我可以使用openssl 1.0.1h使用RSA对消息进行加密和解密,并使用Visual Studio C ++ 2012在Windows 7 x64上创建公共和私有RSA-2048-Bit密钥。我试着检查当我使用它时会发生什么解密函数(RSA_private_decrypt)(由于某种原因)破坏和/或篡改消息,并注意到我得到了内存泄漏。为了测试这个,我尝试使用以下代码来解密空的内存缓冲区:
RSA * rsa = NULL;
BYTE source[256];
BYTE destin[256];
int iret;
memset(source, 0, 256);
memset(destin, 0, 256);
// function to set the private and public keys (verified to work with valid data)
iret = SetRSAKey(rsa, ENCRYPTION_KEY_SERVER, ENCRYPTION_KEY_CLIENT);
int length = RSA_size(rsa);
iret = RSA_private_decrypt(length, source, destin, rsa, RSA_PKCS1_OAEP_PADDING);
RSA_free(rsa);
RAND_cleanup ();
EVP_cleanup ();
CRYPTO_cleanup_all_ex_data();
Visual Studio的Visual Leak Detector在退出后报告4内存泄漏:
WARNING: Visual Leak Detector detected memory leaks!
---------- Block 2211 at 0x005037A8: 12 bytes ----------
Call Stack:
Data:
18 5F 51 00 00 00 00 00 E0 15 01 00 ._Q..... ........
---------- Block 2210 at 0x005135A8: 64 bytes ----------
Call Stack:
Data:
A8 37 50 00 00 00 00 00 00 00 00 00 00 00 00 00 .7P..... ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
---------- Block 2209 at 0x005160E8: 96 bytes ----------
Call Stack:
Data:
A8 35 51 00 40 BC 30 01 80 BC 30 01 08 00 00 00 .5Q.@.0. ..0.....
10 00 00 00 00 00 00 00 08 00 00 00 00 02 00 00 ........ ........
00 01 00 00 01 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 03 00 00 00 02 00 00 00 ........ ........
01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
02 00 00 00 00 00 00 00 02 00 00 00 00 00 00 00 ........ ........
---------- Block 2208 at 0x00515F18: 400 bytes ----------
Call Stack:
Data:
00 00 00 00 60 15 00 00 CD CD CD CD 00 00 00 00 ....`... ........
00 00 00 00 CD CD CD CD CD CD CD CD CD CD CD CD ........ ........
CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD ........ ........
CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD ........ ........
CD CD CD CD CD CD CD CD CD CD CD CD 79 A0 07 04 ........ ....y...
72 50 06 04 CD CD CD CD CD CD CD CD CD CD CD CD rP...... ........
CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD ........ ........
CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD ........ ........
CD CD CD CD CD CD CD CD 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ........ ........
00 00 00 00 00 00 00 00 CD CD CD CD D0 FB 3E 01 ........ ......>.
FC A5 3D 01 CD CD CD CD CD CD CD CD CD CD CD CD ..=..... ........
CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD ........ ........
CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD ........ ........
CD CD CD CD CD CD CD CD CD CD CD CD B5 00 00 00 ........ ........
68 02 00 00 CD CD CD CD CD CD CD CD CD CD CD CD h....... ........
CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD ........ ........
CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD CD ........ ........
CD CD CD CD CD CD CD CD 02 00 00 00 00 00 00 00 ........ ........
Visual Leak Detector detected 4 memory leaks.
Visual Leak Detector is now exiting.
如果我使用空缓冲区的工作消息(使用RSA_public_encrypt加密),则没有内存泄漏,并且正在按预期解密消息。但是当消息以某种方式损坏时,如何摆脱openssl中的内存泄漏?
在尝试解密之前是否有可能测试消息完整性的功能,还是我必须自己创建CRC并自行检查?
答案 0 :(得分:1)
我实际上只是使用OpenSSL RSA_verify()遇到了相同的内存泄漏问题。实际上只有在验证失败时才会发生泄漏。 ERR_remove_state(0)似乎解决了这个问题(从@jww中获得上述评论)。
{{1}}