Michael Sierchio wrote:
> 
> Ajay Nerurkar wrote:
> >
> > According to the doc the fields p, q, dmp1, dmq1 and iqmp
> > in the RSA structure may be NULL in private keys but the
> > function i2d_RSAPrivateKey() calls BN_num_bits() with each
> > field of the argument RSA* a. And BN_num_bits() cannot handle
> > a NULL argument. So, either BN_num_bits() or i2d_RSAPrivateKey()
> > needs to check that it's not dealing with a NULL.
> 
> Steve?

You called?

The format used is a PKCS#1 RSAPrivateKey structure for which all of the
fields are mandatory. What it should really do is to return an error if
any of them are NULL.

Unfortunately the i2d functions either don't return errors or the error
codes aren't checked. Its on my list of things to do in the ASN1
revision to have a standard where returning -1 is an error (since it
returns a length value 0 is a valid return code).

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to