Le dimanche 16 novembre 2014 à 14:43 +0100, William Bonnet a écrit :
> Hi,
> I would like to submit a patch to openssl in order to fix this issue. This
> patch is fixing a missing error code in the EVP_DecryptFinal_ex function 
> which cause the failure of the NodeJS unit test.
> During the latest Debian Bug Squashing Party i was working on NodeJS
> packaging with Jean Baptiste Favre and trying to fix some issues. We noticed 
> a unit test failure (on NodeJS side) because of an unexpected openssl return 
> value.
> Unit test is simple/test-crypto-stream, and is based on aes-128-cbc
> encryption and decryption with two different keys. This test should fail
> with the error code :
> [TypeError: error:06065064:digital envelope
> routines:EVP_DecryptFinal_ex:bad decrypt]
> But the latest stable version of openssl returns
> [TypeError: error:00000000:lib(0):func(0):reason(0)]
> This seems to come from some modification made in the
> EVP_DecryptFinal_ex function in the last version bump. When returning 
> padding_good, 
> the EVPerr is not called before returning zero, leading to an undefined error 
> code.
> Here attached is a patch fixing this.
> I hope this will help, don't hesitate to ask me for more information. 
> Please, as it is my first submission let me know if some is wrong in the way 
> to do it

I'm pretty amazed the problem comes from openssl.

Did you check upstream openssl ? maybe it's a known bug,
so the "Origin" field could link to it, ideally.

If it is double-checked with upstream, then this bug report
should be reassigned to openssl package.


Pkg-javascript-devel mailing list

Reply via email to