爲什麼RSA_generate_key使用未初始化的值（根據valgrind）

Question

我一直在研究涉及密碼學的內容。我必須承認我的密碼學知識是非常基礎的。所以我決定看看RSA結構包含的內容在由openssl庫生成的RSA_generate_key RSA密鑰之後包含什麼。但我得到一個分段錯誤：

const unsigned long e = 3; 
const int num = 3072; 
... 
RSA *rsa_key = RSA_generate_key(num, e, NULL, NULL); 
if (!rsa_key) 
{ 
    printf("Failed to generate RSA key!\n"); 
    return RSA_ERROR_CODE; 
} 

printf("rsa->pad=0x%x\n", rsa_key->pad); 
printf("rsa->version=0x%lx\n", rsa_key->version); 
if (rsa_key->n) 
{ 
    printf("rsa->n->top=0x%x\n", rsa_key->n->top); // HERE I got the seg fault 
    .... 

它看起來非常奇怪，我所以我寫了一個最小的代碼與valgrind tool進行測試。下面是在C代碼：

#include "openssl/rsa.h" 
#include <stdio.h> 

int main() 
{  
    const unsigned long e = 3; // the exponent, 3 in QVRSA 
    const int num = 3072; 

    RSA *rsa_key = RSA_generate_key(num, e, NULL, NULL); 

    if (rsa_key == NULL) 
    { 
     printf("RSA is invalid!\n"); 
     return 1; 
    } 

    printf("rsa->pad=0x%x\n", rsa_key->pad); 
    printf("rsa->version=0x%lx\n", rsa_key->version); 
    if (rsa_key->n) 
    { 
     printf("rsa->n->top=0x%x\n", rsa_key->n->top); 
    } 

    RSA_free(rsa_key); 
    rsa_key = NULL; 
    return 0; 
} 

彙編行：GCC rsa.c -lcrypto -g -O0 -o RSA

這次沒有段故障，並輸出爲：

rsa->pad=0x0 
rsa->version=0x0 
rsa->n->top=0x30 

但valgrind解僱大量的錯誤信息：

==6916== Conditional jump or move depends on uninitialised value(s) 
==6916== at 0x4DAEB37: BN_bin2bn (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DB1B62: ??? (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DB4471: BN_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DC8763: RSA_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DCB763: RSA_generate_key (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x40072E: main (rsa.c:9) 
==6916== Uninitialised value was created by a heap allocation 
==6916== at 0x4B23D6D: malloc (vg_replace_malloc.c:270) 
==6916== by 0x4D8936A: CRYPTO_malloc (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DB1AD1: ??? (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DB4471: BN_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DC8763: RSA_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DCB763: RSA_generate_key (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x40072E: main (rsa.c:9) 

==6916== Conditional jump or move depends on uninitialised value(s) 
==6916== at 0x4DB44D0: BN_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DC8763: RSA_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DCB763: RSA_generate_key (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x40072E: main (rsa.c:9) 
==6916== Uninitialised value was created by a heap allocation 
==6916== at 0x4B23D6D: malloc (vg_replace_malloc.c:270) 
==6916== by 0x4D8936A: CRYPTO_malloc (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DB1AD1: ??? (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DB4471: BN_generate_prime_ex (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DC8763: RSA_generate_key_ex (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x4DCB763: RSA_generate_key (in /usr/lib64/libcrypto.so.0.9.8) 
==6916== by 0x40072E: main (rsa.c:9) 

和其他許多人有條件的跳轉或移動取決於未初始化的值（s）標題。

爲什麼？在openSSL中是否有一個已知的錯誤，或者它只是一個虛假警報，我的原始分段錯誤與我原始代碼中的一些隱藏的錯誤有關？

我用：

• GCC v4.5.2

• 的valgrind v3.8.1

• OpenSSL的0.9.8a

Answer 1

OpenSSL是使用一些未初始化變量生成隨機數據以生成密鑰。然後Valgrind會抱怨，所以這不是誤報。

根據openSSL FAQ，擺脫它，用-DPURIFY編譯。然而，你可以辯論測試一個不同於編譯二進制文件的二進制文件是否是一個好主意。