Re: How to update OpenSSL benchmark glue?

Mon, 04 Dec 2023 16:17:41 -0800 

On 4/12/23 09:05, Niels Möller wrote:

Simo Sorce writes:


Ah you do not need to pass any property for the default provider so you
can pass "" or even NULL.


Thanks, I now have the RSA code updated (on branch update-openssl-bench,
if anyone wants to see the details). Initialization is now

   ctx->pkey_ctx = EVP_PKEY_CTX_new_from_name (NULL, "RSA", "");
   if (!ctx->pkey_ctx)
     die ("OpenSSL EVP_PKEY_CTX_new_from_name (\"RSA\") failed.\n");



FWIW, In Squid with OpenSSLv3 we use this:

 EVP_PKEY_CTX_new_id(EVP_PKEY_RSA, NULL)




   if (EVP_PKEY_keygen_init (ctx->pkey_ctx) <= 0)
     die ("OpenSSL EVP_PKEY_keygen_init failed.\n");
   if (EVP_PKEY_CTX_set_rsa_keygen_bits(ctx->pkey_ctx, size) <= 0)
     die ("OpenSSL EVP_PKEY_CTX_set_rsa_keygen_bits failed.\n");
   BIGNUM *e = BN_new();
   BN_set_word(e, 65537);
   EVP_PKEY_CTX_set1_rsa_keygen_pubexp (ctx->pkey_ctx, e);
   EVP_PKEY_keygen (ctx->pkey_ctx, &ctx->key);

However, when I run this under valgrind (to check the corresponding
cleanup code doesn't leak memory), I get an error:

   ==3016684== Conditional jump or move depends on uninitialised value(s)
   ==3016684==    at 0x4B0B824: EVP_PKEY_generate (in 
/usr/lib/x86_64-linux-gnu/libcrypto.so.3)
   ==3016684==    by 0x10F30A: bench_openssl_rsa_init (hogweed-benchmark.c:721)
   ==3016684==    by 0x10D7AE: bench_alg (hogweed-benchmark.c:153)
   ==3016684==    by 0x10D7AE: main (hogweed-benchmark.c:972)
   ==3016684==

I wonder if that my code missing some initialization, or if that's an
openssl problem?



How was the "ctx" variable created and initialized?
The new EVP_PKEY logic has a lot of "ctx_is_legacy" checks based on the ctx itself. So that matters now where it did not before. 



It's also unclear to me when the e bignum above can be
deallocated, does EVP_PKEY_CTX_set1_rsa_keygen_pubexp imply a full copy
into the context?
Quick reading of the source code indicates that yes the context used BN_dup() one way or another. 




Next is updating the ecdsa benchmarks, since, e.g.,
EC_KEY_new_by_curve_name, generates deprecation warnings.

Regards,
/Niels




HTH
Amos
_______________________________________________
nettle-bugs mailing list -- nettle-bugs@lists.lysator.liu.se
To unsubscribe send an email to nettle-bugs-le...@lists.lysator.liu.se

Reply via email to