At 02:24 PM 4/4/00 +0200, "Jiri Holinek" <[EMAIL PROTECTED]> wrote:
[snip]
>pvk_len = i2d_RSAPrivateKey(rsa, &pvk_buf);
>
>/* There are some data in pvk_buf, but are corrupted. */
>free(pvk_buf);
>/* This causes segmentation fault */
[snip]
>I fixed this by:
>pvk_len = i2d_RSAPrivateKey(rsa, NULL);
>pvk_buf = (unsigned char *)malloc(pvk_len*2*sizeof(unsigned char));
> ^^^^^
>/* need allocate two many size of buffer */
>org_pointer_buf = pvk_buf;
>pvk_len = i2d_RSAPrivateKey(rsa, &pvk_buf);
>
>/* here is the pvk_buf pointer shifted about pvk_len bytes far from
> original position stored in org_pointer_buf (WHY??)
>*/
>
>free(org_pointer_buf);
>/* freed OK */
the ASN processing allows it to operate on structures (and substructures)
recursively ... ASN data can consist of lists (ie sequences, sets etc) of
things, as well as recursively nested data structures. So, in theory, all
of the ASN encoding functions can call each other as required to continue
"serialising" the data ... by having all the i2d_*** functions adjust the
pointer value to the byte just after where it finished writing, you can
handle iterative and recursive tasks a lot easier.
When you ask one of these functions to encode data into ASN form, it may
have to also call other i2d_*** functions recursively to encode parts
within it (even with an RSA private key, but much more so with something
like a certificate). By having each little function adjust the pointer
value, they don't all have to maintain their own counters and copies of
pointers as they encode. ASN parsing and encoding is very difficult code to
maintain (and I still regard it as "black magic" and the people who do it
as sorcerers). Having the functions work this way at least makes it easier
for those developers to not accidently leave really hard-to-find bugs. If
you have to encode more than one data structure into one block of memory
some day, you may also be grateful it works this way.
:-)
Cheers,
Geoff
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
