[openssl-users] DH_generate_key Hangs

Jason Qian jqian at tibco.com
Thu Oct 5 19:56:54 UTC 2017 

More :

 The call stacks are from 1.0.1c when calling DH_generate_key.
 Is any fix in the latest version for this ?


Thanks
Jason



On Thu, Oct 5, 2017 at 3:53 PM, Jason Qian <jqian at tibco.com> wrote:

> We call DH_generate_key(DH *dh) and the RAND_poll() is called
> ssleay_rand_bytes
>
>
>   libeay32d.dll!RAND_poll()  Line 572 C
>   libeay32d.dll!ssleay_rand_bytes(unsigned char * buf=0x03318fe0, int
> num=128, int pseudo=0)  Line 395 C
>   libeay32d.dll!ssleay_rand_nopseudo_bytes(unsigned char *
> buf=0x03318fe0, int num=128)  Line 536 + 0xf bytes C
>   libeay32d.dll!RAND_bytes(unsigned char * buf=0x03318fe0, int num=128)
> Line 164 + 0x10 bytes C
>   libeay32d.dll!bnrand(int pseudorand=0, bignum_st * rnd=0x03318518, int
> bits=1023, int top=0, int bottom=0)  Line 152 + 0xd bytes C
> > libeay32d.dll!BN_rand(bignum_st * rnd=0x03318518, int bits=1023, int
> top=0, int bottom=0)  Line 213 + 0x17 bytes C
>   libeay32d.dll!generate_key(dh_st * dh=0x03316a88)  Line 170 + 0x11 bytes
> C
>   libeay32d.dll!DH_generate_key(dh_st * dh=0x03316a88)  Line 84 + 0xf
> bytes C
>
> Thanks
> Jason
>
> On Thu, Oct 5, 2017 at 3:33 PM, Jeffrey Walton <noloader at gmail.com> wrote:
>
>> On Thu, Oct 5, 2017 at 2:55 PM, Jason Qian via openssl-users
>> <openssl-users at openssl.org> wrote:
>> > Thanks Michael,
>> >
>> >       I saw a lot of discussion for this issue on,
>> >
>> >        https://mta.openssl.org/pipermail/openssl-dev/2015-July/
>> 002210.html
>> >
>> >       Not sure if openSSL has a workaround or a patch ?
>> >
>> >
>> > It hangs on :
>> >
>> > libeay32.dll!RAND_poll() Line 523
>> >
>> > if (heap_first(&hentry,
>> >       hlist.th32ProcessID,
>> >                       hlist.th32HeapID))
>>
>> You should avoid calls to RAND_poll altogether on Windows. Do so by
>> explicitly seeding the random number generator yourself.
>>
>> Also see https://wiki.openssl.org/index.php/Random_Numbers#Windows_Issues
>> on the OpenSSL wiki.
>>
>> Jeff
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20171005/3a81e80d/attachment.html>

More information about the openssl-users mailing list