Paul Sheer wrote:
Reading the 0.9.8g code I see no uninitialized variables in these code paths. The BIGNUM pointers which are passed to the BN_get_flags() macro are parameters passed into the BN_mod_inverse() and BN_div() functions. In BN_MONT_CTX_set() those BIGNUM objects are initialized. I do not see why this warning is being triggered.I valgrind'ed OpenSSL as follows:I compiled OpenSSL (0.9.8g) with my own random number engine - in order to generate pseudo random numbers that are not based on unitialized values (if you run opensslwithout doing this you get infinite warnings - of course). The results are as follows ==26139== Conditional jump or move depends on uninitialised value(s) ==26139== at 0x81095FF: BN_mod_inverse (bn_gcd.c:215) ==26139== by 0x810D29F: BN_MONT_CTX_set (bn_mont.c:406) ==26139== by 0x8103E8F: BN_mod_exp_mont (bn_exp.c:417) ==26139== by 0x81036E9: BN_mod_exp (bn_exp.c:223) ==26139== by 0x81090FD: BN_BLINDING_create_param (bn_blind.c:352) ==26139== by 0x80C9844: RSA_setup_blinding (rsa_lib.c:413) ==26139== ==26139== Conditional jump or move depends on uninitialised value(s) ==26139== at 0x8128F5A: BN_div (bn_div.c:190) ==26139== by 0x810D318: BN_MONT_CTX_set (bn_mont.c:417) ==26139== by 0x8103E8F: BN_mod_exp_mont (bn_exp.c:417) ==26139== by 0x81036E9: BN_mod_exp (bn_exp.c:223) ==26139== by 0x81090FD: BN_BLINDING_create_param (bn_blind.c:352) ==26139== by 0x80C9844: RSA_setup_blinding (rsa_lib.c:413) ...above repeated several times. The code that gives the error is the BN_get_flags() macro (see bn_div.c extract about line 190 below): Could this be highlighting a bug in OpenSSL????? Kind regards -paul
Jeffrey Altman
smime.p7s
Description: S/MIME Cryptographic Signature
