[xmlsec] PPC verify using PEM_read_bio_PUBKEY crash

Aleksey Sanin aleksey at aleksey.com
Sun Apr 12 08:46:38 PDT 2015


Great, thanks for letting me know! (And sorry for late reply -- I was
traveling without internet).

Aleksey

On 4/5/15 5:36 AM, Gil Beniamini wrote:
> Dear Aleksey,
> When I re-created xmlsec1 again with my new libssl/libcrypto.* ==> now everything works!
> 
> Many thanks for everything
> Gil Beniamini
> Gilat Satellite Networks - Defense R&D
> gilb at gilat.com
> Phone: (972)-3-9252427 Fax:(972)-3-9293240
> 
> 
> -----Original Message-----
> From: Gil Beniamini 
> Sent: Sunday, April 05, 2015 2:31 PM
> To: 'Aleksey Sanin'; xmlsec at aleksey.com
> Subject: RE: PPC verify using PEM_read_bio_PUBKEY crash
> 
> Dear Aleksey,
> Our PPC Linux was generated by DENX, and we found out that also "openssl genrsa" would fail, looking into their/our libcrypto.so.0.9.8 showed that PEM_read_bio_PUBKEY() as well as many similar functions were not implemented and the implementation was "trap", so today I compiled a new "openssl" from sources and now "openssl genrsa" => works.
> 
> But xmlsec1's examples verify2 (on PPC) still works with private key, and fail (not "trap") what we get is:
> -bash-3.2#
> -bash-3.2# ./verify2 sign2-res.xml rsakey.pem Signature is OK
> 
> -bash-3.2# ./verify2 sign2-res.xml rsapub.pem func=xmlSecOpenSSLAppKeyLoadBIO:file=app.c:line=271:obj=unknown:subj=PEM_read_bio_PrivateKey and PEM_read_bio_PUBKEY:error=4:crypto library function failed:
> func=xmlSecOpenSSLAppKeyLoad:file=app.c:line=153:obj=unknown:subj=xmlSecOpenSSLAppKeyLoadBIO:error=1:xmlsec library function failed:filename=rsapub.pem;errno=2
> Error: failed to load pem key from "rsapub.pem"
> -bash-3.2#
> 
> Any idea?
> 
> Many thanks in advance,
> Gil Beniamini
> Gilat Satellite Networks - Defense R&D
> gilb at gilat.com
> Phone: (972)-3-9252427 Fax:(972)-3-9293240
> 
> 
> -----Original Message-----
> From: Aleksey Sanin [mailto:aleksey at aleksey.com]
> Sent: Wednesday, April 01, 2015 4:17 PM
> To: Gil Beniamini; xmlsec at aleksey.com
> Subject: Re: PPC verify using PEM_read_bio_PUBKEY crash
> 
> Unfortunately, I am not familiar with PPC architecture and can't give you any additional advice here. As I said, I suspect that the runtime version of libcrypto is different from the version used during compilation. Check what headers have been included to make sure there is a match.
> 
> Aleksey
> 
> On 4/1/15 5:51 AM, Gil Beniamini wrote:
>> Hi Aleksey,
>> I was compering "ldd" output of libxmlsec1.so & libxmlsec1-openssl.so 
>> between the compile&link-tree and run-time tree and see no differences?!
>> But if I look on LDD output of libxmlsec1, does the fact that 
>> additional libs like "libgssapi_krb" & "libkrb5" & "libcom_err" & 
>> "libk5crypto" & "libresolv" & (most strange is "libkrb5support" which 
>> appear after ld.so.1), does it make sense?
>> Or sould I "ldd" all the libraries showed in "ldd" output?
>>  
>> ON X86:
>> military at military-S3420GP:~/Mvsat_License$ ldd 
>> /usr/lib32/libxmlsec1-openssl.so
>>                 linux-gate.so.1 =>  (0xb775d000)
>>                 libssl.so.0.9.8 => /lib/i386-linux-gnu/libssl.so.0.9.8
>> (0xb76c4000)
>>                 libcrypto.so.0.9.8 =>
>> /lib/i386-linux-gnu/libcrypto.so.0.9.8 (0xb754b000)
>>                 libxml2.so.2 => /usr/lib/i386-linux-gnu/libxml2.so.2
>> (0xb73fc000)
>>                 libxmlsec1.so.1 => /usr/lib32/libxmlsec1.so.1 (0xb739a000)
>>                 libc.so.6 => /lib/i386-linux-gnu/libc.so.6 (0xb71f0000)
>>                 libdl.so.2 => /lib/i386-linux-gnu/libdl.so.2 (0xb71eb000)
>>                 libz.so.1 => /lib/i386-linux-gnu/libz.so.1 (0xb71d5000)
>>                 libm.so.6 => /lib/i386-linux-gnu/libm.so.6 (0xb71a8000)
>>                 libltdl.so.7 => /usr/lib/i386-linux-gnu/libltdl.so.7
>> (0xb719e000)
>>                 /lib/ld-linux.so.2 (0xb775e000)ON X86:
>>  
>> ON PPC:
>> gil at ubuntu10gil:~/xmlsec1-1.2.20/examples$ ${CROSS_COMPILE}ldd 
>> ../ppclibs/libxmlsec1-openssl.so
>>         libssl.so.6 => /media/disk2/opt/eldk/4.2/ppc_85xxDP/lib/libssl.so.6
>>         libcrypto.so.6 =>
>> /media/disk2/opt/eldk/4.2/ppc_85xxDP/lib/libcrypto.so.6
>>         libxml2.so.2 =>
>> /media/disk2/opt/eldk/4.2/ppc_85xxDP/usr/lib/libxml2.so.2
>>         libxmlsec1.so.1 =>
>> /media/disk2/opt/eldk/4.2/ppc_85xxDP/usr/lib/libxmlsec1.so.1
>>         libc.so.6 => /media/disk2/opt/eldk/4.2/ppc_85xxDP/lib/libc.so.6
>>         libgssapi_krb5.so.2 =>
>> /media/disk2/opt/eldk/4.2/ppc_85xxDP/usr/lib/libgssapi_krb5.so.2
>>         libkrb5.so.3 =>
>> /media/disk2/opt/eldk/4.2/ppc_85xxDP/usr/lib/libkrb5.so.3
>>         libcom_err.so.2 =>
>> /media/disk2/opt/eldk/4.2/ppc_85xxDP/lib/libcom_err.so.2
>>         libk5crypto.so.3 =>
>> /media/disk2/opt/eldk/4.2/ppc_85xxDP/usr/lib/libk5crypto.so.3
>>         libresolv.so.2 =>
>> /media/disk2/opt/eldk/4.2/ppc_85xxDP/lib/libresolv.so.2
>>         libdl.so.2 => /media/disk2/opt/eldk/4.2/ppc_85xxDP/lib/libdl.so.2
>>         libz.so.1 => /media/disk2/opt/eldk/4.2/ppc_85xxDP/lib/libz.so.1
>>         libm.so.6 => /media/disk2/opt/eldk/4.2/ppc_85xxDP/lib/libm.so.6
>>         libltdl.so.3 =>
>> /media/disk2/opt/eldk/4.2/ppc_85xxDP/usr/lib/libltdl.so.3
>>         ld.so.1 => /media/disk2/opt/eldk/4.2/ppc_85xxDP/lib/ld.so.1
>>         libkrb5support.so.0 =>
>> /media/disk2/opt/eldk/4.2/ppc_85xxDP/usr/lib/libkrb5support.so.0
>>  
>>  
>> Gil Beniamini
>> Gilat Satellite Networks - Defense R&D gilb at gilat.com
>> Phone: (972)-3-9252427 Fax:(972)-3-9293240
>>  
>> -----Original Message-----
>> From: Aleksey Sanin [mailto:aleksey at aleksey.com]
>> Sent: Monday, March 30, 2015 6:06 PM
>> To: Gil Beniamini; xmlsec at aleksey.com
>> Subject: Re: PPC verify using PEM_read_bio_PUBKEY crash
>>  
>> It looks like a a problem with compiling/linking against different 
>> versions of openssl. Run ldd to make sure you are using the right libraries.
>>  
>> Aleksey
>>  
>> On 3/30/15 6:47 AM, Gil Beniamini wrote:
>>> Hi Aleksey,
>>>
>>> Excuse me  for interruption, but I wonder if you can assist me.
>>>
>>>  
>>>
>>> I downloaded xmlsec1-1.2.20 and compiled it both for 386 and for 
>>> ppc_85xxDP linux.
>>>
>>>  
>>>
>>> In 386 everything work OK (especially the examples
>>> sign1/sign2/verify1/verify2 as described in README)
>>>
>>>  
>>>
>>> But in PPC verify1/verify2 when using as expected with public-key 
>>> (I.e
>>> "rsapub.pem") the application crash! (but works of the key used is 
>>> the
>>> private-key("rsakey.pem"),)
>>>
>>> It fail with => "Trace/breakpoint trap" == signal-5 == SIGTRAP inside 
>>> libcrypto.so trying to execute PEM_read_bio_PUBKEY being called from 
>>> src/openssl/app.c line 259.
>>>
>>> Any idea?!
>>>
>>>  
>>>
>>> Many thaks in advance, for any tip,
>>>
>>> */Gil Beniamini/**//*
>>>
>>> Gilat Satellite Networks - Defense R&D
>>  
>>
>> /IMPORTANT - This email and any attachments is intended for the above 
>> named addressee(s), and may contain information which is confidential 
>> or privileged. If you are not the intended recipient, please inform 
>> the sender immediately and delete this email: you should not copy or 
>> use this e-mail for any purpose nor disclose its contents to any 
>> person. /
>>
> 
> IMPORTANT - This email and any attachments
> is intended for the above named addressee(s), and may contain information which
> is confidential or privileged. If you are not the intended recipient, please
> inform the sender immediately and delete this email: you should not copy or use
> this e-mail for any purpose nor disclose its contents to any person.
> 


More information about the xmlsec mailing list