[openssl-dev] [openssl.org #4611] PKCS12_create() not thread-safe for ECDSA

On Sun Jul 10 19:38:03 2016, ms...@barracuda.com wrote: > OpenSSL 1.0.2h > > The function eckey_priv_encode() may crash if the same pkey is > serialized from multiple threads. Here is a sample backtrace: > > #0 0x7fff8f321f92 in _platform_memmove$VARIANT$Haswell () > #1 0x000100196132 in

[openssl-dev] [openssl.org #4611] PKCS12_create() not thread-safe for ECDSA

ah, you're right, the lock in EC_KEY should be used. thanks. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4611 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Re: [openssl-dev] [openssl.org #4611] PKCS12_create() not thread-safe for ECDSA

On 7/10/16, 3:41 PM, "Salz, Rich via RT" wrote: >>These APIs are documented as thread safe, and should not change the >>internal flags of the pkey without proper locking. > >Where is that? >From https://www.openssl.org/docs/man1.0.2/crypto/threads.html "OpenSSL can

Re: [openssl-dev] [openssl.org #4611] PKCS12_create() not thread-safe for ECDSA

> These APIs are documented as thread safe, and should not change the > internal flags of the pkey without proper locking. Where is that? -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4611 Please log in as guest with password guest if prompted -- openssl-dev mailing list To

[openssl-dev] [openssl.org #4611] PKCS12_create() not thread-safe for ECDSA

OpenSSL 1.0.2h The function eckey_priv_encode() may crash if the same pkey is serialized from multiple threads. Here is a sample backtrace: #0 0x7fff8f321f92 in _platform_memmove$VARIANT$Haswell () #1 0x000100196132 in i2c_ASN1_BIT_STRING #2 0x0001001a1fb2 in asn1_ex_i2c #3