[erlang-patches] error in crypto application
Stefan Zegenhagen
stefan.zegenhagen@REDACTED
Thu Jun 28 11:00:32 CEST 2012
Dear all,
below is a patch that corrects a bug in the crypto application. The bug
has the effect that the SNMP application completely fails to process
SNMPv3 messages with AES encryption.
--- snip ---
From: Stefan Zegenhagen <stefan.zegenhagen@REDACTED>
Date: Thu, 28 Jun 2012 10:50:40 +0200
Subject: [PATCH] CRYPTO: aes_cfb_128_crypt can handle arbitrary text length
The OpenSSL implementation of AES_cfb128_encrypt can handle data to
en-/decrypt with arbitrary length.
The restriction that the data length needs to be a multiple of 16 bytes
is unnecessary and breaks the SNMP application (causing decryption and
encryption errors in SNMPv3 AES-encrypted packets).
---
lib/crypto/c_src/crypto.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
index 4be593e..0df4090 100644
--- a/lib/crypto/c_src/crypto.c
+++ b/lib/crypto/c_src/crypto.c
@@ -954,8 +954,7 @@ static ERL_NIF_TERM aes_cfb_128_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TE
if (!enif_inspect_iolist_as_binary(env, argv[0], &key) || key.size != 16
|| !enif_inspect_binary(env, argv[1], &ivec) || ivec.size != 16
- || !enif_inspect_iolist_as_binary(env, argv[2], &text)
- || text.size % 16 != 0) {
+ || !enif_inspect_iolist_as_binary(env, argv[2], &text) ) {
return enif_make_badarg(env);
}
--
1.7.9.5
--
Dr. Stefan Zegenhagen
arcutronix GmbH
Garbsener Landstr. 10
30419 Hannover
Germany
Tel: +49 511 277-2734
Fax: +49 511 277-2709
Email: stefan.zegenhagen@REDACTED
Web: www.arcutronix.com
*Synchronize the Ethernet*
General Managers: Dipl. Ing. Juergen Schroeder, Dr. Josef Gfrerer -
Legal Form: GmbH, Registered office: Hannover, HRB 202442, Amtsgericht
Hannover; Ust-Id: DE257551767.
Please consider the environment before printing this message.
More information about the erlang-patches
mailing list