The code is the same in both 0.9.6- and 0.9.7-beta4. in 0.9.7-b4 there is an assertion added that is being triggered because the buf size is considered too small. However, tracing through the calls shows that even with a 160bit input only the first byte is ever touched.
That does not mean other bytes could not be touched in the future though. > > In message <[EMAIL PROTECTED]> on Mon, 25 Nov 2002 09:32:30 >+0100 (MET), "Jeffrey Altman via RT" <[EMAIL PROTECTED]> said: > > rt> > rt> What is the appropriate size for 'buf' in DSA_size()? > rt> > rt> 4 bytes is certainly not correct. My guess is that we want to support at > rt> least 256 bits and so it needs to be at least 32 bytes. Does anyone > rt> have a better recommendation? > > Which version of OpenSSL? > > -- > Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED] > Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 > \ SWEDEN \ or +46-708-26 53 44 > Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] > Member of the OpenSSL development team: http://www.openssl.org/ > > Unsolicited commercial email is subject to an archival fee of $400. > See <http://www.stacken.kth.se/~levitte/mail/> for more info. > Jeffrey Altman * Volunteer Developer Kermit 95 2.1 GUI available now!!! The Kermit Project @ Columbia University SSH, Secure Telnet, Secure FTP, HTTP http://www.kermit-project.org/ Secured with MIT Kerberos, SRP, and [EMAIL PROTECTED] OpenSSL. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
