In my application, I've two major components which access the random
generator (one is database module and other one is JNI wrapper used by
Java). Therefore I think this issue is some synchronization issue.
I wrote a test app to try to reproduce the problem in multithreaded
environment. And this test app crashes with FIPS_SELFTEST_FAILED error.
Here's the code snippet:
<snip>
#define COUNT 300
#define THREAD_COUNT 8
void *drbg_test(void *dummy) {
PRINT("DRBG test called");
int i;
int result = 0;
int length = 16;
unsigned char *output;
output = new unsigned char[length];
for (i = 0; i < COUNT; i++) {
result = FIPS_rand_bytes(output, length);
if (result != 1) {
printError("RAND_bytes failed");
abort();
}
}
PRINT("DRBG test complete");
return 0;
}
void runDRBGTest() {
int i;
pthread_t *threads = new pthread_t[THREAD_COUNT];
// first thread
pthread_create(&(threads[0]), NULL, drbg_test, NULL);
pthread_join(threads[0], NULL);
for (i = 1; i < THREAD_COUNT; i++) {
PRINT("Creating thread");
pthread_create(&(threads[i]), NULL, drbg_test, NULL);
}
}
<snip>
I'm testing this on Android device. If I change COUNT to 100, and call the
runDRBGTest method 3 times continuously, then it crashes.
I'll try to reproduce the continuous test issue.
Thanks,
Karan
On Wed, Oct 9, 2013 at 7:16 AM, Dr. Stephen Henson [via OpenSSL] <
[email protected]> wrote:
> On Mon, Oct 07, 2013, nehakochar wrote:
>
> > I solved it. It was an issue with the way my application had to use the
> > OpenSSL globals for appropriate application threading environment.
> > Thank you Steve for answering my questions promptly.
> >
>
> Thank you for the update. I'm very relieved it isn't a problem in the
> module
> itself, fixing that would've been rather irksome.
>
> Steve.
> --
> Dr Stephen N. Henson. OpenSSL project core developer.
> Commercial tech support now available see: http://www.openssl.org
> ______________________________________________________________________
> OpenSSL Project http://www.openssl.org
> Development Mailing List [hidden
> email]<http://user/SendEmail.jtp?type=node&node=46818&i=0>
> Automated List Manager [hidden
> email]<http://user/SendEmail.jtp?type=node&node=46818&i=1>
>
>
> ------------------------------
> If you reply to this email, your message will be added to the discussion
> below:
>
> http://openssl.6102.n7.nabble.com/FIPS-OpenSSL-default-DRBG-continuous-test-failing-tp46646p46818.html
> To unsubscribe from FIPS OpenSSL default DRBG continuous test failing, click
> here<http://openssl.6102.n7.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=46646&code=a2FyYW5wb3BhbGlAZ21haWwuY29tfDQ2NjQ2fDE2ODYxOTM3MTc=>
> .
> NAML<http://openssl.6102.n7.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>
>
--
View this message in context:
http://openssl.6102.n7.nabble.com/FIPS-OpenSSL-default-DRBG-continuous-test-failing-tp46646p46891.html
Sent from the OpenSSL - Dev mailing list archive at Nabble.com.
