[#84867] [Ruby trunk Bug#14357] thread_safe tests suite segfaults — v.ondruch@...
Issue #14357 has been reported by vo.x (Vit Ondruch).
11 messages
2018/01/15
[#85364] Re: [Ruby trunk Bug#14357] thread_safe tests suite segfaults
— Eric Wong <normalperson@...>
2018/02/03
v.ondruch@tiscali.cz wrote:
[#85368] Re: [Ruby trunk Bug#14357] thread_safe tests suite segfaults
— Eric Wong <normalperson@...>
2018/02/03
Eric Wong wrote:
[#85442] Re: [Ruby trunk Bug#14357] thread_safe tests suite segfaults
— Eric Wong <normalperson@...>
2018/02/06
Eric Wong <normalperson@yhbt.net> wrote:
[#85451] Re: [Ruby trunk Bug#14357] thread_safe tests suite segfaults
— Vladimir Makarov <vmakarov@...>
2018/02/06
On 02/06/2018 05:00 AM, Eric Wong wrote:
[#85455] Re: [Ruby trunk Bug#14357] thread_safe tests suite segfaults
— Eric Wong <normalperson@...>
2018/02/06
Vladimir Makarov <vmakarov@redhat.com> wrote:
[#84874] [Ruby trunk Bug#14360] Regression CSV#open method for writing from Ruby 2.4.3 to 2.5.0 — shevegen@...
Issue #14360 has been updated by shevegen (Robert A. Heiler).
3 messages
2018/01/15
[#84980] [Ruby trunk Feature#13618][Assigned] [PATCH] auto fiber schedule for rb_wait_for_single_fd and rb_waitpid — hsbt@...
Issue #13618 has been updated by hsbt (Hiroshi SHIBATA).
10 messages
2018/01/23
[#85012] Re: [Ruby trunk Feature#13618][Assigned] [PATCH] auto fiber schedule for rb_wait_for_single_fd and rb_waitpid
— Eric Wong <normalperson@...>
2018/01/23
hsbt@ruby-lang.org wrote:
[#85081] Re: [Ruby trunk Feature#13618][Assigned] [PATCH] auto fiber schedule for rb_wait_for_single_fd and rb_waitpid
— Eric Wong <normalperson@...>
2018/01/24
Eric Wong <normalperson@yhbt.net> wrote:
[#85082] Re: [Ruby trunk Feature#13618][Assigned] [PATCH] auto fiber schedule for rb_wait_for_single_fd and rb_waitpid
— Eric Wong <normalperson@...>
2018/01/24
> Thinking about this even more; I don't think it's possible to
[#85088] [Ruby trunk Feature#13618] [PATCH] auto fiber schedule for rb_wait_for_single_fd and rb_waitpid — danieldasilvaferreira@...
Issue #13618 has been updated by dsferreira (Daniel Ferreira).
3 messages
2018/01/25
[#85107] [Ruby trunk Misc#14222] Mutex.lock is not safe inside signal handler: what is? — eregontp@...
Issue #14222 has been updated by Eregon (Benoit Daloze).
3 messages
2018/01/25
[#85136] Re: [Ruby trunk Feature#13618] [PATCH] auto fiber schedule for rb_wait_for_single_fd and rb_waitpid — Eric Wong <normalperson@...>
samuel@oriontransfer.org wrote:
3 messages
2018/01/26
[ruby-core:84582] [Ruby trunk Bug#14265][Third Party's Issue] Possible bug in OpenSSL library
From:
k@...
Date:
2018-01-02 04:20:17 UTC
List:
ruby-core #84582
Issue #14265 has been updated by rhenium (Kazuki Yamaguchi).
Status changed from Open to Third Party's Issue
Duplicate of [Bug #12561]. Current versions of Ruby/OpenSSL raise an exception:
$ ruby a.rb
plaintext: 030fa889aa00fc6554023a9aad8c9ca177686174657673000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
a.rb:15: warning: constant OpenSSL::Cipher::Cipher is deprecated
Traceback (most recent call last):
1: from a.rb:16:in `<main>'
a.rb:16:in `key=': key must be 16 bytes (ArgumentError)
----------------------------------------
Bug #14265: Possible bug in OpenSSL library
https://bugs.ruby-lang.org/issues/14265#change-69122
* Author: careta (Dumb Thomas)
* Status: Third Party's Issue
* Priority: Normal
* Assignee:
* Target version:
* ruby -v: ruby 2.3.3p222 (2016-11-21) [x86_64-linux-gnu] (Debian Stable)
* Backport: 2.3: UNKNOWN, 2.4: UNKNOWN, 2.5: UNKNOWN
----------------------------------------
Hi,
I'm not sure if this is a bug or not, but there is a difference between Ruby and
Python when using Blowfish encryption in ECB mode. Using the same algorithm parameters, and the same input, the encrypted output is completely different.
Behold these two code samples:
RUBY==================
require 'digest'
require 'openssl'
cleartext = 'whatevs'
md5 = Digest::MD5.new
md5.update(cleartext)
payload = (md5.digest + cleartext).ljust(0x80, "\x00")
puts "plaintext: " + payload.unpack('H*')[0]
secret_key = "supersecretsupersecret"
cipher = OpenSSL::Cipher::Cipher.new("bf-ecb").send :encrypt
cipher.key = secret_key
cipher.padding = 0
binary_data = (cipher.update(payload) << cipher.final)
puts "ciphertext: " + binary_data.unpack('H*')[0]
cipher = OpenSSL::Cipher::Cipher.new("bf-ecb").send :decrypt
cipher.key = secret_key
cipher.padding = 0
str = (cipher.update(binary_data) << cipher.final)
puts "decrypted: " + str.unpack('H*')[0]
RUBY==================
PYTHON================
from Crypto.Cipher import Blowfish
from Crypto.Hash import MD5
import binascii
cleartext = 'whatevs'
md5_key = MD5.new(cleartext).digest()
payload = (md5_key + cleartext).ljust(0x80, "\x00")
print "plaintext: " + binascii.hexlify(payload)
secret_key = "supersecretsupersecret"
ciphertext = Blowfish.new(secret_key, Blowfish.MODE_ECB).encrypt(payload)
print "ciphertext: " + binascii.hexlify(ciphertext)
print "decrypted: " + binascii.hexlify(Blowfish.new(secret_key,
1).decrypt(ciphertext))
PYTHON================
It seems that the Ruby OpenSSL makes some assumptions with regards to
key length - I'm not sure if this is a bug or not. The fix for the code
I pasted before was very simple: when initializing the cipher, I have to
specify the key_len before setting the key:
cipher = OpenSSL::Cipher::Cipher.new("bf-ecb").send :encrypt
cipher.key_len = secret_key.length
cipher.key = secret_key
cipher.padding = 0
binary_data = (cipher.update(payload) << cipher.final)
This makes it work correctly and match the Python output.
--
https://bugs.ruby-lang.org/
Unsubscribe: <mailto:ruby-core-request@ruby-lang.org?subject=unsubscribe>
<http://lists.ruby-lang.org/cgi-bin/mailman/options/ruby-core>