c - Why RSA_generate_key uses uninitialized values (according to valgrind) -
i have been working on involves cryptography. must admit knowledge in cryptography basic. decided see rsa structure contains after rsa key generated rsa_generate_key openssl library. got segmentation fault:
const unsigned long e = 3; const int num = 3072; ... rsa *rsa_key = rsa_generate_key(num, e, null, null); if (!rsa_key) { printf("failed generate rsa key!\n"); return rsa_error_code; } printf("rsa->pad=0x%x\n", rsa_key->pad); printf("rsa->version=0x%lx\n", rsa_key->version); if (rsa_key->n) { printf("rsa->n->top=0x%x\n", rsa_key->n->top); // here got seg fault .... it looked strange me wrote minimal code test valgrind tool. here code in c:
#include "openssl/rsa.h" #include <stdio.h> int main() { const unsigned long e = 3; // exponent, 3 in qvrsa const int num = 3072; rsa *rsa_key = rsa_generate_key(num, e, null, null); if (rsa_key == null) { printf("rsa invalid!\n"); return 1; } printf("rsa->pad=0x%x\n", rsa_key->pad); printf("rsa->version=0x%lx\n", rsa_key->version); if (rsa_key->n) { printf("rsa->n->top=0x%x\n", rsa_key->n->top); } rsa_free(rsa_key); rsa_key = null; return 0; } the compilation line: gcc rsa.c -lcrypto -g -o0 -o rsa
this time there no segmentation fault , output was:
rsa->pad=0x0 rsa->version=0x0 rsa->n->top=0x30 but valgrind fired plenty of error messages:
==6916== conditional jump or move depends on uninitialised value(s) ==6916== @ 0x4daeb37: bn_bin2bn (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4db1b62: ??? (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4db4471: bn_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4dc8763: rsa_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4dcb763: rsa_generate_key (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x40072e: main (rsa.c:9) ==6916== uninitialised value created heap allocation ==6916== @ 0x4b23d6d: malloc (vg_replace_malloc.c:270) ==6916== 0x4d8936a: crypto_malloc (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4db1ad1: ??? (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4db4471: bn_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4dc8763: rsa_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4dcb763: rsa_generate_key (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x40072e: main (rsa.c:9) ==6916== conditional jump or move depends on uninitialised value(s) ==6916== @ 0x4db44d0: bn_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4dc8763: rsa_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4dcb763: rsa_generate_key (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x40072e: main (rsa.c:9) ==6916== uninitialised value created heap allocation ==6916== @ 0x4b23d6d: malloc (vg_replace_malloc.c:270) ==6916== 0x4d8936a: crypto_malloc (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4db1ad1: ??? (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4db4471: bn_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4dc8763: rsa_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x4dcb763: rsa_generate_key (in /usr/lib64/libcrypto.so.0.9.8) ==6916== 0x40072e: main (rsa.c:9) and many others conditional jump or move depends on uninitialised value(s) title.
why? there known bug in openssl or false alarm , original segmentation fault related hidden bugs in original code?
i used:
gcc v4.5.2
valgrind v3.8.1
openssl 0.9.8a
openssl using uninitialized variables generate random data genearate key. valgrind complain, not false positive.
according openssl faq, rid of it, compile -dpurify. however, can debate whether idea test differently compiled binary production binary.
Comments
Post a Comment