[openssl-dev] [openssl.org #3815] Issue with X509_NAME_hash in 0.9.8zb
Palak Agarwal via RT
rt at openssl.org
Tue Apr 21 07:00:30 UTC 2015
Hi,
The return value of X509_NAME_hash() has changed from 0.9.8zb onwards.
I have written a sample program to verify the value return of X509_NAME_hash(). I linked the same program with four different version of crypto library. The output is as below:
=====================================================================
(Linux)(snapper53-64)progs{85} ./X509_NAME_hash_test.t
9C361DAC
(Linux)(snapper53-64)progs{86} ./X509_NAME_hash_test.y
9C361DAC
(Linux)(snapper53-64)progs{87} ./X509_NAME_hash_test.zb
01B7949D
(Linux)(snapper53-64)progs{88} ./X509_NAME_hash_test.zc
01B7949D
=====================================================================
The extension in the binary name is the version of the openSSL. Below is the sample program:
1 #include <stdio.h>
2 #include <ctype.h>
3 #include <string.h>
4 #include "openssl/asn1.h"
5 #include "openssl/objects.h"
6 #include "openssl/x509.h"
7 #include "openssl/x509v3.h"
8
9 int add_entry_to_X509_NAME( X509_NAME* name,
10 const char* id,
11 const char* value)
12 {
13 int ret = X509_NAME_add_entry_by_txt( name,
14 id, /*(char *) id,*/
15 MBSTRING_UTF8,
16 (const unsigned char*)value,
17 -1, /*strlen(value),*/
18 -1,
19 0 );
20
21 if (ret != 1)
22 {
23 printf("Unable to add %s - %s to X509Name (ret = %d)\n", id, value, ret) ;
24 return -1;
25 }
26
27 return 0 ;
28 }
29
30
31 int main ()
32 {
33 unsigned long file_hash ;
34 X509_NAME *name;
35 int i;
36
37 name = X509_NAME_new();
38 if (!name)
39 printf("Unable to alloc mem for X509_Name") ;
40
41 add_entry_to_X509_NAME(name, "commonName", "test_agent");
42 add_entry_to_X509_NAME(name, "organizationalUnitName", "test_domain at example.com");
43 add_entry_to_X509_NAME(name, "organizationName", "ex"); 44
45 file_hash = X509_NAME_hash ((X509_NAME *) name) ;
46
47 printf ("%08X \n", (unsigned int) file_hash);
48
49 return 0;
50 }
Could you please confirm if this is an openssl bug?
Thanks & Regards,Palak
More information about the openssl-dev
mailing list