[openssl-users] Potential memory leak in RSA_private_decrypt
Matt Caswell
matt at openssl.org
Wed Nov 8 10:00:56 UTC 2017
On 08/11/17 09:47, Wang wrote:
> Hello Matt,
>
> Thank you for trying to help.
>
>>>> Is this the "bottom" of the OpenSSL stack? i.e. your application calls
>>>> RSA_private_decrypt() directly?
> Yes, it does.
>
>>>> Do you share a single RSA object across multiple threads?
> Yes, my application shares a single RSA object across many concurrent
> threads. Namely RSA_private_decrypt() is called with the same RSA object
> concurrently across many threads.
>
> Does this cause any issue? I checked OpenSSL document, but didn't find
> anything related to this kind of restriction
> (https://www.openssl.org/docs/manmaster/man3/RSA_public_encrypt.html). Or
> this restriction is undocumented?
https://www.openssl.org/docs/faq.html#PROG1
>From the FAQ:
"1. Is OpenSSL thread-safe?
Yes but with some limitations; for example, an SSL connection cannot be
used concurrently by multiple threads. This is true for most OpenSSL
objects.
..."
This is also true for the RSA object. Temporary, thread specific
blinding state is held in the RSA object so it cannot be shared across
multiple threads.
Matt
More information about the openssl-users
mailing list