[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems
Matt Caswell
matt at openssl.org
Tue Apr 26 08:39:29 UTC 2016
On 26/04/16 08:26, Richard Levitte wrote:
> [temporarly taking this thread away from RT]
>
> Basically, I can see two solutions:
>
> - Allow calls like RSA_set0_key(rsa, NULL, NULL, d);
>
> That's what's implemented in GH#995, except it doesn't check if the
> input parameters are NULL before setting the corresponding fields,
> so that call ends up clearing n and e.
>
> GH#995 could be changed so that any input parameter can be NULL, and
> that the corresponding RSA structure fields are left untouched. The
> consequence is that can never be made NULL. I can live with that,
> as I can't imagine a reason to reset the fields to NULL.
IMO this is the way to go. As long as we can't set private key values
without first having set the public key, i.e. we should not be able to
get into an inconsistent state.
Matt
>
> - Add a function RSA_set0_d(RSA *rsa, BIGNUM *d)
>
> I personally prefer the first variant, but would like to have some
> input and thoughts (or just a "go ahead").
>
> Cheers,
> Richard
>
> In message <rt-4.0.19-29511-1461650518-591.4518-6-0 at openssl.org> on Tue, 26 Apr 2016 06:01:59 +0000, Richard Levitte via RT <rt at openssl.org> said:
>
> rt> Unfortunately, the solution in that PR is flawed. Back to the drawing board.
> rt>
> rt> Vid Mon, 25 apr 2016 kl. 18.39.24, skrev levitte:
> rt> > So, listening to what everyone had to say, perhaps this PR is better
> rt> > then:
> rt> >
> rt> > https://github.com/openssl/openssl/pull/995
> rt> >
> rt> > In message <a35573177bdb41388fb1d6c2670fefd6 at usma1ex-
> rt> > dag1mb1.msg.corp.akamai.com> on Mon, 25 Apr 2016 17:45:05 +0000,
> rt> > "Salz, Rich" <rsalz at akamai.com> said:
> rt> >
> rt> > rsalz>
> rt> > rsalz> > The 3-slot function is I think cleaner.
> rt> > rsalz> >
> rt> > rsalz> > I'll leave the decision of whether and when to support NULL
> rt> > rsalz> > parameters to
> rt> > rsalz> > the folks working on that code, but it is pretty clear that
> rt> > rsalz> > one must not pass an
> rt> > rsalz> > object one does not "own", such as one returned from a "get0"
> rt> > rsalz> > function, to a
> rt> > rsalz> > function that expects to take ownership of the indicated
> rt> > rsalz> > object.
> rt> > rsalz>
> rt> > rsalz> Agree with both of those.
> rt> > rsalz>
> rt> > rsalz> After a "set0" call, set your pointer to NULL, it's no longer
> rt> > rsalz> yours :)
> rt> > rsalz> --
> rt> > rsalz> openssl-dev mailing list
> rt> > rsalz> To unsubscribe:
> rt> > rsalz> https://mta.openssl.org/mailman/listinfo/openssl-dev
> rt> > rsalz>
> rt>
> rt>
> rt> --
> rt> Richard Levitte
> rt> levitte at openssl.org
> rt>
> rt> --
> rt> Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4518
> rt> Please log in as guest with password guest if prompted
> rt>
> rt> --
> rt> openssl-dev mailing list
> rt> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
> rt>
>
More information about the openssl-dev
mailing list