[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Tue Apr 26 18:02:05 UTC 2016
On 4/26/16, 13:56 , "openssl-dev on behalf of Douglas E Engert"
<openssl-dev-bounces at openssl.org on behalf of deengert at gmail.com> wrote:
>...
>RSA_get0_key(rsa, &my_n, &my_e, NULL); /* note this is a GET0 */
>
>/* my_n now points to the BIGNUM as does rsa->n */
>/* my_e now points to the BIGNUM as does rsa->e */
>
>/* other stuff done, such as calculating d */
>
>RSA_set0_key(rsa, my_n, my_e, d);
>
>/* RSA_set0_key does not check if my_n == rsa->n
>It frees rsa->n and replaces it with my_n which is is pointing at the
>freed location */
After all the discussion that occurred here, I think that the problem Doug
is pointing at should be fixed, and the solution he recommends should be
put in.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4324 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160426/fdc75231/attachment.bin>
More information about the openssl-dev
mailing list