[I'd forgotten to send this to RT] OK, I took a look and the problem does not appear to be BN_generate_prime_ex() but the fact that, for small modulus sizes, the generated primes are always identical and the rsa keygen keeps looping in the hope that it eventually gets something unique. I've attached a patch that works for me, but it'd be good if you could verify you see the same behaviour. For example, I can generate RSA keys of 31 bits (meaning the primes are 15/16 bits each) but it fails for 30 bits. Do you see the same thing?
Cheers, Geoff -- Geoff Thorpe, RT/openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
