https://bugs.ruby-lang.org/https://bugs.ruby-lang.org/favicon.ico?17113305112013-05-24T11:50:54ZRuby Issue Tracking SystemRuby master - Bug #8439: test_aes_gcm_wrong_tag(OpenSSL::TestCipher) fails randomlyhttps://bugs.ruby-lang.org/issues/8439?journal_id=395132013-05-24T11:50:54Zzzak (zzak _)
<ul><li><strong>Category</strong> set to <i>ext</i></li><li><strong>Status</strong> changed from <i>Open</i> to <i>Assigned</i></li><li><strong>Assignee</strong> set to <i>MartinBosslet (Martin Bosslet)</i></li><li><strong>Target version</strong> set to <i>2.1.0</i></li></ul><p>Can you reproduce this with trunk?</p> Ruby master - Bug #8439: test_aes_gcm_wrong_tag(OpenSSL::TestCipher) fails randomlyhttps://bugs.ruby-lang.org/issues/8439?journal_id=402352013-07-01T21:11:44Zvo.x (Vit Ondruch)v.ondruch@tiscali.cz
<ul></ul><p>Might be related/duplicate to <a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Bug: 2 AES-128-GCM (probably same in AES-256-GCM) bug? (Closed)" href="https://bugs.ruby-lang.org/issues/8221">#8221</a></p> Ruby master - Bug #8439: test_aes_gcm_wrong_tag(OpenSSL::TestCipher) fails randomlyhttps://bugs.ruby-lang.org/issues/8439?journal_id=403122013-07-06T07:34:13ZMartinBosslet (Martin Bosslet)Martin.Bosslet@gmail.com
<ul></ul><p>vo.x (Vit Ondruch) wrote:</p>
<blockquote>
<p>Might be related/duplicate to <a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Bug: 2 AES-128-GCM (probably same in AES-256-GCM) bug? (Closed)" href="https://bugs.ruby-lang.org/issues/8221">#8221</a></p>
</blockquote>
<p>Yes, very much sounds like it. I need to take a deeper look at what happens in the OpenSSL implementation that might explain the random failures.</p> Ruby master - Bug #8439: test_aes_gcm_wrong_tag(OpenSSL::TestCipher) fails randomlyhttps://bugs.ruby-lang.org/issues/8439?journal_id=427852013-11-07T01:20:04Zakr (Akira Tanaka)akr@fsij.org
<ul></ul><p>I tracked down the random failure.</p>
<p>It seems that the failure occur when tag[-1].succ is 2byte.<br>
I.e. it fails when tag[-1] is "9", "Z", "z" or "\xFF".</p>
<p>I modified test_aes_gcm_wrong_tag as follows:</p>
<a name="Index-test_cipherrb"></a>
<h1 >Index: test_cipher.rb<a href="#Index-test_cipherrb" class="wiki-anchor">¶</a></h1>
<p>--- test_cipher.rb (revision 43555)<br>
+++ test_cipher.rb (working copy)<br>
@@ -187,6 +187,7 @@ class OpenSSL::TestCipher < Test::Unit::<br>
tag = cipher.auth_tag</p>
<pre><code> decipher = new_decryptor('aes-128-gcm', key, iv)
</code></pre>
<ul>
<li>
<pre><code> p [tag[-1], tag[-1].succ]
decipher.auth_tag = tag[0..-2] << tag[-1].succ
decipher.auth_data = "aad"
</code></pre>
</li>
</ul>
<p>When the test fails, ["9", "10"], ["Z", "AA"], ["z", "aa"] or ["\xFF", "\x01\x00"] are shown.<br>
Assuming tag[-1] is a random byte, I guess the test fails once per 64 times on average because 4/256=1/64.</p>
<p>I'm not sure the intent of tag[-1].succ, though.</p> Ruby master - Bug #8439: test_aes_gcm_wrong_tag(OpenSSL::TestCipher) fails randomlyhttps://bugs.ruby-lang.org/issues/8439?journal_id=429312013-11-14T19:58:18Zakr (Akira Tanaka)akr@fsij.org
<ul><li><strong>Status</strong> changed from <i>Assigned</i> to <i>Closed</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>This issue was solved with changeset r43676.<br>
Vit, thank you for reporting this issue.<br>
Your contribution to Ruby is greatly appreciated.<br>
May Ruby be with you.</p>
<hr>
<ul>
<li>test/openssl/test_cipher.rb (test_aes_gcm_wrong_tag): Don't use<br>
String#succ because it can make modified (wrong) auth_tag longer<br>
than 16 bytes. The longer auth_tag makes that<br>
EVP_CIPHER_CTX_ctrl (and internally aes_gcm_ctrl) fail.<br>
<a href="/issues/8439">[ruby-core:55143]</a> [Bug <a class="issue tracker-1 status-5 priority-4 priority-default closed" title="Bug: test_aes_gcm_wrong_tag(OpenSSL::TestCipher) fails randomly (Closed)" href="https://bugs.ruby-lang.org/issues/8439">#8439</a>] reported by Vit Ondruch.</li>
</ul> Ruby master - Bug #8439: test_aes_gcm_wrong_tag(OpenSSL::TestCipher) fails randomlyhttps://bugs.ruby-lang.org/issues/8439?journal_id=441252014-01-06T23:33:36Zvo.x (Vit Ondruch)v.ondruch@tiscali.cz
<ul><li><strong>Backport</strong> changed from <i>1.9.3: UNKNOWN, 2.0.0: UNKNOWN</i> to <i>1.9.3: UNKNOWN, 2.0.0: REQUIRED</i></li></ul> Ruby master - Bug #8439: test_aes_gcm_wrong_tag(OpenSSL::TestCipher) fails randomlyhttps://bugs.ruby-lang.org/issues/8439?journal_id=442212014-01-12T07:06:19Znagachika (Tomoyuki Chikanaga)nagachika00@gmail.com
<ul><li><strong>Backport</strong> changed from <i>1.9.3: UNKNOWN, 2.0.0: REQUIRED</i> to <i>1.9.3: UNKNOWN, 2.0.0: DONE</i></li></ul><p>r43676 was backported to ruby_2_0_0 at r44566.</p> Ruby master - Bug #8439: test_aes_gcm_wrong_tag(OpenSSL::TestCipher) fails randomlyhttps://bugs.ruby-lang.org/issues/8439?journal_id=449492014-02-05T03:29:03Zusa (Usaku NAKAMURA)usa@garbagecollect.jp
<ul><li><strong>Backport</strong> changed from <i>1.9.3: UNKNOWN, 2.0.0: DONE</i> to <i>1.9.3: DONTNEED, 2.0.0: DONE</i></li></ul>