crypto: fix rsa key gen with non-default exponent #27092
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
EVP_PKEY_CTX_set_rsa_keygen_pubexp() accepts ownership of the exponent on success, so do not free it. Fixes: nodejs#27087
nodejs-github-bot
added
c++
addaleax
approved these changes
Apr 4, 2019
mscdex
reviewed
Apr 5, 2019
| @@ -146,7 +146,7 @@ const sec1EncExp = (cipher) => getRegExpForPEM('EC PRIVATE KEY', cipher); | |||
|
|
|||
| // Now do the same with an encrypted private key. | |||
| generateKeyPair('rsa', { | |||
| publicExponent: 0x10001, | |||
There was a problem hiding this comment.
Can we keep this exponent in both tests (here and the change above) as an additional test parameter?
There was a problem hiding this comment.
@mscdex exponent 0x10001 is tested 4 times in test-crypto-keygen.js, I don't mind copy and pasting the tests with non-default exponents, but don't think it will increase coverage. Can you confirm you want me to do this? For your reference:
core/node (fix-non-default-exp-rsa-keygen $%) % grep publicExponent test/parallel/test-crypto-keygen.js
publicExponent: 3, // I changed this from 0x0001
publicExponent: 0x10001,
publicExponent: 0x1001, // I changed this from 0x0001
publicExponent: 0x10001,
publicExponent: 0x10001,
publicExponent: 0x10001,
There was a problem hiding this comment.
I see, either way is fine then.
tniessen
approved these changes
Apr 6, 2019
jasnell
approved these changes
Apr 6, 2019
|
yes, release both returns the pointer, and nulls it (so the auto ptr doesn't own it). But its the only function to use (I think). |
|
Landed in 0911e88 |
sam-github
added a commit
that referenced
this pull request
Apr 8, 2019
EVP_PKEY_CTX_set_rsa_keygen_pubexp() accepts ownership of the exponent on success, so do not free it. Fixes: #27087 PR-URL: #27092 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com>
4 tasks
This was referenced Apr 23, 2019
|
FWIW this fixes a crash that currently exists on latest v10.x. |
BethGriggs
pushed a commit
that referenced
this pull request
Oct 18, 2019
EVP_PKEY_CTX_set_rsa_keygen_pubexp() accepts ownership of the exponent on success, so do not free it. Fixes: #27087 Fixes: #29433 PR-URL: #27092 Reviewed-By: Ben Noordhuis <info@bnoordhuis.nl> Reviewed-By: Anna Henningsen <anna@addaleax.net> Reviewed-By: Tobias Nießen <tniessen@tnie.de> Reviewed-By: James M Snell <jasnell@gmail.com>
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
EVP_PKEY_CTX_set_rsa_keygen_pubexp() accepts ownership of the exponent
on success, so do not free it.
Fixes: #27087
Checklist
make -j4 test(UNIX), orvcbuild test(Windows) passes