2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST

Sam Varshavchik mrsam at courier-mta.com
Wed Sep 17 13:01:38 CEST 2008

Simon Josefsson writes:

> Sam Varshavchik <mrsam at courier-mta.com> writes:
>> The following short test program runs when compiled against
>> 2.4.0. Compiling it against 2.5.7 causes it to report a
>> GNUTLS_E_INVALID_REQUEST from the second call to
>> gnutls_x509_privkey_generate().
> I can't reproduce this, adding this somewhere:
>   printf ("vers %s %s\n", LIBGNUTLS_VERSION, gnutls_check_version (NULL));
> Does print 2.5.7 for both, confirming that I really use 2.5.7.  So it


> seems something else is required to reproduce this.  Can you try to
> debug gnutls_x509_privkey_generate and see what happens?
> Does 'certtool -p' trigger the same problem for you?

Yes, certtool also bombs out.

$ certtool -p
Generating a 2048 bit RSA private key…
certtool: privkey_generate: The request is invalid.

I'm going to debug this. Debugging code compiled with -O is a pain. I'll 
need to recompile the library without optimization. The only thing I have to 
add is that this is on x86_64, which may or may not be a factor.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: </pipermail/attachments/20080917/eafe79b5/attachment.pgp>

More information about the Gnutls-devel mailing list