Hi,
after switching to a current build from the OpenSSL_1_0_2-stable branch
on a Linux 64-bit system I'm getting the below valgrind reports about
use of uninitialised values when creating ECDSA signatures. This is a
build created with -DPURIFY.
Those didn't happen with OpenSSL 1.0.0c. I only included the first few
stack fram dumps, the whole report is a lot longer.
What is strange is that the reports are not deterministic, and they
appear to happen only with some of the supported elliptic curves. I've
seen reports for the following curves:
sect283k1
sect283r1
sect409k1
sect571r1
Should I file a bug report for this?
--
Stephan
==14780== Use of uninitialised value of size 8
==14780== at 0x72378B: bn_GF2m_mul_1x1 (bn_gf2m.c:179)
==14780== by 0x723C5E: bn_GF2m_mul_2x2 (bn_gf2m.c:215)
==14780== by 0x72466B: BN_GF2m_mod_mul_arr (bn_gf2m.c:417)
==14780== by 0x6FD15D: ec_GF2m_simple_field_mul (ec2_smpl.c:702)
==14780== by 0x72A43B: gf2m_Madd (ec2_mult.c:128)
==14780== by 0x72AC29: ec_GF2m_montgomery_point_multiply
(ec2_mult.c:284)
==14780== by 0x72AEBD: ec_GF2m_simple_mul (ec2_mult.c:355)
==14780== by 0x52D453: EC_POINTs_mul (ec_lib.c:1057)
==14780== by 0x52D4E2: EC_POINT_mul (ec_lib.c:1071)
==14780== by 0x52FEEE: ecdsa_sign_setup (ecs_ossl.c:156)
==14780== by 0x530CCB: ECDSA_sign_setup (ecs_sign.c:105)
==14780== by 0x53039F: ecdsa_do_sign (ecs_ossl.c:285)
==14780== by 0x530B87: ECDSA_do_sign_ex (ecs_sign.c:73)
==14780== by 0x530C30: ECDSA_sign_ex (ecs_sign.c:88)
==14780== by 0x530BE9: ECDSA_sign (ecs_sign.c:79)
==14780== by 0x67849C: pkey_ec_sign (ec_pmeth.c:190)
==14780== by 0x557378: EVP_PKEY_sign (pmeth_fn.c:116)
==14780== by 0x69672B: EVP_DigestSignFinal (m_sigver.c:154)
==14780== by 0x55333B: PKCS7_SIGNER_INFO_sign (pk7_doit.c:942)
==14780== by 0x552BF4: do_pkcs7_signed_attrib (pk7_doit.c:737)
==14780==
==14780== Use of uninitialised value of size 8
==14780== at 0x7237B6: bn_GF2m_mul_1x1 (bn_gf2m.c:180)
==14780== by 0x723C5E: bn_GF2m_mul_2x2 (bn_gf2m.c:215)
==14780== by 0x72466B: BN_GF2m_mod_mul_arr (bn_gf2m.c:417)
==14780== by 0x6FD15D: ec_GF2m_simple_field_mul (ec2_smpl.c:702)
==14780== by 0x72A43B: gf2m_Madd (ec2_mult.c:128)
==14780== by 0x72AC29: ec_GF2m_montgomery_point_multiply
(ec2_mult.c:284)
==14780== by 0x72AEBD: ec_GF2m_simple_mul (ec2_mult.c:355)
==14780== by 0x52D453: EC_POINTs_mul (ec_lib.c:1057)
==14780== by 0x52D4E2: EC_POINT_mul (ec_lib.c:1071)
==14780== by 0x52FEEE: ecdsa_sign_setup (ecs_ossl.c:156)
==14780== by 0x530CCB: ECDSA_sign_setup (ecs_sign.c:105)
==14780== by 0x53039F: ecdsa_do_sign (ecs_ossl.c:285)
==14780== by 0x530B87: ECDSA_do_sign_ex (ecs_sign.c:73)
==14780== by 0x530C30: ECDSA_sign_ex (ecs_sign.c:88)
==14780== by 0x530BE9: ECDSA_sign (ecs_sign.c:79)
==14780== by 0x67849C: pkey_ec_sign (ec_pmeth.c:190)
==14780== by 0x557378: EVP_PKEY_sign (pmeth_fn.c:116)
==14780== by 0x69672B: EVP_DigestSignFinal (m_sigver.c:154)
==14780== by 0x55333B: PKCS7_SIGNER_INFO_sign (pk7_doit.c:942)
==14780== by 0x552BF4: do_pkcs7_signed_attrib (pk7_doit.c:737)
==14780==
==14780== Use of uninitialised value of size 8
==14780== at 0x7237F7: bn_GF2m_mul_1x1 (bn_gf2m.c:181)
==14780== by 0x723C5E: bn_GF2m_mul_2x2 (bn_gf2m.c:215)
==14780== by 0x72466B: BN_GF2m_mod_mul_arr (bn_gf2m.c:417)
==14780== by 0x6FD15D: ec_GF2m_simple_field_mul (ec2_smpl.c:702)
==14780== by 0x72A43B: gf2m_Madd (ec2_mult.c:128)
==14780== by 0x72AC29: ec_GF2m_montgomery_point_multiply
(ec2_mult.c:284)
==14780== by 0x72AEBD: ec_GF2m_simple_mul (ec2_mult.c:355)
==14780== by 0x52D453: EC_POINTs_mul (ec_lib.c:1057)
==14780== by 0x52D4E2: EC_POINT_mul (ec_lib.c:1071)
==14780== by 0x52FEEE: ecdsa_sign_setup (ecs_ossl.c:156)
==14780== by 0x530CCB: ECDSA_sign_setup (ecs_sign.c:105)
==14780== by 0x53039F: ecdsa_do_sign (ecs_ossl.c:285)
==14780== by 0x530B87: ECDSA_do_sign_ex (ecs_sign.c:73)
==14780== by 0x530C30: ECDSA_sign_ex (ecs_sign.c:88)
==14780== by 0x530BE9: ECDSA_sign (ecs_sign.c:79)
==14780== by 0x67849C: pkey_ec_sign (ec_pmeth.c:190)
==14780== by 0x557378: EVP_PKEY_sign (pmeth_fn.c:116)
==14780== by 0x69672B: EVP_DigestSignFinal (m_sigver.c:154)
==14780== by 0x55333B: PKCS7_SIGNER_INFO_sign (pk7_doit.c:942)
==14780== by 0x552BF4: do_pkcs7_signed_attrib (pk7_doit.c:737)
==14780==
==14780== Use of uninitialised value of size 8
==14780== at 0x723838: bn_GF2m_mul_1x1 (bn_gf2m.c:182)
==14780== by 0x723C5E: bn_GF2m_mul_2x2 (bn_gf2m.c:215)
==14780== by 0x72466B: BN_GF2m_mod_mul_arr (bn_gf2m.c:417)
==14780== by 0x6FD15D: ec_GF2m_simple_field_mul (ec2_smpl.c:702)
==14780== by 0x72A43B: gf2m_Madd (ec2_mult.c:128)
==14780== by 0x72AC29: ec_GF2m_montgomery_point_multiply
(ec2_mult.c:284)
==14780== by 0x72AEBD: ec_GF2m_simple_mul (ec2_mult.c:355)
==14780== by 0x52D453: EC_POINTs_mul (ec_lib.c:1057)
==14780== by 0x52D4E2: EC_POINT_mul (ec_lib.c:1071)
==14780== by 0x52FEEE: ecdsa_sign_setup (ecs_ossl.c:156)
==14780== by 0x530CCB: ECDSA_sign_setup (ecs_sign.c:105)
==14780== by 0x53039F: ecdsa_do_sign (ecs_ossl.c:285)
==14780== by 0x530B87: ECDSA_do_sign_ex (ecs_sign.c:73)
==14780== by 0x530C30: ECDSA_sign_ex (ecs_sign.c:88)
==14780== by 0x530BE9: ECDSA_sign (ecs_sign.c:79)
==14780== by 0x67849C: pkey_ec_sign (ec_pmeth.c:190)
==14780== by 0x557378: EVP_PKEY_sign (pmeth_fn.c:116)
==14780== by 0x69672B: EVP_DigestSignFinal (m_sigver.c:154)
==14780== by 0x55333B: PKCS7_SIGNER_INFO_sign (pk7_doit.c:942)
==14780== by 0x552BF4: do_pkcs7_signed_attrib (pk7_doit.c:737)
==14780==
==14780== Use of uninitialised value of size 8
==14780== at 0x723879: bn_GF2m_mul_1x1 (bn_gf2m.c:183)
==14780== by 0x723C5E: bn_GF2m_mul_2x2 (bn_gf2m.c:215)
==14780== by 0x72466B: BN_GF2m_mod_mul_arr (bn_gf2m.c:417)
==14780== by 0x6FD15D: ec_GF2m_simple_field_mul (ec2_smpl.c:702)
==14780== by 0x72A43B: gf2m_Madd (ec2_mult.c:128)
==14780== by 0x72AC29: ec_GF2m_montgomery_point_multiply
(ec2_mult.c:284)
==14780== by 0x72AEBD: ec_GF2m_simple_mul (ec2_mult.c:355)
==14780== by 0x52D453: EC_POINTs_mul (ec_lib.c:1057)
==14780== by 0x52D4E2: EC_POINT_mul (ec_lib.c:1071)
==14780== by 0x52FEEE: ecdsa_sign_setup (ecs_ossl.c:156)
==14780== by 0x530CCB: ECDSA_sign_setup (ecs_sign.c:105)
==14780== by 0x53039F: ecdsa_do_sign (ecs_ossl.c:285)
==14780== by 0x530B87: ECDSA_do_sign_ex (ecs_sign.c:73)
==14780== by 0x530C30: ECDSA_sign_ex (ecs_sign.c:88)
==14780== by 0x530BE9: ECDSA_sign (ecs_sign.c:79)
==14780== by 0x67849C: pkey_ec_sign (ec_pmeth.c:190)
==14780== by 0x557378: EVP_PKEY_sign (pmeth_fn.c:116)
==14780== by 0x69672B: EVP_DigestSignFinal (m_sigver.c:154)
==14780== by 0x55333B: PKCS7_SIGNER_INFO_sign (pk7_doit.c:942)
==14780== by 0x552BF4: do_pkcs7_signed_attrib (pk7_doit.c:737)
==14780==
==14780== Use of uninitialised value of size 8
==14780== at 0x7238BA: bn_GF2m_mul_1x1 (bn_gf2m.c:184)
==14780== by 0x723C5E: bn_GF2m_mul_2x2 (bn_gf2m.c:215)
==14780== by 0x72466B: BN_GF2m_mod_mul_arr (bn_gf2m.c:417)
==14780== by 0x6FD15D: ec_GF2m_simple_field_mul (ec2_smpl.c:702)
==14780== by 0x72A43B: gf2m_Madd (ec2_mult.c:128)
==14780== by 0x72AC29: ec_GF2m_montgomery_point_multiply
(ec2_mult.c:284)
==14780== by 0x72AEBD: ec_GF2m_simple_mul (ec2_mult.c:355)
==14780== by 0x52D453: EC_POINTs_mul (ec_lib.c:1057)
==14780== by 0x52D4E2: EC_POINT_mul (ec_lib.c:1071)
==14780== by 0x52FEEE: ecdsa_sign_setup (ecs_ossl.c:156)
==14780== by 0x530CCB: ECDSA_sign_setup (ecs_sign.c:105)
==14780== by 0x53039F: ecdsa_do_sign (ecs_ossl.c:285)
==14780== by 0x530B87: ECDSA_do_sign_ex (ecs_sign.c:73)
==14780== by 0x530C30: ECDSA_sign_ex (ecs_sign.c:88)
==14780== by 0x530BE9: ECDSA_sign (ecs_sign.c:79)
==14780== by 0x67849C: pkey_ec_sign (ec_pmeth.c:190)
==14780== by 0x557378: EVP_PKEY_sign (pmeth_fn.c:116)
==14780== by 0x69672B: EVP_DigestSignFinal (m_sigver.c:154)
==14780== by 0x55333B: PKCS7_SIGNER_INFO_sign (pk7_doit.c:942)
==14780== by 0x552BF4: do_pkcs7_signed_attrib (pk7_doit.c:737)
==14780==
==14780== Use of uninitialised value of size 8
==14780== at 0x7238FB: bn_GF2m_mul_1x1 (bn_gf2m.c:185)
==14780== by 0x723C5E: bn_GF2m_mul_2x2 (bn_gf2m.c:215)
==14780== by 0x72466B: BN_GF2m_mod_mul_arr (bn_gf2m.c:417)
==14780== by 0x6FD15D: ec_GF2m_simple_field_mul (ec2_smpl.c:702)
==14780== by 0x72A43B: gf2m_Madd (ec2_mult.c:128)
==14780== by 0x72AC29: ec_GF2m_montgomery_point_multiply
(ec2_mult.c:284)
==14780== by 0x72AEBD: ec_GF2m_simple_mul (ec2_mult.c:355)
==14780== by 0x52D453: EC_POINTs_mul (ec_lib.c:1057)
==14780== by 0x52D4E2: EC_POINT_mul (ec_lib.c:1071)
==14780== by 0x52FEEE: ecdsa_sign_setup (ecs_ossl.c:156)
==14780== by 0x530CCB: ECDSA_sign_setup (ecs_sign.c:105)
==14780== by 0x53039F: ecdsa_do_sign (ecs_ossl.c:285)
==14780== by 0x530B87: ECDSA_do_sign_ex (ecs_sign.c:73)
==14780== by 0x530C30: ECDSA_sign_ex (ecs_sign.c:88)
==14780== by 0x530BE9: ECDSA_sign (ecs_sign.c:79)
==14780== by 0x67849C: pkey_ec_sign (ec_pmeth.c:190)
==14780== by 0x557378: EVP_PKEY_sign (pmeth_fn.c:116)
==14780== by 0x69672B: EVP_DigestSignFinal (m_sigver.c:154)
==14780== by 0x55333B: PKCS7_SIGNER_INFO_sign (pk7_doit.c:942)
==14780== by 0x552BF4: do_pkcs7_signed_attrib (pk7_doit.c:737)
==14780==
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [email protected]
Automated List Manager [email protected]
