Quantcast

evp_cipherfinal_ex problem in apache module

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

evp_cipherfinal_ex problem in apache module

Peter Martin
Hi,

I have written an app that encrypts pages on a web server, and a module to
decrypt them. The cipher routines are in a number of c++ classes compiled
into a library used by other apps, and they appear to work correctly when
invoked from the command line. However, when running the apache module, I
get a failure from the evp_cipherfinal_ex call:

Error check error:06065064:lib(6):func(101):reason(100).

ie. bad decrypt from evp_cipherfinal

Has anyone any ideas why this fails when running in an apache module but
works as expected in a command line environment? An application using the
same library runs perfectly when invoked as a cgi executable.

I am using openssl-0.9.7a-40 on a Fedora core 3 box.

Cheers

Pete Martin

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: evp_cipherfinal_ex problem in apache module

Peter Martin
I've added some more info.

>
> I have written an app that encrypts pages on a web server, and a module to
> decrypt them. The cipher routines are in a number of c++ classes compiled
> into a library used by other apps, and they appear to work correctly when
> invoked from the command line. However, when running the apache module, I
> get a failure from the evp_cipherfinal_ex call:
>
> Error check error:06065064:lib(6):func(101):reason(100).
>
> ie. bad decrypt from evp_cipherfinal
>
> Has anyone any ideas why this fails when running in an apache module but
> works as expected in a command line environment? An application using the
> same library runs perfectly when invoked as a cgi executable.
>
> I am using openssl-0.9.7a-40 on a Fedora core 3 box.

The code I am using is the same as the example in the EVP_Cipherxxx man
page. I have tried using EVP_enc_null() for the type and this works as
expected. ie. no encryption, but the apache module works properly and
outputs the correct pages. Only when I replace EVP_enc_null with another
type, for example, EVP_rc2_cbc() do I get the error mentioned above.

I was wondering if there was anything in the general environement that
Apache may have changed to cause the decrypt to fail? I've set the locale
(LC_ALL) to "C" just in case.

If no one has the answer, then hints on where to start looking would be
useful.
Pete

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [hidden email]
Automated List Manager                           [hidden email]
Loading...