On Mon, May 12, 2014, Kevin Le Gouguec wrote:
> (This is on 1.0.2 beta 1 as found on openssl.org/source)
>
> I'm getting a double free error when building a CMS EnvelopedData with RSA
> OAEP. Here's how I'm setting things up (error checking left out for brevity):
>
>
> unsigned char oaep_label[] = "BLORG";
> size_t oaep_label_l = sizeof(oaep_label);
> EVP_PKEY_CTX* wrap_ctx = CMS_RecipientInfo_get0_pkey_ctx(r_info);
> if (!wrap_ctx) {
> printf("oh noes! no wrap ctx :(\n");
> goto end;
> }
> if (EVP_PKEY_CTX_set_rsa_padding(wrap_ctx, RSA_PKCS1_OAEP_PADDING)<1)
> OSSL_FAIL;
> if (EVP_PKEY_CTX_set_rsa_oaep_md(wrap_ctx, EVP_sha256())<1)
> OSSL_FAIL;
> if (EVP_PKEY_CTX_set_rsa_mgf1_md(wrap_ctx, EVP_sha256())<1)
> OSSL_FAIL;
> if (EVP_PKEY_CTX_set0_rsa_oaep_label(wrap_ctx, oaep_label, oaep_label_l)<1)
> OSSL_FAIL;
>
You problem is the OAEP label. The "set0" in the function name means the
pointer is used and freed internally by OpenSSL and shouldn't be freed
outside. In this case the label hasn't been allocated using OPENSSL_malloc so
you'll get a problem when OpenSSL tries to free it.
If you allocate a buffer for the OAEP label using OPENSSL_malloc and pass that
you should have no problem.
See:
http://www.openssl.org/docs/crypto/crypto.html#NOTES
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
