[openssl-users] crash in `sha1_block_data_order_avx`
Xiang Ren
renxiang0214 at gmail.com
Sun Feb 11 06:41:02 UTC 2018
Anybody has the same trouble with `sha1_block_data_order_avx`? I'm using openssl-1.0.2n. This is coredump information: # gdb ./channel.old core.58820 GNU gdb (GDB) Red Hat Enterprise Linux 7.6.1-80.1 Copyright (C) 2013 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software: you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. Type "show copying" and "show warranty" for details. This GDB was configured as "x86_64-Huawei-linux-gnu". For bug reporting instructions, please see: <http://www.gnu.org/software/gdb/bugs/>... Reading symbols from /home/imax/chuqq/20180207/channel.old...done. warning: core file may not match specified executable file. [New LWP 59134] [New LWP 59135] [New LWP 59133] [New LWP 59136] [New LWP 59115] [New LWP 59116] [New LWP 59117] [New LWP 59118] [New LWP 59119] [New LWP 59120] [New LWP 59121] [New LWP 59122] [New LWP 59123] [New LWP 59125] [New LWP 59126] [New LWP 59124] [New LWP 59128] [New LWP 59127] [New LWP 59129] [New LWP 59130] [New LWP 59114] [New LWP 59131] [New LWP 59132] [New LWP 58820] [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". Core was generated by `../channel/channel -configPath /channel/channel-1'. Program terminated with signal 11, Segmentation fault. #0 0x00000000007d591a in sha1_block_data_order_avx () Missing separate debuginfos, use: debuginfo-install glibc-2.17-111.h23.x86_64 libgcc-4.8.5-4.h2.x86_64 numactl-libs-2.0.9-6.x86_64 (gdb) bt #0 0x00000000007d591a in sha1_block_data_order_avx () #1 0xca62c1d6ca62c1d6 in ?? () #2 0xca62c1d6ca62c1d6 in ?? () #3 0xca62c1d6ca62c1d6 in ?? () #4 0xca62c1d6ca62c1d6 in ?? () #5 0xca62c1d6ca62c1d6 in ?? () #6 0xca62c1d6ca62c1d6 in ?? () #7 0xca62c1d6ca62c1d6 in ?? () #8 0xca62c1d6ca62c1d6 in ?? () #9 0x0000000009c0aeb1 in ?? () #10 0x00007f38d6aac1a4 in malloc () from /lib64/libc.so.6 #11 0x0000000000773c88 in CRYPTO_malloc () #12 0x00000000007cff2f in SHA1_Update () #13 0x00000000007911e5 in ssleay_rand_bytes () #14 0x000000000078738c in RSA_padding_add_PKCS1_OAEP () #15 0x0000000000784d90 in RSA_eay_public_encrypt () #16 0x000000000048bd35 in rsa_public_encrypt (rsa_input=0x7f369c0190d0 "r\215崀\332\350\202\353^$%\215\300s.kz\301?\207p}\363kz\301?\207p}\363EB5E24258DC0732E[*****5.26.157:39044]", input_len=32, enc_out=0x7f369c019120 "", public_key=0x7f369c0193d0 "0\202\001\"0\r\006\t*\206H\206\367\r\001\001\001\005", key_len=294) at /root/1.1.0.11/xchannel-1.1.0.11/channel/mc_util.c:312 #17 0x0000000000488798 in generate_channel_aeskey_reply_by_device (device=0x7f2e13b6fb30, dev_rand=0x7f369c019290 "r\215崀\332", <incomplete sequence \350\202>, dev_aeskey=0x7f369c0192d0 "kz\301?\207p}\363\064.182:9877,122.11.34.183:9877", publickey=0x7f369c0193d0 "0\202\001\"0\r\006\t*\206H\206\367\r\001\001\001\005", type=2, request_id=1966548338) at /root/1.1.0.11/xchannel-1.1.0.11/channel/mc_dpdktcp.c:391 #18 0x000000000049c499 in channel_aeskey_response (device=0x7f2e13b6fb30, message=0x7f2e10455380 "^\304\a8\207(\360R\313k\026\205\220\357C\272\f\373\273@|\342xK}\214\267\367y\255f\245\200d\252\030\257\261\021zЗ\v\272\035\332DP2ʟ.\a\357\001\272Aͣ[\335-,\254㲰E\216\273\065\367⥥}\n\344:\215\237\300\037?\331[\"\210ª\230\016\266\243C\362\264Sm\271f\020\373\336Ǩ\024\342,(\265\021\257S\356\236\333\340\031\t5\325I\nQ\002۳\345v!\016\237,\t\365n,\233\065\336)\005`\276`Ss\274<\346\357Qw[D\321J\004\265\362\227p\251p\255\215\324\366\006\225\235\326$\204ݣ\272hP\217\226\245\006\223\274vL\376\201,\017p\037\003\245\310\342", <incomplete sequence \340\206>..., msg_length=403, request_id=1966548338) at /root/1.1.0.11/xchannel-1.1.0.11/channel/mc_outer.c:1018 #19 0x000000000049a07c in outer_process_engine (arg=0x0) at /root/1.1.0.11/xchannel-1.1.0.11/channel/mc_outer.c:217 #20 0x00000000004e6dc4 in eal_thread_loop () #21 0x00007f38d6df4dc5 in start_thread () from /lib64/libpthread.so.0 #22 0x00007f38d6b227ed in clone () from /lib64/libc.so.6 (gdb) i r a rax 0x8a53275e 2320705374 rbx 0xe4a22b4a 3835833162 rcx 0x9a663701 2590390017 rdx 0xd734ba54 3610557012 rsi 0x2cea828c 753566348 rdi 0x1a453563 440743267 rbp 0xdd2d0e5d 0xdd2d0e5d rsp 0x7f369c018140 0x7f369c018140 r8 0x7a38cb0 128158896 r9 0xd1dfd2 13754322 r10 0xc8d592 13161874 r11 0x7d7580 8222080 r12 0xc8d592 13161874 r13 0xffffffffffffffc0 -64 r14 0x7f369c0181d8 139872522306008 r15 0x9c0aeb1 163622577 rip 0x7d591a 0x7d591a <sha1_block_data_order_avx+2746> eflags 0x13202 [ IF #12 #13 RF ] cs 0x33 51 ss 0x2b 43 ds 0x0 0 es 0x0 0 fs 0x0 0 gs 0x0 0 st0 *value not available* st1 *value not available* st2 *value not available* st3 *value not available* st4 *value not available* st5 *value not available* st6 *value not available* st7 *value not available* fctrl *value not available* fstat *value not available* ftag *value not available* fiseg *value not available* fioff *value not available* foseg *value not available* fooff *value not available* fop *value not available* mxcsr *value not available* ymm0 *value not available* ymm1 *value not available* ymm2 *value not available* ymm3 *value not available* ymm4 *value not available* ymm5 *value not available* ymm6 *value not available* ---Type <return> to continue, or q <return> to quit--- ymm7 *value not available* ymm8 *value not available* ymm9 *value not available* ymm10 *value not available* ymm11 *value not available* ymm12 *value not available* ymm13 *value not available* ymm14 *value not available* ymm15 *value not available* This is my code in production enviroment: struct rte_mbuf *generate_channel_aeskey_reply_by_device(device_t *device, uint8_t *dev_rand, uint8_t *dev_aeskey, uint8_t *publickey, int type, uint32_t request_id) { char devicestr[DEVICE_STR_LEN] = {0}; device_str(devicestr, device->id, device->ip, device->port); // returned info: RSA(ClientPubKey, ClientRand[8]+DeviceID[8]+AesKey+ServerRand[8]) // ServerRand is same as aeskey uint8_t hybrid_key[CHANNEL_DEVICE_RAND_LEN + CHANNEL_DEVICE_ID_LEN + CHANNEL_AESKEY_LEN + CHANNEL_AESKEY_LEN] = {0}; xmemcpy(hybrid_key, dev_rand, CHANNEL_DEVICE_RAND_LEN); xmemcpy(hybrid_key + CHANNEL_DEVICE_RAND_LEN, device->id, CHANNEL_DEVICE_ID_LEN); xmemcpy(hybrid_key + CHANNEL_DEVICE_RAND_LEN + CHANNEL_DEVICE_ID_LEN, dev_aeskey, CHANNEL_AESKEY_LEN); xmemcpy(hybrid_key + CHANNEL_DEVICE_RAND_LEN + CHANNEL_DEVICE_ID_LEN + CHANNEL_AESKEY_LEN, dev_aeskey, CHANNEL_AESKEY_LEN); // alloc mem for encrypted “head_pub_key + aes_key” uint8_t encrypted_hybrid_key[RSA_CLIENT_ENCRYPTED_LEN] = {0}; int encrypted_length = rsa_public_encrypt(hybrid_key, CHANNEL_DEVICE_RAND_LEN + CHANNEL_DEVICE_ID_LEN + CHANNEL_AESKEY_LEN + CHANNEL_AESKEY_LEN, encrypted_hybrid_key, publickey, CHANNEL_PUBKEY_LEN); if (encrypted_length != RSA_CLIENT_ENCRYPTED_LEN) { TLOGE("generate_channel_aeskey_reply_by_device", "%s", "rsa_public_encrypt failed to encrypted aeskey_reply. encrypted_length : %d", devicestr, encrypted_length); return NULL; } // type=(TYPE_PT_AESKEY_RES|TYPE_PT_AESKEY_UPDATE_REQ) struct rte_mbuf *rpl_mbuf = generate_channel_pkt_by_device(device, encrypted_hybrid_key, RSA_CLIENT_ENCRYPTED_LEN, type, request_id); if (rpl_mbuf == NULL) { TLOGE("generate_channel_aeskey_reply_by_device", "%s", "rte_pktmbuf_alloc failed to allocate mbuf.", devicestr); } return rpl_mbuf; } int rsa_public_encrypt(const uint8_t *rsa_input, const int input_len, uint8_t *enc_out, uint8_t *public_key, const int key_len) { uint8_t public_key_wrapper[RSA_PUBKEY_BUFSIZE]; int wrapper_len = wrapper_rsa_public_key(public_key, key_len, public_key_wrapper); if (wrapper_len >= RSA_PUBKEY_BUFSIZE) { char pkstr[1024]; // for saving publickey(294Byte), length for printing chars is 294*2 convert_int2string(public_key, key_len, pkstr, sizeof(pkstr)); TLOGE("rsa_public_encrypt", "", "Failed to wrapper_rsa_public_key. wrapper_len: %d, max_len: %d, pk: %s", wrapper_len, RSA_PUBKEY_BUFSIZE, pkstr); return 0; } RSA *rsa = create_rsa(public_key_wrapper, RSA_KEY_TYPE_PUBLIC); if (rsa == NULL) { char pkstr[1024]; // for saving publickey(294Byte), length for printing chars is 294*2 convert_int2string(public_key, key_len, pkstr, sizeof(pkstr)); TLOGE("rsa_public_encrypt", "", "Failed to create RSA. pk: %s", pkstr); return 0; } uint32_t rsa_size = RSA_size(rsa); if (input_len >= rsa_size - 41) // less than RSA_size(rsa) - 41 for RSA_PKCS1_OAEP_PADDING { TLOGE("rsa_public_encrypt", "", "data too long to encrypt, must be less than %d.", RSA_size(rsa) - 41); RSA_free(rsa); return 0; } int ret = RSA_public_encrypt(input_len, rsa_input, enc_out, rsa, RSA_PKCS1_OAEP_PADDING); if (ret <= 0) { TLOGE("rsa_public_encrypt", "", "Failed to encrypt with RSA public key."); RSA_free(rsa); return 0; } RSA_free(rsa); return ret; } I've used arguments in the core to reproduce this issue in development enviroment, but failed. This is the code: // gcc test_rsa.c -I./deps/openssl/include/ -L./deps/openssl/lib/ -I./deps/3rd/include/ ./deps/3rd/lib/libbase64.o -lssl -lcrypto -ldl #include <stdio.h> #include <stdint.h> #include <string.h> #include <sys/time.h> #include <assert.h> #include <arpa/inet.h> #include <openssl/ssl.h> #include <openssl/rsa.h> #include <openssl/aes.h> #include <fcntl.h> #include <unistd.h> #include <openssl/ssl.h> #include <openssl/rsa.h> #include <openssl/aes.h> // #define RSA_PUBKEY_BUFSIZE 600 #define RSA_PUBKEY_BUFSIZE 2048 #define RSA_KEY_LENPERLINE 64 // RSA Pri and Pub keys in base64 format, number of chars per line RSA **private_rsas = NULL; uint32_t RSA_SIZE = 0; #define RSA_KEY_TYPE_PUBLIC 1 #define RSA_KEY_TYPE_PRIVATE 0 #define xmemcpy memcpy #define xmemset memset #define xsnprintf snprintf void convert_int2string(const uint8_t *array, int len, char *str, int dst_len) { if (dst_len < len * 2 + 1) { return; } int i; for (i = 0; i < len; i++) { xsnprintf(&(str[i * 2]), 3, "%02X", *(array + i)); } } static RSA *create_rsa(uint8_t *key, int key_type) { RSA *rsa = NULL; BIO *keybio; keybio = BIO_new_mem_buf(key, -1); if (keybio == NULL) { // TLOGE("create_rsa", "", "Failed to create key BIO."); return NULL; } if (key_type == RSA_KEY_TYPE_PUBLIC) { rsa = PEM_read_bio_RSA_PUBKEY(keybio, &rsa, NULL, NULL); } else { rsa = PEM_read_bio_RSAPrivateKey(keybio, &rsa, NULL, NULL); } BIO_free(keybio); return rsa; } static int wrapper_rsa_public_key(uint8_t *key, int key_len, uint8_t *wrapper_key) { uint8_t temp[RSA_PUBKEY_BUFSIZE]; uint8_t head[] = "-----BEGIN PUBLIC KEY-----\n"; uint8_t tail[] = "-----END PUBLIC KEY-----\n"; uint8_t *p_wapper = wrapper_key; uint8_t *p_temp = temp; size_t base64_len; base64_encode((char *)key, key_len, (char *)temp, &base64_len, 0); xmemcpy(p_wapper, head, strlen((const char *)head)); p_wapper += strlen((const char *)head); int times = base64_len / RSA_KEY_LENPERLINE; int ret_char_cnt = times; int i; for (i = 0; i < times; i++) { xmemcpy(p_wapper, p_temp, RSA_KEY_LENPERLINE); p_wapper += RSA_KEY_LENPERLINE; p_temp += RSA_KEY_LENPERLINE; xmemset(p_wapper, '\n', 1); p_wapper++; } if (base64_len % RSA_KEY_LENPERLINE > 0) { xmemcpy(p_wapper, p_temp, base64_len % RSA_KEY_LENPERLINE); p_wapper += base64_len % RSA_KEY_LENPERLINE; xmemset(p_wapper, '\n', 1); p_wapper++; ret_char_cnt++; } xmemcpy(p_wapper, tail, strlen((const char *)tail)); return strlen((const char *)head) + base64_len + ret_char_cnt + strlen((const char *)tail); } int rsa_public_encrypt(const uint8_t *rsa_input, const int input_len, uint8_t *enc_out, uint8_t *public_key, const int key_len) { uint8_t public_key_wrapper[RSA_PUBKEY_BUFSIZE]; int wrapper_len = wrapper_rsa_public_key(public_key, key_len, public_key_wrapper); if (wrapper_len >= RSA_PUBKEY_BUFSIZE) { char pkstr[1024]; convert_int2string(public_key, key_len, pkstr, sizeof(pkstr)); // TLOGE("rsa_public_encrypt", "", "Failed to wrapper_rsa_public_key. wrapper_len: %d, max_len: %d, pk: %s", // wrapper_len, RSA_PUBKEY_BUFSIZE, pkstr); return 0; } RSA *rsa = create_rsa(public_key_wrapper, RSA_KEY_TYPE_PUBLIC); if (rsa == NULL) { char pkstr[1024]; convert_int2string(public_key, key_len, pkstr, sizeof(pkstr)); // TLOGE("rsa_public_encrypt", "", "Failed to create RSA. pk: %s", pkstr); return 0; } uint32_t rsa_size = RSA_size(rsa); if (input_len >= rsa_size - 41) // less than RSA_size(rsa) - 41 for RSA_PKCS1_OAEP_PADDING { // TLOGE("rsa_public_encrypt", "", "data too long to encrypt, must be less than %d.", RSA_size(rsa) - 41); RSA_free(rsa); return 0; } int ret = RSA_public_encrypt(input_len, rsa_input, enc_out, rsa, RSA_PKCS1_OAEP_PADDING); if (ret <= 0) { // TLOGE("rsa_public_encrypt", "", "Failed to encrypt with RSA public key."); RSA_free(rsa); return 0; } RSA_free(rsa); return ret; } int main() { uint8_t rsa_input[32] = {0x72, 0x8d, 0xe5, 0xb4, 0x80, 0xda, 0xe8, 0x82, 0xeb, 0x5e, 0x24, 0x25, 0x8d, 0xc0, 0x73, 0x2e, 0x6b, 0x7a, 0xc1, 0x3f, 0x87, 0x70, 0x7d, 0xf3, 0x6b, 0x7a, 0xc1, 0x3f, 0x87, 0x70, 0x7d, 0xf3}; uint8_t enc_out[256] = {0}; uint8_t public_key[294] = {0x30, 0x82, 0x1, 0x22, 0x30
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20180211/64d8a9f2/attachment-0001.html>
More information about the openssl-users
mailing list