Hi Jeff, I added the calls to pthread_mutex_lock and pthread_mutex_unlock around the calls to EVP_DigestInit_ex, EVP_DigestUpdate, and EVP_DigestFinal_ex.
Serializing access to EVP_* took care of the problem I was seeing. Thank you very much for your help! Regards, Gene From: Jeffrey Walton <noloa...@gmail.com> To: openssl-users@openssl.org Date: 07/07/2011 04:07 PM Subject: Re: Occasionally incorrect MD5 hash result Sent by: owner-openssl-us...@openssl.org On Thu, Jul 7, 2011 at 11:56 AM, Gene Kligerman <gene_kliger...@ca.ibm.com> wrote: > > Hi SSLers! > > I am seeing an intermittent problem using EVP_md5 function to hash > user-specified passwords. > > The application works fine most of the time except when I run a "stress > test": 3 user applications concurrently that simply try to connect to my > server in a loop of 3,000 iterations each. > > My multi-threaded server accepts incoming connection requests and validates > the user's password by hashing it using MD5 and verifying against stored > hashed value. > > This works fine in all but approx. 10 iterations (out of 3,000). After > putting in debug code I find that in those few iterations the EVP_md5 > algorithm returned incorrect hashed value (which of course results in > password validation). > > Here's an example: > > clear text password: "u2" > stored (correct) MD5 hashed value in hex: '532A7B8E0328A8D05A8E6258B28B9A36' According to[1], it is actually 'u3'. You might consider salting the password database, and using a modern hash such as SHA-256. MD-5 is usually considered broken, and is no longer suitable for security purposes. Just ask HBGary ( http://arstechnica.com/tech-policy/news/2011/02/anonymous-speaks-the-inside-story-of-the-hbgary-hack.ars ). > incorrect hashed values returned in some iterations: > '57D972DACC4671C2D448F66F308B6D49', 'B0E641C998CC3EAE6FA2F8726D98CDDD', > '3B33F2AD8FFE66427AF237B4DED2C1E2', etc. No hits on these - probably corrupted state. > Am I doing something wrong? Is this a known bug that perhaps has been fixed > in a later OpenSSL release? As mentioned above, I tried downloading OpenSSL > 1.0.0.d, but I only found static library while I need dynamic > libssl.so.X.Y.Z I would suspect the locking code; or you are violating your own data. If you believe you have implemented the OpenSSL locking code correctly, you probably have two threads on the same data at the same time. Jeff [1] http://www.md5rainbow.com/532A7B8E0328A8D05A8E6258B28B9A36 ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
