Hello,
I started using XML Security (C++) in my own project a few days ago.
I created a simple command line tool based on simpleEncrypt and
simpleDecrypt examples.
My goal is to create a small utility for encrypting/decrypting xml files
with AES256_CBC (randomly generated key) and RSA_15 Public/Private keys
(loaded from PEM files).
I ran into an error when I tried decrypting my previously encrypted xml
file :
An error occurred during an encryption
operation
Message: OpenSSL:SymmetricKey::decryptFinish - Out of range padding
value in final block
I used valgrind to track down the problem and it seems to be related to
the use of uninitilised value during both encrypting and decrypting.
A patch is available in attachment.
The main problem is in XSECSafeBuffer.cpp
The 2 other files modification are just small memory leaks.
Please let me know if something is wrong with my patch.
Thanks.
Jérémy
Index: c/src/utils/XSECSafeBuffer.cpp
===================================================================
--- c/src/utils/XSECSafeBuffer.cpp (révision 935194)
+++ c/src/utils/XSECSafeBuffer.cpp (copie de travail)
@@ -61,6 +61,7 @@
xsecsize_t newBufferSize = size * 2;
unsigned char * newBuffer = new unsigned char[newBufferSize];
+ memset((void *) newBuffer, 0, newBufferSize);
memcpy(newBuffer, buffer, bufferSize);
// If we are sensitive, clean the old buffer
@@ -103,6 +104,7 @@
bufferSize = initialSize;
buffer = new unsigned char[initialSize];
+ memset((void *) buffer, 0, bufferSize);
mp_XMLCh = NULL;
m_isSensitive = false;
@@ -112,6 +114,7 @@
bufferSize = DEFAULT_SAFE_BUFFER_SIZE;
buffer = new unsigned char[bufferSize];
+ memset((void *) buffer, 0, bufferSize);
mp_XMLCh = NULL;
m_bufferType = BUFFER_UNKNOWN;
m_isSensitive = false;
@@ -123,6 +126,7 @@
bufferSize = ((xsecsize_t) strlen(inStr) > initialSize ? (xsecsize_t) (strlen(inStr) * 2) : initialSize);
buffer = new unsigned char[bufferSize];
+ memset((void *) buffer, 0, bufferSize);
strcpy((char *) buffer, inStr);
mp_XMLCh = NULL;
m_bufferType = BUFFER_CHAR;
Index: c/src/xenc/impl/XENCEncryptedTypeImpl.cpp
===================================================================
--- c/src/xenc/impl/XENCEncryptedTypeImpl.cpp (révision 935194)
+++ c/src/xenc/impl/XENCEncryptedTypeImpl.cpp (copie de travail)
@@ -324,7 +324,7 @@
// local code page and then transform
char * b64 = XMLString::transcode(mp_cipherData->getCipherValue()->getCipherString());
- ArrayJanitor<char> j_b64(b64);
+ //ArrayJanitor<char> j_b64(b64);
TXFMSB *sb;
XSECnew(sb, TXFMSB(mp_env->getParentDocument()));
@@ -340,6 +340,8 @@
chain->appendTxfm(tb64);
+ XMLString::release(&b64);
+
return chain;
}
Index: c/src/xenc/impl/XENCCipherImpl.cpp
===================================================================
--- c/src/xenc/impl/XENCCipherImpl.cpp (révision 935194)
+++ c/src/xenc/impl/XENCCipherImpl.cpp (copie de travail)
@@ -286,7 +286,7 @@
sb.sbXMLChAppendCh(chCloseAngle);
char * prefix = transcodeToUTF8(sb.rawXMLChBuffer());
- ArrayJanitor<char> j_prefix(prefix);
+ //ArrayJanitor<char> j_prefix(prefix);
sbt = prefix;
const char * crcb = content.rawCharBuffer();
@@ -315,8 +315,9 @@
sb.sbXMLChAppendCh(chCloseAngle);
char * trailer = transcodeToUTF8(sb.rawXMLChBuffer());
- ArrayJanitor<char> j_trailer(trailer);
+ //ArrayJanitor<char> j_trailer(trailer);
sbt.sbStrcatIn(trailer);
+ XMLString::release(&trailer);
// Now we need to parse the document
@@ -333,6 +334,8 @@
MemBufInputSource* memIS = new MemBufInputSource ((const XMLByte*) sbt.rawBuffer(), bytes, "XSECMem");
Janitor<MemBufInputSource> j_memIS(memIS);
+ XMLString::release(&prefix);
+
parser->parse(*memIS);
xsecsize_t errorCount = parser->getErrorCount();
if (errorCount > 0)
