search

thoughtpolice / salt

Fast cryptographic networking for Haskell
http://thoughtpolice.github.com/salt
MIT License
24 stars 1 forks source link

Segfault on signature verification #14

Closed andres-erbsen closed 12 years ago

andres-erbsen commented 12 years ago

Trying to verify a a invalid signed message that is shorter than it should be results in segfault.

S.verify (fst keys) (B.pack "a") -- > segfault

Full log:

[andres@andres salt]$ ghci
GHCi, version 7.4.1: http://www.haskell.org/ghc/  :? for help
Loading package ghc-prim ... linking ... done.
Loading package integer-gmp ... linking ... done.
Loading package base ... linking ... done.
Prelude> import qualified Data.ByteString.Char8 as B
Prelude B> import qualified Crypto.NaCl.Sign as S
Prelude B S> keys <- S.createKeypair
Loading package bytestring-0.9.2.1 ... linking ... done.
Loading package tagged-0.4.1 ... linking ... done.
Loading package salt-0.0 ... linking ... done.
Prelude B S> S.sign (snd keys) (B.pack "chicken")
"\144\&6>\157q\234\SO\172\218=`\194cu\131\141\233\242e`\225\&5\152\&5\DC2\184e\225\233h;9chicken\254\191\233f2\193?\185z,\143\221\137\135\SYN\ft.\239\128V.\158\181\183\DEL6\190\ni\177\f"
Prelude B S> S.verify (fst keys) (B.pack "\144\&6>\157q\234\SO\172\218=`\194cu\131\141\233\242e`\225\&5\152\&5\DC2\184e\225\233h;9chicken\254\191\233f2\193?\185z,\143\221\137\135\SYN\ft.\239\128V.\158\181\183\DEL6\190\ni\177\f")
Just "chicken"
Prelude B S> S.verify (fst keys) (B.pack "\144\&6>\157q\234\SO\172\218=`\194cu\131\141\233\242e`\225\&5\152\&5\DC2\184e\225\233h;9chicken\254\191\233f2\193?\185z,\143\221\137\135\SYN\ft.\239\128V.\158\181\183\DEL6\190\ni\177\fa")
Nothing
Prelude B S> S.verify (fst keys) (B.pack "\144\&6>\157q\234\SO\172\218=`\194cu\131\141\233\242e`\225\&5\152\&5\DC2\184e\225\233h;9chicken\254\191\233f2\193?\185z,\143\221\137\135\SYN\ft.\239\128V.\158\181\183\DEL6\190\ni\177")
Nothing
Prelude B S> S.verify (fst keys) (B.pack "\144\&6>\157q\234\SO\172\218=`\194cu\131\141\233\242e`\225\&5\152\&5\DC2\184e\225\233h;9chicken\254\191\233f2\193?\185z,\143\221\137\135\SYN\ft.\239\128V")
Segmentation fault
thoughtpolice commented 12 years ago

This happens regardless of whether I'm using Ed25519 or not. I'm still investigating.

thoughtpolice commented 12 years ago

Something interesting is that while in 2b27a0f7b15ac6a33adbf8981a657f80ca76c815 I added a test that caused failure on my machine, the travis-ci.org build slaves correctly function and run all the tests(see build #12.) The main difference I can see is that the build slaves are x86 and we're using 64 bit machines.

Nothing conclusive yet, but noting it.