Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

flaky TestRSASignZero (using OpenSSL) #1892

Closed
marten-seemann opened this issue Nov 16, 2022 · 7 comments · Fixed by #1953
Closed

flaky TestRSASignZero (using OpenSSL) #1892

marten-seemann opened this issue Nov 16, 2022 · 7 comments · Fixed by #1953
Labels
kind/bug A bug in existing code (including security flaws)

Comments

@marten-seemann
Copy link
Contributor

=== RUN   TestRSASignZero
    rsa_test.go:74: failed to generate RSA key
--- FAIL: TestRSASignZero (1.38s)
@marten-seemann marten-seemann added the kind/bug A bug in existing code (including security flaws) label Nov 16, 2022
@marten-seemann
Copy link
Contributor Author

@marten-seemann
Copy link
Contributor Author

I have no idea why this occurs, and I don't really know how to debug this further, as the problem happens inside OpenSSL, not in our code.

We should add this to our list of reasons to deprecate OpenSSL in favor of BoringCrypto.

@marten-seemann
Copy link
Contributor Author

@MarcoPolo pointed out that there's ERR_get_error, which returns an error code. Not sure how to do that in a race-free way without locking a global mutex, but at least that allows further debugging.

@marten-seemann
Copy link
Contributor Author

Partial progress. Here's the error code:

=== RUN   TestKeys
    key_test.go:283: failed to generate RSA key: 33554536

Just no idea what it means. Google is not very helpful on this one.

@marten-seemann
Copy link
Contributor Author

rsa routines is the human readable error code, obtained with ERR_lib_error_string. Not very helpful.

See libp2p/go-openssl@master...libp2p:go-openssl:debug-generate-rsa for the code.

@marten-seemann
Copy link
Contributor Author

@Jorropo Do you by any chance have an idea what's going on here?

@marten-seemann
Copy link
Contributor Author

I tried to reproduce this both in a VM and on a Ubuntu server, but it works. Seems to be related to GitHub Actions CI setup.

I've disabled the go-crypto workflow for now: https://github.com/libp2p/go-libp2p/actions/workflows/go-crypto.yml

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
kind/bug A bug in existing code (including security flaws)
Projects
None yet
Development

Successfully merging a pull request may close this issue.

1 participant