You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by bu...@apache.org on 2010/04/18 12:09:59 UTC
DO NOT REPLY [Bug 49148] New: OpenSSL:SymmetricKey::decryptFinish -
Out of range padding value in final block
https://issues.apache.org/bugzilla/show_bug.cgi?id=49148
Summary: OpenSSL:SymmetricKey::decryptFinish - Out of range
padding value in final block
Product: Security
Version: C++ 1.5.1
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Encryption
AssignedTo: security-dev@xml.apache.org
ReportedBy: jeremy.coulon@free.fr
Created an attachment (id=25322)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=25322)
Patch
Hello,
I started using XML Security (C++) in my own project a few days ago.
I am using the svn latest version.
I created a simple command line tool based on simpleEncrypt and simpleDecrypt
examples.
My goal is to create a small utility for encrypting/decrypting xml files with
AES256_CBC (randomly generated key) and RSA_15 Public/Private keys (loaded from
PEM files).
I ran into an error when I tried decrypting my previously encrypted xml file :
An error occurred during an encryption operation
Message: OpenSSL:SymmetricKey::decryptFinish - Out of range padding value in
final block
I used valgrind to track down the problem and it seems to be related to the use
of uninitilised value during both encrypting and decrypting.
A patch is available in attachment that fixes my problem.
The main problem is in XSECSafeBuffer.cpp
The 2 other files modification are just small memory leaks.
Please let me know if something is wrong with my patch.
Thanks.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
DO NOT REPLY [Bug 49148] OpenSSL:SymmetricKey::decryptFinish - Out
of range padding value in final block
Posted by bu...@apache.org.
https://issues.apache.org/bugzilla/show_bug.cgi?id=49148
Scott Cantor <ca...@osu.edu> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |FIXED
--- Comment #1 from Scott Cantor <ca...@osu.edu> 2010-04-19 10:36:59 EDT ---
http://svn.apache.org/viewvc?view=revision&revision=935593
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.