Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-55577

Investigate potential decryption differences between CCCryptor and OpenSSL

    XMLWordPrintable

    Details

    • Type: Question
    • Status: Open
    • Priority: Major - P3
    • Resolution: Unresolved
    • Affects Version/s: None
    • Fix Version/s: Backlog
    • Component/s: None
    • Labels:
      None
    • Sprint:
      Security 2021-04-05

      Description

      BF-20495 resulted from a bug in symmetric_crypto_test.cpp that didn't reset a buffer before checking that decryption with a wrong key failed. However, this bug only appeared whenever the decryptor returned an OK status and did not modify the passed-in buffer at all, which only seemed to occur frequently enough to be caught in MacOS's CCCryptor. This behavior should be compared with OpenSSL to see whether there are certain ciphertexts that, when decrypted with the same (incorrect) key/IV combination, result in an OK status and an empty plaintext on OS X but result in different behavior on OpenSSL. 

        Attachments

          Activity

            People

            Assignee:
            backlog-server-security Backlog - Security Team
            Reporter:
            varun.ravichandran Varun Ravichandran
            Participants:
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Dates

              Created:
              Updated: