Re: EVP_CIPHER_CTX_copy() segv with XTS
Hi Peter, Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX On Mon, Jun 30, 2014 at 9:42 AM, Peter Waltenberg pwal...@au1.ibm.com wrote: This appears to be the same 'pattern' error as GCM. For XTS ctx- cipher_data contains pointers and the contents are aren't being fully duplicated by the copy. Peter __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: EVP_CIPHER_CTX_copy() segv with XTS
Test code suggests it segv's.
XTS128_CONTEXT contains a couple of pointers to expanded AES keys, the expanded keys and the pointers inside the XTS128_CONTEXT are copied, but if the original context has gone away by the time the copy is used the pointers are to disposed of data. Game over.
Something like this is probably the fix.
static int aes_xts_ctrl(EVP_CIPHER_CTX *c, int type, int arg, void *ptr)
{
EVP_AES_XTS_CTX *xctx = c-cipher_data;
switch(type) {
case EVP_CTRL_INIT:
/* key1 and key2 are used as an indicator both key and IV are set */
xctx-xts.key1 = NULL;
xctx-xts.key2 = NULL;
return 1;
default:
return -1;
case EVP_CTRL_COPY:
{
EVP_CIPHER_CTX *out = ptr;
EVP_AES_XTS_CTX *xctx_out = out-cipher_data;
xctx_out-xts.key1 = (xctx_out-ks1);
xctx_out-xts.key2 = (xctx_out-ks2);
}
return 1;
}
}
...#define XTS_FLAGS(EVP_CIPH_FLAG_DEFAULT_ASN1 | EVP_CIPH_CUSTOM_IV \
| EVP_CIPH_ALWAYS_CALL_INIT | EVP_CIPH_CTRL_INIT \
| EVP_CIPH_CUSTOM_COPY)
Pete
-owner-openssl-...@openssl.org wrote: -
To: openssl-dev@openssl.orgFrom: Huzaifa Sidhpurwala <sidhpurwala.huza...@gmail.com>
Sent by: owner-openssl-...@openssl.orgDate: 06/30/2014 07:19PM
Subject: Re: EVP_CIPHER_CTX_copy() segv with XTS
Hi Peter,Are you facing any issues similar to
http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272
? or are just commenting on the previous GCM fix?
A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX
On Mon, Jun 30, 2014 at 9:42 AM, Peter Waltenberg
pwal...@au1.ibm.com
wrote:
This appears to be the same 'pattern' error as GCM. For XTS ctx-
cipher_data contains pointers and the contents are aren't being fully
duplicated by the copy.Peter__
OpenSSL Project
http://www.openssl.orgDevelopment Mailing List
openssl-dev@openssl.orgAutomated List Manager
majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
Re: EVP_CIPHER_CTX_copy() segv with XTS
On Mon, Jun 30, 2014, Huzaifa Sidhpurwala wrote: Hi Peter, Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX GCM, CCM and XTS have similar problems in fact the GCM patch doesn't address these. Looking into a more complete fix now. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: EVP_CIPHER_CTX_copy() segv with XTS
On Mon, Jun 30, 2014, Dr. Stephen Henson wrote: On Mon, Jun 30, 2014, Huzaifa Sidhpurwala wrote: Hi Peter, Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX GCM, CCM and XTS have similar problems in fact the GCM patch doesn't address these. Looking into a more complete fix now. Should be fixed now. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: EVP_CIPHER_CTX_copy() segv with XTS
On Mon, Jun 30, 2014 at 5:01 PM, Dr. Stephen Henson st...@openssl.org wrote: On Mon, Jun 30, 2014, Huzaifa Sidhpurwala wrote: Hi Peter, Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX GCM, CCM and XTS have similar problems in fact the GCM patch doesn't address these. Looking into a more complete fix now. Exactly, i was thinking of working on a patch to address this, should be done soon i suppose :) Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
Re: EVP_CIPHER_CTX_copy() segv with XTS
On Mon, Jun 30, 2014, Huzaifa Sidhpurwala wrote: On Mon, Jun 30, 2014 at 5:01 PM, Dr. Stephen Henson st...@openssl.org wrote: On Mon, Jun 30, 2014, Huzaifa Sidhpurwala wrote: Hi Peter, Are you facing any issues similar to http://rt.openssl.org/Ticket/Display.html?user=guestpass=guestid=3272 ? or are just commenting on the previous GCM fix? A quick look at the EVP_AES_XTS_CTX suggests that the only pointer in there is (*stream) which points to the function which is responsible for doing encryption/decryption and should be safe to copy to the new CTX GCM, CCM and XTS have similar problems in fact the GCM patch doesn't address these. Looking into a more complete fix now. Exactly, i was thinking of working on a patch to address this, should be done soon i suppose :) Already done. Let me know of any problems. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
EVP_CIPHER_CTX_copy() segv with XTS
This appears to be the same 'pattern' error as GCM. For XTS ctx- cipher_data contains pointers and the contents are aren't being fully duplicated by the copy. Peter __ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
