Re: CRYPTO_secure_malloc_init() fails without error message

[Dr Paul Dale <paul.dale@xxxxxxxxxx>]

> CRYPTO_secure_malloc_init(OPENSSL_MIN_HEAP_SIZE, OPENSSL_MIN_HEAP_SIZE);

I’d strongly suggest not passing the same value in the second position.  This parameter sets the minimum block size that can be allocated in the secure heap.  The init call returns an error in this situation.  Do this instead: CRYPTO_secure_malloc_init(OPENSSL_MIN_HEAP_SIZE, 16);

Pauli

-- 
Dr Paul Dale | Distinguished Architect | Cryptographic Foundations 
Phone +61 7 3031 7217
Oracle Australia

On 21 Feb 2020, at 8:33 pm, Clay Shields <clay@xxxxxxxxxxxxxxxxx> wrote:

Unfortunately that didn’t seem to be it. Updating my code to verify that I am root and running it:

Output:

The effective user id is  0
The real user id is  0
failed to init openssl secure heap the error may be (null)

Code:

#include <openssl/crypto.h>
#include <openssl/conf.h>
#include <openssl/evp.h>
#include <openssl/err.h>
#include <openssl/ssl.h>
#include <sys/types.h>
#include <unistd.h>
#include <stdio.h>

#define OPENSSL_MIN_HEAP_SIZE 65536


int main(){

 SSL_load_error_strings();
 SSL_library_init ();
 OpenSSL_add_all_algorithms ();

 uid_t uid, euid;
 uid = getuid();
 euid = geteuid();
 printf("The effective user id is  %d\n", (int) geteuid());
 printf("The real user id is  %d\n", (int) getuid());

 // Initialize the OPENSSL secure heap space for key storage
 int ret = CRYPTO_secure_malloc_init(OPENSSL_MIN_HEAP_SIZE, OPENSSL_MIN_HEAP_SIZE);

 if (ret == 0){
   printf("failed to init openssl secure heap the error may be %s\n", ERR_reason_error_string(ERR_get_error()));
 }

}

On Feb 20, 2020, at 6:31 PM, Salz, Rich <rsalz@xxxxxxxxxx> wrote:

Are you running as root?  If not, that's likely to be the problem.