[openssl.org #874] [Fwd: Bug#243509: openssl: genrsa get crasy with small key size]
[I'd forgotten to send this to RT] OK, I took a look and the problem does not appear to be BN_generate_prime_ex() but the fact that, for small modulus sizes, the generated primes are always identical and the rsa keygen keeps looping in the hope that it eventually gets something unique. I've attached a patch that works for me, but it'd be good if you could verify you see the same behaviour. For example, I can generate RSA keys of 31 bits (meaning the primes are 15/16 bits each) but it fails for 30 bits. Do you see the same thing? Cheers, Geoff -- Geoff Thorpe, RT/openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #668] [PATCH] Fall back to software if nCipher hardware fails
Could you please adapt the patch for the head of CVS (nightly snapshots can be found on the ftp server) and resubmit? If this is not possible, let me know and perhaps I'll find a moment to have a poke at it. NB: in 0.9.8-dev, the engine implementations are to be found in ./engines/ rather than ./crypto/engine/. I doubt it would require much hacking to port this, but it will require testing the fallback scenarios with the hardware (which I can't do). Please also double check that the shared-lib engine build works too (./config shared). Colin, did you get a chance to update your patch? Cheers, Geoff -- Geoff Thorpe, RT/openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #695] [PATCH] DSO: dlfcn support for MacOS X
Antti, Any news on an update for your patch? Cheers, Geoff -- Geoff Thorpe, RT/openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #867] [PATCH] Bignum exponent in RSA_generate_key_ex (instead of long)
[geoff - Thu Apr 1 18:13:51 2004]: Can you please resubmit the patch as an attachment rather than inlining it? The patch gets word-wrapped otherwise and is unusable. Jelte, Any news on this? If you could update the request tracker ticket with a clean (non-wrapped) copy of your patch, I'd be able to take this further. Cheers, Geoff -- Geoff Thorpe, RT/openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
Re: [openssl.org #867] [PATCH] Bignum exponent in RSA_generate_key_ex (instead of long)
Can you please resubmit the patch as an attachment rather than inlining it? The patch gets word-wrapped otherwise and is unusable. Any news on this? If you could update the request tracker ticket with a clean (non-wrapped) copy of your patch, I'd be able to take this further. Oh, i thought i had resubmitted it already, but i it probably went to the mailinglist directly. Take 3 :) i hope it isn't too outdated since the patch is against 20040331, let me know if things have changed so much that i'll have to create a more recent patch Jelte btw 1, i'm still pretty sure i did not inline the original one, but maybe pine was playing games with me (using mozilla now my original message does have the patch file inlined, but pine still shows it as an attachment) btw 2, sorry for all the trouble :) __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
[openssl.org #867] [PATCH] Bignum exponent in RSA_generate_key_ex (instead of long)
Looks mostly ok. It's missing a RSA_METHOD change and has a redundant BN_new() (memory leak), but nothing major. I'll tidy it up and commit it in a sec, thanks. -- Geoff Thorpe, RT/openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]