Hi Steve,
I'm on Windows 8.1 when I see this error. But your comment about older Windows reporting this suggests that perhaps there's a newer API I could use to get the job done? Sent from Surface Pro From: Dr. Stephen Henson Sent: Friday, March 21, 2014 4:30 PM To: openssl-users@openssl.org On Fri, Mar 21, 2014, Dave Thompson wrote: > To be clear: it is conventional to generate P with a larger *value* than Q, > AIR so that > > CRT qinv-modp works right. There are several ways to do this; openssl just > generates > > two suitable primes and chooses the larger one as P. Your issue is that P > has *more > > significant bits*, 257 instead of 256. > > > I don't think this violates any standard and it works fine on my Windows > (which is 7). > > The problem might be with older versions of Windows which use PRIVATEKEYBLOB format at various point. This made various assumptions about the size of key components such as p and q being the same size, d and n being double etc and the the public exponent 'e' was 32 bits in size. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
