PEM_write_PKCS8PrivateKey bug report and solution

Dan S. Camper Thu, 10 Jan 2002 05:57:33 -0800

Platform
========
RedHat Linux 6.2 (i386)
gcc 2.95.3

OpenSSL Version
===============
0.9.6c


Problem Description
===================
Calls to PEM_write_PKCS8PrivateKey() using a custom password collecting
function fail, in that subsequent calls to PEM_read_PrivateKey() using the
correct password cannot read the key.

Solution
========
Function do_pk8pkey() within pem_lib.c appears to invoke the custom callback
incorrectly.  The original if-then statement, starting on line 847, is:

    if(!cb) klen = def_callback(buf, PEM_BUFSIZE, 1, u);
    else klen = cb(buf, PEM_BUFSIZE, 1, u);

The fix is on the second line -- dereference the callback function pointer:

    if(!cb) klen = def_callback(buf, PEM_BUFSIZE, 1, u);
    else klen = (*cb)(buf, PEM_BUFSIZE, 1, u);

Thanks,

DSC
_________________________________________________________________________
Dan S. Camper                                         Borrowed Time, Inc.
Software Thaumaturge                                   http://www.bti.net
                                                  Toll-Free: 877.451.8939
                                                      Texas: 512.451.8939

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

PEM_write_PKCS8PrivateKey bug report and solution

Reply via email to