On 6/14/2010 10:50 PM, Nicholas Maniscalco wrote: > William A. Rowe Jr. wrote: >> On 6/14/2010 7:59 PM, Nicholas Maniscalco wrote: >>> Is using OpenSSL built with the PURIFY flag considered "secure"? >>> I ask because I came across this comment, in md_rand.c: >>> >>> #ifndef PURIFY /* purify complains */ >>> /* DO NOT REMOVE THE FOLLOWING CALL TO MD_Update()! */ >>> if (!MD_Update(&m,buf,j)) >>> goto err; >>> /* We know that line may cause programs such as >>> purify and valgrind to complain about use of >>> uninitialized data. */ >>> #endif >> >> The last time someone went by such nonsense[1], they created an entirely >> exploitable set of keys on all debian/ubuntu-derived distributions. Good >> luck with that, and please let us know what you are maintaining, so that >> we might avoid such distributions and products. >> >> [1] http://www.debian.org/security/2008/dsa-1571 > > Thanks, William. I am familiar with the Debian issue. > > The code I pasted above is from ssleay_rand_bytes. Perhaps you were > thinking I was talking about the call in ssleay_rand_add? I am quite > aware that removing the call from ssleay_rand_add is a very bad idea :) > > Are you still of the opinion that an OpenSSL built with PURIFY is > insecure? David Schwartz, indicated otherwise in a similar thread I > started a few weeks back (see his last sentence), > > http://www.mail-archive.com/[email protected]/msg27732.html > > I was satisfied with his answer until I saw the comment above, hence the > new thread. Again, I'm just trying to get a definitive answer on > whether the PURIFY flag is considered secure. Thanks.
That is a good question. Sure seems incorrect, if anything. #else #warning Invalid randomization in md_rand.c when building with -DPURIFY! #endif would help alert builders to this trouble. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
