Help trying to understand a failure condition

Tue, 20 May 2014 01:05:24 -0700

I'm working on signing (and then of course verifying) some data using OpenSSL. I'm getting an occasional failure on the verifying part and I'm trying to figure out why. (Either my software is faulty or there is something worse going on.)
I've used valgrind to attempt to point me at a problem and found the following stack trace showing use of uninitialized data. (Note, I'm using the openssl - git branch OpenSSL_1_0_1-stable, as of commit d6934a02b5e97c6548d18a74e7b6667dd2617c96.) 


Can anyone point me at the problem being on my end, or if there might be an 
issue inside of OpenSSL?  (I've gotten other valgrind warnings as well.. but I 
don't know how accurate they are, as the code in question is in #defines...)


==7540== Use of uninitialised value of size 8
==7540==    at 0x820BB04: BN_num_bits_word (bn_lib.c:170)
==7540==    by 0x820BCD2: BN_num_bits (bn_lib.c:235)
==7540==    by 0x8213E6E: BN_rshift (bn_shift.c:188)
==7540==    by 0x821811D: BN_is_prime_fasttest_ex (bn_prime.c:310)
==7540==    by 0x8217BC8: BN_generate_prime_ex (bn_prime.c:199)
==7540==    by 0x82460F2: rsa_builtin_keygen (rsa_gen.c:135)
==7540==    by 0x8245E0D: RSA_generate_key_ex (rsa_gen.c:97)
==7540==    by 0x824CDFE: pkey_rsa_keygen (rsa_pmeth.c:680)
==7540==    by 0x8280D37: EVP_PKEY_keygen (pmeth_gn.c:156)
==7540==    by 0x5869821: sslGenerate (myssl.c:522)

The sslGenerate function is roughly:

static unsigned char * mysslBN2bin(const char * msg, const BIGNUM * s, size_t 
maxn)
{
    unsigned char * t = (unsigned char *) calloc(1, maxn);
    size_t nt = BN_bn2bin(s, t);

    if (nt < maxn) {
        size_t pad = (maxn - nt);
        memmove(t+pad, t, nt);
        memset(t, 0, pad);
    }
    return t;
}

... sslGenerate(RSA * rsa, BIGNUM * hm, BIGNUM * c)
{
    size_t maxn;
    unsigned char * hm;
    unsigned char *  c;
    size_t nb;

    maxn = BN_num_bytes(rsa->n);
    hm = mysslBN2bin("hm", hm, maxn);
    c = mysslBN2bin(" c", c, maxn);
    nb = RSA_public_decrypt((int)maxn, c, c, rsa, RSA_PKCS1_PADDING);
}

Thanks for any help.
--Mark
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]






















					Reply via email to