Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss
[openssl-dev] [openssl.org #4552] Bug report: hex string is too long, problem in set_hex()?
891 views
Skip to first unread message
David-E Young via RT
May 31, 2016, 4:37:44 PM5/31/16
to
Classification: Public
OS: SUSE Linux Enterprise Server 11 SP2 (x86_64)
OpenSSL: versions 1.0.1m, 1.1.0-pre5
Using this command sequence:
echo WuNhPwuWAOiG86RfO4A5jITR9WZ+kF1L+iBgGPQJ4dEJk8Sxiqb014bJsEGDbCfk | $ssl/bin/openssl enc -aes128 -d -a -iv 57fd56a7e47b9482096ab4707ca9d383 -K 617364696f69636a61736f3932336b3b0a
we get different behavior between version 1.0.1m and later versions. With version 1.0.1m the above sequence works fine. Using later versions, including 1.1.0-pre5, we get:
hex string is too long
invalid hex key value
The trouble is in set_hex():
static int set_hex(char *in, unsigned char *out, int size)
{
...
if (n > (size * 2)) {
// hex string is too long
...
}
}
If the size multiplier is changed to, say, 4, then the problem goes away with no apparent ill effects. Reading the code for set_hex() and its caller, it does not appear that the size multiplier is related to a buffer size or some other limitation.
I've read that the "hex string is too long" issue is a bug in OpenSSL that was supposed to be fixed in the 1.0.2 branch, but that appears not to be the case. Please let us know if we've missed something or if this issue is in fact an OpenSSL bug.
Kind Regards,
David
---
This communication may contain confidential and/or privileged information. If you are not the intended recipient (or have received this communication in error) please notify the sender immediately and destroy this communication. Any unauthorized copying, disclosure or distribution of the material in this communication is strictly forbidden.
Deutsche Bank does not render legal or tax advice, and the information contained in this communication should not be regarded as such.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4552
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
OS: SUSE Linux Enterprise Server 11 SP2 (x86_64)
OpenSSL: versions 1.0.1m, 1.1.0-pre5
Using this command sequence:
echo WuNhPwuWAOiG86RfO4A5jITR9WZ+kF1L+iBgGPQJ4dEJk8Sxiqb014bJsEGDbCfk | $ssl/bin/openssl enc -aes128 -d -a -iv 57fd56a7e47b9482096ab4707ca9d383 -K 617364696f69636a61736f3932336b3b0a
we get different behavior between version 1.0.1m and later versions. With version 1.0.1m the above sequence works fine. Using later versions, including 1.1.0-pre5, we get:
hex string is too long
invalid hex key value
The trouble is in set_hex():
static int set_hex(char *in, unsigned char *out, int size)
{
...
if (n > (size * 2)) {
// hex string is too long
...
}
}
If the size multiplier is changed to, say, 4, then the problem goes away with no apparent ill effects. Reading the code for set_hex() and its caller, it does not appear that the size multiplier is related to a buffer size or some other limitation.
I've read that the "hex string is too long" issue is a bug in OpenSSL that was supposed to be fixed in the 1.0.2 branch, but that appears not to be the case. Please let us know if we've missed something or if this issue is in fact an OpenSSL bug.
Kind Regards,
David
---
This communication may contain confidential and/or privileged information. If you are not the intended recipient (or have received this communication in error) please notify the sender immediately and destroy this communication. Any unauthorized copying, disclosure or distribution of the material in this communication is strictly forbidden.
Deutsche Bank does not render legal or tax advice, and the information contained in this communication should not be regarded as such.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4552
Please log in as guest with password guest if prompted
--
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
Salz, Rich via RT
May 31, 2016, 4:45:29 PM5/31/16
to
> If the size multiplier is changed to, say, 4, then the problem goes away with
> no apparent ill effects. Reading the code for set_hex() and its caller, it does
> not appear that the size multiplier is related to a buffer size or some other
> limitation.
Yes it is, it's the size of the buffer to hold the converted text->binary string. Changing the multiplier will overwrite data buffers.
> no apparent ill effects. Reading the code for set_hex() and its caller, it does
> not appear that the size multiplier is related to a buffer size or some other
> limitation.
There was a bug where it got the size calculation wrong, I think. But this is not a bug as reported.
David-E Young via RT
May 31, 2016, 4:54:44 PM5/31/16
to
Classification: Public
Hello. Thanks for responding so quickly. Could you perhaps then tell us why the difference in behavior between version 1.0.1m and later versions, and why we would get "hex string is too long"?
Kind Regards,
David
-----Original Message-----
From: Salz, Rich via RT [mailto:r...@openssl.org]
Sent: Tuesday, May 31, 2016 4:45 PM
To: David-E Young
Cc: opens...@openssl.org
Subject: RE: [openssl-dev] [openssl.org #4552] Bug report: hex string is too long, problem in set_hex()?
> If the size multiplier is changed to, say, 4, then the problem goes
> away with no apparent ill effects. Reading the code for set_hex() and
> its caller, it does not appear that the size multiplier is related to
> a buffer size or some other limitation.
Yes it is, it's the size of the buffer to hold the converted text->binary string. Changing the multiplier will overwrite data buffers.
There was a bug where it got the size calculation wrong, I think. But this is not a bug as reported.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4552
Please log in as guest with password guest if prompted
Hello. Thanks for responding so quickly. Could you perhaps then tell us why the difference in behavior between version 1.0.1m and later versions, and why we would get "hex string is too long"?
Kind Regards,
David
-----Original Message-----
From: Salz, Rich via RT [mailto:r...@openssl.org]
Sent: Tuesday, May 31, 2016 4:45 PM
To: David-E Young
Cc: opens...@openssl.org
Subject: RE: [openssl-dev] [openssl.org #4552] Bug report: hex string is too long, problem in set_hex()?
> If the size multiplier is changed to, say, 4, then the problem goes
> away with no apparent ill effects. Reading the code for set_hex() and
> its caller, it does not appear that the size multiplier is related to
> a buffer size or some other limitation.
Yes it is, it's the size of the buffer to hold the converted text->binary string. Changing the multiplier will overwrite data buffers.
There was a bug where it got the size calculation wrong, I think. But this is not a bug as reported.
--
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4552
Please log in as guest with password guest if prompted
---
This communication may contain confidential and/or privileged information. If you are not the intended recipient (or have received this communication in error) please notify the sender immediately and destroy this communication. Any unauthorized copying, disclosure or distribution of the material in this communication is strictly forbidden.
Deutsche Bank does not render legal or tax advice, and the information contained in this communication should not be regarded as such.
This communication may contain confidential and/or privileged information. If you are not the intended recipient (or have received this communication in error) please notify the sender immediately and destroy this communication. Any unauthorized copying, disclosure or distribution of the material in this communication is strictly forbidden.
Deutsche Bank does not render legal or tax advice, and the information contained in this communication should not be regarded as such.
Rich Salz via RT
May 31, 2016, 5:04:31 PM5/31/16
to
As I said, I think there was a bug in previous versions that got the 'too long'
check wrong. The command line that you posted is in error. There are two extra
characters. As the message says :)
check wrong. The command line that you posted is in error. There are two extra
characters. As the message says :)
Richard Levitte via RT
May 31, 2016, 5:08:39 PM5/31/16
to
That hex key string looks off. It seems to include an ending \n (0a), which I
suspect is because at an earlier time, someone forgot to peal off the ending
linefeed. Take away the endine 0a and I'm sure things will be fine.
The 'set_hex' check is exactly the same in the 1.0.1, 1.0.2 and upcoming 1.1.0
series, so I'm pretty sure *that* part is a red herring.
Why 1.0.1 accepts a too long hex string is a good question, but it's too late
in its life cycle to bother.
Cheers,
Richard
On Tue May 31 20:37:19 2016, david-...@db.com wrote:
> Classification: Public
> OS: SUSE Linux Enterprise Server 11 SP2 (x86_64)
> OpenSSL: versions 1.0.1m, 1.1.0-pre5
>
> Using this command sequence:
>
> echo WuNhPwuWAOiG86RfO4A5jITR9WZ+kF1L+iBgGPQJ4dEJk8Sxiqb014bJsEGDbCfk
> | $ssl/bin/openssl enc -aes128 -d -a -iv
> 57fd56a7e47b9482096ab4707ca9d383 -K 617364696f69636a61736f3932336b3b0a
>
> we get different behavior between version 1.0.1m and later versions.
> With version 1.0.1m the above sequence works fine. Using later
> versions, including 1.1.0-pre5, we get:
> ...
lev...@openssl.org
suspect is because at an earlier time, someone forgot to peal off the ending
linefeed. Take away the endine 0a and I'm sure things will be fine.
The 'set_hex' check is exactly the same in the 1.0.1, 1.0.2 and upcoming 1.1.0
series, so I'm pretty sure *that* part is a red herring.
Why 1.0.1 accepts a too long hex string is a good question, but it's too late
in its life cycle to bother.
Cheers,
Richard
On Tue May 31 20:37:19 2016, david-...@db.com wrote:
> Classification: Public
> OS: SUSE Linux Enterprise Server 11 SP2 (x86_64)
> OpenSSL: versions 1.0.1m, 1.1.0-pre5
>
> Using this command sequence:
>
> echo WuNhPwuWAOiG86RfO4A5jITR9WZ+kF1L+iBgGPQJ4dEJk8Sxiqb014bJsEGDbCfk
> | $ssl/bin/openssl enc -aes128 -d -a -iv
> 57fd56a7e47b9482096ab4707ca9d383 -K 617364696f69636a61736f3932336b3b0a
>
> we get different behavior between version 1.0.1m and later versions.
> With version 1.0.1m the above sequence works fine. Using later
>
> hex string is too long
> hex string is too long
> invalid hex key value
>
> The trouble is in set_hex():
>
> static int set_hex(char *in, unsigned char *out, int size)
> {
> ...
> if (n > (size * 2)) {
> // hex string is too long
>
> The trouble is in set_hex():
>
> static int set_hex(char *in, unsigned char *out, int size)
> {
> ...
> if (n > (size * 2)) {
> ...
> }
> }
>
> If the size multiplier is changed to, say, 4, then the problem goes
> away with no apparent ill effects. Reading the code for set_hex() and
> its caller, it does not appear that the size multiplier is related to
> a buffer size or some other limitation.
>
> }
>
> If the size multiplier is changed to, say, 4, then the problem goes
> away with no apparent ill effects. Reading the code for set_hex() and
> its caller, it does not appear that the size multiplier is related to
> a buffer size or some other limitation.
>
> I've read that the "hex string is too long" issue is a bug in OpenSSL
> that was supposed to be fixed in the 1.0.2 branch, but that appears
> not to be the case. Please let us know if we've missed something or if
> this issue is in fact an OpenSSL bug.
>
> Kind Regards,
>
> David
>
>
>
> that was supposed to be fixed in the 1.0.2 branch, but that appears
> not to be the case. Please let us know if we've missed something or if
> this issue is in fact an OpenSSL bug.
>
> Kind Regards,
>
> David
>
>
>
> ---
> This communication may contain confidential and/or privileged
> information. If you are not the intended recipient (or have received
> this communication in error) please notify the sender immediately and
> destroy this communication. Any unauthorized copying, disclosure or
> distribution of the material in this communication is strictly
> forbidden.
>
> Deutsche Bank does not render legal or tax advice, and the information
> contained in this communication should not be regarded as such.
--
Richard Levitte
> This communication may contain confidential and/or privileged
> information. If you are not the intended recipient (or have received
> this communication in error) please notify the sender immediately and
> destroy this communication. Any unauthorized copying, disclosure or
> distribution of the material in this communication is strictly
> forbidden.
>
> Deutsche Bank does not render legal or tax advice, and the information
> contained in this communication should not be regarded as such.
--
lev...@openssl.org
0 new messages