d2i_RSAPrivateKey not working with compiler optmization 01

Jayalakshmi bhat bhat.jayalakshmi at gmail.com
Tue Nov 9 04:43:02 UTC 2021


Hi All,

We upgraded our device to use OpenSSL 1.1.1k from OpenSSL 1.0.2h. Device is
on an ARM processor. Embedded web server comes to ready state with compiler
optimization set to -O0.
With value -O1 we are seeing issues in d2i_RSAPrivateKey.

I wrote a sample test program as below. The test program returns output of
i2d_RSAPrivateKey as 1190 with optimization value -O0 and 1157 with
optimization value -O1.

Has anyone faced this issue? Please let me know your thoughts and inputs.

Thanks and Regards,
Jayalakshmi

#define FALSE 0
#define ERROR -1
#define SSL_MAX_KEY_LEN 16342

#include <openssl/bio.h>
#include <openssl/evp.h>
#include <openssl/rsa.h>
#include <openssl/err.h>
#include <stdio.h>
#include <string.h>

int decodeBase64Data(char* base64Buf, char* decodeBuf, int dataLen, int
bufLen, int  newlineFlag)
{
        BIO* bioBuf = NULL;
        BIO* base64BioBuf = NULL;
        int returnVal = ERROR;

        base64BioBuf = BIO_new(BIO_f_base64());
        if (base64BioBuf == NULL)
                return returnVal;

        if (newlineFlag == FALSE)
                BIO_set_flags(base64BioBuf, BIO_FLAGS_BASE64_NO_NL);

        bioBuf = BIO_new_mem_buf(base64Buf, dataLen);
        if (bioBuf == NULL)
                returnVal = ERROR;
        else
        {
                bioBuf = BIO_push(base64BioBuf, bioBuf);
                if (bioBuf != NULL)
                {
                        memset(decodeBuf, 0x0, bufLen);
                        dataLen = BIO_read(base64BioBuf,decodeBuf, bufLen);
                        returnVal = dataLen;
                } else  {
                        returnVal = ERROR;
                }
        }

        BIO_free_all(base64BioBuf);
        return returnVal;
}


 void testCertKey()
{

        int IDkeyLen;
        unsigned char *certBuf          = NULL;
        int certLen                             = 1624;
        int i;
        unsigned char *cert_copy        = NULL;
        EVP_PKEY *evp_key               = NULL;
        RSA *rsa                                   = NULL;
        unsigned char *IDkey               = (unsigned
char*)malloc(SSL_MAX_KEY_LEN);
        certBuf                                      = (unsigned
char*)malloc(SSL_MAX_KEY_LEN);

strcpy(certBuf,"MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQDJgN8Eq1gAd4ev8lq/Dwz68CBYWLyVQvQcAfTgR6PTsMCUL00q3NdEBXzkPEAG/15+IEEEypjO+SgJcmaHtsDk/oP7ggrOWu/7kj+x3RNcVotvOtJK1QdXUSViOgaldoJdtKSY2Y8RPFwcMWiqMM22JYCC7JDpSbAs4MwCiixTZogtwFiXQeCG3/v/qHt1MEQ4Fv821a9RVLwZ4MooSVy5KvIxt7qOZ+NKOBzin0FS/DF/79fPcbptg56Jv0J40l2xWgiPnRCmbz4TXrrChPGgXDhA2rUNZDLW+NUl7oRbqn4FwOWHGzn6a/27xiT+wmW+A1wRTi2V+u0AmFhGK79LAgMBAAECggEANFiPFwZwAQcML6/01QdS5ul0bZ73torDIXd8prrVm0uia5xyHn1qSphmXmAsfeTfJkK4wUbkNXhSZ0nZys22BIb9wFuC9SJ4j1DpzQnSWr180XNlZ905X/yLip3qVheYPEGONMrnuKGGiChpuTSebAAIB3rvFjt3UeE//jTo2O0moBuQZXWjsk8AcynTnJAcKJqSBtCCLPyS3dIVsGoaDCsAeZKQ5ZaTLxZ9vT3KbWrJi3+whU9Cx4HXRDe910Gq3E4cXjzhlDmxOPKVlGLX2cXWN4OhtRoXu7A3kUGxG/ZXxwYoXO8M5EoBA30LbUT7XpO9Lxzx+2hEBuYSHbA0qQKBgQDxYeptkl/XRP+vPxRRXtyANqm+iTpkOILv7PBMkEgJGOA8491GiylKpnF7KEmDhS2eSpsq7sDRg9ZuhPHMwkyouojUcVHvfNdXEbC2xYz0cIvzgqRCYhhWJGATdDq3Bt80GX6RX5hRO8EhJdFqP8uIG/cd2x2C113M70vshlBpHQKBgQDVtLip//7YGmTxOKhkZMr+9Csgct18LzKqkARciRtg2rlHTUveNvLcGXkev0JNzrDc8a1U2lGbFhXr8lo3s5zRCb+0rU3LNgZPaW+a9Qm6kJwL0uP0BNfL1Go+hZSrq1LVZdyo4oRHtiiA/WCqDOxrsQH5/gqEdLCH+AFbf5XFhwKBgAncGwxQv1N2wQ7yf6z3OACQuwxKZLU1TbvpLMOj3R1qA7bZA+/evVgMRnRmZ+JUbVGa8I2nZP7p6Ldo/MuFYEZAIFi1LEihC9bFpTdCCIjvk/flbTo88YuLPtVsmP1i7XkeVXowsnMXAsOM3On/IxwzMDvq+GCg1XcKi0plDiHNAoGATCMv63lGHU4CCqMJ84Kpg/4P42apHFZgcb4Pn7xFYdNrUUjrr8bZ7aqxqU+w2rG5922vOFzz2BIdS0uz8sZuJ1eW0lMwNScRRnelCIsmpS5iOiAvkL+s9nS+SXokBqlqQJci75SMVlRCx/n913f1P0T4FE37B0ffoQGt0iB5hr8CgYA5UpOkFs8rDu0xAQCqD3I2Yg35f77ATK2F3ZWdJOi7KnO67uz39QIYHao9iwJW1u6UXgAs18DAjmdd8EQSvr1ayhdSMfFnt/AWM0QbMIOrhytEd2KD7rPPeeZSFeCACFO9tPXasTVxPmiV0YhZueMAgwnmi3CLwm3pg8PF+3T5gQ==");

        IDkeyLen  = decodeBase64Data(certBuf, IDkey, certLen,
SSL_MAX_KEY_LEN, FALSE);

        cert_copy = IDkey;
        evp_key = d2i_AutoPrivateKey(NULL,&cert_copy,IDkeyLen);

       if (evp_key == NULL)
        {
                printf("OpenSSL11k %d, %d,
%s\n",IDkeyLen,ERR_get_error(),ERR_error_string(ERR_get_error(), NULL));
        }
        else
        {
                cert_copy = IDkey;
                rsa = EVP_PKEY_get1_RSA(evp_key); /*JEDI-11535 */
                IDkeyLen = i2d_RSAPrivateKey(rsa,&cert_copy);
                printf("OpenSSL11k: IDkeyLen %d %d \n",IDkeyLen,__LINE__);
        }
}

int main()
{
     testCertKey();
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20211109/59506508/attachment.html>


More information about the openssl-users mailing list