[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: gnutls_rsa_params_export_pkcs1 not thread safe
From: |
Nikos Mavrogiannopoulos |
Subject: |
Re: gnutls_rsa_params_export_pkcs1 not thread safe |
Date: |
Sat, 23 Jul 2011 20:30:07 +0200 |
User-agent: |
Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.18) Gecko/20110617 Thunderbird/3.1.11 |
On 07/23/2011 05:27 PM, Sam Varshavchik wrote:
>> > A long and painful debugging session seems to indicate that the root
>> > of my problems is that gnutls_rsa_params_export_pkcs1() is not thread
>> > safe. I was invoking this function with the same
>> > gnutls_rsa_params_t, concurrently from multiple threads.
>> Thanks, there was some optimization in gnutls_rsa_params_t that caused
>> this issue. The attached patch should fix your problem.
>> However do you really need the gnutls_rsa_params_t? They are only
>> used for the RSA-EXPORT ciphersuites that shouldn't be used normally.
>
> I know -- this is some middleware that pregenerates temporary RSA keys,
> in case they are actually needed.
A quick fix for that without requiring a new version of gnutls would
be to use a gnutls_x509_privkey_t and generate 512-bit RSA keys to
export. That would be thread safe and equivalent in functionality.
regards,
Nikos