Hi Openssl Developers,

I may find one bug for openssl-fips-test-1.2.0 which is downloaded from ftp://ftp.openssl.org/snapshot/

The machine I used is:
root@sshpa6# uname -a
HP-UX sshpa6 B.11.31 U 9000/800 2404418693 unlimited-user license


The steps to reproduct the bug are as below:

1) decompress and untar the source package

2)
root@sshpa6# pwd
/home/boqian/fips/openssl-fips-0.9.8f-dev
root@sshpa6# ./Configure hpux-cc fipscanisterbuild

3)
root@sshpa6# make
Everything is fine!

4)
root@sshpa6# cd apps
root@sshpa6# pwd
/home/boqian/fips/openssl-fips-0.9.8f-dev/apps
root@sshpa6# export SHLIB_PATH=/home/boqian/fips/openssl-fips-0.9.8f-dev
root@sshpa6# ldd openssl
/usr/lib/libc.2 => /usr/lib/libc.2
/usr/lib/libdld.2 => /usr/lib/libdld.2
/usr/lib/libc.2 => /usr/lib/libc.2
/usr/lib/libdld.2 => /usr/lib/libdld.2
libcrypto.sl.0.9.8 => /home/boqian/fips/openssl-fips-0.9.8f-dev/libcrypto.sl.0.9.8
/usr/lib/libdld.2 => /usr/lib/libdld.2
libssl.sl.0.9.8 => /home/boqian/fips/openssl-fips-0.9.8f-dev/libssl.sl.0.9.8
/usr/lib/libdld.2 => /usr/lib/libdld.2
libcrypto.sl.0.9.8 => /home/boqian/fips/openssl-fips-0.9.8f-dev/libcrypto.sl.0.9.8
root@sshpa6# ./openssl version
OpenSSL 0.9.8f-fips-dev xx XXXX xxxx

5)
root@sshpa6# ./openssl ecparam -out eckey_secp112r1.pem -name secp112r1 -genkey

6)
root@sshpa6# ./openssl ec -in eckey_secp112r1.pem -des3 -out key_out_secp112r1.pem -passout passass
read EC key
unable to load Key
16054:error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag:tasn_dec.c:1294:
16054:error:0D06C03A:asn1 encoding routines:ASN1_D2I_EX_PRIMITIVE:nested asn1 error:tasn_dec.c:830:
16054:error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error:tasn_dec.c:748:Field=n, Type=RSA
16054:error:0D09A00D:asn1 encoding routines:d2i_PrivateKey:ASN1 lib:d2i_pr.c:99:
16054:error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 libem_pkey.c:125:

7)
root@sshpa6# cat eckey_secp112r1.pem
-----BEGIN EC PARAMETERS-----
BgUrgQQABg==
-----END EC PARAMETERS-----
-----BEGIN RSA PRIVATE KEY-----
MD4CAQEEDskmCUsQTdBcbtOuhRVgoAcGBSuBBAAGoSADHgAEjU UZPaTq8Rzt1OXu
oVpBPEkeFp1MGK4AGq7nIQ==
-----END RSA PRIVATE KEY-----

8)
Modify eckey_secp112r1.pem (replace "RSA PRIVATE KEY" by "EC PRIVATE KEY")

9)
root@sshpa6# ./openssl ec -in eckey_secp112r1.pem -des3 -out key_out_secp112r1.pem -passout passass
read EC key
writing EC key

It shows the eckey_secp112r1.pem file's format may be wrong.
Is there any workaround? Could you investigate this problem?
Thank you and looking forward to your reply!

boqian

__________________________________________________ _______________
Windows Live Photo gallery 数*相机的超级伴侣,轻松管理和编 照片,还能制作全景美图!
http://get.live.cn/product/photo.html

__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org