The d2i_X509() call, when given a DER-encoded cert, populates
the openssl internal X509 data structure. The public key for
this datastructure is stored within the X509 structure in
cert_info->key, which contains three elements, 'algor',
'public_key', and 'pkey'. But, when d2i_X509() is invoked,
the 'pkey' element is never populated. Does anyone know why?
You can, of course, hack around this by setting the pkey
element to the result of d2i_PublicKey(), using the encoded key
in the 'public_key' element as an argument. However, when
you later free the X509_PUBKEY data structure in the cert,
the 'pkey' data structure is never freed because of the reference
counting on this object, which is apparently affected by the
hacking I mentioned above.
My question is, does anyone know how this is supposed to
work? Why is the pkey element not properly populated?
If the 'pkey' element is manually populated, why does this
always lead to a memory leak?
Thanks,
Dan Lanz
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
