Hi, Dave. The answers are bellow.
>> I was following the main function in genpkey.c file and >> following the same >> sequence for generating key pair. I've got some executing >> erros that took me >> some hours to get it. I still have the problem and I think it >> might be some >> errors in openssl libs. >> >> In fact, I'm developing a library (*.dll and *.so) that make >> SSL connectios [and other crypto] >Does your library dynamically-link the openssl libs, >or statically embed them (while being dynamic itself)? library dynamically-link the openssl libs. My lib already uses SSL_CTX_* and SSL_* for connections. The certificates and the private keys are created directly from Openssl prompt (DOS or linux terminal). >> Because the App can't load the library with the following >> lines on dll code: >> >> 1. EVP_PKEY_CTX *ctx; >> 2. EVP_PKEY *pkey = NULL; >> 3. ctx = EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL); >> >> If the third line is commented, then the library is loaded >> and everything >> works. >> >If you are dynamic-linking openssl libs (as well as your lib), >are you sure when your app runs it is finding the correct ones? Unfortunately, yes. My lib finds the openssl libs, even though, it establishes SSL connections. >Could there be an older version of openssl in your search path? >The EVP_PKEY_CTX_* routines were new in 1.0.0. If you are >finding a version older than that, they will be missing. There were, and I've actualized. >From prompt: OpenSSL> version OpenSSL 1.0.1c 10 May 2012 >From path: C:\Openssl\bin >From C:\My_LIB_proj\lib\Openssl\include\openssl\opensslv.h #define OPENSSL_VERSION_TEXT "OpenSSL 1.0.1c 10 May 2012" >For Windows note that the DLL search rules have changed >several times over the last year or so as Microsoft puts out >more and more security patches for "DLL planting" attacks. Well, I'm developing the lib for Windows first. What I use from OS are separated in different source files. Almost everything is in "c pure", except some things it isn't possible, as threads, for example. I suppose this part it will be easier on linux. :) >> It seems to be an error with some pointer from EVP_* >> functions. Any EVP_* >> function called causes this error. >> >Sounds like reference *to*, not pointer *from*. If the app/lib >doesn't load, these function calls never get executed. >All EVP_* or only all EVP_PKEY_CTX_* ? Most other parts of EVP_ >are quite a bit older, although there have been minor changes. Yes, pointer "to", sorry. Not allones, EVP_aes_256_cbc() and EVP_PKEY_get1_RSA(pkey) are working. EVP_PKEY_asn1_find_str() , EVP_PKEY_asn1_get0_info() and EVP_PKEY_CTX_new_id() are not working. I've not tried other ones. >> Anyway, as you said the EVC functions where recent development effort >> foccus, I think this may be some error in openssl lib. I also >> think it might >> be openssl version problem or some cross-compiling error. >> >It sounds like it well could be a version problem. >How is cross-compiling involved? I've downloaded the openssl*.tar file and extracted to C:/Openssl. Then, I've used Visual Studio 2010 for cross-compiling. I followed the instructions in INSTALL.W32 file (pretty good, by the way). Then, I've copied the following directories from "C:\Openssl\" to "C:\My_LIB_proj\lib\Openssl\": include lib Then, I've imported the libeay32.lib and ssleay32.lib as usual in c programming. I've also included "C:\My_LIB_proj\lib\Openssl\include" to included paths. Is something missing? >> In any case, if it's possible I'm not importing or compiling >> the openssl >> libs properly, please let me know. Maibe some directive >> before compiling >> openssl, e.g. >> I'm using Openssl version 1.0.1c >> >You're compiling openssl yourself? Are you installing it >in the system directory(s), or using in your own dir(s)? No, my lib doesn't compile openssl. I've compiled externally and I've imported the libs created. >If the latter, is there any openssl in the system dir(s)? Not at all. I'd removed any other installed version before installing this one. >The specific system directory(s) depend on your OS, >and possibly build options. You imply you are doing at least >Windows plus some Unix, which are different; if you do more >than one Unix, those may also be different. ----------------------------------------------------- Finally, I already done the test code for generating RSA key pair not using EVP_* functions, except the two ones above. I will start developing the signatures features tomorrow. So, the openssl libs and headers files I've copied to my project environment. The App is developed in the same context, my lib and openssl libs were copied to its environment. The App starts and finishes connections using my lib which uses openssl libs. This is working pretty fine. Now, from APP, I can request RSA key generation, too. Well, I hope this long e-mail helps you. I might be doing something wrong, too. I don't know why those functions aren't working at all. Regards. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
