diff options
| author | Hynek Schlawack <hs@ox.cx> | 2016-07-03 14:40:20 +0200 |
|---|---|---|
| committer | Alex Gaynor <alex.gaynor@gmail.com> | 2016-07-03 08:40:20 -0400 |
| commit | 11e43adfe8c63ae28007a3deb85633929e564669 (patch) | |
| tree | 6854207a2792f81a00bf9ef057e95f237564d269 /src/OpenSSL/crypto.py | |
| parent | add5b07d03f9a8ed7121716d4eb0ab1ad0fbfddf (diff) | |
| download | pyopenssl-11e43adfe8c63ae28007a3deb85633929e564669.tar.gz | |
Fix memory leak in OpenSSL.crypto.dump_privatekey (#496)
* Fix memory leak in OpenSSL.crypto.dump_privatekey
* Add PR#
* Address feedback
Diffstat (limited to 'src/OpenSSL/crypto.py')
| -rw-r--r-- | src/OpenSSL/crypto.py | 28 |
1 files changed, 15 insertions, 13 deletions
diff --git a/src/OpenSSL/crypto.py b/src/OpenSSL/crypto.py index 1735393..1116d5e 100644 --- a/src/OpenSSL/crypto.py +++ b/src/OpenSSL/crypto.py @@ -1698,16 +1698,17 @@ def dump_publickey(type, pkey): def dump_privatekey(type, pkey, cipher=None, passphrase=None): """ - Dump a private key to a buffer - - :param type: The file type (one of FILETYPE_PEM, FILETYPE_ASN1, or - FILETYPE_TEXT) - :param pkey: The PKey to dump - :param cipher: (optional) if encrypted PEM format, the cipher to - use + Dump the private key *pkey* into a buffer string encoded with the type + *type*. Optionally (if *type* is :const:`FILETYPE_PEM`) encrypting it + using *cipher* and *passphrase*. + + :param type: The file type (one of :const:`FILETYPE_PEM`, + :const:`FILETYPE_ASN1`, or :const:`FILETYPE_TEXT`) + :param PKey pkey: The PKey to dump + :param cipher: (optional) if encrypted PEM format, the cipher to use :param passphrase: (optional) if encrypted PEM format, this can be either - the passphrase to use, or a callback for providing the - passphrase. + the passphrase to use, or a callback for providing the passphrase. + :return: The buffer with the dumped key in :rtype: bytes """ @@ -1733,16 +1734,17 @@ def dump_privatekey(type, pkey, cipher=None, passphrase=None): elif type == FILETYPE_ASN1: result_code = _lib.i2d_PrivateKey_bio(bio, pkey._pkey) elif type == FILETYPE_TEXT: - rsa = _lib.EVP_PKEY_get1_RSA(pkey._pkey) + rsa = _ffi.gc( + _lib.EVP_PKEY_get1_RSA(pkey._pkey), + _lib.RSA_free + ) result_code = _lib.RSA_print(bio, rsa, 0) - # TODO RSA_free(rsa)? else: raise ValueError( "type argument must be FILETYPE_PEM, FILETYPE_ASN1, or " "FILETYPE_TEXT") - if result_code == 0: - _raise_current_error() + _openssl_assert(result_code != 0) return _bio_to_string(bio) |