Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SIGSEGV Error #609

Closed
plexa16 opened this issue Mar 1, 2017 · 5 comments
Closed

SIGSEGV Error #609

plexa16 opened this issue Mar 1, 2017 · 5 comments

Comments

@plexa16
Copy link

plexa16 commented Mar 1, 2017
edited

I’m trying to run the following program, but I get a
Process finished with exit code 139 (interrupted by signal 11: SIGSEGV) error in my code

from OpenSSL import crypto

def getx509(st_cert):
    return crypto.load_certificate(crypto.FILETYPE_PEM,st_cert)

def getprivatekey(st_cert):
    return crypto.load_privatekey(crypto.FILETYPE_PEM,st_cert)

def signNID(bkObject, privatekey):
    sign = crypto.sign(privatekey, bkObject,'sha256')
    print(sign)

def verifyNID(data, x509, allinOne):
    print("here test")
    crypto.verify(x509, data, allinOne,'sha256')
    print("VERIFICATION OK")

st_cert = open('mesh101.crt', 'r')
line = st_cert.read()
print(line)
x509Object = getx509(line)
privateKeyObject = getprivatekey(line)
st_cert.close()
sign = signNID("hello", privateKeyObject)
verifyNID(sign, x509Object, 'hello')

Fatal Python error: Segmentation fault

Current thread 0x00007f85f041d700 (most recent call first):

Process finished with exit code 139 (interrupted by signal 11: SIGSEGV)

Why am I getting this error?

Im Using pyOpenSSL 16.2.0
on Ubuntu 16.04 LTS
with Python 3.5.2

greets

Plexa16
@hynek
Copy link
Contributor

hynek commented Mar 4, 2017

Could you investigate which line causes the SEGFAULT please? If you use toy Certs/Keys, it would be nice if you could share mesh101.crt with us too.

@plexa16
Copy link
Author

plexa16 commented Mar 6, 2017

Hello,

i get this error in the "sign" method

sign = crypto.sign(privatekey, bkObject,'sha256')

here ist my mesh101.cert

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number: 1 (0x1)
    Signature Algorithm: ecdsa-with-SHA256
        Issuer: CN=mesh1
        Validity
            Not Before: Feb 10 15:38:19 2017 GMT
            Not After : Feb  8 15:38:19 2027 GMT
        Subject: CN=mesh1
        Subject Public Key Info:
            Public Key Algorithm: id-ecPublicKey
                Public-Key: (256 bit)
                pub: 
                    04:81:45:c9:fd:00:a5:f8:3f:0a:6a:74:55:df:94:
                    4c:ff:52:c1:0a:dc:76:0d:20:08:d4:11:20:8c:6e:
                    3c:04:77:f3:a6:8f:cf:46:7d:67:79:f0:6a:ce:f6:
                    06:9a:02:04:15:b3:19:f9:1c:1d:a5:78:2a:94:27:
                    44:83:03:2d:27
                ASN1 OID: secp256k1
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Subject Key Identifier: 
                28:CC:1E:5F:08:18:7C:BD:DA:23:14:86:3D:2F:C1:E1:7C:53:39:A5
            X509v3 Authority Key Identifier: 
                keyid:C4:92:F8:2F:CB:E0:A0:E5:54:BA:27:7C:7C:92:13:24:0C:29:9C:50
                DirName:/CN=mesh1
                serial:C9:C9:3C:66:39:10:A9:DB

            X509v3 Extended Key Usage: 
                TLS Web Client Authentication
            X509v3 Key Usage: 
                Digital Signature
    Signature Algorithm: ecdsa-with-SHA256
         30:45:02:21:00:c0:72:37:97:f8:e6:5b:fb:35:49:cf:55:ef:
         bf:11:d2:1f:a6:b1:fc:27:23:19:00:a8:50:8f:c0:28:fc:e1:
         db:02:20:4b:ad:83:4e:55:d0:49:0d:cd:c8:5f:d9:e0:4e:4d:
         fd:3a:af:6b:49:0e:a0:72:50:d1:5e:bc:b0:cc:f8:75:b1
-----BEGIN CERTIFICATE-----
MIIBnjCCAUSgAwIBAgIBATAKBggqhkjOPQQDAjAQMQ4wDAYDVQQDDAVtZXNoMTAe
Fw0xNzAyMTAxNTM4MTlaFw0yNzAyMDgxNTM4MTlaMBAxDjAMBgNVBAMMBW1lc2gx
MFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEgUXJ/QCl+D8KanRV35RM/1LBCtx2DSAI
1BEgjG48BHfzpo/PRn1nefBqzvYGmgIEFbMZ+RwdpXgqlCdEgwMtJ6OBkTCBjjAJ
BgNVHRMEAjAAMB0GA1UdDgQWBBQozB5fCBh8vdojFIY9L8HhfFM5pTBABgNVHSME
OTA3gBTEkvgvy+Cg5VS6J3x8khMkDCmcUKEUpBIwEDEOMAwGA1UEAwwFbWVzaDGC
CQDJyTxmORCp2zATBgNVHSUEDDAKBggrBgEFBQcDAjALBgNVHQ8EBAMCB4AwCgYI
KoZIzj0EAwIDSAAwRQIhAMByN5f45lv7NUnPVe+/EdIfprH8JyMZAKhQj8Ao/OHb
AiBLrYNOVdBJDc3IX9ngTk39Oq9rSQ6gclDRXrywzPh1sQ==
-----END CERTIFICATE-----
-----BEGIN PRIVATE KEY-----
MIGEAgEAMBAGByqGSM49AgEGBSuBBAAKBG0wawIBAQQgDp0iBLaG9b69UAyFtuG6
WjiRMVfeaiH44HvITn49t2uhRANCAASBRcn9AKX4PwpqdFXflEz/UsEK3HYNIAjU
ESCMbjwEd/Omj89GfWd58GrO9gaaAgQVsxn5HB2leCqUJ0SDAy0n
-----END PRIVATE KEY-----

i have created this cert with easyrsa3 (https://github.com/OpenVPN/easy-rsa/blob/master/README.quickstart.md)

Best Regards

plexa16

@hynek
Copy link
Contributor

hynek commented Mar 22, 2017

Could this be related to #259?

@sammko
Copy link

sammko commented May 8, 2017
edited

Same issue here, seems to only occur with ECDSA keys. I've attached a backtrace if it helps anyone.
This does not occur when using openssl dgst -sha256 -sign key.pem -out data.signed data. I've picked a few curves at random (secp521r1, secp192k1, brainpoolP512t1, prime192v3) – all of them cause the crash.
My keys have been generated as follows: openssl ecparam -name <curve> -genkey -param_enc explicit -out key.pem

*** Error in `python': free(): invalid next size (fast): 0x0000000000d81480 ***
======= Backtrace: =========
/usr/lib/libc.so.6(+0x722ab)[0x7f9a0e4be2ab]
/usr/lib/libc.so.6(+0x7890e)[0x7f9a0e4c490e]
/usr/lib/libc.so.6(+0x7911e)[0x7f9a0e4c511e]
/usr/lib/libpython3.6m.so.1.0(+0x1546bc)[0x7f9a0e0406bc]
/usr/lib/libpython3.6m.so.1.0(+0x154ac3)[0x7f9a0e040ac3]
/usr/lib/libpython3.6m.so.1.0(_PyEval_EvalFrameDefault+0x317)[0x7f9a0dff53c7]
/usr/lib/libpython3.6m.so.1.0(PyEval_EvalCodeEx+0x277)[0x7f9a0e040f17]
/usr/lib/libpython3.6m.so.1.0(PyEval_EvalCode+0x1b)[0x7f9a0dff50ab]
/usr/lib/libpython3.6m.so.1.0(+0x1ee0d2)[0x7f9a0e0da0d2]
/usr/lib/libpython3.6m.so.1.0(PyRun_FileExFlags+0x9d)[0x7f9a0e0dc6fd]
/usr/lib/libpython3.6m.so.1.0(PyRun_SimpleFileExFlags+0x1a7)[0x7f9a0e0dc8e7]
/usr/lib/libpython3.6m.so.1.0(Py_Main+0x673)[0x7f9a0e0d0063]
python(main+0xfd)[0x400a5d]
/usr/lib/libc.so.6(__libc_start_main+0xf1)[0x7f9a0e46c511]
python(_start+0x2a)[0x400b9a]

Thanks.

@jzakrzew jzakrzew mentioned this issue Jul 19, 2017
Closed
reaperhulk pushed a commit to reaperhulk/pyopenssl that referenced this issue Jul 20, 2017
@reaperhulk
Write a test - signatures with EC keys (pyca#609)
8cb1d25
reaperhulk pushed a commit to reaperhulk/pyopenssl that referenced this issue Jul 20, 2017
@reaperhulk
Ask for signature length before allocating a buffer.
36f8d81 
This fixes a potential heap buffer overflow that may happen when a signature
is longer than the private key, as with X9.62 ECDSA (pyca#609).
hynek pushed a commit that referenced this issue Jul 20, 2017
@reaperhulk @hynek
(EC)DSA signature fix (#670)
59d2625 
* Write a test - signatures with EC keys (#609)

* Ask for signature length before allocating a buffer.

This fixes a potential heap buffer overflow that may happen when a signature
is longer than the private key, as with X9.62 ECDSA (#609).

* change approach to EVP_PKEY_size and add changelog

* add a small assert
@reaperhulk
Copy link
Member

Fixed in 17.2.0 :)

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 16, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@hynek @reaperhulk @sammko @plexa16