On 05/15/2014 05:11 PM, Stephen Henson via RT wrote: > On Thu May 15 16:54:47 2014, jens.hiller.c...@hotmail.de wrote: >> Hi, >> >> I was testing aes ccm encryption when I stumbled over a segmentation >> fault. >> I was able to reproduce this error using code from the openssl demos. >> >> I started with demos/evp/aesccm.c and added rsa key generation as used >> in 'demos/tunala/cb.c' and convert this rsa key into an EVP_PKEY key >> as >> done in 'demos/selfsign.c'. >> Then I added this rsa key generation function in front of the aes ccm >> encryption and decryption. >> Finally, a for loop repeatedly performs the keygeneration, aes >> encryption and aes decryption. >> This eventually results in a segmentation fault during aes ccm >> encryption (see gdb output below) on a x64 Ubuntu 12.04 with latest >> openssl version as provided by ubuntu package system (1.0.1- >> 4ubuntu5.13). >> >> Note that the segfault only occurs if the rsa key is assigned to an >> EVP_PKEY. Otherwise, if only the RSA key is generated, the segfault >> does >> not occur. >> >> When encountering this error in my own code I could observe that the >> error occurred more often on a machine that only runs the standard >> processes and is accessed remotely by ssh, compared to a local >> workstation with running webbrowser, development IDE, etc., where the >> error occurred rather seldom. >> Hence, I have the feeling that this could be related to too little >> randomness for the RNG, but I do not have any idea how to debug this. >> >> [Note that there is another segmentation fault that occurs if I call >> EVP_PKEY_free() on the generated key (see code), which I do not >> understand. However, my main problem is the first segmentation fault.] >> > > Does this happen with standard versions of OpenSSL from www.openssl.org? I > tried this with the latest 1.0.1 stable branch can can't reproduce it. > > Steve. > -- > Dr Stephen N. Henson. OpenSSL project core developer. > Commercial tech support now available see: http://www.openssl.org > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List openssl-dev@openssl.org > Automated List Manager majord...@openssl.org > >
You are right. I forgot to check against the standard versions, I'm sorry. I will send the bug report to the ubuntu package maintainers. Best regards, Jens ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
