[kmf-discuss] CSRSign -- question

Massimiliano Pala pala at cs.dartmouth.edu
Thu Mar 22 18:26:06 PDT 2007 

Hi all,

Another CSR issue.... I do the following:

	rv = KMF_SetCSRSubjectName ( csr,
                                       (KMF_X509_NAME *) xname);

where I allocated the memory for the xname variable and that is correctly
initialized ( by KMF_DNParser() ).

If I then Free the xname structure before signing, when I use the sign
function, I get a Segfault:

  fe89498d encode_rdn (806f698, 806f488) + 89
  fe896a4d encode_tbs_csr (806f698, 806f480) + 55
  fe896c56 DerEncodeTbsCsr (806f480, 8047198) + 3e
  febbf63d KMF_SignCSR (8087810, 806f480, 8087c30, 80623e8) + 79
  feb972a6 PKI_X509_REQ_new (806e848, 0) + 326
  08051087 gen_X509_Req (0, 200, 8061844) + c7
  08050f6c main     (1, 8047b64, 8047b6c) + 5c
  08050dba _start   (1, 8047c44, 0, 8047c80, 8047cb6, 8047cc2) + 7a

If, instead I do not free the memory, I am able to sign the request correctly.
Actually I expected I could free the memory of the data because I thought
the SetCSRSubjectName() would copy in the CSR structure the xname data (I might
be wrong here because I did not go throught the CSR code yet).

My question is: *when it is safe to free the memory ?* Will the KMF library
take care of freeing the memory when the CSR is properly freed ?

I would suggest that the data is actually copied by the function so that the
developer can actually free (or re-use) the memory. Or make it explicit in
the documentation that the library will take care of the memory management of
the data structures when assigned to the CSR (but correct me if I am wrong
here :D)

Thanks for all your patience with all my questions and suggestions!!! :D

Cheers,
Max



-- 

Best Regards,

	Massimiliano Pala

--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager]            pala at cs.dartmouth.edu
                                                  project.manager at openca.org

Dartmouth Computer Science Dept               Home Phone: +1 (603) 397-3883
PKI/Trust - Office 063                        Work Phone: +1 (603) 646-9179
--o------------------------------------------------------------------------
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3088 bytes
Desc: S/MIME Cryptographic Signature
Url : http://oss-beta1.opensolaris.org/pipermail/kmf-discuss/attachments/20070322/65a6707a/attachment.bin

More information about the kmf-discuss mailing list