Dear all,
I would like to submit a patch to the current sources of openssl. This
patch is fixing a missing error code in the EVP_DecryptFinal_ex function.
During the latest Debian Bug Squashing Party i was working on NodeJS
packaging and trying to fix an issue. I noticed a unit test failure (on
NodeJS side) because of an unexpected openssl return value.
Unit test is simple/test-crypto-stream, and is based on aes-128-cbc
encryption and decryption with two different keys. This test should fail
with the error code :
[TypeError: error:06065064:digital envelope
routines:EVP_DecryptFinal_ex:bad decrypt]
But the latest stable version returns
[TypeError: error:00000000:lib(0):func(0):reason(0)]
This seems to come from some modification made in the
EVP_DecryptFinal_ex function. When returning padding_good, the EVPerr is
not called before returning zero, leading to an undefined error code.
Here attached is a patch fixing this.
I hope this will help, don't hesitate to ask me for more information
Kind regards,
-- William http://www.wbonnet.net http://france.debian.net Association
Debian France http://www.opencsw.org Community SoftWare for Solaris
diff -ur openssl.orig/crypto/evp/evp_enc.c openssl.git/crypto/evp/evp_enc.c
--- openssl.orig/crypto/evp/evp_enc.c 2014-11-16 13:09:34.408545924 +0100
+++ openssl.git/crypto/evp/evp_enc.c 2014-11-16 13:08:21.055224344 +0100
@@ -546,6 +546,16 @@
out[i] = ctx->final[i] & padding_good;
/* Safe cast: for a good padding, EVP_MAX_IV_LENGTH >= b >= pad */
*outl = padding_good & ((unsigned char)(b - pad));
+
+ /*
+ * If the padding_good variable is 0 then a decryption problem occured
+ * and we have to call EVPerr before returning 0
+ */
+ if ((padding_good & 1) == 0)
+ {
+ EVPerr(EVP_F_EVP_DECRYPTFINAL_EX, EVP_R_BAD_DECRYPT);
+ }
+
return padding_good & 1;
}
else
