Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
Bug#659251: openssl: enc: Bad compression ration with -z (zlib compression)
29 views
Skip to first unread message
Roland Stigge
Feb 9, 2012, 10:00:02 AM2/9/12
to
Package: openssl
Version: 1.0.0g-1
Severity: normal
Hi,
consider symmetric encryption with "openssl enc":
$ openssl enc -bf -in /usr/share/common-licenses/GPL-3 -out GPL-3.enc
enter bf-cbc encryption password:
Verifying - enter bf-cbc encryption password:
$ openssl enc -bf -in /usr/share/common-licenses/GPL-3 -out GPL-3.enc-z -z
enter bf-cbc encryption password:
Verifying - enter bf-cbc encryption password:
$ gzip -c /usr/share/common-licenses/GPL-3 > GPL-3.gz
$ ls -l GPL-3* /usr/share/common-licenses/GPL-3
-rw-r--r-- 1 rst rst 35168 Feb 9 15:39 GPL-3.enc
-rw-r--r-- 1 rst rst 35189 Feb 9 15:39 GPL-3.enc-z
-rw-r--r-- 1 rst rst 12143 Feb 9 15:40 GPL-3.gz
-rw-r--r-- 1 root root 35147 Jul 2 2007 /usr/share/common-licenses/GPL-3
$
As you can see in the gzip compression case, the cleartext provides for quite
some compression. But when enabling zlib compression for "openssl enc" via
"-z", the resulting file is even bigger and it looks like there is no actual
compression done at all.
Thanks in advance,
Roland
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (x86_64)
Kernel: Linux 3.2.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssl depends on:
ii libc6 2.13-24
ii libssl1.0.0 1.0.0g-1
ii zlib1g 1:1.2.3.4.dfsg-3
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20111211
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Version: 1.0.0g-1
Severity: normal
Hi,
consider symmetric encryption with "openssl enc":
$ openssl enc -bf -in /usr/share/common-licenses/GPL-3 -out GPL-3.enc
enter bf-cbc encryption password:
Verifying - enter bf-cbc encryption password:
$ openssl enc -bf -in /usr/share/common-licenses/GPL-3 -out GPL-3.enc-z -z
enter bf-cbc encryption password:
Verifying - enter bf-cbc encryption password:
$ gzip -c /usr/share/common-licenses/GPL-3 > GPL-3.gz
$ ls -l GPL-3* /usr/share/common-licenses/GPL-3
-rw-r--r-- 1 rst rst 35168 Feb 9 15:39 GPL-3.enc
-rw-r--r-- 1 rst rst 35189 Feb 9 15:39 GPL-3.enc-z
-rw-r--r-- 1 rst rst 12143 Feb 9 15:40 GPL-3.gz
-rw-r--r-- 1 root root 35147 Jul 2 2007 /usr/share/common-licenses/GPL-3
$
As you can see in the gzip compression case, the cleartext provides for quite
some compression. But when enabling zlib compression for "openssl enc" via
"-z", the resulting file is even bigger and it looks like there is no actual
compression done at all.
Thanks in advance,
Roland
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (x86_64)
Kernel: Linux 3.2.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages openssl depends on:
ii libc6 2.13-24
ii libssl1.0.0 1.0.0g-1
ii zlib1g 1:1.2.3.4.dfsg-3
openssl recommends no packages.
Versions of packages openssl suggests:
ii ca-certificates 20111211
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Sebastian Andrzej Siewior
Apr 7, 2012, 8:30:03 AM4/7/12
to
tags 659251 + patch
thanks
* Roland Stigge | 2012-02-09 15:52:21 [+0100]:
>$ openssl enc -bf -in /usr/share/common-licenses/GPL-3 -out GPL-3.enc
>enter bf-cbc encryption password:
>Verifying - enter bf-cbc encryption password:
>$ openssl enc -bf -in /usr/share/common-licenses/GPL-3 -out GPL-3.enc-z -z
>enter bf-cbc encryption password:
>Verifying - enter bf-cbc encryption password:
>$ gzip -c /usr/share/common-licenses/GPL-3 > GPL-3.gz
>$ ls -l GPL-3* /usr/share/common-licenses/GPL-3
>-rw-r--r-- 1 rst rst 35168 Feb 9 15:39 GPL-3.enc
>-rw-r--r-- 1 rst rst 35189 Feb 9 15:39 GPL-3.enc-z
>-rw-r--r-- 1 rst rst 12143 Feb 9 15:40 GPL-3.gz
>-rw-r--r-- 1 root root 35147 Jul 2 2007 /usr/share/common-licenses/GPL-3
>$
The problem is that openssl tries to compress encrypted content which
seems not to work. The patch attached changes the order to first
compress and then encrypt.
Sebastian
thanks
* Roland Stigge | 2012-02-09 15:52:21 [+0100]:
>$ openssl enc -bf -in /usr/share/common-licenses/GPL-3 -out GPL-3.enc
>enter bf-cbc encryption password:
>Verifying - enter bf-cbc encryption password:
>$ openssl enc -bf -in /usr/share/common-licenses/GPL-3 -out GPL-3.enc-z -z
>enter bf-cbc encryption password:
>Verifying - enter bf-cbc encryption password:
>$ gzip -c /usr/share/common-licenses/GPL-3 > GPL-3.gz
>$ ls -l GPL-3* /usr/share/common-licenses/GPL-3
>-rw-r--r-- 1 rst rst 35168 Feb 9 15:39 GPL-3.enc
>-rw-r--r-- 1 rst rst 35189 Feb 9 15:39 GPL-3.enc-z
>-rw-r--r-- 1 rst rst 12143 Feb 9 15:40 GPL-3.gz
>-rw-r--r-- 1 root root 35147 Jul 2 2007 /usr/share/common-licenses/GPL-3
>$
seems not to work. The patch attached changes the order to first
compress and then encrypt.
Sebastian
0 new messages