ec/ecp_nistp224.c:503: error: expected ')' before 'out'
>
> crypto/ec/ecp_nistp224.c:519: error: expected ')' before 'out'
>
> crypto/ec/ecp_nistp224.c:537: warning: type defaults to 'int' in declaration of 'widefelem'
>
> crypto/ec/ecp_nistp224.c:537: error: expected ';', ',' or ')' before 'in'
>
> crypto/ec/ecp_nistp224.c: In function 'felem_square_reduce':
>
> crypto/ec/ecp_nistp224.c:603: error: 'widefelem' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c:603: error: (Each undeclared identifier is reported only once
>
> crypto/ec/ecp_nistp224.c:603: error: for each function it appears in.)
>
> crypto/ec/ecp_nistp224.c:603: error: expected ';' before 'tmp'
>
> crypto/ec/ecp_nistp224.c:604: warning: implicit declaration of function 'felem_square'
>
> crypto/ec/ecp_nistp224.c:604: error: 'tmp' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c:605: warning: implicit declaration of function 'felem_reduce'
>
> crypto/ec/ecp_nistp224.c: In function 'felem_mul_reduce':
>
> crypto/ec/ecp_nistp224.c:610: error: 'widefelem' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c:610: error: expected ';' before 'tmp'
>
> crypto/ec/ecp_nistp224.c:611: warning: implicit declaration of function 'felem_mul'
>
> crypto/ec/ecp_nistp224.c:611: error: 'tmp' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c: In function 'felem_neg':
>
> crypto/ec/ecp_nistp224.c:678: error: 'widefelem' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c:678: error: expected ';' before 'tmp'
>
> crypto/ec/ecp_nistp224.c:679: warning: implicit declaration of function 'felem_diff_128_64'
>
> crypto/ec/ecp_nistp224.c:679: error: 'tmp' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c: In function 'felem_inv':
>
> crypto/ec/ecp_nistp224.c:713: error: 'widefelem' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c:713: error: expected ';' before 'tmp'
>
> crypto/ec/ecp_nistp224.c:716: error: 'tmp' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c: In function 'point_double':
>
> crypto/ec/ecp_nistp224.c:830: error: 'widefelem' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c:830: error: expected ';' before 'tmp'
>
> crypto/ec/ecp_nistp224.c:837: error: 'tmp' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c:888: error: 'tmp2' undeclared (first use in this function)
>
> crypto/ec/ecp_nistp224.c:890: warning: implicit declaration of function 'widefelem_scalar'
>
> earlier for openssl-1.1.0i, I used the same steps.
>
> I have attached the build.log and the dump as requested. Please suggest the resolution for this
> issue.
>
> Thanks,
>
> Vinay
>
> ------
>
> Vinay
>
> 9008855944
>
------------------------------
Message: 2
Date: Mon, 24 Sep 2018 22:25:06 +0000
From: Scott Neugroschl <scott_n at xypro.com>
To: "openssl-users at openssl.org" <openssl-users at openssl.org>
Subject: [openssl-users] Certificate format question?
Message-ID:
<MWHPR18MB14076D90B804AB9D24BA723C97170 at MWHPR18MB1407.namprd18.prod.outlook.com>
Content-Type: text/plain; charset="us-ascii"
I tried googling, but couldn't find an answer to this...
I came across a certificate that had some text garbage before the ---- BEGIN CERTIFICATE ---- line.
I know that the cert is defined as the data between the delimiters. Do the specs say anything about data before the BEGIN delimiter? Would a certificate with such data be valid? I know OpenSSL accepts such a cert, but is this an extension, or is it explicitly permitted by the standards/specifications?
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://clicktime.symantec.com/a/1/LzavauJu7CSETpeGS6BlS2L4JdouN1wqoeSTHyYDHtQ=?d=7U6BPcrfpQINoyAkaWunm-Zlxgg6nczKEb9ZYXUfcNhzNfvR2d74CjA_35NwXwCg2RmGxDD2gqG7TcqIzSct_FMsWOb9VEMhQqKgoGJyVI_ItuSei6LGnLenR9YJi6TsTKsDHJo6bTNEgQNuVYFDBsNp1aCcfNYAiYfSl1J3xd_9ybL1pedLE7cfRJuAWroMNo3zsb40q9IP2dL2nqyGLQWlF5Oyy0_0IliS1xgXE6-mWi-BS2Eu0EhPWhSPbuHFpq3s7Spfo8D88OojTXiT8GAu0BoQ7E0tonETjZ3kpBq3CY74WaE6CtoirEO-zWarTsJDrJqrDExmOAWKaeSQNNw4Pvefo2hLZfYK-wfTeildTjU0j5dNkkbOtMSGOlg7sM10mgp1zuxpwiY0-I3PRPmMVPA%3D&u=http%3A%2F%2Fmta.openssl.org%2Fpipermail%2Fopenssl-users%2Fattachments%2F20180924%2F4cc0b8e6%2Fattachment-0001.html>
------------------------------
Message: 3
Date: Mon, 24 Sep 2018 18:55:16 -0400
From: Viktor Dukhovni <openssl-users at dukhovni.org>
To: "openssl-users at openssl.org" <openssl-users at openssl.org>
Subject: Re: [openssl-users] Certificate format question?
Message-ID: <23D0E1E9-F56A-4CBE-92E9-FC0349CF3E44 at dukhovni.org>
Content-Type: text/plain; charset=utf-8
> On Sep 24, 2018, at 6:25 PM, Scott Neugroschl <scott_n at xypro.com> wrote:
>
> I tried googling, but couldn?t find an answer to this?
>
> I came across a certificate that had some text garbage before the ---- BEGIN CERTIFICATE ---- line.
>
> I know that the cert is defined as the data between the delimiters. Do the specs say anything about data before the BEGIN delimiter? Would a certificate with such data be valid? I know OpenSSL accepts such a cert, but is this an extension, or is it explicitly permitted by the standards/specifications?
https://clicktime.symantec.com/a/1/wMs9_KBHcnDbewE3qEoDEEpmCpvHjBatvULuyuMRmfI=?d=7U6BPcrfpQINoyAkaWunm-Zlxgg6nczKEb9ZYXUfcNhzNfvR2d74CjA_35NwXwCg2RmGxDD2gqG7TcqIzSct_FMsWOb9VEMhQqKgoGJyVI_ItuSei6LGnLenR9YJi6TsTKsDHJo6bTNEgQNuVYFDBsNp1aCcfNYAiYfSl1J3xd_9ybL1pedLE7cfRJuAWroMNo3zsb40q9IP2dL2nqyGLQWlF5Oyy0_0IliS1xgXE6-mWi-BS2Eu0EhPWhSPbuHFpq3s7Spfo8D88OojTXiT8GAu0BoQ7E0tonETjZ3kpBq3CY74WaE6CtoirEO-zWarTsJDrJqrDExmOAWKaeSQNNw4Pvefo2hLZfYK-wfTeildTjU0j5dNkkbOtMSGOlg7sM10mgp1zuxpwiY0-I3PRPmMVPA%3D&u=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Frfc7468%23section-2
--
Viktor.
------------------------------
Message: 4
Date: Tue, 25 Sep 2018 15:26:03 +0000
From: Scott Neugroschl <scott_n at xypro.com>
To: "'openssl-users at openssl.org'" <openssl-users at openssl.org>
Subject: Re: [openssl-users] Certificate format question?
Message-ID:
<MWHPR18MB14073714F271C06DD503C04B97160 at MWHPR18MB1407.namprd18.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"
>On Sept 24, 2018, at 3:55 PM, Viktor Dukhovni wrote:
>> On Sep 24, 2018, at 6:25 PM, Scott Neugroschl <scott_n at xypro.com>> wrote:
>>
>> I tried googling, but couldn?t find an answer to this?
>>
>> I came across a certificate that had some text garbage before the ---- BEGIN CERTIFICATE ---- line.
>>
>> I know that the cert is defined as the data between the delimiters. Do the specs say anything about data before the BEGIN
>>delimiter? Would a certificate with such data be valid? I know OpenSSL accepts such a cert, but is this an extension, or is it
>>explicitly permitted by the standards/specifications?
>https://clicktime.symantec.com/a/1/wMs9_KBHcnDbewE3qEoDEEpmCpvHjBatvULuyuMRmfI=?d=7U6BPcrfpQINoyAkaWunm-Zlxgg6nczKEb9ZYXUfcNhzNfvR2d74CjA_35NwXwCg2RmGxDD2gqG7TcqIzSct_FMsWOb9VEMhQqKgoGJyVI_ItuSei6LGnLenR9YJi6TsTKsDHJo6bTNEgQNuVYFDBsNp1aCcfNYAiYfSl1J3xd_9ybL1pedLE7cfRJuAWroMNo3zsb40q9IP2dL2nqyGLQWlF5Oyy0_0IliS1xgXE6-mWi-BS2Eu0EhPWhSPbuHFpq3s7Spfo8D88OojTXiT8GAu0BoQ7E0tonETjZ3kpBq3CY74WaE6CtoirEO-zWarTsJDrJqrDExmOAWKaeSQNNw4Pvefo2hLZfYK-wfTeildTjU0j5dNkkbOtMSGOlg7sM10mgp1zuxpwiY0-I3PRPmMVPA%3D&u=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Frfc7468%23section-2
Thanks, Viktor, appreciated.
------------------------------
Message: 5
Date: Tue, 25 Sep 2018 19:15:47 +0200
From: Hubert Kario <hkario at redhat.com>
To: openssl-users at openssl.org
Subject: Re: [openssl-users] Certificate format question?
Message-ID: <1823844.pAo1nv2Lg2 at pintsize.usersys.redhat.com>
Content-Type: text/plain; charset="utf-8"
On Tuesday, 25 September 2018 00:55:16 CEST Viktor Dukhovni wrote:
> > On Sep 24, 2018, at 6:25 PM, Scott Neugroschl <scott_n at xypro.com> wrote:
> >
> > I tried googling, but couldn?t find an answer to this?
> >
> > I came across a certificate that had some text garbage before the ----
> > BEGIN CERTIFICATE ---- line.
> >
> > I know that the cert is defined as the data between the delimiters. Do
> > the specs say anything about data before the BEGIN delimiter? Would a
> > certificate with such data be valid? I know OpenSSL accepts such a cert,
> > but is this an extension, or is it explicitly permitted by the
> > standards/specifications?
> https://clicktime.symantec.com/a/1/wMs9_KBHcnDbewE3qEoDEEpmCpvHjBatvULuyuMRmfI=?d=7U6BPcrfpQINoyAkaWunm-Zlxgg6nczKEb9ZYXUfcNhzNfvR2d74CjA_35NwXwCg2RmGxDD2gqG7TcqIzSct_FMsWOb9VEMhQqKgoGJyVI_ItuSei6LGnLenR9YJi6TsTKsDHJo6bTNEgQNuVYFDBsNp1aCcfNYAiYfSl1J3xd_9ybL1pedLE7cfRJuAWroMNo3zsb40q9IP2dL2nqyGLQWlF5Oyy0_0IliS1xgXE6-mWi-BS2Eu0EhPWhSPbuHFpq3s7Spfo8D88OojTXiT8GAu0BoQ7E0tonETjZ3kpBq3CY74WaE6CtoirEO-zWarTsJDrJqrDExmOAWKaeSQNNw4Pvefo2hLZfYK-wfTeildTjU0j5dNkkbOtMSGOlg7sM10mgp1zuxpwiY0-I3PRPmMVPA%3D&u=https%3A%2F%2Ftools.ietf.org%2Fhtml%2Frfc7468%23section-2
then it looks like the parser used in asn1parse -inform pem is non-
compliant...
https://clicktime.symantec.com/a/1/SdiPoXfXm6gJ4b-GTsltca8zYpQxzBYDyF6WVJvkOOY=?d=7U6BPcrfpQINoyAkaWunm-Zlxgg6nczKEb9ZYXUfcNhzNfvR2d74CjA_35NwXwCg2RmGxDD2gqG7TcqIzSct_FMsWOb9VEMhQqKgoGJyVI_ItuSei6LGnLenR9YJi6TsTKsDHJo6bTNEgQNuVYFDBsNp1aCcfNYAiYfSl1J3xd_9ybL1pedLE7cfRJuAWroMNo3zsb40q9IP2dL2nqyGLQWlF5Oyy0_0IliS1xgXE6-mWi-BS2Eu0EhPWhSPbuHFpq3s7Spfo8D88OojTXiT8GAu0BoQ7E0tonETjZ3kpBq3CY74WaE6CtoirEO-zWarTsJDrJqrDExmOAWKaeSQNNw4Pvefo2hLZfYK-wfTeildTjU0j5dNkkbOtMSGOlg7sM10mgp1zuxpwiY0-I3PRPmMVPA%3D&u=https%3A%2F%2Fgithub.com%2Fopenssl%2Fopenssl%2Fissues%2F7317
--
Regards,
Hubert Kario
Senior Quality Engineer, QE BaseOS Security team
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purky?ova 115, 612 00 Brno, Czech Republic
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part.
URL: <https://clicktime.symantec.com/a/1/15280Bu6gr9QBs8vAsWusRRfc1pstVtc5Aey4aGleNY=?d=7U6BPcrfpQINoyAkaWunm-Zlxgg6nczKEb9ZYXUfcNhzNfvR2d74CjA_35NwXwCg2RmGxDD2gqG7TcqIzSct_FMsWOb9VEMhQqKgoGJyVI_ItuSei6LGnLenR9YJi6TsTKsDHJo6bTNEgQNuVYFDBsNp1aCcfNYAiYfSl1J3xd_9ybL1pedLE7cfRJuAWroMNo3zsb40q9IP2dL2nqyGLQWlF5Oyy0_0IliS1xgXE6-mWi-BS2Eu0EhPWhSPbuHFpq3s7Spfo8D88OojTXiT8GAu0BoQ7E0tonETjZ3kpBq3CY74WaE6CtoirEO-zWarTsJDrJqrDExmOAWKaeSQNNw4Pvefo2hLZfYK-wfTeildTjU0j5dNkkbOtMSGOlg7sM10mgp1zuxpwiY0-I3PRPmMVPA%3D&u=http%3A%2F%2Fmta.openssl.org%2Fpipermail%2Fopenssl-users%2Fattachments%2F20180925%2F36e5af73%2Fattachment.sig>
------------------------------
Subject: Digest Footer
_______________________________________________
openssl-users mailing list
openssl-users at openssl.org
https://clicktime.symantec.com/a/1/SXS5XgWCQv7_XKjynYvihvgWkHBXM75USaaY43D_lOU=?d=7U6BPcrfpQINoyAkaWunm-Zlxgg6nczKEb9ZYXUfcNhzNfvR2d74CjA_35NwXwCg2RmGxDD2gqG7TcqIzSct_FMsWOb9VEMhQqKgoGJyVI_ItuSei6LGnLenR9YJi6TsTKsDHJo6bTNEgQNuVYFDBsNp1aCcfNYAiYfSl1J3xd_9ybL1pedLE7cfRJuAWroMNo3zsb40q9IP2dL2nqyGLQWlF5Oyy0_0IliS1xgXE6-mWi-BS2Eu0EhPWhSPbuHFpq3s7Spfo8D88OojTXiT8GAu0BoQ7E0tonETjZ3kpBq3CY74WaE6CtoirEO-zWarTsJDrJqrDExmOAWKaeSQNNw4Pvefo2hLZfYK-wfTeildTjU0j5dNkkbOtMSGOlg7sM10mgp1zuxpwiY0-I3PRPmMVPA%3D&u=https%3A%2F%2Fmta.openssl.org%2Fmailman%2Flistinfo%2Fopenssl-users
------------------------------
End of openssl-users Digest, Vol 46, Issue 46
*********************************************
More information about the openssl-users
mailing list