Hi, I would like to submit a patch to openssl in order to fix this issue. This patch is fixing a missing error code in the EVP_DecryptFinal_ex function which cause the failure of the NodeJS unit test.
During the latest Debian Bug Squashing Party i was working on NodeJS packaging with Jean Baptiste Favre and trying to fix some issues. We noticed a unit test failure (on NodeJS side) because of an unexpected openssl return value. Unit test is simple/test-crypto-stream, and is based on aes-128-cbc encryption and decryption with two different keys. This test should fail with the error code : [TypeError: error:06065064:digital envelope routines:EVP_DecryptFinal_ex:bad decrypt] But the latest stable version of openssl returns [TypeError: error:00000000:lib(0):func(0):reason(0)] This seems to come from some modification made in the EVP_DecryptFinal_ex function in the last version bump. When returning padding_good, the EVPerr is not called before returning zero, leading to an undefined error code. Here attached is a patch fixing this. I hope this will help, don't hesitate to ask me for more information. Please, as it is my first submission let me know if some is wrong in the way to do it Kind regards, -- William http://www.wbonnet.net http://france.debian.net Association Debian France http://www.opencsw.org Community SoftWare for Solaris
diff -Nru openssl-1.0.1j/debian/changelog openssl-1.0.1j/debian/changelog --- openssl-1.0.1j/debian/changelog 2014-10-15 19:42:52.000000000 +0200 +++ openssl-1.0.1j/debian/changelog 2014-11-16 13:49:49.000000000 +0100 @@ -1,3 +1,11 @@ +openssl (1.0.1j-2) UNRELEASED; urgency=medium + + * Non-maintainer upload + - Fix for missing Bad Decrypt error code in EVP_DecryptFinal_ex when padding is not good + (Closes #768681) + + -- William Bonnet <wllmb...@gmail.com> Sun, 16 Nov 2014 13:46:13 +0100 + openssl (1.0.1j-1) unstable; urgency=high * New upstream release diff -Nru openssl-1.0.1j/debian/patches/EVP_DecryptFinal_ex_missing_EVPerr_call.patch openssl-1.0.1j/debian/patches/EVP_DecryptFinal_ex_missing_EVPerr_call.patch --- openssl-1.0.1j/debian/patches/EVP_DecryptFinal_ex_missing_EVPerr_call.patch 1970-01-01 01:00:00.000000000 +0100 +++ openssl-1.0.1j/debian/patches/EVP_DecryptFinal_ex_missing_EVPerr_call.patch 2014-11-16 13:55:32.000000000 +0100 @@ -0,0 +1,38 @@ +Description: Fix for missing Bad Decrypt error code in EVP_DecryptFinal_ex + EVP_DecryptFinal_ex function. When returning padding_good, the EVPerr is + not called before returning zero, leading to an undefined error code. + . + openssl (1.0.1j-2) UNRELEASED; urgency=medium + . + * Non-maintainer upload + - Fix for missing Bad Decrypt error code in EVP_DecryptFinal_ex when padding is not good + (Closes #768681) +Author: William Bonnet <wllmb...@gmail.com> + +--- +The information above should follow the Patch Tagging Guidelines, please +checkout http://dep.debian.net/deps/dep3/ to learn about the format. Here +are templates for supplementary fields that you might want to add: + +Origin: other +Bug-Debian: https://bugs.debian.org/768681 + +--- openssl-1.0.1j.orig/crypto/evp/evp_enc.c ++++ openssl-1.0.1j/crypto/evp/evp_enc.c +@@ -555,6 +555,16 @@ int EVP_DecryptFinal_ex(EVP_CIPHER_CTX * + out[i] = ctx->final[i] & padding_good; + /* Safe cast: for a good padding, EVP_MAX_IV_LENGTH >= b >= pad */ + *outl = padding_good & ((unsigned char)(b - pad)); ++ ++ /* ++ * If the padding_good variable is 0 then a decryption problem occured ++ * and we have to call EVPerr before returning 0 ++ */ ++ if ((padding_good & 1) == 0) ++ { ++ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT); ++ } ++ + return padding_good & 1; + } + else diff -Nru openssl-1.0.1j/debian/patches/series openssl-1.0.1j/debian/patches/series --- openssl-1.0.1j/debian/patches/series 2014-10-15 19:34:35.000000000 +0200 +++ openssl-1.0.1j/debian/patches/series 2014-11-16 13:53:21.000000000 +0100 @@ -22,3 +22,4 @@ openssl_fix_for_x32.patch ppc64el.patch +EVP_DecryptFinal_ex_missing_EVPerr_call.patch
signature.asc
Description: OpenPGP digital signature
