為什么RSA_generate_key使用未初始化的值(根據valgrind)
[英]Why RSA_generate_key uses uninitialized values (according to valgrind)
問題描述
我一直在從事涉及密碼學的工作。 我必須承認,我在密碼學方面的知識非常基礎。 因此,我決定在openssl庫中的RSA_generate_key生成RSA密鑰后,看看RSA結構包含什么。 但我遇到了細分錯誤:
const unsigned long e = 3;
const int num = 3072;
...
RSA *rsa_key = RSA_generate_key(num, e, NULL, NULL);
if (!rsa_key)
{
printf("Failed to generate RSA key!\n");
return RSA_ERROR_CODE;
}
printf("rsa->pad=0x%x\n", rsa_key->pad);
printf("rsa->version=0x%lx\n", rsa_key->version);
if (rsa_key->n)
{
printf("rsa->n->top=0x%x\n", rsa_key->n->top); // HERE I got the seg fault
....
這對我來說似乎很奇怪,因此我編寫了一個最小的代碼以使用valgrind tool對其進行測試。 這是C中的代碼:
#include "openssl/rsa.h"
#include <stdio.h>
int main()
{
const unsigned long e = 3; // the exponent, 3 in QVRSA
const int num = 3072;
RSA *rsa_key = RSA_generate_key(num, e, NULL, NULL);
if (rsa_key == NULL)
{
printf("RSA is invalid!\n");
return 1;
}
printf("rsa->pad=0x%x\n", rsa_key->pad);
printf("rsa->version=0x%lx\n", rsa_key->version);
if (rsa_key->n)
{
printf("rsa->n->top=0x%x\n", rsa_key->n->top);
}
RSA_free(rsa_key);
rsa_key = NULL;
return 0;
}
編譯行: gcc rsa.c -lcrypto -g -O0 -o rsa
這次沒有分段錯誤,輸出為:
rsa->pad=0x0
rsa->version=0x0
rsa->n->top=0x30
但是 valgrind發出了大量錯誤消息:
==6916== Conditional jump or move depends on uninitialised value(s)
==6916== at 0x4DAEB37: BN_bin2bn (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DB1B62: ??? (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DB4471: BN_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DC8763: RSA_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DCB763: RSA_generate_key (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x40072E: main (rsa.c:9)
==6916== Uninitialised value was created by a heap allocation
==6916== at 0x4B23D6D: malloc (vg_replace_malloc.c:270)
==6916== by 0x4D8936A: CRYPTO_malloc (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DB1AD1: ??? (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DB4471: BN_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DC8763: RSA_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DCB763: RSA_generate_key (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x40072E: main (rsa.c:9)
==6916== Conditional jump or move depends on uninitialised value(s)
==6916== at 0x4DB44D0: BN_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DC8763: RSA_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DCB763: RSA_generate_key (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x40072E: main (rsa.c:9)
==6916== Uninitialised value was created by a heap allocation
==6916== at 0x4B23D6D: malloc (vg_replace_malloc.c:270)
==6916== by 0x4D8936A: CRYPTO_malloc (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DB1AD1: ??? (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DB4471: BN_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DC8763: RSA_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x4DCB763: RSA_generate_key (in /usr/lib64/libcrypto.so.0.9.8)
==6916== by 0x40072E: main (rsa.c:9)
還有許多其他有條件的跳轉或移動取決於未初始化的值標題。
為什么? openSSL中是否存在已知的錯誤,或者只是一個錯誤警報,並且我的原始分段錯誤與原始代碼中的一些隱藏錯誤有關?
我用了:
gcc v4.5.2
valgrind v3.8.1
OpenSSL 0.9.8a
1 個解決方案
解決方案1
4 已采納 2015-09-30 10:42:48
OpenSSL使用一些未初始化的變量來生成隨機數據以生成密鑰。 然后,Valgrind會抱怨,所以這不是假陽性。
根據openSSL FAQ ,要擺脫它,請使用-DPURIFY進行編譯。 但是,您可以辯論測試與生產二進制文件不同編譯的二進制文件是否是一個好主意。
使用prngd而不是/ dev / random或/ dev / urandom的RSA_generate_key()
[英]RSA_generate_key() using prngd instead of /dev/random or /dev/urandom
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.