Hmm. If you increase BUFSIZE in speed.c, the segfaults go away, but it still
complains about bad decrypts. The code causing the crash seems to be:
if(decrypt)
for (count=0,run=1; COND(save_count*4*lengths[0]/lengths[j]); count++)
EVP_DecryptUpdate(&ctx,buf,&outl,buf,lengths[j]);
It looks like it is going a bit over the allocated space in this loop, though I
can't see where (that code is _not_ easy to follow). The default BUFSIZE is
8*1024+1, when using a 8K buffer size this loop writes to one full block of
memory beyond the end of the allocated space in buf (block of memory == 1 block
size for the cipher in use).
As for the bad decrypt errors - seems to be something else. If you modify it to
only test with 3 different buffer sizes, you get only three 'bad decrypt'
errors. Suspicious.
-J
On Wed, Jun 23, 2004 at 04:58:50PM +0200, Roman Pletka wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> I tried gcc version 3.3.3 on gentoo and gcc version 3.2 on redhat. Same
> result.
> Yes it is x86. The problem exists with 64bit (AMD) and 32bit (Intel/AMD).
>
> I think the problem is related to 'speed' when used with evp and decryption
> only; not to AES itself. Here is a backtrace:
>
>
> #0 0x4207401d in _int_free () from /lib/i686/libc.so.6
> #1 0x42074a2c in free () from /lib/i686/libc.so.6
> #2 0x080a038c in CRYPTO_free (str=0x81a5988) at mem.c:378
> #3 0x0806baec in speed_main (argc=0, argv=0xbffff2f8) at speed.c:1735
> #4 0x0804a255 in do_cmd (prog=0x818ef60, argc=4, argv=0xbffff2e8) at
> openssl.c:381
> #5 0x08049f2a in main (Argc=4, Argv=0xbffff2e8) at openssl.c:300
> #6 0x420158d4 in __libc_start_main () from /lib/i686/libc.so.6
>
>
> - -- Roman
>
> Jack Lloyd wrote:
> | What version of GCC are you using? Many older GCCs have problems with -O3
> (or
> | even -O2). I presume this is x86? -J
> |
> | On Wed, Jun 23, 2004 at 09:58:32AM +0200, Roman Pletka wrote:
> |
> |>-----BEGIN PGP SIGNED MESSAGE-----
> |>Hash: SHA1
> |>
> |>Hello All,
> |>
> |>When performing speed measurements with aes-xxx-ecb I get the following
> |>errors
> |>and segmentation fault:
> |>
> |>[EMAIL PROTECTED] bin]$ ./openssl version
> |>OpenSSL 0.9.7d 17 Mar 2004
> |>
> |>[EMAIL PROTECTED] bin]$ ./openssl speed -evp aes-128-ecb -decrypt
> |>Doing aes-128-ecb for 3s on 16 size blocks: 10922830 aes-128-ecb's in
> 3.01s
> |>Doing aes-128-ecb for 3s on 64 size blocks: 3756843 aes-128-ecb's in 3.00s
> |>Doing aes-128-ecb for 3s on 256 size blocks: 1052700 aes-128-ecb's in
> 2.99s
> |>Doing aes-128-ecb for 3s on 1024 size blocks: 272960 aes-128-ecb's in
> 3.01s
> |>Doing aes-128-ecb for 3s on 8192 size blocks: 34463 aes-128-ecb's in 2.99s
> |>OpenSSL 0.9.7d 17 Mar 2004
> |>built on: Tue Jun 22 10:05:29 CEST 2004
> |>options:bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long)
> aes(partial)
> |>idea(int) blowfish(idx)
> |>compiler: gcc -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H
> |>- -DOPENSSL_NO_KRB5 -DL_ENDIAN -DTERMIO -O3 -fomit-frame-pointer -m486
> -Wall
> |>- -DSHA1_ASM -DMD5_ASM -DRMD160_ASM
> |>available timing options: TIMES TIMEB HZ=100 [sysconf value]
> |>timing function used: times
> |>The 'numbers' are in 1000s of bytes per second processed.
> |>type 16 bytes 64 bytes 256 bytes 1024 bytes 8192
> |>bytes
> |>aes-128-ecb 58061.55k 80145.98k 90130.84k 92860.81k
> |>94421.70k
> |>12794:error:06065064:digital envelope routines:EVP_DecryptFinal:bad
> |>decrypt:evp_enc.c:450:
> |>12794:error:06065064:digital envelope routines:EVP_DecryptFinal:bad
> |>decrypt:evp_enc.c:450:
> |>12794:error:06065064:digital envelope routines:EVP_DecryptFinal:bad
> |>decrypt:evp_enc.c:450:
> |>12794:error:06065064:digital envelope routines:EVP_DecryptFinal:bad
> |>decrypt:evp_enc.c:450:
> |>12794:error:06065064:digital envelope routines:EVP_DecryptFinal:bad
> |>decrypt:evp_enc.c:450:
> |>Segmentation fault
> |>
> |>I get similar output for aes-192-ecb and aes-256-ecb. Any ideas?
> |>
> |>Thanks,
> |>Roman
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.7 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
> iD8DBQFA2Zqq9GOBmbEdi04RAjniAJ96uQYW7UTzyCCcUh9fz/US3WkuOQCfdTmU
> geYGpOC1jalgX3oULBxivas=
> =jaSZ
> -----END PGP SIGNATURE-----
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
