On Tue, Sep 25, 2007, Bill Colvin wrote: > I have been doing some EC test code with the Sept. 5 snapshot and have > observed something that I find a little odd. So I thought I would > mention it so someone could take a look to see if it is a bug or what is > supposed to occur. > > > > I have a PEM file with an EC private key. > > I want to create an ephemeral private key for the same group. > > So my code fragments are as follows: > > > > EC_KEY *ecc_A=NULL; > > EC_KEY *ecc_E=NULL; > > const EC_GROUP *group=NULL; > > > > ecc_A = PEM_read_bio_ECPrivateKey( bio_in, NULL, NULL, NULL ); > > > > group = EC_KEY_get0_group(ecc_A); > > ecc_E = EC_KEY_new(); > > EC_KEY_set_group( ecc_E, group ); > > EC_KEY_generate_key( ecc_E ); > > > > Now the oddity occurs when I free the objects. If I have: > > > > if( ecc_E != NULL ) {EC_KEY_free( ecc_E ); printf("ecc_E > freed\n");} > > if( ecc_A != NULL ) {EC_KEY_free( ecc_A ); printf("ecc_A > freed\n");} > > if( group != NULL ) {EC_GROUP_free( (EC_GROUP*)group ); > printf("group freed\n");} >
Some of the newer functions in OpenSSL follow a naming convention. If they have a '0' such as *get0*() then the pointer retrieved is internal to the parent structure and should *NOT* be freed up after use because it will be freed when the parent structure is. If you free both up you get double frees and undefined results. If there is a '1' then a copy is retrieved and it *should* be freed up as well as the parent structure. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]