[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems
Richard Levitte
levitte at openssl.org
Tue Apr 26 11:46:20 UTC 2016
In message <571F2941.4040004 at openssl.org> on Tue, 26 Apr 2016 09:39:29 +0100, Matt Caswell <matt at openssl.org> said:
matt>
matt>
matt> On 26/04/16 08:26, Richard Levitte wrote:
matt> > [temporarly taking this thread away from RT]
matt> >
matt> > Basically, I can see two solutions:
matt> >
matt> > - Allow calls like RSA_set0_key(rsa, NULL, NULL, d);
matt> >
matt> > That's what's implemented in GH#995, except it doesn't check if the
matt> > input parameters are NULL before setting the corresponding fields,
matt> > so that call ends up clearing n and e.
matt> >
matt> > GH#995 could be changed so that any input parameter can be NULL, and
matt> > that the corresponding RSA structure fields are left untouched. The
matt> > consequence is that can never be made NULL. I can live with that,
matt> > as I can't imagine a reason to reset the fields to NULL.
matt>
matt> IMO this is the way to go. As long as we can't set private key values
matt> without first having set the public key, i.e. we should not be able to
matt> get into an inconsistent state.
I've seen no other opinion, so I went with it. Would you mind having
a look at GH#995? I did a bit of change in the docs, but could need
some help expressing it in a better manner.
Also, I'd like to hear from Douglas and Tomas if these changes found
in said pull request would fit your bill better... basically, it
allows (or should allow, unless I've goofed something up) a call set
like this:
RSA_set0_key(rsa, n, e, NULL);
/* other stuff done, such as calculatig d */
RSA_set0_key(rsa, NULL, NULL, d);
Cheers,
Richard
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-dev
mailing list