Why would RSA_size crash?

I'm trying to use the OpenSSL crypto lib and it's crashing in a call that's a staple in every example I've seen. Here's how it's set up:

开发者_StackOverflowBIO* bp = BIO_new_mem_buf(_publicKey, -1); // Create a new memory buffer BIO.
RSA* pubKey = PEM_read_bio_RSA_PUBKEY(bp, 0, 0, 0); // And read the RSA key from it.

unsigned char encryptedRandKey[RSA_size(pubKey)];
BIO_free(bp);

_publicKey is a null-terminated character string containing a PEM-formatted RSA key (with the -----BEGIN XXX----- and so forth). It crashes with bad access in RSA_size.

It doesn't matter if I remove the BIO_free.

Any ideas? Thanks!

You need to check the return value of PEM_read_bio_RSA_PUBKEY() to make sure it is non-null. Most likely the contents of _publicKey are not quite a correctly formatted key and as a consequence pubKey is NULL.

Try PEM_read_bio_RSAPublicKey instead of PEM_read_bio_RSA_PUBKEY.