Prime number generation goes in infinite loop in OpenAT

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|

Prime number generation goes in infinite loop in OpenAT

Nischal
Hi,
We are using openSSL in OpenAT-FXT modem. the version used is 0.9.8h. When I
am calling function to generate keys, it goes into infinite loop inside the
function and system got crashed.
By entering traces, I checked the flow of code
Code is given below ----
const int kBits = 4096;
RSA *rsa = RSA_new();
BIGNUM *f4 = BN_new();
BN_GENCB *cb = NULL;
BN_set_word(f4, RSA_F4);
static const char rnd_seed[] = "string to make the random number generator
think it has entropy";
RAND_seed(rnd_seed, sizeof(rnd_seed));
ret = RSA_generate_key_ex(rsa, kBits, f4, cb);
  rsa_builtin_keygen(rsa, bits, e_value, cb);
    BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)
      i=BN_is_prime_fasttest_ex(ret,checks,ctx,0,cb);       //this function
returns 0, so it goes back on loop: to make a random number
         j = witness(check, A, A1, A1_odd, k, ctx, mont);   //witness is
returning 1

Any help to solve the problem be appreciated
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Prime number generation goes in infinite loop in OpenAT

michel-60
Hi,
I also experienced going into an infinite loop using
BN_generate_prime_ex() function.
I my case it was because I didn't fully understand how to use 'add' and
'rem' parameters.
I am now assuming they should be used as in dh_builtin_genparams(), in
dh_gen.c.

I am not qualified to discuss how the underlying logic should have been
coded,
but only considering the programming style, I am quite sure that
'looping'  from inside a 'for' instruction using various 'goto' can be
avoided.
For  example :
probable_prime(), 'again' and 'loop' tags, line 383 and 390,
or probable_prime_dh_safe(), line 476 (OpenSSL v1.0.2).

Le 16/01/2014 11:35, Nischal a écrit :

> Hi,
> We are using openSSL in OpenAT-FXT modem. the version used is 0.9.8h. When I
> am calling function to generate keys, it goes into infinite loop inside the
> function and system got crashed.
> By entering traces, I checked the flow of code
> Code is given below ----
> const int kBits = 4096;
> RSA *rsa = RSA_new();
> BIGNUM *f4 = BN_new();
> BN_GENCB *cb = NULL;
> BN_set_word(f4, RSA_F4);
> static const char rnd_seed[] = "string to make the random number generator
> think it has entropy";
> RAND_seed(rnd_seed, sizeof(rnd_seed));
> ret = RSA_generate_key_ex(rsa, kBits, f4, cb);
>    rsa_builtin_keygen(rsa, bits, e_value, cb);
>      BN_generate_prime_ex(rsa->p, bitsp, 0, NULL, NULL, cb)Hi all,
>        i=BN_is_prime_fasttest_ex(ret,checks,ctx,0,cb);       //this function
> returns 0, so it goes back on loop: to make a random number
>           j = witness(check, A, A1, A1_odd, k, ctx, mont);   //witness is
> returning 1
>
> Any help to solve the problem be appreciated
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
>


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Prime number generation goes in infinite loop in OpenAT

Viktor Dukhovni
In reply to this post by Nischal
On Thu, Jan 16, 2014 at 10:35:41AM +0000, Nischal wrote:

> We are using openSSL in OpenAT-FXT modem. the version used is 0.9.8h. When I
> am calling function to generate keys, it goes into infinite loop inside the
> function and system got crashed.

You should be using OpenSSL 0.9.8y, or if possible 1.0.1f.

Is the complete lack of entropy intended to stay that way?  If so,
you must not proceed with the key generation.  You need to provide
an interface for users to load externally generated keys into the
device, before which time it should refuse to perform any operations
that require private keys.

> Code is given below ----
> const int kBits = 4096;
> RSA *rsa = RSA_new();
> BIGNUM *f4 = BN_new();
> BN_GENCB *cb = NULL;
> BN_set_word(f4, RSA_F4);
> static const char rnd_seed[] = "string to make the random number generator
> think it has entropy";
> RAND_seed(rnd_seed, sizeof(rnd_seed));
> ret = RSA_generate_key_ex(rsa, kBits, f4, cb);
> ...

--
        Viktor.
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Prime number generation goes in infinite loop in OpenAT

Nischal
In reply to this post by michel-60
Hi Michel,
In my case, 'add' and 'rem' parameters are NULL
I also agree with you, that 'goto' should be avoided, but that is written by
OpenSSL guys.
Can you please let me know, how did you get rid of this problem.
I have checked everywhere, but did not get any solution, which can solve my
problem.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Prime number generation goes in infinite loop in OpenAT

michel-60
In reply to this post by michel-60
Hi  Nischal,

As previously mentioned, I solved my problem using what I assume to be
the appropriate parameters.
So, it won't help you directly.
I was only suggesting that infinite loop in those funtions seems to
occur because of misuse/bad call/bad context, ... we would normally
expect to return immediatly with an error code and that it may be
possible to code the underlying logic with clear end/exit loop condition(s).
I was also hoping to draw attention to more qualified people on this matter.


Le 21/01/2014 10:45, Nischal a écrit :

> Hi Michel,
> In my case, 'add' and 'rem' parameters are NULL
> I also agree with you, that 'goto' should be avoided, but that is written by
> OpenSSL guys.
> Can you please let me know, how did you get rid of this problem.
> I have checked everywhere, but did not get any solution, which can solve my
> problem.
>
> ______________________________________________________________________
> OpenSSL Project                                 http://www.openssl.org
> User Support Mailing List                    [hidden email]
> Automated List Manager                           [hidden email]
>
>


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|

Re: Prime number generation goes in infinite loop in OpenAT

michel-60
In reply to this post by michel-60
I didn't see it before, but in fact, it is stated in the 'bugs' section :
RSA_generate_key() goes into an infinite loop for illegal input values.

Did you read :
http://www.openssl.org/docs/crypto/RSA_generate_key.html

Le 21/01/2014 17:50, Michel a écrit :
Hi  Nischal,

As previously mentioned, I solved my problem using what I assume to be the appropriate parameters.
So, it won't help you directly.
I was only suggesting that infinite loop in those funtions seems to occur because of misuse/bad call/bad context, ... we would normally expect to return immediatly with an error code and that it may be possible to code the underlying logic with clear end/exit loop condition(s).
I was also hoping to draw attention to more qualified people on this matter.


Le 21/01/2014 10:45, Nischal a écrit :
Hi Michel,
In my case, 'add' and 'rem' parameters are NULL
I also agree with you, that 'goto' should be avoided, but that is written by
OpenSSL guys.
Can you please let me know, how did you get rid of this problem.
I have checked everywhere, but did not get any solution, which can solve my
problem.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]