[PATCH] Provide a gnutls_x509_crt_verify_hash

Simon Josefsson simon at josefsson.org
Tue Apr 21 15:08:03 CEST 2009 

Nikos Mavrogiannopoulos <nmav at gnutls.org> writes:

> Cedric BAIL wrote:
>
>> Hum, I don't have a simple test case, but I already did commit some
>> code in eet that use it, look around line 554 at :
>> http://trac.enlightenment.org/e/browser/trunk/eet/src/lib/eet_cipher.c
>
> I've added a simple test case at:
> http://git.savannah.gnu.org/cgit/gnutls.git/tree/tests/x509sign-verify.c

Thanks, I made some minor cleanups.  Still, there seems to be memory
leaks in the new API?  See valgrind output below.

My ~/.valgrindrc contains:

--memcheck:leak-check=full
--memcheck:leak-resolution=high
--memcheck:show-reachable=yes
--memcheck:num-callers=50
--suppressions=/home/jas/src/gnutls/tests/libgcrypt.supp

The last line is useful to suppress the various libgcrypt internal
memory leaks.  The libgcrypt.supp file is in gnutls git.

/Simon

==32734== 4 bytes in 1 blocks are indirectly lost in loss record 1 of 9
==32734==    at 0x4023D6E: malloc (vg_replace_malloc.c:207)
==32734==    by 0x41163CF: _gcry_private_malloc (stdmem.c:108)
==32734==    by 0x411251F: do_malloc (global.c:737)
==32734==    by 0x411274C: _gcry_malloc (global.c:759)
==32734==    by 0x411277F: _gcry_xmalloc (global.c:903)
==32734==    by 0x4162257: _gcry_mpi_alloc_limb_space (mpiutil.c:91)
==32734==    by 0x4162330: _gcry_mpi_alloc (mpiutil.c:53)
==32734==    by 0x415F93E: _gcry_mpi_scan (mpicoder.c:422)
==32734==    by 0x4111208: gcry_mpi_scan (visibility.c:299)
==32734==    by 0x4063954: wrap_gcry_mpi_scan (mpi-libgcrypt.c:58)
==32734==    by 0x404E54F: _gnutls_mpi_scan (gnutls_mpi.c:132)
==32734==    by 0x404E928: _gnutls_x509_read_int (gnutls_mpi.c:317)
==32734==    by 0x407C556: _gnutls_x509_read_rsa_params (mpi.c:70)
==32734==    by 0x407C72C: get_mpis (mpi.c:242)
==32734==    by 0x4090574: _gnutls_x509_verify_algorithm (verify.c:779)
==32734==    by 0x4092BEE: gnutls_x509_crt_get_verify_algorithm (x509.c:2332)
==32734==    by 0x8048AAF: doit (x509sign-verify.c:126)
==32734==    by 0x8048C84: main (utils.c:148)
==32734== 
==32734== 
==32734== 148 (20 direct, 128 indirect) bytes in 1 blocks are definitely lost in loss record 3 of 9
==32734==    at 0x4023D6E: malloc (vg_replace_malloc.c:207)
==32734==    by 0x41163CF: _gcry_private_malloc (stdmem.c:108)
==32734==    by 0x411251F: do_malloc (global.c:737)
==32734==    by 0x411274C: _gcry_malloc (global.c:759)
==32734==    by 0x411277F: _gcry_xmalloc (global.c:903)
==32734==    by 0x4162318: _gcry_mpi_alloc (mpiutil.c:52)
==32734==    by 0x415F93E: _gcry_mpi_scan (mpicoder.c:422)
==32734==    by 0x4111208: gcry_mpi_scan (visibility.c:299)
==32734==    by 0x4063954: wrap_gcry_mpi_scan (mpi-libgcrypt.c:58)
==32734==    by 0x404E54F: _gnutls_mpi_scan (gnutls_mpi.c:132)
==32734==    by 0x404E928: _gnutls_x509_read_int (gnutls_mpi.c:317)
==32734==    by 0x407C533: _gnutls_x509_read_rsa_params (mpi.c:63)
==32734==    by 0x407C72C: get_mpis (mpi.c:242)
==32734==    by 0x4090574: _gnutls_x509_verify_algorithm (verify.c:779)
==32734==    by 0x4092BEE: gnutls_x509_crt_get_verify_algorithm (x509.c:2332)
==32734==    by 0x8048AAF: doit (x509sign-verify.c:126)
==32734==    by 0x8048C84: main (utils.c:148)
==32734== 
==32734== 
==32734== 24 (20 direct, 4 indirect) bytes in 1 blocks are definitely lost in loss record 4 of 9
==32734==    at 0x4023D6E: malloc (vg_replace_malloc.c:207)
==32734==    by 0x41163CF: _gcry_private_malloc (stdmem.c:108)
==32734==    by 0x411251F: do_malloc (global.c:737)
==32734==    by 0x411274C: _gcry_malloc (global.c:759)
==32734==    by 0x411277F: _gcry_xmalloc (global.c:903)
==32734==    by 0x4162318: _gcry_mpi_alloc (mpiutil.c:52)
==32734==    by 0x415F93E: _gcry_mpi_scan (mpicoder.c:422)
==32734==    by 0x4111208: gcry_mpi_scan (visibility.c:299)
==32734==    by 0x4063954: wrap_gcry_mpi_scan (mpi-libgcrypt.c:58)
==32734==    by 0x404E54F: _gnutls_mpi_scan (gnutls_mpi.c:132)
==32734==    by 0x404E928: _gnutls_x509_read_int (gnutls_mpi.c:317)
==32734==    by 0x407C556: _gnutls_x509_read_rsa_params (mpi.c:70)
==32734==    by 0x407C72C: get_mpis (mpi.c:242)
==32734==    by 0x4090574: _gnutls_x509_verify_algorithm (verify.c:779)
==32734==    by 0x4092BEE: gnutls_x509_crt_get_verify_algorithm (x509.c:2332)
==32734==    by 0x8048AAF: doit (x509sign-verify.c:126)
==32734==    by 0x8048C84: main (utils.c:148)
==32734== 
==32734== 
==32734== 128 bytes in 1 blocks are indirectly lost in loss record 5 of 9
==32734==    at 0x4023D6E: malloc (vg_replace_malloc.c:207)
==32734==    by 0x41163CF: _gcry_private_malloc (stdmem.c:108)
==32734==    by 0x411251F: do_malloc (global.c:737)
==32734==    by 0x411274C: _gcry_malloc (global.c:759)
==32734==    by 0x411277F: _gcry_xmalloc (global.c:903)
==32734==    by 0x4162257: _gcry_mpi_alloc_limb_space (mpiutil.c:91)
==32734==    by 0x4162330: _gcry_mpi_alloc (mpiutil.c:53)
==32734==    by 0x415F93E: _gcry_mpi_scan (mpicoder.c:422)
==32734==    by 0x4111208: gcry_mpi_scan (visibility.c:299)
==32734==    by 0x4063954: wrap_gcry_mpi_scan (mpi-libgcrypt.c:58)
==32734==    by 0x404E54F: _gnutls_mpi_scan (gnutls_mpi.c:132)
==32734==    by 0x404E928: _gnutls_x509_read_int (gnutls_mpi.c:317)
==32734==    by 0x407C533: _gnutls_x509_read_rsa_params (mpi.c:63)
==32734==    by 0x407C72C: get_mpis (mpi.c:242)
==32734==    by 0x4090574: _gnutls_x509_verify_algorithm (verify.c:779)
==32734==    by 0x4092BEE: gnutls_x509_crt_get_verify_algorithm (x509.c:2332)
==32734==    by 0x8048AAF: doit (x509sign-verify.c:126)
==32734==    by 0x8048C84: main (utils.c:148)

More information about the Gnutls-devel mailing list