Scott Neugroschl <
redfloyd@...> writes:
>On page 268, the manual states that all algorithms can be tested by setting
>CRYPT_OPTION_SELFTESTOK to CRYPT_USE_DEFAULT. However, when doing so, an
>internal error is generated by setUserAttribute (user_attr.c, lines 312-314),
>as the REQUIRES does not allow a negative value for the attribute.
>CRYPT_USE_DEFAULT is defined as -100 (cryptlib.h, line 1517), so using the
>function as documented generates an internal fault.
Oops, this is a conflict between what older code used to do and a workaround
for Visual Basic. The current version of the code, for FIPS 140 compliance,
takes as argument a boolean value 'TRUE', tests all algorithms, and disables
those that fail the self-test (this was done at the request of a particular
end user :-). However in order to work with other languages like VB, which
set the value of 'TRUE' to -1, the code would also accept any nonzero value,
but then a lower-level check reports it as being wrong. I've fixed the code
to correct this, and also updated the docs (for the next release) to reflect
the current behaviour.
>Also, there is a typo in the manual on 268. In the second paragraph after
>the table (starts with CRYPT_OPTION_SELFTEST), the first word should be
>CRYPT_OPTION_SELFTESTOK.
Thanks, fixed.
Peter.
_______________________________________________
Cryptlib mailing list
Cryptlib@... via Mail:
cryptlib-request@...
Archive: ftp://ftp.franken.de/pub/crypt/cryptlib/archives/
http://news.gmane.org/gmane.comp.encryption.cryptlibPosts from non-subscribed addresses are blocked to prevent spam, please
subscribe in order to post messages.
