[jira] [Commented] (SANTUARIO-384) OpenSSLCryptoKeyEC::signBase64SignatureDSA fails most of time

["Scott Cantor (JIRA)" <ji...@apache.org>]

    [ https://issues.apache.org/jira/browse/SANTUARIO-384?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=14296322#comment-14296322 ] 

Scott Cantor commented on SANTUARIO-384:
----------------------------------------

http://svn.apache.org/r1655515

I concur with the fix, which should also affect the DSA case. I believe my interop test cases must have been byte aligned to avoid tripping this, but since the buffer is never processed beyond the length actually written to it, it shouldn't matter at all whether any extra space is allocated, so adding one byte couldn't possibly break anything, and it would fix a non-byte-aligned size for R and S.

I'll re-run the test vectors before closing.

> OpenSSLCryptoKeyEC::signBase64SignatureDSA fails most of time
> -------------------------------------------------------------
>
>                 Key: SANTUARIO-384
>                 URL: https://issues.apache.org/jira/browse/SANTUARIO-384
>             Project: Santuario
>          Issue Type: Bug
>          Components: C++
>    Affects Versions: C++ 1.7.2
>            Reporter: stack
>            Assignee: Scott Cantor
>             Fix For: C++ 1.7.3
>
>
> I debugged into it. Find when this function(OpenSSLCryptoKeyEC::signBase64SignatureDSA) done, it will free the allocated memory. Then it fails, stop there and do nothing.
> I also find this code at 241 line of OpenSSLCryptoKeyEC.cpp file.
> unsigned char* rawSigBuf = new unsigned char[(BN_num_bits(dsa_sig->r) + BN_num_bits(dsa_sig->s)) / 8];
> And as the information printed out, the alloc size is smaller than the real use size.
> So I change it to "ceil" the integer by unsigned char* rawSigBuf = new unsigned char[(BN_num_bits(dsa_sig->r) + BN_num_bits(dsa_sig->s) + 7) / 8];
> Then it works fine. If it is really a bug, please fix it.



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)