You're not showing us how you output rsa->p and rsa->q. It doesn't make sense at all that you get "Doppelt!" if they were equal, so there's something wrong with your output. Also, it's been demonstrated (see mail by Viktor on openssl-dev) that the resulting key does have different p and q, with p > q.
For all intents and purposes, this seems not to be a bug. Closing this ticket. Cheers, Richard Vid Mon, 21 Dec 2015 kl. 21.36.10, skrev felix.wiedenr...@gmx.de: > Hello, > > I found the reason for the problem, it´s definately a program error: > > The reason for it is in sub-program rsa_gen.c > > if (BN_cmp(rsa->p, rsa->q) < 0) { > printf("Doppelt!") ; > tmp = rsa->p; > rsa->p = rsa->q; > rsa->q = tmp; > } > > Here p and q should be switched if p > q. But this does not work, > probably due to type-incompatible Variable "tmp". > > So rsa->p gets the value of rsa->q but not vice versa: > > root@debian6:/home/felix/Downloads/openssl-0.9.8zh/apps# ./openssl > genrsa 128 > Generating RSA private key, 128 bit long modulus > ..+++++++++++++++++++++++++++ > ...+++++++++++++++++++++++++++ > e is 65537 (0x10001) > p:C2F7ECB8D2F59273 Doppelt!q:C2F7ECB8D2F59273-----BEGIN RSA PRIVATE > KEY----- > MGECAQACEQCxt/Mo0epqolFmAH7AinLnAgMBAAECECOQd0W09F9QNJjnYUzTA2kC > CQDpWa3+afRcvQIJAML37LjS9ZJzAggdBqK1+sgCoQIICN5IGTwXSXsCCEaUjQ+2 > 1lSi > -----END RSA PRIVATE KEY----- > root@debian6:/home/felix/Downloads/openssl-0.9.8zh/apps# ./openssl > genrsa 128 > Generating RSA private key, 128 bit long modulus > ...+++++++++++++++++++++++++++ > ..+++++++++++++++++++++++++++ > e is 65537 (0x10001) > p:EA361C8BFA9BA779 q:D5E2C6BB9B8BA893-----BEGIN RSA PRIVATE KEY----- > MGQCAQACEQDDrn9XKQBmujmYfSQ++5J7AgMBAAECEQCKoOvL9ts26ogA0yMVZFKx > AgkA6jYci/qbp3kCCQDV4sa7m4uokwIJAI6c+HD73n/xAggx7tN+kP21yQIJANCs > iuyMFDkp > -----END RSA PRIVATE KEY----- > root@debian6:/home/felix/Downloads/openssl-0.9.8zh/apps# ./openssl > genrsa 128 > Generating RSA private key, 128 bit long modulus > .+++++++++++++++++++++++++++ > .+++++++++++++++++++++++++++ > e is 65537 (0x10001) > p:C3412FF6A7505B29 Doppelt!q:C3412FF6A7505B29-----BEGIN RSA PRIVATE > KEY----- > MGMCAQACEQCyfg3MCsahBogjE8RM+6yPAgMBAAECEEO3HMbfA7IMpHc7MT6WJZEC > CQDqBdvZfYT49wIJAMNBL/anUFspAgkAo33OVsZLFIcCCHPy1A6/EOLxAgkAj5Jg > TT5Qxxw= > -----END RSA PRIVATE KEY----- > root@debian6:/home/felix/Downloads/openssl-0.9.8zh/apps# ./openssl > genrsa 128 > Generating RSA private key, 128 bit long modulus > .+++++++++++++++++++++++++++ > .+++++++++++++++++++++++++++ > e is 65537 (0x10001) > p:C90F0AF5C806456F Doppelt!q:C90F0AF5C806456F-----BEGIN RSA PRIVATE > KEY----- > MGMCAQACEQC5Blnuh/rwj672TEtpnqBbAgMBAAECEHWgVAwQ5reHi1vT7Mv8AgEC > CQDrlal9i7dV1QIJAMkPCvXIBkVvAgkAlW1jiUdyrVUCCF/WSswjP1IDAgkA6DRY > CoYAsOE= > -----END RSA PRIVATE KEY----- > root@debian6:/home/felix/Downloads/openssl-0.9.8zh/apps# ./openssl > genrsa 128 > Generating RSA private key, 128 bit long modulus > ...+++++++++++++++++++++++++++ > ..+++++++++++++++++++++++++++ > e is 65537 (0x10001) > p:DFE0EAAEF64A9ED3 q:DA49968E614FC9E9-----BEGIN RSA PRIVATE KEY----- > MGECAQACEQC+5eKmNv53y2Hn+t22uzkLAgMBAAECEHmAtlbW7/ZsapBlxpZlu1EC > CQDf4Oqu9kqe0wIJANpJlo5hT8npAggWUvAz6B1CvwIIYCU9fST7gdECCGudR6xt > O4sU > -----END RSA PRIVATE KEY---- > > The code is still the same, even in Pre-Version 1.1.0 > > Regards, > > Felix > > > Am 21.12.2015 21:38, schrieb Kurt Roeckx via RT: > > On Mon, Dec 21, 2015 at 01:51:45PM +0000, Felix via RT wrote: > >> That does not matter from a technical point of view. > >> > >> The Problem ist the same with 2048-Bit RSA. > > If you're worried that p and q might be the same random number, I > > think you should have other concerns. > > > > > > Kurt > > > > > > > -- Richard Levitte levi...@openssl.org _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev