Hello, I "pickup" rsa-p and rsa-q just one source-code-line after they were "filled" and output the variables using the BN_print_fp function.
please reopen the ticket. Regards, Felix for (;;) { if (!BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)) goto err; printf(" p:"); BN_print_fp(stdout,rsa->p); printf(" "); if (!BN_sub(r2, rsa->p, BN_value_one())) goto err; if (!BN_gcd(r1, r2, rsa->e, ctx)) goto err; if (BN_is_one(r1)) break; if (!BN_GENCB_call(cb, 2, n++)) goto err; } if (!BN_GENCB_call(cb, 3, 0)) goto err; for (;;) { /* * When generating ridiculously small keys, we can get stuck * continually regenerating the same prime values. Check for this and * bail if it happens 3 times. */ unsigned int degenerate = 0; do { if (!BN_generate_prime_ex(rsa->q, bitsq, 0, NULL, NULL, cb)) goto err; } while ((BN_cmp(rsa->p, rsa->q) == 0) && (++degenerate < 10)); if (degenerate == 10) { ok = 0; /* we set our own err */ RSAerr(RSA_F_RSA_BUILTIN_KEYGEN, RSA_R_KEY_SIZE_TOO_SMALL); goto err; } if (!BN_sub(r2, rsa->q, BN_value_one())) goto err; if (!BN_gcd(r1, r2, rsa->e, ctx)) goto err; if (BN_is_one(r1)) break; if (!BN_GENCB_call(cb, 2, n++)) goto err; } if (!BN_GENCB_call(cb, 3, 1)) goto err; if (BN_cmp(rsa->p, rsa->q) < 0) { printf("Doppelt!") ; tmp = rsa->p; rsa->p = rsa->q; rsa->q = tmp; } printf("q:"); BN_print_fp(stdout,rsa->q); Am 21.12.2015 23:42, schrieb Richard Levitte via RT: > You're not showing us how you output rsa->p and rsa->q. It doesn't make sense > at all that you get "Doppelt!" if they were equal, so there's something wrong > with your output. Also, it's been demonstrated (see mail by Viktor on > openssl-dev) that the resulting key does have different p and q, with p > q. > > For all intents and purposes, this seems not to be a bug. Closing this ticket. > > Cheers, > Richard > > Vid Mon, 21 Dec 2015 kl. 21.36.10, skrev felix.wiedenr...@gmx.de: >> Hello, >> >> I found the reason for the problem, it´s definately a program error: >> >> The reason for it is in sub-program rsa_gen.c >> >> if (BN_cmp(rsa->p, rsa->q) < 0) { >> printf("Doppelt!") ; >> tmp = rsa->p; >> rsa->p = rsa->q; >> rsa->q = tmp; >> } >> >> Here p and q should be switched if p > q. But this does not work, >> probably due to type-incompatible Variable "tmp". >> >> So rsa->p gets the value of rsa->q but not vice versa: >> >> root@debian6:/home/felix/Downloads/openssl-0.9.8zh/apps# ./openssl >> genrsa 128 >> Generating RSA private key, 128 bit long modulus >> ..+++++++++++++++++++++++++++ >> ...+++++++++++++++++++++++++++ >> e is 65537 (0x10001) >> p:C2F7ECB8D2F59273 Doppelt!q:C2F7ECB8D2F59273-----BEGIN RSA PRIVATE >> KEY----- >> MGECAQACEQCxt/Mo0epqolFmAH7AinLnAgMBAAECECOQd0W09F9QNJjnYUzTA2kC >> CQDpWa3+afRcvQIJAML37LjS9ZJzAggdBqK1+sgCoQIICN5IGTwXSXsCCEaUjQ+2 >> 1lSi >> -----END RSA PRIVATE KEY----- >> root@debian6:/home/felix/Downloads/openssl-0.9.8zh/apps# ./openssl >> genrsa 128 >> Generating RSA private key, 128 bit long modulus >> ...+++++++++++++++++++++++++++ >> ..+++++++++++++++++++++++++++ >> e is 65537 (0x10001) >> p:EA361C8BFA9BA779 q:D5E2C6BB9B8BA893-----BEGIN RSA PRIVATE KEY----- >> MGQCAQACEQDDrn9XKQBmujmYfSQ++5J7AgMBAAECEQCKoOvL9ts26ogA0yMVZFKx >> AgkA6jYci/qbp3kCCQDV4sa7m4uokwIJAI6c+HD73n/xAggx7tN+kP21yQIJANCs >> iuyMFDkp >> -----END RSA PRIVATE KEY----- >> root@debian6:/home/felix/Downloads/openssl-0.9.8zh/apps# ./openssl >> genrsa 128 >> Generating RSA private key, 128 bit long modulus >> .+++++++++++++++++++++++++++ >> .+++++++++++++++++++++++++++ >> e is 65537 (0x10001) >> p:C3412FF6A7505B29 Doppelt!q:C3412FF6A7505B29-----BEGIN RSA PRIVATE >> KEY----- >> MGMCAQACEQCyfg3MCsahBogjE8RM+6yPAgMBAAECEEO3HMbfA7IMpHc7MT6WJZEC >> CQDqBdvZfYT49wIJAMNBL/anUFspAgkAo33OVsZLFIcCCHPy1A6/EOLxAgkAj5Jg >> TT5Qxxw= >> -----END RSA PRIVATE KEY----- >> root@debian6:/home/felix/Downloads/openssl-0.9.8zh/apps# ./openssl >> genrsa 128 >> Generating RSA private key, 128 bit long modulus >> .+++++++++++++++++++++++++++ >> .+++++++++++++++++++++++++++ >> e is 65537 (0x10001) >> p:C90F0AF5C806456F Doppelt!q:C90F0AF5C806456F-----BEGIN RSA PRIVATE >> KEY----- >> MGMCAQACEQC5Blnuh/rwj672TEtpnqBbAgMBAAECEHWgVAwQ5reHi1vT7Mv8AgEC >> CQDrlal9i7dV1QIJAMkPCvXIBkVvAgkAlW1jiUdyrVUCCF/WSswjP1IDAgkA6DRY >> CoYAsOE= >> -----END RSA PRIVATE KEY----- >> root@debian6:/home/felix/Downloads/openssl-0.9.8zh/apps# ./openssl >> genrsa 128 >> Generating RSA private key, 128 bit long modulus >> ...+++++++++++++++++++++++++++ >> ..+++++++++++++++++++++++++++ >> e is 65537 (0x10001) >> p:DFE0EAAEF64A9ED3 q:DA49968E614FC9E9-----BEGIN RSA PRIVATE KEY----- >> MGECAQACEQC+5eKmNv53y2Hn+t22uzkLAgMBAAECEHmAtlbW7/ZsapBlxpZlu1EC >> CQDf4Oqu9kqe0wIJANpJlo5hT8npAggWUvAz6B1CvwIIYCU9fST7gdECCGudR6xt >> O4sU >> -----END RSA PRIVATE KEY---- >> >> The code is still the same, even in Pre-Version 1.1.0 >> >> Regards, >> >> Felix >> >> >> Am 21.12.2015 21:38, schrieb Kurt Roeckx via RT: >>> On Mon, Dec 21, 2015 at 01:51:45PM +0000, Felix via RT wrote: >>>> That does not matter from a technical point of view. >>>> >>>> The Problem ist the same with 2048-Bit RSA. >>> If you're worried that p and q might be the same random number, I >>> think you should have other concerns. >>> >>> >>> Kurt >>> >>> >>> > > -- > Richard Levitte > levi...@openssl.org > > _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev