santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 49148] New: OpenSSL:SymmetricKey::decryptFinish - Out of range padding value in final block
Date Sun, 18 Apr 2010 10:09:59 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=49148

           Summary: OpenSSL:SymmetricKey::decryptFinish - Out of range
                    padding value in final block
           Product: Security
           Version: C++ 1.5.1
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: Encryption
        AssignedTo: security-dev@xml.apache.org
        ReportedBy: jeremy.coulon@free.fr


Created an attachment (id=25322)
 --> (https://issues.apache.org/bugzilla/attachment.cgi?id=25322)
Patch

Hello,

I started using XML Security (C++) in my own project a few days ago.
I am using the svn latest version.

I created a simple command line tool based on simpleEncrypt and simpleDecrypt
examples.
My goal is to create a small utility for encrypting/decrypting xml files with
AES256_CBC (randomly generated key) and RSA_15 Public/Private keys (loaded from
PEM files).

I ran into an error when I tried decrypting my previously encrypted xml file :
An error occurred during an encryption operation
Message: OpenSSL:SymmetricKey::decryptFinish - Out of range padding value in
final block

I used valgrind to track down the problem and it seems to be related to the use
of uninitilised value during both encrypting and decrypting.

A patch is available in attachment that fixes my problem.
The main problem is in XSECSafeBuffer.cpp
The 2 other files modification are just small memory leaks.

Please let me know if something is wrong with my patch.

Thanks.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

Mime
View raw message