Engine init in HMAC_Init_ex

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Engine init in HMAC_Init_ex

Michal Ludvig
(resending as I wasn't subscribed)

Hi all,

I'm working on an engine for SHA-class MDs and am having problem with
its usage from HMAC_Init_ex().

In the engine I need to malloc() a buffer in _init() method and free()
it in _final().

However HMAC_Init_ex() can be called with 'evp_md' and 'key' arguments
=NULL to reuse the previous context. But as far as i can tell the
context is saved sometime after the _init() function allocated the
buffer. The first dataset is HMACed correctly and buffer is free()d in
_final(). But for the next one _init() isn't called, and it goes
directly to _update(). The context now has a pointer to the originally
allocated buffer which is no longer valid as it was free()d. This
obviously crashes, sooner or later.

When I have explicitly set reset=1 in HMAC_Init_ex() things started to
work as expected. I tried to keep track of the status in
ctx->md_data.inited but I realised it couldn't work, because the whole
md_data is saved and reused, including this flag.

I think I need a way for the engine to tell the upper layers that its
context can't simply be reused and that _init() must be called before
the first _update() for each new dataset. Not freeing the buffer in
_final() isn't a way to go either as it would lead to memory leaks.

How to work around this?

Thanks!

Michal Ludvig
--
* Personal homepage: http://www.logix.cz/michal
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Engine init in HMAC_Init_ex

Dr. Stephen Henson
On Wed, Aug 10, 2005, Michal Ludvig wrote:

> (resending as I wasn't subscribed)
>
> Hi all,
>
> I'm working on an engine for SHA-class MDs and am having problem with
> its usage from HMAC_Init_ex().
>
> In the engine I need to malloc() a buffer in _init() method and free()
> it in _final().
>
> However HMAC_Init_ex() can be called with 'evp_md' and 'key' arguments
> =NULL to reuse the previous context. But as far as i can tell the
> context is saved sometime after the _init() function allocated the
> buffer. The first dataset is HMACed correctly and buffer is free()d in
> _final(). But for the next one _init() isn't called, and it goes
> directly to _update(). The context now has a pointer to the originally
> allocated buffer which is no longer valid as it was free()d. This
> obviously crashes, sooner or later.
>
> When I have explicitly set reset=1 in HMAC_Init_ex() things started to
> work as expected. I tried to keep track of the status in
> ctx->md_data.inited but I realised it couldn't work, because the whole
> md_data is saved and reused, including this flag.
>
> I think I need a way for the engine to tell the upper layers that its
> context can't simply be reused and that _init() must be called before
> the first _update() for each new dataset. Not freeing the buffer in
> _final() isn't a way to go either as it would lead to memory leaks.
>
> How to work around this?
>

The HMAC code finalizes copies of the contex using EVP_MD_CTX_copy_ex(). The
default behaviour is simply to copy the relevant parts of the context using
memcpy(). This is fine for the standard software digests but may be unsuitable
for some ENGINE based ones. If the 'copy' function in the EVP_MD structure is
defined it is used after the memcpy, an ENGINE can then make any additional
calls to ensure the context is copied properly.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]