[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems

Tomas Mraz tmraz at redhat.com
Mon Apr 25 13:29:41 UTC 2016


On Po, 2016-04-25 at 13:08 +0000, Richard Levitte via RT wrote:
> 
> rsalz> > If nothing else, all the RSA_set0 routines should test if
> the same pointer
> rsalz> > value is being replaced if so do not free it.
> rsalz> > 
> rsalz> > The same logic need to be done for all the RSA_set0_*
> functions as well as
> rsalz> > the DSA_set0_* functions.
> rsalz> 
> rsalz> That seems like a bug we should fix.
> 
> No, it's by design:
> 

Then perhaps there should be a function to set only the private part of
the RSA and DSA keys?

-- 
Tomas Mraz
No matter how far down the wrong road you've gone, turn back.
                                              Turkish proverb
(You'll never know whether the road is wrong though.)





More information about the openssl-dev mailing list