[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

[Salz, Rich via RT]

> Would not a set of routines like:
> BIGNUM* RSA_get0_key_n(RSA *rsa);
> int RSA_set0_key_n(RSA *rsa, BIGNUM *n); (A set for: n, e, d, p, q, idmp1,
> idmq1, iqmp) be much more backward compatible?

We had discussed this in the team, and decided that it was better to have a single API that took all the piece-parts, rather than being able to set the individual components. It's conceptually simpler to gather what you need and then create a key, rather than everyone having to constantly check to see if all the necessary fields have been set.

> If nothing else, all the RSA_set0 routines should test if the same pointer
> value is being replaced if so do not free it.
> 
> The same logic need to be done for all the RSA_set0_* functions as well as
> the DSA_set0_* functions.

That seems like a bug we should fix.
--  
Senior Architect, Akamai Technologies
IM: richsalz at jabber.at Twitter: RichSalz



-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4518
Please log in as guest with password guest if prompted