[kmf-discuss] CSRSign -- question

Wyllys Ingersoll wyllys.ingersoll at sun.com
Fri Mar 23 10:54:20 PDT 2007 

Massimiliano Pala wrote:
> Hi all,
> 
> Another CSR issue.... I do the following:
> 
>     rv = KMF_SetCSRSubjectName ( csr,
>                                       (KMF_X509_NAME *) xname);
> 
> where I allocated the memory for the xname variable and that is correctly
> initialized ( by KMF_DNParser() ).
> 
> If I then Free the xname structure before signing, when I use the sign
> function, I get a Segfault:
> 
>  fe89498d encode_rdn (806f698, 806f488) + 89
>  fe896a4d encode_tbs_csr (806f698, 806f480) + 55
>  fe896c56 DerEncodeTbsCsr (806f480, 8047198) + 3e
>  febbf63d KMF_SignCSR (8087810, 806f480, 8087c30, 80623e8) + 79
>  feb972a6 PKI_X509_REQ_new (806e848, 0) + 326
>  08051087 gen_X509_Req (0, 200, 8061844) + c7
>  08050f6c main     (1, 8047b64, 8047b6c) + 5c
>  08050dba _start   (1, 8047c44, 0, 8047c80, 8047cb6, 8047cc2) + 7a
> 
> If, instead I do not free the memory, I am able to sign the request
> correctly.
> Actually I expected I could free the memory of the data because I thought
> the SetCSRSubjectName() would copy in the CSR structure the xname data
> (I might
> be wrong here because I did not go throught the CSR code yet).

Nope, you cannot free the name record before you sign it.
This is "KMF_SetCSRSubjectName()":
...
        if (CsrData != NULL && subject_name_ptr != NULL)
                CsrData->csr.subject = *subject_name_ptr;
        else
                return (KMF_ERR_BAD_PARAMETER);

        return (KMF_OK);
...

So, obviously, by freeing the original name record and
then trying to reference it in the CSR, will result in a
memory error.

>
> My question is: *when it is safe to free the memory ?* Will the KMF library
> take care of freeing the memory when the CSR is properly freed ?
>
> I would suggest that the data is actually copied by the function so that
> the
> developer can actually free (or re-use) the memory. Or make it explicit in
> the documentation that the library will take care of the memory
> management of
> the data structures when assigned to the CSR (but correct me if I am wrong
> here :D)


Good point, I think it probably would be better to duplicate the
entire KMF_X509_NAME record rather than just copy the pointers.
That would avoid this problem entirely.


> 
> Thanks for all your patience with all my questions and suggestions!!! :D

Thanks for all your help shaking these things out. It's good to finally
have some outside people poking around and trying to use it, keep the
emails coming, its been very helpful.

By the way - I putback the fixes for the CSR version number problem
and also the fix to allow for an empty Subject Name.  The fixes should
appear on opensolaris.org over the weekend.

The changes to make the storage of keys optional is being worked on,
but it will likely appear as part of a much larger change
to the APIs.  We will be maintaining the current APIs so your code
should not have to change (much), but I think we are going to
introduce a more extensible API as discussed earlier.

-Wyllys

More information about the kmf-discuss mailing list