Hi, The return value of X509_NAME_hash() has changed from 0.9.8zb onwards.
I have written a sample program to verify the value return of X509_NAME_hash(). I linked the same program with four different version of crypto library. The output is as below: ===================================================================== (Linux)(snapper53-64)progs{85} ./X509_NAME_hash_test.t 9C361DAC (Linux)(snapper53-64)progs{86} ./X509_NAME_hash_test.y 9C361DAC (Linux)(snapper53-64)progs{87} ./X509_NAME_hash_test.zb 01B7949D (Linux)(snapper53-64)progs{88} ./X509_NAME_hash_test.zc 01B7949D ===================================================================== The extension in the binary name is the version of the openSSL. Below is the sample program: 1 #include <stdio.h> 2 #include <ctype.h> 3 #include <string.h> 4 #include "openssl/asn1.h" 5 #include "openssl/objects.h" 6 #include "openssl/x509.h" 7 #include "openssl/x509v3.h" 8 9 int add_entry_to_X509_NAME( X509_NAME* name, 10 const char* id, 11 const char* value) 12 { 13 int ret = X509_NAME_add_entry_by_txt( name, 14 id, /*(char *) id,*/ 15 MBSTRING_UTF8, 16 (const unsigned char*)value, 17 -1, /*strlen(value),*/ 18 -1, 19 0 ); 20 21 if (ret != 1) 22 { 23 printf("Unable to add %s - %s to X509Name (ret = %d)\n", id, value, ret) ; 24 return -1; 25 } 26 27 return 0 ; 28 } 29 30 31 int main () 32 { 33 unsigned long file_hash ; 34 X509_NAME *name; 35 int i; 36 37 name = X509_NAME_new(); 38 if (!name) 39 printf("Unable to alloc mem for X509_Name") ; 40 41 add_entry_to_X509_NAME(name, "commonName", "test_agent"); 42 add_entry_to_X509_NAME(name, "organizationalUnitName", "test_dom...@example.com"); 43 add_entry_to_X509_NAME(name, "organizationName", "ex"); 44 45 file_hash = X509_NAME_hash ((X509_NAME *) name) ; 46 47 printf ("%08X \n", (unsigned int) file_hash); 48 49 return 0; 50 } Could you please confirm if this is an openssl bug? Thanks & Regards,Palak _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev