OpenSolaris

Printable Version Enter a New Search
Bug ID 6652362
Synopsis pk11_RSA_finish() is cutting corners
State 10-Fix Delivered (Fix available in build)
Category:Subcategory solaris-crypto:openssl
Keywords rtiq_reviewed
Responsible Engineer Vladimir Kotal
Reported Against
Duplicate Of
Introduced In solaris_10
Commit to Fix snv_93
Fixed In snv_93
Release Fixed solaris_nevada(snv_93) , solaris_10u7(s10u7_01) (Bug ID:2165115)
Related Bugs 6602801 , 6666625
Submit Date 18-January-2008
Last Update Date 3-July-2008
Description 
pk11_RSA_finish() is called when OpenSSL PKCS#11 engine is turned on and RSA_free() is called. pk11_RSA_finish(RSA *rsa) should delete key material (and all references to it in the engine) associated with the 'rsa' stucture. It not only does not do that properly (see CR 6602801) but it was written so that it removes all RSA keys from PKCS#11 engine free list.

Instead, it should just remove the key material referenced by its argument.

The same is valid for pk11_DH_finish() and pk11_DSA_finish().
Work Around 
N/A
Comments 
N/A