Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

memory leak using cipher: #6

Closed
bfg opened this issue Feb 21, 2012 · 4 comments
Closed

memory leak using cipher: #6

bfg opened this issue Feb 21, 2012 · 4 comments

Comments

@bfg
Copy link

bfg commented Feb 21, 2012

The following code leaks memory really badly (2G per in 7 seconds)

require "openssl"

secret_key = "secret"
cipher = openssl.get_cipher("RC4")

num = 10000000
i = 1
while i <= num do
        i = i+1

        id = "something"

        encrypted = cipher:encrypt(id, secret_key);
end

Lua environment:

$ uname -a
Linux pipi.dev.interseek.com 3.2.0-8-generic #14-Ubuntu SMP Fri Jan 6 01:56:48 UTC 2012 x86_64 x86_64 x86_64 GNU/Linux

$ lua -v
Lua 5.1.4  Copyright (C) 1994-2008 Lua.org, PUC-Rio

$ luajit-2.0.0-beta9 -v
LuaJIT 2.0.0-beta9 -- Copyright (C) 2005-2011 Mike Pall. http://luajit.org/

$ openssl version
OpenSSL 1.0.0g 18 Jan 2012

Latest lua-openssl master
@zhaozg
Copy link
Owner

zhaozg commented Feb 23, 2012

thanks, I will fix it in some days.

@zhaozg
Copy link
Owner

zhaozg commented Feb 24, 2012

cipher encrypt/decrypt use EVP_CIPHER_CTX in stack, not in heap, it should be call EVP_CIPHER_CTX_cleanup to free ctx memory.
Please fetch head to fix it.

Thanks!

@zhaozg zhaozg closed this as completed Feb 24, 2012
@bfg
Copy link
Author

bfg commented Feb 24, 2012

Great work man! Process now consistently uses 1.9M of RAM!

Thanks ALOT :)

@zhaozg
Copy link
Owner

zhaozg commented Feb 25, 2012

:).

Here a advice, if you want to encrypt some important information, such like a password, you should add salt,to get diff cipher text by same plain password.

  1. get a cihper
  2. get md5 digest
  3. generate 8 length salt
  4. make key and iv will your salt and password.
  5. encrypt data with key and Iv
  6. concat magic, salt and encrypted data
  7. base64 encode it
local openssl = require'openssl'
require 'base64'

c = openssl.get_cipher('bf')
md = openssl.get_digest('md5')

salt = openssl.random_bytes(8, true) -- generate salt
m = '"abcd"'
key, iv = c:BytesToKey(md,salt,'aa')
cc=c:init(true,key,iv)
e1 = cc:update(m)
bb = e1..cc:final()
print(base64.encode('Salted__'..salt..bb))

local openssl = require'openssl'
--base64 is a other lib, please see http://lua-users.org/wiki/BaseSixtyFour
require 'base64'

c = openssl.get_cipher('bf')
md = openssl.get_digest('md5')

--openssl.random_bytes(number length [, boolean strong=false])
---> string, boolean
--Returns a string of the length specified filled with random bytes

salt = openssl.random_bytes(8, true)
m = '"abcd"'
key, iv = c:BytesToKey(md,salt,'aa')

---evp_cipher:init(bool enc, [, string key [,string iv [,engine engimp]]]) => cipher_ctx
---evp_cipher:encrypt_init has renamed to evp_cipher:init
--true means to do encrypt

cc=c:init(true,key,iv)
e1 = cc:update(m)
bb = e1..cc:final()
print(base64.encode('Salted__'..salt..bb))

@bfg bfg mentioned this issue May 24, 2012
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bfg @zhaozg