c - 在多线程应用程序中使用基于 openssl 的 pbkdf2

标签 c multithreading openssl mosquitto pbkdf2

我正在尝试使用 Jan-Piet Mens' pbkdf2 code来自他的 mosquitto-auth-plug在多线程应用程序中。

当我在单线程中运行代码时一切正常,但我开始收到许多内部 free()s无效读取(使用 valgrind)在 pbkdf2_check() 函数中。

我没有在我的代码中使用任何全局共享资源,并且使用 this libcurl example 设置了 openSSL 锁定回调,但我仍然不断收到 Invalid reads,主要是 pbkdf2_check() 中的 free()s

这是我的代码:

pbkdf2.c(基于 Jan-Piet Mens' pbkdf2.c code)

/*
 * Copyright (c) 2013 Jan-Piet Mens <jpmens()gmail.com>
 * All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions are met:
 *
 * 1. Redistributions of source code must retain the above copyright notice,
 *    this list of conditions and the following disclaimer.
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in the
 *    documentation and/or other materials provided with the distribution.
 * 3. Neither the name of mosquitto nor the names of its
 *    contributors may be used to endorse or promote products derived from
 *    this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS"
 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
 * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE
 * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
 * POSSIBILITY OF SUCH DAMAGE.
 */

#include "opensslthreadlock.h"
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/evp.h>
#include "base64.h"

#define SEPARATOR       "$"
#define TRUE    (1)
#define FALSE   (0)
#define NUMT    5

/*
 * Split PBKDF2$... string into their components. The caller must free()
 * the strings.
 */

static int detoken(char *pbkstr, char **sha, int *iter, char **salt, char **key)
{
    char *p, *s, *save;
    int rc = 1;

    save = s = strdup(pbkstr);

    if ((p = strsep(&s, SEPARATOR)) == NULL)
        goto out;
    if (strcmp(p, "PBKDF2") != 0)
        goto out;

    if ((p = strsep(&s, SEPARATOR)) == NULL)
        goto out;
    *sha = strdup(p);

    if ((p = strsep(&s, SEPARATOR)) == NULL)
        goto out;
    *iter = atoi(p);

    if ((p = strsep(&s, SEPARATOR)) == NULL)
        goto out;
    *salt = strdup(p);

    if ((p = strsep(&s, SEPARATOR)) == NULL)
        goto out;
    *key = strdup(p);

    rc = 0;

    out:
    free(save);
    return rc;
}

int pbkdf2_check(char *password, char *hash)
{
    static char *sha, *salt, *h_pw;
    int iterations, saltlen, blen;
    char *b64, *keybuf;
    unsigned char *out;
    int match = FALSE;
    const EVP_MD *evpmd;
    int keylen, rc;

    if (detoken(hash, &sha, &iterations, &salt, &h_pw) != 0)
        return match;

    /* Determine key length by decoding base64 */
    if ((keybuf = malloc(strlen(h_pw) + 1)) == NULL) {
        fprintf(stderr, "Out of memory\n");
        return FALSE;
    }
    keylen = base64_decode(h_pw, keybuf);
    if (keylen < 1) {
        free(keybuf);
        return (FALSE);
    }
    free(keybuf);

    if ((out = malloc(keylen)) == NULL) {
        fprintf(stderr, "Cannot allocate out; out of memory\n");
        return (FALSE);
    }

#ifdef PWDEBUG
    fprintf(stderr, "sha        =[%s]\n", sha);
    fprintf(stderr, "iterations =%d\n", iterations);
    fprintf(stderr, "salt       =[%s]\n", salt);
    fprintf(stderr, "h_pw       =[%s]\n", h_pw);
    fprintf(stderr, "kenlen     =[%d]\n", keylen);
#endif

    saltlen = strlen((char *)salt);

    evpmd = EVP_sha256();
    if (strcmp(sha, "sha1") == 0) {
        evpmd = EVP_sha1();
    } else if (strcmp(sha, "sha512") == 0) {
        evpmd = EVP_sha512();
    }

    rc = PKCS5_PBKDF2_HMAC(password, strlen(password),
                           (unsigned char *)salt, saltlen,
                           iterations,
                           evpmd, keylen, out);
    if (rc != 1) {
        goto out;
    }

    blen = base64_encode(out, keylen, &b64);
    if (blen > 0) {
        int i, diff = 0, hlen = strlen(h_pw);
#ifdef PWDEBUG
        fprintf(stderr, "HMAC b64   =[%s]\n", b64);
#endif

        /* "manual" strcmp() to ensure constant time */
        for (i = 0; (i < blen) && (i < hlen); i++) {
            diff |= h_pw[i] ^ b64[i];
        }

        match = diff == 0;
        if (hlen != blen)
            match = 0;

        free(b64);
    }

    out:
    free(sha);
    free(salt);
    free(h_pw);
    free(out);

    return match;
}

void *test_pbkdf2(void *argt) {
    int i;
    for (i = 0; i < 3; ++i) {
        char password[] = "password";
        char pbkstr[] = "PBKDF2$sha1$98$XaIs9vQgmLujKHZG4/B3dNTbeP2PyaVKySTirZznBrE=$2DX/HZDTojVbfgAIdozBi6CihjWP1+akYnh/h9uQfIVl6pLoAiwJe1ey2WW2BnT+";
        int match;

        printf("Checking password [%s] for %s\n", password, pbkstr);

        match = pbkdf2_check(password, pbkstr);
        printf("match == %d\n", match);
    }
    pthread_exit();
}

int main(int argc, char **argv)
{
    pthread_t tid[NUMT];
    int i;
    int error;
    (void)argc; /* we don't use any arguments in this example */
    (void)argv;

    thread_setup();

    for(i=0; i< NUMT; i++) {
        error = pthread_create(&tid[i],
                               NULL, /* default attributes please */
                               test_pbkdf2,
                               NULL);
        if(0 != error)
            fprintf(stderr, "Couldn't run thread number %d, errno %d\n", i, error);
    }

    /* now wait for all threads to terminate */
    for(i=0; i< NUMT; i++) {
        error = pthread_join(tid[i], NULL);
        fprintf(stderr, "Thread %d terminated\n", i);
    }

    thread_cleanup();
    return 0;
}

opensslthreadlock.h:

/***************************************************************************
 *                                  _   _ ____  _
 *  Project                     ___| | | |  _ \| |
 *                             / __| | | | |_) | |
 *                            | (__| |_| |  _ <| |___
 *                             \___|\___/|_| \_\_____|
 *
 * Copyright (C) 1998 - 2016, Daniel Stenberg, <daniel@haxx.se>, et al.
 *
 * This software is licensed as described in the file COPYING, which
 * you should have received as part of this distribution. The terms
 * are also available at https://curl.haxx.se/docs/copyright.html.
 *
 * You may opt to use, copy, modify, merge, publish, distribute and/or sell
 * copies of the Software, and permit persons to whom the Software is
 * furnished to do so, under the terms of the COPYING file.
 *
 * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
 * KIND, either express or implied.
 *
 ***************************************************************************/
/* <DESC>
 * one way to set the necessary OpenSSL locking callbacks if you want to do
 * multi-threaded transfers with HTTPS/FTPS with libcurl built to use OpenSSL.
 * </DESC>
 */
/*
 * This is not a complete stand-alone example.
 *
 * Author: Jeremy Brown
 */

int thread_setup(void);

int thread_cleanup(void);

实现在这里 ( opensslthreadlock.c )。 这是 base64.c/h 的代码.

我正在使用它来构建和测试:

gcc -o pbkdf2test pbkdf2.c opensslthreadlock.c base64.c -lcrypto -lpthread

valgrind --tool=memcheck --leak-check=full --track-origins=yes -v ./pbkdf2test

最佳答案

It all works fine when I run the code in a single thread, but I start getting Invalid reads (using valgrind) for many of the internal free()s in the pbkdf2_check() function.

这似乎是因为:

static char *sha, *salt, *h_pw;

在编写 pbkdf2_check 时,它总是会遇到竞争条件。

此外,一旦这些运行:

out:
    free(sha);
    free(salt);
    free(h_pw);
    free(out);

由于静态存储类,悬挂指针被重用。

您可能应该删除shasalth_pwstatic 存储类,并将所有内容初始化为NULL0。使用 C99 (-std=c99),您可以:

char *sha=NULL, *salt=NULL, *h_pw=NULL;
int iterations=0, saltlen=0, blen=0;
char *b64=NULL, *keybuf=NULL;
unsigned char *out=NULL;
int match = FALSE;
const EVP_MD *evpmd=NULL;
int keylen=0, rc=-1;

然后,优化器将删除不需要的初始化程序/写入。

关于c - 在多线程应用程序中使用基于 openssl 的 pbkdf2,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/35766313/

相关文章:

c: free() - glibc 无效指针

检查具有空数据的节点

c - 为什么来自 main 的 Pthread 信号会挂起代码?

ios - 在 iphone 上用 NSData 字节初始化 BIO 变量

https - 为什么这个 SSL_pending 调用总是返回零?

c - 如何创建类似 char *argv 的 char 指针

c - 指针的第一个字符

c# - 通用 BeginInvoke 方案,确保在同一线程上下文中进行函数调用

c++ - 为什么要将 mutex 作为参数传递给线程调用的函数?

c++ - 什么是 undefined symbol : X509_EXTENSION_free?