[Pkg-openssl-devel] Bug#511727: "padding too short" error message
Thomas Bader
thomasb at trash.net
Tue Jan 13 21:11:18 UTC 2009
Package: libssl0.9.8
Version: 0.9.8c-4etch3
I'm using dkim-filter on a Debian Etch system (from etch-backports). I
always get a strange message in my syslog:
SSL error:04067069:rsa routines:RSA_EAY_PUBLIC_DECRYPT:pkcs1 padding too
short
I did some research and found out that "padding too short" should lead
to a signature verification error. But in my case it does not; in my
case signature verification is fine besides the fact that I get a
"padding too short" error.
I found out (with great help from the dkim-milter-users mailing list)
that this error message has been introduced in this commit:
http://cvs.openssl.org/chngview?cn=15514
This is a part of the 0.9.8c upstream version and patches CVE-2006-4339.
One of the next commits removes it:
http://cvs.openssl.org/chngview?cn=15536
Some people on the dkim-milter-users mailing list confirmed that the
behaviour I encounter does not happen with newer libssl versions.
Therefore I think that there are some compatibility issues with etch's
libssl.
More information about the Pkg-openssl-devel
mailing list