I have the 0.7 version of egd.pl installed and running with
egd.pl /dev/entropy
The self tests work fine.
I set the RANDFILE to the /dev/entropy after compiling openssl (CVS
version as of 5/7/00.)
I have no problems with:
openssl req -new -x509 -keyout private/cakey.pem -out cacert.pem -days 365
-config openssl.cnf
I have no problems with:
openssl req -nodes -new -x509 -keyout newreq.pem -out newreq.pem -days 360
-config openssl.cnf
The problem arises when I try and sign the certificate generated above
with:
openssl x509 -x509toreq -in newreq.pem -signkey newereq.pem -out tmp.pem
The program just sits and never returns. I did a little debugging with
scotruss which showed the program opening /dev/entropy and sleeping.
open("/dev/entropy", 0x0, 0x1b6) = ... (sleeping)
I then created a .rnd file by: ls -l | md5 > .rnd
and set RANDFILE to be the .rnd file and the signing of the key works
fine.
So in summary, there appears to be a problem with the x509 -signkey
routine when the randomfile is the egd pipe.
Any suggestions on helping track this down further?
--
Phillip P. Porch <[EMAIL PROTECTED]> NIC:PP1573 finger for
http://www.theporch.com UTM - 16 514548E 3994397N PGP key
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
