[Pkg-openssl-devel] Bug#561973: openssl: crashes when using hmac with -verify
Török Edwin
edwintorok at gmail.com
Mon Dec 21 17:08:44 UTC 2009
Package: openssl
Version: 0.9.8k-7
Severity: normal
I was testing various options from the openssl dgst manpage, and while it
doesn't mention what happens when you combine hmac with signing/verifying I
wasn't expecting a crash:
$ openssl dgst -hmac mykey -sha1 -verify pub.pem -signature out foo 2>log
Verified OK
*** glibc detected *** openssl: free(): invalid pointer: 0x00007fff69092848 ***
======= Backtrace: =========
/lib/libc.so.6[0x381de70d56]
/lib/libc.so.6(cfree+0x6c)[0x381de759bc]
/usr/lib/libcrypto.so.0.9.8(CRYPTO_free+0x1d)[0x3fe387a5dd]
/usr/lib/libcrypto.so.0.9.8[0x3fe38e2314]
/usr/lib/libcrypto.so.0.9.8(BIO_free+0x88)[0x3fe38ce248]
openssl[0x41903a]
openssl[0x413020]
openssl[0x413729]
/lib/libc.so.6(__libc_start_main+0xfd)[0x381de1eabd]
openssl[0x412eb9]
======= Memory map: ========
00400000-00468000 r-xp 00000000 fd:00 773124 /usr/bin/openssl
00668000-0066d000 rw-p 00068000 fd:00 773124 /usr/bin/openssl
0066d000-0066e000 rw-p 00000000 00:00 0
0086c000-00871000 rw-p 0006c000 fd:00 773124 /usr/bin/openssl
021f8000-02219000 rw-p 00000000 00:00 0 [heap]
381da00000-381da1d000 r-xp 00000000 09:03 260632 /lib/ld-2.10.2.so
381dc1c000-381dc1d000 r--p 0001c000 09:03 260632 /lib/ld-2.10.2.so
381dc1d000-381dc1e000 rw-p 0001d000 09:03 260632 /lib/ld-2.10.2.so
381de00000-381df4a000 r-xp 00000000 09:03 260640 /lib/libc-2.10.2.so
381df4a000-381e14a000 ---p 0014a000 09:03 260640 /lib/libc-2.10.2.so
381e14a000-381e14e000 r--p 0014a000 09:03 260640 /lib/libc-2.10.2.so
381e14e000-381e14f000 rw-p 0014e000 09:03 260640 /lib/libc-2.10.2.so
381e14f000-381e154000 rw-p 00000000 00:00 0
381e200000-381e202000 r-xp 00000000 09:03 260771 /lib/libdl-2.10.2.so
381e202000-381e402000 ---p 00002000 09:03 260771 /lib/libdl-2.10.2.so
381e402000-381e403000 r--p 00002000 09:03 260771 /lib/libdl-2.10.2.so
381e403000-381e404000 rw-p 00003000 09:03 260771 /lib/libdl-2.10.2.so
381ee00000-381ee16000 r-xp 00000000 fd:00 1940 /usr/lib/libz.so.1.2.3.3
381ee16000-381f016000 ---p 00016000 fd:00 1940 /usr/lib/libz.so.1.2.3.3
381f016000-381f017000 rw-p 00016000 fd:00 1940 /usr/lib/libz.so.1.2.3.3
3859800000-3859816000 r-xp 00000000 09:03 260715 /lib/libgcc_s.so.1
3859816000-3859a15000 ---p 00016000 09:03 260715 /lib/libgcc_s.so.1
3859a15000-3859a16000 rw-p 00015000 09:03 260715 /lib/libgcc_s.so.1
3fe3800000-3fe3973000 r-xp 00000000 fd:00 288314 /usr/lib/libcrypto.so.0.9.8
3fe3973000-3fe3b73000 ---p 00173000 fd:00 288314 /usr/lib/libcrypto.so.0.9.8
3fe3b73000-3fe3b9b000 rw-p 00173000 fd:00 288314 /usr/lib/libcrypto.so.0.9.8
3fe3b9b000-3fe3b9e000 rw-p 00000000 00:00 0
3fe4000000-3fe404b000 r-xp 00000000 fd:00 584001 /usr/lib/libssl.so.0.9.8
3fe404b000-3fe424b000 ---p 0004b000 fd:00 584001 /usr/lib/libssl.so.0.9.8
3fe424b000-3fe4252000 rw-p 0004b000 fd:00 584001 /usr/lib/libssl.so.0.9.8
7f4cd0000000-7f4cd0021000 rw-p 00000000 00:00 0
7f4cd0021000-7f4cd4000000 ---p 00000000 00:00 0
7f4cd73d0000-7f4cd73d3000 rw-p 00000000 00:00 0
7f4cd73fd000-7f4cd73fe000 rw-p 00000000 00:00 0
7f4cd73ff000-7f4cd7402000 rw-p 00000000 00:00 0
7fff6907f000-7fff69094000 rw-p 00000000 00:00 0 [stack]
7fff69129000-7fff6912a000 r-xp 00000000 00:00 0 [vdso]
ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
Aborted
Now, signing an HMAC doesn't make much sense (I could have just signed the sha1
hash) I was curious what would openssl do (I was expecting it to calculate the
hmac hash, and then sign that using the pubkey, and verify it. Signing worked,
verifying crashed).
Here are the files I used, the key is something I generated for testing:
$ cat pub.pem
-----BEGIN PUBLIC KEY-----
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC18lbRyD/1gNm9ORU5ouxQYHET
pm+uIbWaTwoZrvvA/KQQvhLbuEY3yR7rNhIh03xXgSdDc18V8cZS3oKZkjPs+5zs
qounnNEEqnShfhcEfmt4Cec+UujBgZ13qJMTXFzAB5L0VRso9vAdQSQJOqSh6K9K
pAwLYakfFpgB/4o7UQIDAQAB
-----END PUBLIC KEY-----
$ cat foo
test
$ xxd -p out
1183da2f97a57343d9224505e0bfeff5e9f9401fdfb708ff5cec361dcb8f
827c2fe746135024f22e07ce5eca0d35974e1189acd657ab655f2f425506
eae22f211f3cf9845de3c235a526aadf6da3b675d879f9935da678ad27e6
276f29dd72fd4709e904101c393e7f7118dcb669def11a864050eb1b41f0
6b82e1b7a0b19bc2
The file "out" was generated like this (mykey was really typed as mykey, again
this was just a test):
$ openssl dgst -hmac mykey -sha1 -sign mykey.pem -o out foo
$ openssl version
OpenSSL 0.9.8k 25 Mar 2009
-- System Information:
Debian Release: squeeze/sid
APT prefers unstable
APT policy: (990, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32.2 (SMP w/4 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssl depends on:
ii libc6 2.10.2-2 GNU C Library: Shared libraries
ii libssl0.9.8 0.9.8k-7 SSL shared libraries
ii zlib1g 1:1.2.3.3.dfsg-15 compression library - runtime
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20090814 Common CA certificates
-- no debconf information
More information about the Pkg-openssl-devel
mailing list