You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@santuario.apache.org by Jérémy Coulon <je...@free.fr> on 2010/04/17 18:27:01 UTC
[Encryption] Unexpected behaviour due to uninitialised values
Hello,
I started using XML Security (C++) in my own project a few days ago.
I created a simple command line tool based on simpleEncrypt and
simpleDecrypt examples.
My goal is to create a small utility for encrypting/decrypting xml files
with AES256_CBC (randomly generated key) and RSA_15 Public/Private keys
(loaded from PEM files).
I ran into an error when I tried decrypting my previously encrypted xml
file :
An error occurred during an encryption
operation
Message: OpenSSL:SymmetricKey::decryptFinish - Out of range padding
value in final block
I used valgrind to track down the problem and it seems to be related to
the use of uninitilised value during both encrypting and decrypting.
A patch is available in attachment.
The main problem is in XSECSafeBuffer.cpp
The 2 other files modification are just small memory leaks.
Please let me know if something is wrong with my patch.
Thanks.
Jérémy
Re: [Encryption] Unexpected behaviour due to uninitialised values
Posted by Jérémy Coulon <je...@free.fr>.
OK.
I created bug 49148.
Jeremy
Scott Cantor a écrit :
>> Please let me know if something is wrong with my patch.
>>
>
> Bugs need to be reported to http://issues.apache.org/bugzilla
>
> It's also necessary that you're running the latest version and if you can
> verify that the bug fix actually works, that's extremely helpful.
>
> -- Scott
>
>
>
>
>
>
RE: [Encryption] Unexpected behaviour due to uninitialised values
Posted by Scott Cantor <ca...@osu.edu>.
> Please let me know if something is wrong with my patch.
Bugs need to be reported to http://issues.apache.org/bugzilla
It's also necessary that you're running the latest version and if you can
verify that the bug fix actually works, that's extremely helpful.
-- Scott