EC Oddity
I have been doing some EC test code with the Sept. 5 snapshot and have observed something that I find a little odd. So I thought I would mention it so someone could take a look to see if it is a bug or what is supposed to occur. I have a PEM file with an EC private key. I want to create an ephemeral private key for the same group. So my code fragments are as follows: EC_KEY *ecc_A=NULL; EC_KEY *ecc_E=NULL; const EC_GROUP *group=NULL; ecc_A = PEM_read_bio_ECPrivateKey( bio_in, NULL, NULL, NULL ); group = EC_KEY_get0_group(ecc_A); ecc_E = EC_KEY_new(); EC_KEY_set_group( ecc_E, group ); EC_KEY_generate_key( ecc_E ); Now the oddity occurs when I free the objects. If I have: if( ecc_E != NULL ) {EC_KEY_free( ecc_E ); printf(ecc_E freed\n);} if( ecc_A != NULL ) {EC_KEY_free( ecc_A ); printf(ecc_A freed\n);} if( group != NULL ) {EC_GROUP_free( (EC_GROUP*)group ); printf(group freed\n);} I see the messages: ecc_E freed ecc_A freed Killed If I reverse the order of the last two: if( ecc_E != NULL ) {EC_KEY_free( ecc_E ); printf(ecc_E freed\n);} if( group != NULL ) {EC_GROUP_free( (EC_GROUP*)group); printf(group freed\n);} if( ecc_A != NULL ) {EC_KEY_free( ecc_A ); printf(ecc_A freed\n);} I see the messages: ecc_E freed group freed Killed It is almost as if the group object and the ec key object are combined, such that freeing one automatically frees the other. Is this the way it is supposed to be? Also when doing the group free, I had to add the cast to prevent compiler warnings. It seems that EC_GROUP is inconsistently defined in the include files between its various uses. Is this also expected? Bill
Re: EC Oddity
On Tue, Sep 25, 2007, Bill Colvin wrote: I have been doing some EC test code with the Sept. 5 snapshot and have observed something that I find a little odd. So I thought I would mention it so someone could take a look to see if it is a bug or what is supposed to occur. I have a PEM file with an EC private key. I want to create an ephemeral private key for the same group. So my code fragments are as follows: EC_KEY *ecc_A=NULL; EC_KEY *ecc_E=NULL; const EC_GROUP *group=NULL; ecc_A = PEM_read_bio_ECPrivateKey( bio_in, NULL, NULL, NULL ); group = EC_KEY_get0_group(ecc_A); ecc_E = EC_KEY_new(); EC_KEY_set_group( ecc_E, group ); EC_KEY_generate_key( ecc_E ); Now the oddity occurs when I free the objects. If I have: if( ecc_E != NULL ) {EC_KEY_free( ecc_E ); printf(ecc_E freed\n);} if( ecc_A != NULL ) {EC_KEY_free( ecc_A ); printf(ecc_A freed\n);} if( group != NULL ) {EC_GROUP_free( (EC_GROUP*)group ); printf(group freed\n);} Some of the newer functions in OpenSSL follow a naming convention. If they have a '0' such as *get0*() then the pointer retrieved is internal to the parent structure and should *NOT* be freed up after use because it will be freed when the parent structure is. If you free both up you get double frees and undefined results. If there is a '1' then a copy is retrieved and it *should* be freed up as well as the parent structure. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
RE: EC Oddity
Thanks for the explanation as to why this is occurring. Bill -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Dr. Stephen Henson Sent: September 25, 2007 11:49 AM To: openssl-users@openssl.org Subject: Re: EC Oddity Some of the newer functions in OpenSSL follow a naming convention. If they have a '0' such as *get0*() then the pointer retrieved is internal to the parent structure and should *NOT* be freed up after use because it will be freed when the parent structure is. If you free both up you get double frees and undefined results. If there is a '1' then a copy is retrieved and it *should* be freed up as well as the parent structure. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED] __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]