On 3/22/07, Brad House <[EMAIL PROTECTED]> wrote:
> Hello, > I am new to openssl and I have tried to use the bignumber library > like below, > > ------------------ > unsigned char* hex = "000000000000000000000000000000"; > BIGNUM* bn; > unsigned char* bytes; > int i; > bn = BN_new(); > > BN_hex2bn(&bn, hex); > > bytes = (unsigned char*) malloc(16); > BN_bn2bin(bn, bytes); > > for(i=0; i<16; i++) > printf("%02x", bytes[i]); > ----------------- > > I believe I have found a bug because the above should print 32 '0' > characters but it doesn't. I also found that the code above works for > other hexadecimal strings and it's only for the above case that it > fails.First, what makes you think BN_bn2bin() is going to return 16 bytes? The man page clearly states you should depend on the return value of BN_num_bytes(bn) to determine how much storage space you need to allocate for BN_bn2bin(). You then can loop through that result. Also, if you're wanting a hex value back out, it seems like you want BN_bn2hex(bn) and free that with OpenSSL_free(), and will exist in string-form (e.g. NULL terminated). **DISCLAIMER** I've never used the BIGNUM library directly, I could be totally off here, but skimming the manpages, it appears as your use of the BIGNUM library is improper. -Brad ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
Ah. You're correct about BN_num_bytes. Actually, in the above code, if you use BN_num_bytes(bn), it will return 0 which should not be the case. I just hardcoded the 16 there to illustrate. I believe the bug might be in BN_hex2bn. Thanks! ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]
