On Thu, Jan 16, 2014 at 10:35:41AM +0000, Nischal wrote:
> We are using openSSL in OpenAT-FXT modem. the version used is 0.9.8h. When I
> am calling function to generate keys, it goes into infinite loop inside the
> function and system got crashed.
You should be using OpenSSL 0.9.8y, or if possible 1.0.1f.
Is the complete lack of entropy intended to stay that way? If so,
you must not proceed with the key generation. You need to provide
an interface for users to load externally generated keys into the
device, before which time it should refuse to perform any operations
that require private keys.
> Code is given below ----
> const int kBits = 4096;
> RSA *rsa = RSA_new();
> BIGNUM *f4 = BN_new();
> BN_GENCB *cb = NULL;
> BN_set_word(f4, RSA_F4);
> static const char rnd_seed[] = "string to make the random number generator
> think it has entropy";
> RAND_seed(rnd_seed, sizeof(rnd_seed));
> ret = RSA_generate_key_ex(rsa, kBits, f4, cb);
> ...
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
