[openssl.org #1090] [BUG] Segfault in dgst signing with rsa private key

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[openssl.org #1090] [BUG] Segfault in dgst signing with rsa private key

Rich Salz via RT

Hi,

it sounds like I can resolve this ticket.

The extra test suite sounds interesting, please send it to me
([hidden email]).  Unfortunately, if it's GNU make specific, we
will not have it in the standard build, but it might work as an option
for those who want to try it out.

[[hidden email] - Mon Jun  6 10:45:09 2005]:

> Hello!
>
> On Mon, 6 Jun 2005, Richard Levitte via RT wrote:
>
> >
> > Did you check that you actually get the right library?  Do it like
>    this:
> >
> > LD_LIBRARY_PATH=. ldd ./apps/openssl
>
> beldmit@manul$ LD_LIBRARY_PATH=. ldd ./apps/openssl
>          libssl.so.0.9.8 => ./libssl.so.0.9.8 (0x40018000)
>          libcrypto.so.0.9.8 => ./libcrypto.so.0.9.8 (0x40056000)
>          libdl.so.2 => /lib/libdl.so.2 (0x40194000)
>          libz.so.1 => /usr/lib/libz.so.1 (0x40197000)
>          libc.so.6 => /lib/libc.so.6 (0x401a9000)
>          /lib/ld-linux.so.2 => /lib/ld-linux.so.2 (0x40000000)
>
> I've tried it again with 20050606 snapshot.
>
> >> make report:
> >> ========
> OpenSSL self-test report:
>
> OpenSSL version:  0.9.8-beta4-dev
> Last change:      Correct naming of the 'chil' and '4758cca' ENGINEs.
>    Thi...
> Options:          -g enable-shared enable-zlib no-gmp no-krb5 no-mdc2
>    no-rc5 no-zlib-dynamic
> OS (uname):       Linux manul 2.4.26-1-386 #1 Tue Aug 24 13:31:19 JST
>    2004 i686 GNU/Linux
> OS (config):      i686-whatever-linux2
> Target (default): linux-elf
> Target:           linux-elf
> Compiler:         Configured with: ../src/configure -v
>    --enable-languages=c,c++,java,f77,pascal,objc,ada,treelang
>    --prefix=/usr --mandir=/usr/share/man --infodir=/usr/share/info
>    --with-gxx-include-dir=/usr/include/c++/3.3 --enable-shared
>    --enable-__cxa_atexit --with-system-zlib --enable-nls
>    --without-included-gettext --enable-clocale=gnu --enable-debug
>    --enable-java-gc=boehm --enable-java-awt=xlib --enable-objc-gc
>    i486-linux
> Thread model: posix
> gcc version 3.3.5 (Debian 1:3.3.5-12)
>
> Test skipped.
> ============
>
> >> LD_LIBRARY_PATH=. ./apps/openssl req -newkey rsa:512 -nodes -batch
> >>    -keyout keyrsa.pem -out reqrsa.pem -config apps/openssl.cnf
> >> LD_LIBRARY_PATH=. ./apps/openssl x509 -req -set_serial 1 -signkey
> >>    keyrsa.pem -in reqrsa.pem -out certrsa.pem
> >> LD_LIBRARY_PATH=. ./apps/openssl dgst -sha1 -sign keyrsa.pem -out
> >>    dsignrsa.bin CHANGES
> >>
> >> It causes a segfault with backtrace
>
> This sequence of commands doesn't cause a segfault now. It fails with
> correct error message.
>
> >> The same problem is on smime.
> >>
> >> I do:
> >> ======
> >> LD_LIBRARY_PATH=. ./apps/openssl smime -encrypt -binary -in CHANGES
> >>    -aes256 -out encryptionrsa.pem -outform pem certrsa.pem
> >> LD_LIBRARY_PATH=. ./apps/openssl smime -decrypt -binary -in
> >>    encryptionrsa.pem -recip certrsa.pem -inkey keyrsa.pem -out
> >>    smime_decrrsa.dump -inform pem
> >> =====
> >>
> >> Segfault occurs on decrypt with the same backtrace:
>
> Segfault doesn't occurs here too. But it doesn't decrypt without
> specified -rand key. It seems to be a bug.
>
> >> PS. We have a extra test suite testing openssl executable.
> >> Unfortunately, it's GNU make specific. Are you interested in it?
>
> Are you interested in this test suite?
>
> Thank you.


--
Richard Levitte
[hidden email]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [hidden email]
Automated List Manager                           [hidden email]