[erlang-patches] error in crypto application
Sverker Eriksson
sverker.eriksson@REDACTED
Thu Jun 28 16:20:21 CEST 2012
Thank you for the contribution.
Would be nice with corresponding changes to documentation and tests though.
lib/crypto/doc/src/crypto.xml
lib/crypto/test/crypto_SUITE.erl
/Sverker
Stefan Zegenhagen wrote:
> Dear all,
>
> below is a patch that corrects a bug in the crypto application. The bug
> has the effect that the SNMP application completely fails to process
> SNMPv3 messages with AES encryption.
>
>
> --- snip ---
>
> From: Stefan Zegenhagen <stefan.zegenhagen@REDACTED>
> Date: Thu, 28 Jun 2012 10:50:40 +0200
> Subject: [PATCH] CRYPTO: aes_cfb_128_crypt can handle arbitrary text length
>
> The OpenSSL implementation of AES_cfb128_encrypt can handle data to
> en-/decrypt with arbitrary length.
>
> The restriction that the data length needs to be a multiple of 16 bytes
> is unnecessary and breaks the SNMP application (causing decryption and
> encryption errors in SNMPv3 AES-encrypted packets).
> ---
> lib/crypto/c_src/crypto.c | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
> index 4be593e..0df4090 100644
> --- a/lib/crypto/c_src/crypto.c
> +++ b/lib/crypto/c_src/crypto.c
> @@ -954,8 +954,7 @@ static ERL_NIF_TERM aes_cfb_128_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TE
>
> if (!enif_inspect_iolist_as_binary(env, argv[0], &key) || key.size != 16
> || !enif_inspect_binary(env, argv[1], &ivec) || ivec.size != 16
> - || !enif_inspect_iolist_as_binary(env, argv[2], &text)
> - || text.size % 16 != 0) {
> + || !enif_inspect_iolist_as_binary(env, argv[2], &text) ) {
> return enif_make_badarg(env);
> }
>
>
More information about the erlang-patches
mailing list