I have a fix (https://github.com/lsh123/xmlsec/pull/215).
This was a matter of not using the same buffer for both
input and output :) :) :)
I'll merge it after it clears all the builds/tests.
Aleksey
On 8/13/18 12:12 PM, Miklos Vajna wrote:
Hi,
On Sun, Aug 12, 2018 at 02:15:01PM -0500, Aleksey Sanin <[email protected]>
wrote:
I guess there were no test vectors for OAEPparams :( I am traveling and can
look into it in about a week. Otherwise, please feel free to add a test
yourself.
Here is what I tried: take <OAEPparams> from
tests/merlin-xmlenc-five/encrypt-data-tripledes-cbc-rsa-oaep-mgf1p-sha256.xml, create a variant of
tests/01-phaos-xmlenc-3/enc-text-aes256-kt-rsa_oaep_sha1-params.tmpl with "-params" suffix
that has <OAEPparams>; but then openssl can't decrypt the encryption result:
----
$ ~/git/xmlsec/apps/xmlsec1 decrypt --crypto openssl --crypto-config
/tmp/xmlsec-crypto-config --pkcs12
/home/vmiklos/git/xmlsec/tests/01-phaos-xmlenc-3/rsa-priv-key.p12 --pwd secret
--output /tmp/testEnc.sh.20180813_211026-16455.tmp.2
/tmp/testEnc.sh.20180813_211026-16455.tmp
func=xmlSecOpenSSLEvpBlockCipherCBCCtxFinal:file=ciphers.c:line=465:obj=aes256-cbc:subj=unknown:error=12:invalid
data:invalid data: actual value 'padLen'=17, actual value 'blockLen'=16 and
expected padLen <= blockLen
func=xmlSecOpenSSLEvpBlockCipherExecute:file=ciphers.c:line=837:obj=aes256-cbc:subj=xmlSecOpenSSLEvpBlockCipherCtxFinal:error=1:xmlsec
library function failed:
func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1929:obj=aes256-cbc:subj=xmlSecTransformExecute:error=1:xmlsec
library function failed:final=1
func=xmlSecTransformDefaultPushBin:file=transforms.c:line=1954:obj=aes256-cbc:subj=xmlSecTransformPushBin:error=1:xmlsec
library function failed:final=1;outSize=144
func=xmlSecTransformCtxBinaryExecute:file=transforms.c:line=942:obj=unknown:subj=xmlSecTransformPushBin:error=1:xmlsec
library function failed:dataSize=194
func=xmlSecEncCtxDecryptToBuffer:file=xmlenc.c:line=616:obj=unknown:subj=xmlSecTransformCtxBinaryExecute:error=1:xmlsec
library function failed:
func=xmlSecEncCtxDecrypt:file=xmlenc.c:line=526:obj=unknown:subj=xmlSecEncCtxDecryptToBuffer:error=1:xmlsec
library function failed:
----
At this point I think I'm more comfortable to do anything regarding this
once I see a test that works with openssl first. :-)
I attach the patch if it's of any help.
And sure, it's not urgent at all.
Thanks,
Miklos
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
_______________________________________________
xmlsec mailing list
[email protected]
http://www.aleksey.com/mailman/listinfo/xmlsec
