crypto: avoid infinite loops in prime generation #37212
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode characters
tniessen added crypto tniessen force-pushed the crypto-prime-avoid-infinite-loops branch from 73aa358 to cd94327 Compare 
Member
| Just write a program that takes another program as input and returns whether or not that program with the given parameter contains an infinite loop. That sounds like a reasonable and easy task :D |
Member Author
| Thank you @benjamingr!
Oh, absolutely, just give me a couple of hours to disprove Turing! :P |
This comment has been minimized.
This comment has been minimized.
tniessen force-pushed the crypto-prime-avoid-infinite-loops branch from a188e82 to d35d516 Compare Collaborator
tniessen added the author ready Collaborator
Trott approved these changes Feb 6, 2021
Collaborator
Collaborator
Member
| Landed in fdd7a87...6e804a9 |
Trott pushed a commit to tniessen/node that referenced this pull request Feb 9, 2021
PR-URL: nodejs#37212 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
Trott force-pushed the crypto-prime-avoid-infinite-loops branch from d35d516 to 6e804a9 Compare danielleadams pushed a commit that referenced this pull request Feb 16, 2021
PR-URL: #37212 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
danielleadams pushed a commit that referenced this pull request Feb 16, 2021
PR-URL: #37212 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
tniessen removed the author ready 
This was referenced Jan 13, 2023
Open
This was referenced Apr 18, 2023
This was referenced Apr 19, 2023
This was referenced Apr 19, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit. This suggestion is invalid because no changes were made to the code. Suggestions cannot be applied while the pull request is closed. Suggestions cannot be applied while viewing a subset of changes. Only one suggestion per line can be applied in a batch. Add this suggestion to a batch that can be applied as a single commit. Applying suggestions on deleted lines is not supported. You must change the existing code in this line in order to create a valid suggestion. Outdated suggestions cannot be applied. This suggestion has been applied or marked resolved. Suggestions cannot be applied from pending reviews. Suggestions cannot be applied on multi-line comments. Suggestions cannot be applied while the pull request is queued to merge. Suggestion cannot be applied right now. Please check back later.
It's difficult to find precise conditions that would prevent infinite loops here and that can be checked without a significant performance impact.
Passing parameters that cause an infinite loop within OpenSSL will permanently block the application thread when in sync mode, or permanently disable one thread in the libuv thread pool when in async mode. Especially the latter behavior is hard to debug, and throwing reasonable errors makes that much easier.
These conditions prevent cases that will, with high probability, result in infinite loops within OpenSSL. In cases where OpenSSL does not get stuck in an infinite loop, the parameters that match these conditions would not result in randomly generated primes.
This is a fast best-effort approach that doesn't require additional
BIGNUMallocations.These conditions do not prevent all infinite loops.