Re: gnutls_rsa_params_export_pkcs1 not thread safe

help-gnutls

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gnutls_rsa_params_export_pkcs1 not thread safe

From:	Nikos Mavrogiannopoulos
Subject:	Re: gnutls_rsa_params_export_pkcs1 not thread safe
Date:	Sat, 23 Jul 2011 20:30:07 +0200
User-agent:	Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.18) Gecko/20110617 Thunderbird/3.1.11

On 07/23/2011 05:27 PM, Sam Varshavchik wrote:

>> > A long and painful debugging session seems to indicate that the root
>> > of my problems is that gnutls_rsa_params_export_pkcs1() is not thread
>> > safe. I was invoking this function with the same
>> > gnutls_rsa_params_t, concurrently from multiple threads.
>> Thanks, there was some optimization in gnutls_rsa_params_t that caused
>> this issue. The attached patch should fix your problem.
>> However do you really need the gnutls_rsa_params_t? They are only
>> used for the RSA-EXPORT ciphersuites that shouldn't be used normally.
> 
> I know -- this is some middleware that pregenerates temporary RSA keys,
> in case they are actually needed.

A quick fix for that without requiring a new version of gnutls would
be to use a gnutls_x509_privkey_t and generate 512-bit RSA keys to
export. That would be thread safe and equivalent in functionality.

regards,
Nikos

[Prev in Thread]

Current Thread

[Next in Thread]

gnutls_rsa_params_export_pkcs1 not thread safe, Sam Varshavchik, 2011/07/01
- Re: gnutls_rsa_params_export_pkcs1 not thread safe, Nikos Mavrogiannopoulos, 2011/07/23
  - Re: gnutls_rsa_params_export_pkcs1 not thread safe, Sam Varshavchik, 2011/07/23
    - Re: gnutls_rsa_params_export_pkcs1 not thread safe, Nikos Mavrogiannopoulos <=

Prev by Date: Re: gnutls_rsa_params_export_pkcs1 not thread safe
Next by Date: how to encrypt raw data using public rsa key and gnutls API?
Previous by thread: Re: gnutls_rsa_params_export_pkcs1 not thread safe
Next by thread: priority strings behavior
Index(es):
- Date
- Thread