RSASSAPSS Signing sha256 crash in EVP_MD_CTX_free(md_ctx); #21734

aniljadaun · 2023-08-14T11:56:28Z

aniljadaun
Aug 14, 2023

Updating to OpenSSL 3 . I am getting crash in

                        if (md_ctx != NULL)
				EVP_MD_CTX_free(md_ctx);

If i skip freeing the object then it works fine, also no error are dumped by ERR_print_errors_fp not sure why this is failing. Complete code used for signing is below:

			EVP_MD_CTX* md_ctx = nullptr;
			md_ctx = EVP_MD_CTX_new();
			EVP_PKEY_CTX* pkey_ctx = nullptr;
			
			bool success = true;
			pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL);
			EVP_MD_CTX_init(md_ctx);
			if (!pkey_ctx)
				success = false;

			if (success && EVP_DigestSignInit(md_ctx, &pkey_ctx, EVP_sha256(), NULL, pkey) <= 0) {
				success = false;
			}

			if (EVP_PKEY_CTX_set_rsa_padding(pkey_ctx, RSA_PKCS1_PSS_PADDING) != 1) {
				success = false;
			}
			if (EVP_PKEY_CTX_set_rsa_pss_saltlen(pkey_ctx, saltlen) != 1) {
				success = false;
			}
			if (EVP_PKEY_CTX_set_rsa_mgf1_md(pkey_ctx, algoUsed) != 1) {
				success = false;
			}

			if (success)
			{
				
				{
					if (dataChunk.size())
						if (EVP_DigestSignUpdate(md_ctx, const_cast<ACUns8*>(dataChunk.data()), dataChunk.size()) != 1)
						{
							success = false;
							break;
						}
				}
			}

			size_t olen = 512;
			if (success && EVP_DigestSignFinal(md_ctx, NULL, &olen) != 1)
				success = false;
			result.resize(olen);
			if (success && EVP_DigestSignFinal(md_ctx, result.writeableData(), &olen) != 1)
				success = false;

			result.resize(olen);
			if (pkey_ctx)
				EVP_PKEY_CTX_free(pkey_ctx);

Answered by t8m

Aug 14, 2023

Do not call EVP_PKEY_CTX_new(pkey, NULL) and EVP_PKEY_CTX_free(pkey_ctx). Your EVP_PKEY_CTX is getting overwritten by a pkey context stored inside the md context and then you introduce doublefree by calling both EVP_PKEY_CTX_free() and EVP_MD_CTX_free().

Also there is no need to check whether a pointer is NULL before calling any free function in OpenSSL. All of them check for that internally.

View full answer

t8m · 2023-08-14T12:40:57Z

t8m
Aug 14, 2023
Maintainer

Do not call EVP_PKEY_CTX_new(pkey, NULL) and EVP_PKEY_CTX_free(pkey_ctx). Your EVP_PKEY_CTX is getting overwritten by a pkey context stored inside the md context and then you introduce doublefree by calling both EVP_PKEY_CTX_free() and EVP_MD_CTX_free().

Also there is no need to check whether a pointer is NULL before calling any free function in OpenSSL. All of them check for that internally.

2 replies

aniljadaun Aug 14, 2023
Author

Thanks @t8m

We should not be doing pkey_ctx = EVP_PKEY_CTX_new(pkey, NULL);

What should be passed to function which expect pkey_ctx ? Do we access it from it md_ctx ? if yes, then how ?

aniljadaun Aug 14, 2023
Author

Issue is resolved . once again thanks alot @t8m

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

RSASSAPSS Signing sha256 crash in EVP_MD_CTX_free(md_ctx); #21734

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment 2 replies

{{title}}

{{title}}

{{title}}

Select a reply

RSASSAPSS Signing sha256 crash in EVP_MD_CTX_free(md_ctx); #21734

aniljadaun Aug 14, 2023

Replies: 1 comment · 2 replies

t8m Aug 14, 2023 Maintainer

aniljadaun Aug 14, 2023 Author

aniljadaun Aug 14, 2023 Author

aniljadaun
Aug 14, 2023

Replies: 1 comment 2 replies

t8m
Aug 14, 2023
Maintainer

aniljadaun Aug 14, 2023
Author

aniljadaun Aug 14, 2023
Author