[erlang-patches] error in crypto application

Sverker Eriksson sverker.eriksson@REDACTED
Thu Jun 28 16:20:21 CEST 2012


Thank you for the contribution.

Would be nice with corresponding changes to documentation and tests though.

lib/crypto/doc/src/crypto.xml
lib/crypto/test/crypto_SUITE.erl

/Sverker

Stefan Zegenhagen wrote:
> Dear all,
>
> below is a patch that corrects a bug in the crypto application. The bug
> has the effect that the SNMP application completely fails to process
> SNMPv3 messages with AES encryption.
>
>
> --- snip ---
>
> From: Stefan Zegenhagen <stefan.zegenhagen@REDACTED>
> Date: Thu, 28 Jun 2012 10:50:40 +0200
> Subject: [PATCH] CRYPTO: aes_cfb_128_crypt can handle arbitrary text length
>
> The OpenSSL implementation of AES_cfb128_encrypt can handle data to
> en-/decrypt with arbitrary length.
>
> The restriction that the data length needs to be a multiple of 16 bytes
> is unnecessary and breaks the SNMP application (causing decryption and
> encryption errors in SNMPv3 AES-encrypted packets).
> ---
>  lib/crypto/c_src/crypto.c |    3 +--
>  1 file changed, 1 insertion(+), 2 deletions(-)
>
> diff --git a/lib/crypto/c_src/crypto.c b/lib/crypto/c_src/crypto.c
> index 4be593e..0df4090 100644
> --- a/lib/crypto/c_src/crypto.c
> +++ b/lib/crypto/c_src/crypto.c
> @@ -954,8 +954,7 @@ static ERL_NIF_TERM aes_cfb_128_crypt(ErlNifEnv* env, int argc, const ERL_NIF_TE
>
>      if (!enif_inspect_iolist_as_binary(env, argv[0], &key) || key.size != 16
>     || !enif_inspect_binary(env, argv[1], &ivec) || ivec.size != 16
> -   || !enif_inspect_iolist_as_binary(env, argv[2], &text)
> -   || text.size % 16 != 0) {
> +   || !enif_inspect_iolist_as_binary(env, argv[2], &text) ) {
>     return enif_make_badarg(env);
>      }
>
>   




More information about the erlang-patches mailing list