Bug#929903: openssl: m2crypto test case regression

classic Classic list List threaded Threaded
8 messages Options
Reply | Threaded
Open this post in threaded view
|

Bug#929903: openssl: m2crypto test case regression

Sebastian Andrzej Siewior
Package: openssl
Version: 1.1.1c-1
Severity: serious

The m2crypto test suite fails with c, passes with b. The error log
  https://ci.debian.net/data/autopkgtest/testing/amd64/m/m2crypto/2436983/log.gz

The testsuite complains about a missing error / the exception is not
raised. The bisect says, this happens since

|commit f61c68043d3bd2ad9718d356e7988ee2fdfc3621
| Author: Bernd Edlinger <[hidden email]>
| Date:   Thu Feb 28 10:08:18 2019 +0100
|
|     Fix memory overrun in rsa padding check functions
|
|     Fixes #8364 and #8357
|
|     Reviewed-by: Kurt Roeckx <[hidden email]>
|     (Merged from https://github.com/openssl/openssl/pull/8365)
|
|     (cherry picked from commit d7f5e5ae6d53f1387a42d210806cf5e9ed0882d6)

Kurt, can you check if this is an error in the testsuite or something
legal?

Sebastian

Reply | Threaded
Open this post in threaded view
|

Bug#929903: openssl: m2crypto test case regression

Kurt Roeckx
On Tue, Jun 04, 2019 at 12:46:07AM +0200, Sebastian Andrzej Siewior wrote:

>
> So if I decoded it right, it does
>
> |     fbuf = sha1("The magic words are squeamish ossifrage."); /* 0xbf, 0xf0, 0x04 … */
> |     flen = RSA_public_encrypt(20, fbuf, tobuf, )
> |     /* flen -> 128 */
> |     r = RSA_private_decrypt(128, tobuf, tobuf2, )
>
> before the change, RSA_private_decrypt() used to return an error
>      r -> -1, rsa routines|rsa_ossl_private_decrypt|padding check failed>
>
> after that, it return `20' and probably passes. Would it be likely that
> m2crypto tested that an openssl bug existed which got fixed?

I have no idea what they're testing, but I expect that if you just
encrypt something, that decryting that should work.


Kurt

Reply | Threaded
Open this post in threaded view
|

Bug#929903: openssl: m2crypto test case regression

Sebastian Andrzej Siewior
On 2019-06-04 12:12:35 [+0200], Kurt Roeckx wrote:

> On Tue, Jun 04, 2019 at 12:46:07AM +0200, Sebastian Andrzej Siewior wrote:
> >
> > So if I decoded it right, it does
> >
> > |     fbuf = sha1("The magic words are squeamish ossifrage."); /* 0xbf, 0xf0, 0x04 … */
> > |     flen = RSA_public_encrypt(20, fbuf, tobuf, )
> > |     /* flen -> 128 */
> > |     r = RSA_private_decrypt(128, tobuf, tobuf2, )
> >
> > before the change, RSA_private_decrypt() used to return an error
> >      r -> -1, rsa routines|rsa_ossl_private_decrypt|padding check failed>
> >
> > after that, it return `20' and probably passes. Would it be likely that
> > m2crypto tested that an openssl bug existed which got fixed?
>
> I have no idea what they're testing, but I expect that if you just
> encrypt something, that decryting that should work.

But it didn't.

Let me ping upstream: Matěj, could you please take a look at
        https://bugs.debian.org/929903

and check if it is okay the test no longer fails or if openssl suddenly
eats up the error code. Afterall:

--- tests/test_rsa.py   2019-06-03 21:16:33.840000000 +0000
+++ tests/test_rsa.py.new       2019-06-04 12:14:21.168000000 +0000
@@ -124,10 +124,10 @@
 
         # sslv23_padding
         ctxt = priv.public_encrypt(self.data, RSA.sslv23_padding)
-        with self.assertRaises(RSA.RSAError):
-            priv.private_decrypt(ctxt, RSA.sslv23_padding)
-        with self.assertRaises(RSA.RSAError):
-            priv.private_decrypt(ctxt, RSA.sslv23_padding)
+        ptxt = priv.private_decrypt(ctxt, RSA.sslv23_padding)
+        self.assertEqual(ptxt, self.data)
+        ptxt = priv.private_decrypt(ctxt, RSA.sslv23_padding)
+        self.assertEqual(ptxt, self.data)
 
         # no_padding
         with self.assertRaises(RSA.RSAError):

passes now and the result is `equal'.

> Kurt

Sebastian

Reply | Threaded
Open this post in threaded view
|

Bug#929903: openssl: m2crypto test case regression

Matěj Cepl-2
Sebastian Andrzej Siewior píše v Út 04. 06. 2019 v 14:15 +0200:
> Let me ping upstream: Matěj, could you please take a look at
> https://bugs.debian.org/929903
>
> and check if it is okay the test no longer fails or if openssl suddenly
> eats up the error code. Afterall:

OK, I have this commit now in the master
https://gitlab.com/m2crypto/m2crypto/commit/f287d7145b5f but I am
still not certain that sslv23_padding and especially no_padding
should lead to error, shouldn't it?

Why did the test passed before otherwise?

Best,

Matěj

> --- tests/test_rsa.py   2019-06-03 21:16:33.840000000 +0000
> +++ tests/test_rsa.py.new       2019-06-04 12:14:21.168000000 +0000
> @@ -124,10 +124,10 @@
>  
>          # sslv23_padding
>          ctxt = priv.public_encrypt(self.data, RSA.sslv23_padding)
> -        with self.assertRaises(RSA.RSAError):
> -            priv.private_decrypt(ctxt, RSA.sslv23_padding)
> -        with self.assertRaises(RSA.RSAError):
> -            priv.private_decrypt(ctxt, RSA.sslv23_padding)
> +        ptxt = priv.private_decrypt(ctxt, RSA.sslv23_padding)
> +        self.assertEqual(ptxt, self.data)
> +        ptxt = priv.private_decrypt(ctxt, RSA.sslv23_padding)
> +        self.assertEqual(ptxt, self.data)
>  
>          # no_padding
>          with self.assertRaises(RSA.RSAError):
>
> passes now and the result is `equal'.

signature.asc (849 bytes) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Bug#929903: openssl: m2crypto test case regression

Sebastian Andrzej Siewior
In reply to this post by Sebastian Andrzej Siewior
On 2019-06-08 10:28:38 [+0200], Matěj Cepl wrote:

> Sebastian Andrzej Siewior píše v Út 04. 06. 2019 v 23:10 +0200:
> > It did not if I understand the python correctly:
> > >        with self.assertRaises(RSA.RSAError):
> > >            priv.private_decrypt(ctxt, RSA.sslv23_padding)
> >
> > you expect that `priv.private_decrypt()' raised an RSA.RSAError
> > exception which it did before c (due to that bug) and did not since c.
>
> I believe M2Crypto 0.35.1 is what you are looking for. Thank you
> very much for finding the problem.

I see
 0b22d79082afd ("Limit tests.test_rsa.RSATestCase.test_public_encrypt just to OpenSSL which sustains it.")
 83d4d9bc3aa44 ("Remove duplicate call of the error code.")

which are ontop of 0.34. I don't see 0.35.1 but I think those two should
fix my problem.

> Best,
>
> Matěj

Sebastian

Reply | Threaded
Open this post in threaded view
|

Bug#929903: m2crypto: prosposed patch

Sebastian Andrzej Siewior
In reply to this post by Sebastian Andrzej Siewior
Control: tags 929903 + patch

Dear maintainer,

please find attached a proposed NMU to address this problem.

Regards.
Sebastian

m2crypto-0.31.0-3.1-nmu.diff (9K) Download Attachment
Reply | Threaded
Open this post in threaded view
|

Processed: m2crypto: prosposed patch

Debian Bug Tracking System
In reply to this post by Sebastian Andrzej Siewior
Processing control commands:

> tags 929903 + patch
Bug #929903 [m2crypto] m2crypto: testing for a fixed openssl causing test case regression
Added tag(s) patch.

--
929903: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929903
Debian Bug Tracking System
Contact [hidden email] with problems

Reply | Threaded
Open this post in threaded view
|

Bug#929903: marked as done (m2crypto: testing for a fixed openssl causing test case regression)

Debian Bug Tracking System
In reply to this post by Sebastian Andrzej Siewior
Your message dated Sun, 09 Jun 2019 08:50:12 +0000
with message-id <[hidden email]>
and subject line Bug#929903: fixed in m2crypto 0.31.0-4
has caused the Debian Bug report #929903,
regarding m2crypto: testing for a fixed openssl causing test case regression
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [hidden email]
immediately.)


--
929903: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929903
Debian Bug Tracking System
Contact [hidden email] with problems

Package: openssl
Version: 1.1.1c-1
Severity: serious

The m2crypto test suite fails with c, passes with b. The error log
  https://ci.debian.net/data/autopkgtest/testing/amd64/m/m2crypto/2436983/log.gz

The testsuite complains about a missing error / the exception is not
raised. The bisect says, this happens since

|commit f61c68043d3bd2ad9718d356e7988ee2fdfc3621
| Author: Bernd Edlinger <[hidden email]>
| Date:   Thu Feb 28 10:08:18 2019 +0100
|
|     Fix memory overrun in rsa padding check functions
|
|     Fixes #8364 and #8357
|
|     Reviewed-by: Kurt Roeckx <[hidden email]>
|     (Merged from https://github.com/openssl/openssl/pull/8365)
|
|     (cherry picked from commit d7f5e5ae6d53f1387a42d210806cf5e9ed0882d6)

Kurt, can you check if this is an error in the testsuite or something
legal?

Sebastian

Source: m2crypto
Source-Version: 0.31.0-4

We believe that the bug you reported is fixed in the latest version of
m2crypto, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [hidden email],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Daniel Stender <[hidden email]> (supplier of updated m2crypto package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [hidden email])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 09 Jun 2019 09:42:32 +0200
Source: m2crypto
Binary: m2crypto-doc python-m2crypto python-m2crypto-dbgsym
Architecture: all source
Version: 0.31.0-4
Distribution: unstable
Urgency: medium
Maintainer: Daniel Stender <[hidden email]>
Changed-By: Daniel Stender <[hidden email]>
Closes: 929903
Description:
 m2crypto-doc - Python wrapper for the OpenSSL library (docs)
 python-m2crypto - Python wrapper for the OpenSSL library (Python 2 modules)
Changes:
 m2crypto (0.31.0-4) unstable; urgency=medium
 .
   * Add a few patches from upstream to avoid a testsuite
     regression while testing for bug which was fixed in OpenSSL
     1.1.1c (Closes: #929903) [thanks to Sebastian Andrzej Siewior].
Checksums-Sha1:
 281c1223db6bff9496497cc49b6498e1d7afff28 2308 m2crypto_0.31.0-4.dsc
 568b0a49b6141b260cf78a634b93c1dd98f3e79a 59592 m2crypto_0.31.0-4.debian.tar.xz
 1262707b02bb94ac466cec623f3430ceda1997c4 195084 m2crypto-doc_0.31.0-4_all.deb
Checksums-Sha256:
 9163b7920e0c88e158c1b652e218f7a300b5cfa002f0553075900a0ec6433172 2308 m2crypto_0.31.0-4.dsc
 af1f712653e4324d23578fccf8603aa8b90e1ede6db6ce83f4756a397fb65a52 59592 m2crypto_0.31.0-4.debian.tar.xz
 1764a8df8380c2cd24e7e3cfb38c66acbee04155e26f60d879a6c1a245f1d282 195084 m2crypto-doc_0.31.0-4_all.deb
Files:
 ddf49433caf74a1b8fa7ae4a0ce28f63 2308 python optional m2crypto_0.31.0-4.dsc
 4b21f8d359ee132e4c9de60fc7c7f1d8 59592 python optional m2crypto_0.31.0-4.debian.tar.xz
 01043fb23a0b6e5445b43a5edee304c7 195084 doc optional m2crypto-doc_0.31.0-4_all.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEERsscqJ6jt0N2dh25FeCa9N9RgsgFAlz8vRoACgkQFeCa9N9R
gsg+FA/7BOW5XvvWLNPZaowtHyg2scsC9YbtKQeUZ4ZRj3uks9FpQs6COknfJPsN
H1cS0bk4jiQhKOvtNeqLY0T8oJOfYITLUltfv8qDKnOmz3PcPoW9Jv3ru9vCdONf
kaXYbdOSLsrN0QzKs53FBROb1Hb7Be1sE8vXoTEVETkm8ROmsQtktd2P+9+uW6t9
kyz+zhyN3psOFlxvm30PjrHAm2YsAegd6n00+KBax66Zbl0SYg9rpJCW/pc2V/1W
xUwwwPqzHY/5/1Xkdw7SaVIK2dEmNG0GTIQhP0chCIbzPZAK3LCn/ztfXLJGo2R+
aoAvZNVQRW5V/KhNsWVmIy/NVw8xOQmz+530ctMo8PGkXzhSTlt2JqQjpZRs20Gc
vIABeVl8W2eiB21velNONxrpU7POqvsVsO3qNo6BPGBqAs30WnEsyyw2hSRQvmmA
Y/ISJDBOitwFx+Zwy/Lj25gxeYfJXra9z5vSvvpfbQg4ds1tYipJCSXjw0M6pLqB
UP2lZ/E1CzVgd3l3ilJkKjhPILBypqq0E70uKI81oxf6VUwCFPYr2fl/MzVGfndw
6tIdc8qTYyxUn1N8V1NQSHaKPDIvt9a9YY1O0WmXZJa7iUr0JP8jzvBS3m6ACqlY
T51XQfZmpmV2Ys9+QQ4AXSk5UmbI48GaDYxLnL64hd0PecJCiLo=
=a5oF
-----END PGP SIGNATURE-----