crypto: avoid infinite loops in prime generation#37212
Merged
Trott merged 0 commit intonodejs:masterfrom Feb 9, 2021
Merged
Conversation
tniessen
added
crypto
tniessen
force-pushed
the
crypto-prime-avoid-infinite-loops
branch
from
73aa358 to
cd94327
Compare
Member
|
Just write a program that takes another program as input and returns whether or not that program with the given parameter contains an infinite loop. That sounds like a reasonable and easy task :D |
Member
Author
|
Thank you @benjamingr!
Oh, absolutely, just give me a couple of hours to disprove Turing! :P |
This comment has been minimized.
This comment has been minimized.
tniessen
force-pushed
the
crypto-prime-avoid-infinite-loops
branch
from
a188e82 to
d35d516
Compare
Collaborator
tniessen
added
the
author ready
Collaborator
Trott
approved these changes
Feb 6, 2021
Collaborator
Collaborator
Member
|
Landed in fdd7a87...6e804a9 |
Trott
pushed a commit
to tniessen/node
that referenced
this pull request
Feb 9, 2021
PR-URL: nodejs#37212 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
Trott
force-pushed
the
crypto-prime-avoid-infinite-loops
branch
from
d35d516 to
6e804a9
Compare
danielleadams
pushed a commit
that referenced
this pull request
Feb 16, 2021
PR-URL: #37212 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
danielleadams
pushed a commit
that referenced
this pull request
Feb 16, 2021
PR-URL: #37212 Reviewed-By: Benjamin Gruenbaum <benjamingr@gmail.com> Reviewed-By: James M Snell <jasnell@gmail.com> Reviewed-By: Rich Trott <rtrott@gmail.com>
tniessen
removed
the
author ready
This was referenced Jan 13, 2023
Open
This was referenced Apr 18, 2023
This was referenced Apr 19, 2023
This was referenced Apr 19, 2023
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
It's difficult to find precise conditions that would prevent infinite loops here and that can be checked without a significant performance impact.
Passing parameters that cause an infinite loop within OpenSSL will permanently block the application thread when in sync mode, or permanently disable one thread in the libuv thread pool when in async mode. Especially the latter behavior is hard to debug, and throwing reasonable errors makes that much easier.
These conditions prevent cases that will, with high probability, result in infinite loops within OpenSSL. In cases where OpenSSL does not get stuck in an infinite loop, the parameters that match these conditions would not result in randomly generated primes.
This is a fast best-effort approach that doesn't require additional
BIGNUMallocations.These conditions do not prevent all infinite loops.