Le dimanche 16 novembre 2014 à 14:43 +0100, William Bonnet a écrit : > Hi, > > I would like to submit a patch to openssl in order to fix this issue. This > patch is fixing a missing error code in the EVP_DecryptFinal_ex function > which cause the failure of the NodeJS unit test. > > During the latest Debian Bug Squashing Party i was working on NodeJS > packaging with Jean Baptiste Favre and trying to fix some issues. We noticed > a unit test failure (on NodeJS side) because of an unexpected openssl return > value. > > Unit test is simple/test-crypto-stream, and is based on aes-128-cbc > encryption and decryption with two different keys. This test should fail > with the error code : > > [TypeError: error:06065064:digital envelope > routines:EVP_DecryptFinal_ex:bad decrypt] > > But the latest stable version of openssl returns > > [TypeError: error:00000000:lib(0):func(0):reason(0)] > > This seems to come from some modification made in the > EVP_DecryptFinal_ex function in the last version bump. When returning > padding_good, > the EVPerr is not called before returning zero, leading to an undefined error > code. > > Here attached is a patch fixing this. > > I hope this will help, don't hesitate to ask me for more information. > > Please, as it is my first submission let me know if some is wrong in the way > to do it
I'm pretty amazed the problem comes from openssl. Did you check upstream openssl ? maybe it's a known bug, so the "Origin" field could link to it, ideally. If it is double-checked with upstream, then this bug report should be reassigned to openssl package. Jérémy. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
