Allen Ellison wrote:
>
> After attempting to understand the following code and how bignum_data
> is used, I couldn't find any references where bignum_data is actually
> USED, even though it's set in the following code. I only vaguely
> understand the value perhaps if you were going to save the data out to
> a file?
>
Well the clue is the use of Malloc_locked(). This can be set to call a
system dependent malloc that "locks" its memory. This might mean for
example that it can't be swapped out to disk and is otherwise harder to
access by another process.
The code then copies all the private key components into this memory.
Its basically meant to prevent private key components from being easily
read from swap files for example.
An application might call RSA_memory_lock(key) immediately after loading
a key.
As mentioned in the comment this isn't very efficient because it should
also allow caching of the Montgomery values in the locked memory.
> Anyway, I think I've discovered a bug. At least by doing a code
> review (refer to INCORRECT TYPECAST?? line in the following code
> (found in rsa_lib.c)), it appears that ul will end up pointing
> somewhere in the middle of the second BIGNUM block. If the typecast
> was corrected, then the math would place the ul pointer to point
> directly AFTER all of the BIGNUM blocks, which is presumedly where the
> 'digit data' would want to live - that is, if the data were ever used.
> ;^)
>
Yes you are correct, the brackets are in the wrong place. Presumably:
ul=&( ( (BN_ULONG *)p)[off]);
is what is intended.
Steve.
--
Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED]
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
