> Hi! > > I am doing a SHA256 on a RSA* private key. I used the result as a > symmetric > key for AES encryption.
Do you have a specification for how to do this? What ensures that the RSA private key has the same binary representation each time? For example, "3" and "03" represent the same number, so does "3.0". But they will each have a different binary representation and hance a different SHA256 hash. So if you were to write a standard that expected the same output each time, you would need to specify a particular binary representation for the RSA key. Did you do that? > ////////////////////////////////////////////////////////////////// > ///////////////////////// > int length = RSA_size(rsaPrivateKey); > SHA256_CTX sha256ctx; > SHA256_Init(&sha256ctx); > SHA256_Update(&sha256ctx, rsaPrivateKey, length); > > unsigned char* hash = new unsigned char[SHA256_DIGEST_LENGTH]; > > SHA256_Final(hash, &sha256ctx); > ////////////////////////////////////////////////////////////////// > ///////////////////////// > > If I execute this code couples of time in the same process execution, hash > variable is always the same value (this is normal!!). > But, each time I restart the application, hash value is different. You forgot to: 1) create a specification 2) implement it > In the past I used the same pattern, with SHA512 instead of > SHA256, and with > a char* instead of a RSA* and I dit not have this problem. > > Any idea what's going on ? You forgot to create a specification for the binary format of the RSA key such that the same RSA key will always have the same binary format. You forgot to convert the RSA key to this format and take the hash of the converted key. If you do not have a specification, you can only be right by accident. And even if you are right, you can never prove it. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
