-
Notifications
You must be signed in to change notification settings - Fork 7.3k
OpenSSL EVP API Fix (ECB mode failing) #1997
Conversation
…e' old versions. This also fixes an issue that made blowfish's ECB mode unusable. Need to investigate if this breaks anything related to padding.
…enerated from an independent C++ program.
Some would say that ECB not working is a feature, not a bug. I'm only half-kidding. The test case fails with the below error (tested against openssl 0.9.8k as shipped with ubuntu 10.04 on x86_64):
It's caused by the It's trivial to fix but I would like to understand the why of it. The C++ test case does pass, by the way, but not when I add a On a side note, I appreciate the thorough write-up. [1] https://github.com/joyent/node/blob/11d68eb/src/node_crypto.cc#L1854 |
Seems like a bug in OpenSSL that went unfixed up to these commits: I have been testing on Gentoo x86 with openssl-1.0.0e so that's why it was working for me. I'd suggest something like this:
Not exactly a beauty, but yeah... Maybe wrap it in a macro, local_EVP_CIPHER_iv_length or something. What do you think? |
Good catch. I'm afraid patching node_crypto.cc won't fix it, the call to Is there a particular reason you are testing this with |
…ia linking against old OpenSSL and using the new test case. Also the rest of the test suite does not report any side effects.
Tbh, I don't see why Re: using |
Any more thoughts on this? I have deployed a custom/patched node version for now, but would like to go back to the official series in the future. If the patch needs any reworking, just let me know. |
fprintf(stderr, "node-crypto : Invalid key length %d\n", key_len); | ||
EVP_CIPHER_CTX_cleanup(&ctx); | ||
return false; | ||
} | ||
EVP_CipherInit_ex(&ctx, NULL, NULL, (unsigned char *)key, (unsigned char *)iv, true); |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Long line. Lines should be <= 80 characters. Happens in a few other places too.
Sorry for the delay, Ingmar. If you fix up the nits, I'll merge it. |
Fixed up the long lines & whitespace in and around my changes, sorry for not running cpplint earlier. :) I have signed the CLA. |
Thanks Ingmar, merged in 2603832. |
Hey there.
I was trying to decrypt some Blowfish-ECB-mode encrypted strings with node.js, but all I got was weird characters. After making an isolated test case, I discovered that node.js is not using OpenSSL's EVP_CIPHER_CTX_set_key_length correctly.
It's called after EVP_CipherInit, so it will just silently do nothing (won't return any error code either). However, unless you're using a cipher with a variable key length (such as Blowfish ECB) it will go unnoticed. The fix is to use EVP_CipherInit_ex instead and to call it two times, as (dimly) described by EVP_CipherInit_ex's man page on openssl.org[1].
So here's a pull request and a test case.
I have also changed the code to use EVP_EncryptFinal_ex to go along with the _ex init call which should not have any side effects since at least in current OpenSSLs (haven't checked 0.x ones), Final is simply an alias to Final_ex.
Also here's a standalone cpp file I used for testing: https://gist.github.com/1335823 BF_ecb_encrypt is used to verify the output.
Looking forward to reading your comments.
[1] http://www.openssl.org/docs/crypto/EVP_EncryptInit.html