In message <571f2941.4040...@openssl.org> on Tue, 26 Apr 2016 09:39:29 +0100,
Matt Caswell <m...@openssl.org> said:
matt>
matt>
matt> On 26/04/16 08:26, Richard Levitte wrote:
matt> > [temporarly taking this thread away from RT]
matt> >
matt> > Basically, I can see two solutions:
matt> >
matt> > - Allow calls like RSA_set0_key(rsa, NULL, NULL, d);
matt> >
matt> > That's what's implemented in GH#995, except it doesn't check if the
matt> > input parameters are NULL before setting the corresponding fields,
matt> > so that call ends up clearing n and e.
matt> >
matt> > GH#995 could be changed so that any input parameter can be NULL, and
matt> > that the corresponding RSA structure fields are left untouched. The
matt> > consequence is that can never be made NULL. I can live with that,
matt> > as I can't imagine a reason to reset the fields to NULL.
matt>
matt> IMO this is the way to go. As long as we can't set private key values
matt> without first having set the public key, i.e. we should not be able to
matt> get into an inconsistent state.
I've seen no other opinion, so I went with it. Would you mind having
a look at GH#995? I did a bit of change in the docs, but could need
some help expressing it in a better manner.
Also, I'd like to hear from Douglas and Tomas if these changes found
in said pull request would fit your bill better... basically, it
allows (or should allow, unless I've goofed something up) a call set
like this:
RSA_set0_key(rsa, n, e, NULL);
/* other stuff done, such as calculatig d */
RSA_set0_key(rsa, NULL, NULL, d);
Cheers,
Richard
--
Richard Levitte levi...@openssl.org
OpenSSL Project http://www.openssl.org/~levitte/
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
