https://issues.apache.org/bugzilla/show_bug.cgi?id=49148
Summary: OpenSSL:SymmetricKey::decryptFinish - Out of range
padding value in final block
Product: Security
Version: C++ 1.5.1
Platform: PC
OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: Encryption
AssignedTo: security-dev@xml.apache.org
ReportedBy: jeremy.cou...@free.fr
Created an attachment (id=25322)
--> (https://issues.apache.org/bugzilla/attachment.cgi?id=25322)
Patch
Hello,
I started using XML Security (C++) in my own project a few days ago.
I am using the svn latest version.
I created a simple command line tool based on simpleEncrypt and simpleDecrypt
examples.
My goal is to create a small utility for encrypting/decrypting xml files with
AES256_CBC (randomly generated key) and RSA_15 Public/Private keys (loaded from
PEM files).
I ran into an error when I tried decrypting my previously encrypted xml file :
An error occurred during an encryption operation
Message: OpenSSL:SymmetricKey::decryptFinish - Out of range padding value in
final block
I used valgrind to track down the problem and it seems to be related to the use
of uninitilised value during both encrypting and decrypting.
A patch is available in attachment that fixes my problem.
The main problem is in XSECSafeBuffer.cpp
The 2 other files modification are just small memory leaks.
Please let me know if something is wrong with my patch.
Thanks.
--
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.
