[openssl-dev] [openssl.org #4518] OpenSSL-1.1.0-pre5 RSA_set0_key and related RSA_get0_*, RSA_set0_*, DSA_set0_* and DSA_get0_* problems
Richard Levitte
levitte at openssl.org
Tue Apr 26 21:53:09 UTC 2016
In message <571FCCEE.8010001 at roumenpetrov.info> on Tue, 26 Apr 2016 23:17:50 +0300, Roumen Petrov <openssl at roumenpetrov.info> said:
openssl> Hello Richard,
openssl>
openssl> Richard Levitte wrote:
openssl> > In message <571F2941.4040004 at openssl.org> on Tue, 26 Apr 2016 09:39:29
openssl> > +0100, Matt Caswell <matt at openssl.org> said:
openssl> >
openssl> > [SNIP]
openssl> > I've seen no other opinion, so I went with it. Would you mind having
openssl> > a look at GH#995? I did a bit of change in the docs, but could need
openssl> > some help expressing it in a better manner.
openssl> >
openssl> > Also, I'd like to hear from Douglas and Tomas if these changes found
openssl> > in said pull request would fit your bill better... basically, it
openssl> > allows (or should allow, unless I've goofed something up) a call set
openssl> > like this:
openssl> >
openssl> > RSA_set0_key(rsa, n, e, NULL);
openssl> > /* other stuff done, such as calculatig d */
openssl> > RSA_set0_key(rsa, NULL, NULL, d);
openssl> As methods allows user to set only public part I would like to propose
openssl> to add new key method "...set0_privkey" to set just private key.
openssl> This will allow to avoid duplicate of key public part between get0 and
openssl> set0 key methods.
That's conceptually confusing, as the private RSA key is composed of e
and d. Why would anyone expect to give it only d?
--
Richard Levitte levitte at openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
More information about the openssl-dev
mailing list