[openssl-dev] [openssl.org #4290] HMAC_Init_ex() return bug
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Tue Apr 5 17:55:26 UTC 2016
I had the same (good) results on El Capitan 10.11.4 (and before than on
10.11.3), Xcode-7.3, and Openssl-1.0.2g (and Openssl-1.0.2h-dev).
With some modifications (changing the calls to the 1.1 standard so it can
compile :) it also produced the expected (correct) results with
OpenSSL-1.1.0-pre5.
Again, Mac OS X 10.10.5 and 10.11.4, Xcode-7.2.1 and Xcode-7.3, OpenSSL
branches 1.0.2g, 1.0.2h-dev, 1.1.0-pre…
$ cat openssl-hmac-tst.c
#include <stdio.h>
#include <openssl/hmac.h>
void test_hmac() {
#if OPENSSL_VERSION_NUMBER >= 0x10100001L
HMAC_CTX *ctx;
#else
HMAC_CTX ctx;
#endif /* OPENSSL-1.1 */
uint8_t key[32] = {0xDC, 0xFB, 0x59, 0x40, 0x73, 0x32, 0xF0, 0x46,
0x1F, 0xC4, 0xF9, 0xE0, 0xEF, 0x15, 0x62, 0xB5, 0xC9, 0x9F, 0xE4, 0xD3,
0x36, 0xDB, 0x9D, 0x61, 0xE0, 0x31, 0xA5, 0x6E, 0xD0, 0x79, 0xD7, 0x15};
#if OPENSSL_VERSION_NUMBER >= 0x10100001L
ctx = HMAC_CTX_new();
#else
HMAC_CTX_init(&ctx);
#endif /* OPENSSL-1.1 */
#if OPENSSL_VERSION_NUMBER >= 0x10100001L
int thor = HMAC_Init_ex(ctx, &key, 32, EVP_sha256(), NULL);
#else
int thor = HMAC_Init_ex(&ctx, &key, 32, EVP_sha256(), NULL);
#endif /* OPENSSL-1.1 */
printf("hmac init = %d\n", thor);
#if OPENSSL_VERSION_NUMBER >= 0x10100001L
HMAC_CTX_free(ctx);
#else
HMAC_CTX_cleanup(&ctx);
#endif /* OPENSSL-1.1 */
}
int main(int argc, char **argv) {
test_hmac();
}
$ clang -o openssl-hmac-tst-1.1 -I/Users/ur20980/src/openssl-1.1/include
openssl-hmac-tst.c -L /Users/ur20980/src/openssl-1.1/lib -lcrypto
$ clang -o openssl-hmac-tst -I /opt/local/include openssl-hmac-tst.c -L
/opt/local/lib -lcrypto
$ ./openssl-hmac-tst
hmac init = 1
$ ./openssl-hmac-tst-1.1
hmac init = 1
$ otool -L openssl-hmac-tst
openssl-hmac-tst:
/opt/local/lib/libcrypto.1.0.0.dylib (compatibility version 1.0.0,
current version 1.0.0)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version
1213.0.0)
$ otool -L openssl-hmac-tst-1.1
openssl-hmac-tst-1.1:
/Users/ur20980/src/openssl-1.1/lib/libcrypto.1.1.dylib (compatibility
version 1.1.0, current version 1.1.0)
/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version
1213.0.0)
$
--
Regards,
Uri Blumenthal
From: Uri Blumenthal <uri at ll.mit.edu>
Date: Thursday, March 24, 2016 at 15:10
To: viisakas <mikkratsep at gmail.com>
Subject: Re: [openssl-dev] [openssl.org #4290] HMAC_Init_ex() return bug
>Sorry for my laziness/busy-ness – but I don’t experience the problem you
>described (on Yosemite). I will test on El Capitan (Mac OS X 10.11.4,
>Xcode-7.3) later today.
>
>Mac OS X 10.10.5, Xcode-7.2.1:
>
>$ cat openssl-hmac-tst.c
>#include <stdio.h>
>#include <openssl/hmac.h>
>
>void test_hmac() {
> HMAC_CTX ctx;
> uint8_t key[32] = {0xDC, 0xFB, 0x59, 0x40, 0x73, 0x32, 0xF0, 0x46,
>0x1F, 0xC4, 0xF9, 0xE0, 0xEF, 0x15, 0x62, 0xB5, 0xC9, 0x9F, 0xE4, 0xD3,
>0x36, 0xDB, 0x9D, 0x61, 0xE0, 0x31, 0xA5, 0x6E, 0xD0, 0x79, 0xD7, 0x15};
>
> HMAC_CTX_init(&ctx);
>
> int thor = HMAC_Init_ex(&ctx, &key, 32, EVP_sha256(), NULL);
>
> printf("hmac init = %d\n", thor);
>
> HMAC_CTX_cleanup(&ctx);
>}
>
>int main(int argc, char **argv) {
> test_hmac();
>}
>$ clang -I/opt/local/include -o openssl-hmac-tst openssl-hmac-tst.c
>-L/opt/local/lib -lcrypto
>$ ./openssl-hmac-tst
>hmac init = 1
>$ ./openssl-hmac-tst
>hmac init = 1
>$ ./openssl-hmac-tst
>hmac init = 1
>$ ./openssl-hmac-tst
>hmac init = 1
>$ openssl version
>OpenSSL 1.0.2h-dev xx XXX xxxx
>$
>
>--
>Regards,
>Uri Blumenthal
>
>From: viisakas <mikkratsep at gmail.com>
>Date: Tuesday, February 23, 2016 at 3:48
>To: Uri Blumenthal <uri at ll.mit.edu>
>Subject: Re: [openssl-dev] [openssl.org #4290] HMAC_Init_ex() return bug
>
>>Hey,
>>
>>sorry for the laziness.
>>This is with 1.0.2f, on OS X 10.11.3.
>>
>>void test_hmac() {
>> HMAC_CTX ctx;
>> uint8_t key[32] = {0xDC, 0xFB, 0x59, 0x40, 0x73, 0x32, 0xF0, 0x46,
>>0x1F, 0xC4, 0xF9, 0xE0, 0xEF, 0x15, 0x62, 0xB5, 0xC9, 0x9F, 0xE4, 0xD3,
>>0x36, 0xDB, 0x9D, 0x61, 0xE0, 0x31, 0xA5, 0x6E, 0xD0, 0x79, 0xD7, 0x15};
>>
>> HMAC_CTX_init(&ctx);
>>
>> int thor = HMAC_Init_ex(&ctx, &key, 32, EVP_sha256(), NULL);
>>
>> printf("hmac init = %d\n", thor);
>>
>> HMAC_CTX_cleanup(&ctx);
>>}
>>
>>Best of wishes,
>>Mikk Rätsep
>>
>>>On 22 veebr 2016, at 18:42, Blumenthal, Uri - 0553 - MITLL
>>><uri at ll.mit.edu> wrote:
>>>
>>> If somebody (Mikk, Felipe, you hear? :) cares to send me a *simple*
>>>*short*
>>> code that exposes this problem, I’ll be willing to test it on Linux and
>>> Mac OS X, with OpenSSL-1.0.2f, OpenSSL-1.0.2-stable, and
>>>1.1-pre<whatever>.
>>> --
>>> Regards,
>>> Uri Blumenthal
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4324 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160405/7072c145/attachment.bin>
More information about the openssl-dev
mailing list