Hello
I have problems running an application under Windows XP, which uses EVP functionality.
EVP_SignFinal() always fails.
After some days of lost time I compiled a debugable version of OpenSSL and the error always occurred in line 86 in the file p_sign.c
int EVP_SignFinal(EVP_MD_CTX *ctx, unsigned char *sigret, unsigned int *siglen,
EVP_PKEY *pkey)
{
unsigned char m[EVP_MAX_MD_SIZE];
unsigned int m_len;
int i,ok=0,v;
MS_STATIC EVP_MD_CTX tmp_ctx;
*siglen=0;
The problem is the the wrong documentation.
There is written (http://www.openssl.org/docs/crypto/EVP_SignInit.html#):
"EVP_SignFinal() signs the data in ctx using the private key pkey and places the signature in sig. If the s parameter is not NULL then the number of bytes of data written (i.e. the length of the signature) will be written to the integer at s, at most EVP_PKEY_size(pkey) bytes will be written."
This is NOT true. If you see the function, if ever the parameter s is NULL there is an access violation, because it is a NULL pointer. Maybe also the behavior of this function in this case should be changed.
Apart from this, have you ever thought of a documentation system like Doxygen?
Could the possibility of a debug build during the generation of the Makefile be included?
I had to change manually the flags in the ntddl.mak
CFLAG= /MD /W3 /WX /G5 /Od /Gs0 /GF /Gy /nologo /ZI -DOPENSSL_SYSNAME_WIN32 -DWIN32_LEAN_AND_MEAN -DL_ENDIAN -DDSO_WIN32 -DBN_ASM -DMD5_ASM -DSHA1_ASM -DRMD160_ASM /Fdout32dll -DOPENSSL_NO_KRB5
LFLAGS=/nologo /subsystem:console /machine:I386 /debug /opt:ref
MLFLAGS= /nologo /subsystem:console /debug /machine:I386 /opt:ref /dll
Bye, Karsten ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
