Michael Sierchio wrote: > > Ajay Nerurkar wrote: > > > > According to the doc the fields p, q, dmp1, dmq1 and iqmp > > in the RSA structure may be NULL in private keys but the > > function i2d_RSAPrivateKey() calls BN_num_bits() with each > > field of the argument RSA* a. And BN_num_bits() cannot handle > > a NULL argument. So, either BN_num_bits() or i2d_RSAPrivateKey() > > needs to check that it's not dealing with a NULL. > > Steve?
You called? The format used is a PKCS#1 RSAPrivateKey structure for which all of the fields are mandatory. What it should really do is to return an error if any of them are NULL. Unfortunately the i2d functions either don't return errors or the error codes aren't checked. Its on my list of things to do in the ASN1 revision to have a standard where returning -1 is an error (since it returns a length value 0 is a valid return code). Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Celo Communications: http://www.celocom.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
