Openssl safePrimes_keyGen ffdhe2048 error

[zkuperman]

I'm testing the parser on openssl 3.0.8 and getting an error 14 when running safePrime_keyGen vectors. From what I can tell, the error is coming from a call to _openssl_dsa_keygen. Attached is the relevant debug logs. Is this is a known issue? Is this caused by something unrelated to the parser? safePrimes_keyGen debug log.txt

[smuellerDD]

Am Freitag, 22. September 2023, 22:02:20 CEST schrieb Zalman Kuperman:

Hi Zalman,

I'm testing the parser on openssl 3.0.8 and getting an error 14 when running safePrime_keyGen vectors. From what I can tell, the error is coming from a call to _openssl_dsa_keygen. Attached is the relevant debug logs. Is this is a known issue? Is this caused by something unrelated to the parser? safePrimes_keyGen debug log.txt

Apologies, that email fell through the cracks.

The error -14 is EFAULT which signals that OpenSSL flagged an error at line

1849. I am not aware of such an error and for us, all works well. Perhaps, check what OpenSSL is saying by changing the invocation to:

CKINT_O_LOG(, "OpenSSL failure %s\n", ERR_error_string(ERR_get_error(), NULL));

Ciao Stephan

[zkuperman]

I changed the invocation here is the result: ACVPParser (12:26:12) Error [backends/backend_openssl3.c:openssl_dsa_keygen:1849]: OpenSSL failure error:00000000:lib(0)::reason(0) ACVPParser (12:26:12) Debug [parser/parser_dsa.c:dsa_keygen_helper:93]: Failure with return code -14 ACVPParser (12:26:12) Debug [parser/parser_common.c:exec_test:389]: Failure with return code -14 ACVPParser (12:26:12) Warning [parser/parser_common.c:exec_test:444]: Test execution failed with error -14 ACVPParser (12:26:12) Error [parser/parser_common.c:parse_array:826]: Test execution failed

Since this is an Openssl error, I'm also adding the openssl version here in case it's relevant: $ openssl version -a OpenSSL 3.0.8 7 Feb 2023 (Library: OpenSSL 3.0.8 7 Feb 2023) built on: Wed Jun 28 20:11:11 2023 UTC platform: Cygwin-x86_64 options: bn(64,64) compiler: gcc -Wall -g -O0 -DTERMIOS -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL OPENSSLDIR: "/home/ossl3/ssl" ENGINESDIR: "/home/ossl3/lib/engines-3" MODULESDIR: "/home/ossl3/lib/ossl-modules" Seeding source: os-specific CPUINFO: N/A

[smuellerDD]

Am Mittwoch, 11. Oktober 2023, 19:59:27 CEST schrieb Zalman Kuperman:

Hi Zalman,

I changed the invocation here is the result: ACVPParser (12:26:12) Error [backends/backend_openssl3.c:openssl_dsa_keygen:1849]: OpenSSL failure error:00000000:lib(0)::reason(0) ACVPParser (12:26:12) Debug [parser/parser_dsa.c:dsa_keygen_helper:93]: Failure with return code -14 ACVPParser (12:26:12) Debug [parser/parser_common.c:exec_test:389]: Failure with return code -14 ACVPParser (12:26:12) Warning [parser/parser_common.c:exec_test:444]: Test execution failed with error -14 ACVPParser (12:26:12) Error [parser/parser_common.c:parse_array:826]: Test execution failed

The OpenSSL error code you have is not from the OpenSSL API call but from a parser function call. You need to call it directly with the OpenSSL API that is the culprit.

Since this is an Openssl error, I'm also adding the openssl version here in case it's relevant: $ openssl version -a OpenSSL 3.0.8 7 Feb 2023 (Library: OpenSSL 3.0.8 7 Feb 2023) built on: Wed Jun 28 20:11:11 2023 UTC platform: Cygwin-x86_64 options: bn(64,64) compiler: gcc -Wall -g -O0 -DTERMIOS -DL_ENDIAN -DOPENSSL_PIC -DOPENSSL_BUILDING_OPENSSL OPENSSLDIR: "/home/ossl3/ssl" ENGINESDIR: "/home/ossl3/lib/engines-3" MODULESDIR: "/home/ossl3/lib/ossl-modules" Seeding source: os-specific CPUINFO: N/A

Ciao Stephan

[zkuperman]

I moved the CKINT_O_LOG to a function call inside _openssl_dsa_keygen which I think is an Openssl API call: CKINT_O_LOG(EVP_PKEY_param_check(ctx), "OpenSSL failure %s\n", ERR_error_string(ERR_get_error(), NULL));

The new message in the debug log is: ACVPParser (14:09:16) Error [backends/backend_openssl3.c:_openssl_dsa_keygen:1831]: OpenSSL failure error:00000000:lib(0)::reason(0)

I changed all the CKINT calls in _openssl_dsa_keygen to CKINT_O_LOG. This was the only one which gave an error.

[smuellerDD]

Am Mittwoch, 18. Oktober 2023, 20:21:13 CEST schrieb Zalman Kuperman:

Hi Zalman,

I moved the CKINT_O_LOG to a function call inside _openssl_dsa_keygen which I think is an Openssl API call: CKINT_O_LOG(EVP_PKEY_param_check(ctx), "OpenSSL failure %s\n", ERR_error_string(ERR_get_error(), NULL));

The new message in the debug log is: ACVPParser (14:09:16) Error [backends/backend_openssl3.c:_openssl_dsa_keygen:1831]: OpenSSL failure error:00000000:lib(0)::reason(0)

I changed all the CKINT calls in _openssl_dsa_keygen to CKINT_O_LOG. This was the only one which gave an error.

The CKINT macros treat the return code != 0 as error. The CKINT_O treat the return code of == 0 as error. It seems the parser used the wrong return code checker as for this function, CKINT_O indeed is to be used.

Yet, I see no error in the OpenSSL log...

Ciao Stephan

[zkuperman]

I've tested a few changes. The error is limited to running the parser with OpenSSL compiled on Cygwin. The OpenSSL error log being blank may also be caused by Cygwin. Changing between OpenSSL 3.0.8 and 3.0.11 didn't have any affect.

I'm not sure how to proceed. Without the openssl error log, I can't trace the error into openssl's code.

Edit: I tried using WSL instead of Cygwin to compile openssl and the parser. I'm not getting the error anymore. I haven't verified the vector can pass, but at least it is running to completion.

[smuellerDD]

Am Donnerstag, 26. Oktober 2023, 17:16:04 CET schrieb Zalman Kuperman:

Hi Zalman,

I've tested a few changes. The error is limited to running the parser with OpenSSL compiled on Cygwin. The OpenSSL error log being blank may also be caused by Cygwin. Changing between OpenSSL 3.0.8 and 3.0.11 didn't have any affect.

I'm not sure how to proceed. Without the openssl error log, I can't trace the error into openssl's code.

Unfortunately, I cannot help here as I do not have that environment.

Ciao Stephan

[zkuperman]

Hi Stephan, I tried running the parser on a second system, also using WSL on Windows. The parser hits this same error on one system, but not the other. Same parser, same Openssl versions. I compared the verbose log output and found a few differences, but I don't know acvp_parser well enough to understand if they are relevant. I attached the sections of the log files below. These are the differences that I found:

Line 23: Failing system has different entry flags.

Failing: [parser/parser_common.c:match_entry:47]: Not matching testGroups (parsed_flags 4096, entry flags 211106232532992, result 4096)

Running: ACVPParser (07:09:36) Debug [parser/parser_common.c:match_entry:47]: Not matching testGroups (parsed_flags 4096, entry flags 0, result 4096)

Line 43-46: Failing system is matching 'l' and 'n', but the running system doesn't see those fields?

Failing: ACVPParser (08:56:46) Debug [parser/read_json.c:json_logger:46]: Processing tgID: 1 ACVPParser (08:56:46) Debug [parser/parser_common.c:match_entry:54]: Matching l (parsed_flags 4097, entry flags 4097) ACVPParser (08:56:46) Debug [parser/read_json.c:json_find_key:58]: JSON field l does not exist ACVPParser (08:56:46) Debug [parser/parser_common.c:match_entry:54]: Matching n (parsed_flags 4097, entry flags 4097) ACVPParser (08:56:46) Debug [parser/read_json.c:json_find_key:58]: JSON field n does not exist ACVPParser (08:56:46) Debug [parser/parser_common.c:match_entry:54]: Matching safePrimeGroup (parsed_flags 4097, entry flags 4097) ACVPParser (08:56:46) Debug [parser/read_json.c:json_get_string:286]: Found string data safePrimeGroup with value ffdhe2048

Running: ACVPParser (07:09:36) Debug [parser/read_json.c:json_logger:46]: Processing tgID: 1 ACVPParser (07:09:36) Debug [parser/parser_common.c:match_entry:54]: Matching safePrimeGroup (parsed_flags 4097, entry flags 4097)

Line 71: Failing system has different entry flags, then hits a fatal error from openssl.

Failing: ACVPParser (08:56:46) Debug [parser/parser_common.c:match_entry:54]: Matching callback (parsed_flags 4097, entry flags 4097) ACVPParser (08:56:46) Error [backends/backend_openssl3.c:_openssl_dsa_keygen:1830]: OpenSSL failure error:00000000:lib(0)::reason(0) ACVPParser (08:56:46) Debug [backends/backend_openssl3.c:openssl_dsa_keygen:1848]: Failure with return code -14

Running: ACVPParser (07:09:36) Debug [parser/parser_common.c:match_entry:54]: Matching callback (parsed_flags 4097, entry flags 35115652616193) ACVPParser (07:09:36) Debug [backends/backend_openssl3.c:openssl_dh_keygen:816]: X = 1a24e60133481811fcde18479538cea0fe35ffb17208c95261f160b8

safeprimes_error.log safeprimes_running.log

[smuellerDD]

Am Mittwoch, 22. November 2023, 19:38:49 CET schrieb Zalman Kuperman:

Hi Zalman,

Hi Stephan, I tried running the parser on a second system, also using WSL on Windows. The parser hits this same error on one system, but not the other. Same parser, same Openssl versions. I compared the verbose log output and found a few differences, but I don't know acvp_parser well enough to understand if they are relevant. I attached the sections of the log files below. These are the differences that I found:

Line 23: Failing system has different entry flags.

Failing: [parser/parser_common.c:match_entry:47]: Not matching testGroups (parsed_flags 4096, entry flags 211106232532992, result 4096)

Running: ACVPParser (07:09:36) Debug [parser/parser_common.c:match_entry:47]: Not matching testGroups (parsed_flags 4096, entry flags 0, result 4096)

The difference here is that the parser logic identifies that the test vectors are different and tries to find the associated test vector parser. Basically if you grep for the string "testGroups" in the parser directory, you find it multiple times defined with different flags. The parser reads the test vector file and identifies it by giving it different flags (the parsed_flags) and then tries to find the proper parser for it by comparing the parser flags (i.e. the entry flags).

The following errors imply that the chosen parser is simply wrong for the test vector.

This ultimately implies that the used test vector seems to be in a format not known to the parser.

Line 43-46: Failing system is matching 'l' and 'n', but the running

system doesn't see those fields? Failing: ACVPParser (08:56:46) Debug [parser/read_json.c:json_logger:46]: Processing tgID: 1 ACVPParser (08:56:46) Debug [parser/parser_common.c:match_entry:54]: Matching l (parsed_flags 4097, entry flags 4097) ACVPParser (08:56:46) Debug [parser/read_json.c:json_find_key:58]: JSON field l does not exist ACVPParser (08:56:46) Debug [parser/parser_common.c:match_entry:54]: Matching n (parsed_flags 4097, entry flags 4097) ACVPParser (08:56:46) Debug [parser/read_json.c:json_find_key:58]: JSON field n does not exist ACVPParser (08:56:46) Debug [parser/parser_common.c:match_entry:54]: Matching safePrimeGroup (parsed_flags 4097, entry flags 4097) ACVPParser (08:56:46) Debug [parser/read_json.c:json_get_string:286]: Found string data safePrimeGroup with value ffdhe2048

Running: ACVPParser (07:09:36) Debug [parser/read_json.c:json_logger:46]: Processing tgID: 1 ACVPParser (07:09:36) Debug [parser/parser_common.c:match_entry:54]: Matching safePrimeGroup (parsed_flags 4097, entry flags 4097)

Line 71: Failing system has different entry flags, then hits a fatal

error from openssl. Failing: ACVPParser (08:56:46) Debug [parser/parser_common.c:match_entry:54]: Matching callback (parsed_flags 4097, entry flags 4097) ACVPParser (08:56:46) Error [backends/backend_openssl3.c:_openssl_dsa_keygen:1830]: OpenSSL failure error:00000000:lib(0)::reason(0) ACVPParser (08:56:46) Debug [backends/backend_openssl3.c:openssl_dsa_keygen:1848]: Failure with return code -14

Running: ACVPParser (07:09:36) Debug [parser/parser_common.c:match_entry:54]: Matching callback (parsed_flags 4097, entry flags 35115652616193) ACVPParser (07:09:36) Debug [backends/backend_openssl3.c:openssl_dh_keygen:816]: X = 1a24e60133481811fcde18479538cea0fe35ffb17208c95261f160b8

safeprimes_error.log safeprimes_running.log

Ciao Stephan