On Mar 16, 09:41, Aris Adamantiadis wrote:
> Hi Petar,
> I agree with the principle, but I don't think this code can work...
> RSA_generate_key takes an RSA* as parameter and in our code we probably
> have key->rsa==NULL. (if we don't then the old code had a memory leak).
>
> Does the test case work ?
>
> Aris
>
Yes, you are right. This works, tested with tests/unittests/torture_pki
Signed-off-by: Petar Koretic <petar.kore...@sartura.hr>
---
src/pki_crypto.c | 18 ++++++++++++++----
1 file changed, 14 insertions(+), 4 deletions(-)
diff --git a/src/pki_crypto.c b/src/pki_crypto.c
index 89bb538..ccf05f4 100644
--- a/src/pki_crypto.c
+++ b/src/pki_crypto.c
@@ -383,10 +383,20 @@ fail:
}
int pki_key_generate_rsa(ssh_key key, int parameter){
- key->rsa = RSA_generate_key(parameter, 65537, NULL, NULL);
- if(key->rsa == NULL)
- return SSH_ERROR;
- return SSH_OK;
+ BIGNUM *e;
+ int rc;
+
+ e = BN_new();
+ key->rsa = RSA_new();
+
+ BN_set_word(e, 65537);
+ rc = RSA_generate_key_ex(key->rsa, parameter, e, NULL);
+
+ BN_free(e);
+
+ if (rc == -1 || key->rsa == NULL)
+ return SSH_ERROR;
+ return SSH_OK;
}
int pki_key_generate_dss(ssh_key key, int parameter){
--
1.9.0
