openssl: The function of RSA_GENERATE_KEY_EX that blocks on embedded ARM platforms

openssl version openssl-1.1.1k

int main()
{
	RSA *rsa = RSA_new();
	int ret = 0;
	BIGNUM* bne = BN_new();
	ret=BN_set_word(bne,RSA_F4);
	ret = RSA_generate_key_ex(rsa,512,bne,NULL);
	return 0;
}

The RSA_generate_key_ex function is blocked

arm-linux-gcc version

gcc version 6.5.0 (Buildroot 2018.02-rc3-g03cc10792-dirty)

About this issue

  • Original URL
  • State: closed
  • Created 3 years ago
  • Comments: 34 (15 by maintainers)

Most upvoted comments

That explains why there are zero words in the RNG output. The culprit is the configuration line:

/usr/bin/perl ./Configure linux-x86_64 no-asm shared no-async no-rc5 enable-camellia enable-mdc2 no-tests no-fuzz-libfuzzer no-fuzz-afl -latomic -lpthread -fPIC --prefix=/home/brian/rk3326/app/webrtc/depends/install --openssldir=/home/brian/rk3326/app/webrtc/depends/install

linux-x86_64 is definitely wrong. This is configuring for an x86 platform not an ARM one. That it is possible to get something that even kind of remotely works is a miracle. Replace this with a target that includes arm in it’s name. You’d also be able to drop the no-asm for a performance increase and the fuzzing options because they aren’t useful here. Possibly some of the other options could disappear too.

+1
paulidale on Jun 13, 2021
Read more comments on GitHub
← openssl: The fipsmodule.cnf to be installed cannot be created by openssl fipsinstall in cross-compiled builds
openssl: ThreadSanitizer reports recursive lock overflow caused by impl_cache_flush_cache() →