Prime number returns NULL ( BN_generate_prime)
Hi I am testng my application on Vxworks. I am callingrsa = RSA_generate_key(512, RSA_F4, NULL, NULL); this is barfing. When I debugged I could see the rsa-p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); is resturning NULL. Can some one let me know if I miss some thing ... Thanks Praveen __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: Prime number returns NULL ( BN_generate_prime)
On Fri, May 31, 2002 at 06:59:05PM -0700, Praveen Dulam wrote: Hi I am testng my application on Vxworks. I am calling rsa = RSA_generate_key(512, RSA_F4, NULL, NULL); this is barfing. When I debugged I could see the rsa-p=BN_generate_prime(NULL,bitsp,0,NULL,NULL,callback,cb_arg); is resturning NULL. Can some one let me know if I miss some thing ... OpenSSL records errors it finds in its error queue. Please use the ERR_get_error() family of functions to get an indication about what was wrong. Best regards, Lutz PS. If I should give a guess, without digging deeper into it, all key-generation routines require random numbers. Did you seed the PRNG? -- Lutz Jaenicke [EMAIL PROTECTED] http://www.aet.TU-Cottbus.DE/personen/jaenicke/ BTU Cottbus, Allgemeine Elektrotechnik Universitaetsplatz 3-4, D-03044 Cottbus __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
getpid()
Long ago, in a galaxy far far away, Solar Designer asked wtf openssl md5 calls getpid() a zillion times. The answer is memory debugging, which checks the thread id on every allocation/free. For reasons I haven't entirely fathomed, unless you are on Windows, what's returned is the PID. Whether this makes any sense at all, I don't know. Someone might care to think about it at some point. Also, the thread id may be used elsewhere - is there any point if its actually the PID? Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #66] Possible bug in OpenSSL-0.9.6d/crypto/asn1/a_utctm.c
[EMAIL PROTECTED] via RT wrote: I believe that I have found a bug in the above file and would like for someone else to santiy check it. At line 290 in a_utctm.c, a separate code block is being used if the library needs to call gmtime_r() to get the time structure. The value is stored in a temporary (data) that is declared in this code block. The address of the temporary is assigned to an external variable tm. This can cause some memory corruption problems. The memory corruption would occur if the compiler removes the memory allocated to the temporary after the code block is done. The derefencing of tm a couple of lines later could result in a SIGSEGV because that memory has been returned. The solution to this problem is to remove the code block and declare struct tm data at the beginning of ASN1_UTCTIME_cmp_time_t(). Hmm. Seems to me you are right. Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
pl. help
Hi Can any body pl tell why i am getting an error "name does not match", when i am executing the command-- openssl ca -revoke clientcert.pem.Here i am trying to revokea client certificate, so that i can blockthat client from using the server. Regards, mishra
Re: getpid()
On linux, getpid() is different for different threads. /r$ __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: getpid()
Rich Salz wrote: On linux, getpid() is different for different threads. /r$ Well... on FreeBSD (and Solaris) it isn't... Cheers, Ben. -- http://www.apache-ssl.org/ben.html http://www.thebunker.net/ There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit. - Robert Woodruff __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]