[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: gnutls_rsa_params_export_pkcs1 not thread safe

From: Nikos Mavrogiannopoulos
Subject: Re: gnutls_rsa_params_export_pkcs1 not thread safe
Date: Sat, 23 Jul 2011 20:30:07 +0200
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv: Gecko/20110617 Thunderbird/3.1.11

On 07/23/2011 05:27 PM, Sam Varshavchik wrote:

>> > A long and painful debugging session seems to indicate that the root
>> > of my problems is that gnutls_rsa_params_export_pkcs1() is not thread
>> > safe. I was invoking this function with the same
>> > gnutls_rsa_params_t, concurrently from multiple threads.
>> Thanks, there was some optimization in gnutls_rsa_params_t that caused
>> this issue. The attached patch should fix your problem.
>> However do you really need the gnutls_rsa_params_t? They are only
>> used for the RSA-EXPORT ciphersuites that shouldn't be used normally.
> I know -- this is some middleware that pregenerates temporary RSA keys,
> in case they are actually needed.

A quick fix for that without requiring a new version of gnutls would
be to use a gnutls_x509_privkey_t and generate 512-bit RSA keys to
export. That would be thread safe and equivalent in functionality.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]