Project

General

Profile

Bug #87

Crash when trying to use RSA key to sign a log

Added by Paul Bramsen almost 7 years ago. Updated over 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
-
Start date:
11/08/2016
Due date:
% Done:

0%


Description

vagrant@vagrant-ubuntu-trusty-64:~$ gcl-create -k rsa -K test_keys/ -s com.pbramsen.gdplogd my_rsa_log
Enter PEM pass phrase:
Verifying - Enter PEM pass phrase:
[OK] gcl-create: New secret key is in test_keys//G-xR_GQLd2j1Ha972eRpVXIKUY_EXidO3RXeFZ81pYU.pem
[OK] gcl-create: Save this file!  You'll need it to write the new log
Created new GCL G-xR_GQLd2j1Ha972eRpVXIKUY_EXidO3RXeFZ81pYU
    on log server com.pbramsen.gdplogd
exiting with status OK
vagrant@vagrant-ubuntu-trusty-64:~$ gdp-writer -K test_keys/G-xR_GQLd2j1Ha972eRpVXIKUY_EXidO3RXeFZ81pYU.pem my_rsa_log
Enter PEM pass phrase:
GDPname: G-xR_GQLd2j1Ha972eRpVXIKUY_EXidO3RXeFZ81pYU (0 recs)

Starting to read input
hello world!
Got input «hello world!»
EP Crypto Error: ep_crypto_sign_final: cannot finalize signing digest
140407465174688:error:0608C09B:digital envelope routines:EVP_PKEY_sign:buffer too small:pmeth_fn.c:115:
[ERROR] gdp-writer: Append error: ERROR: 403 forbidden [Berkeley:Swarm-GDP:403]
gdp-writer: exiting with status ERROR: 403 forbidden [Berkeley:Swarm-GDP:403]
vagrant@vagrant-ubuntu-trusty-64:~$

History

#1 Updated by Eric Allman almost 7 years ago

  • Status changed from New to Resolved
  • Assignee set to Eric Allman

Should be fixed. There was an undersized buffer. Note that this was not a security problem: no buffer overflows occurred. I think your previously created log will be usable now (i.e., the key itself should be intact).

#2 Updated by Eric Allman over 6 years ago

  • Status changed from Resolved to Closed

No negative feedback, and Paul has graduated ⇒ Closed

Also available in: Atom PDF