'Re: [Vm-dev] SqueakSSL plugin issue'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       squeak-vm-dev
Subject:    Re: [Vm-dev] SqueakSSL plugin issue
From:       Tobias Pape <Das.Linux () gmx ! de>
Date:       2021-07-27 18:05:38
Message-ID: CF4880DC-1A12-4352-BA9C-EBBAC5141557 () gmx ! de
[Download RAW message or body]

 


> On 27. Jul 2021, at 16:02, Eliot Miranda <eliot.miranda@gmail.com> wrote:
> 
> 
> Hi Levente,
> 
> > On Jul 27, 2021, at 4:12 AM, Levente Uzonyi <leves@caesar.elte.hu> wrote:
> > 
> > Hi All,
> > 
> > I ran into a case where primitiveEncrypt of the SqueakSSL plugin returns -1.
> > On the image side, SqueakSSL >> #primitiveSSL:encrypt:startingAt:count:into: is \
> > sent with srcBuf and dstBuf being two 4096 long ByteArrays, start is 1 and length \
> > is 4096, so the input has the same size as the output, and all the bytes are to \
> > be encrypted.
> > I enabled logging, and the following two lines were produced:
> > 
> > sqEncryptSSL: Encrypting 4096 bytes
> > sqCopyBioSSL: 4125 bytes pending; buffer size 4096
> > 
> > Somehow, the 4096 bytes became 4125 bytes, which may be normal, but the
> > code clearly expects no more than 4096 bytes to be there[1].
> > The hardcoded -1 is fishy on its own, and perhaps BIO_read is able to
> > handle the situation and read only as many bytes that fit into the output
> > buffer.
> > If so, the guard is unnecessary, but I'm not familiar with the code at
> > all, so I don't know what's the correct thing to do.
> > 
> > I can work it around by providing smaller chunks or larger buffers but I
> > think it would be forth fixing this.
> > Any ideas?
> 
> One style we use in Terf for video codecs is to supply a callback with the input to \
> receive the output. For example the x264 encode primitive takes a pointer to the \
> x264 encoder state, a bits array containing the video frame, and a callback that \
> receives a pointer to the encoded packet (when one is ready) and it's length.  Then \
> the resulting packet byte array is allocated by Smalltalk and initialized from the \
> pointer.

thats more or less how it works atm, the buffers are all smalltalk buffers.
but with kind-of polling on the image side.

> 
> This approach makes SSL depend on either Alien or the FFI (& should look to using \
> the FFI facilities going forward).  But call backs are available in all our \
> platforms now.  I did ARMv8 a couple of weeks ago.

What happens ist that the sqo_SSL_write of the unencrypted data to the ssl object \
encrypts them and the output apparently growth. sqo_BIO_ctrl_pending shows that there \
are now more bytes available to read. than we wrote. 

The combinations of write/read and buffers is as it was in Andreas' original version.

I can just presume that all previous ciphers used never increased in size.
Probably HMAC or something adds to that problem.

We shouldn't just return -1 but ask the provider for a bigger buffeR:

	SQSSL_BUFFER_TOO_SMALL
	https://github.com/OpenSmalltalk/opensmalltalk-vm/blob/d494240736f7c0309e3e819784feb1d53ed0985a/platforms/Cross/plugins/SqueakSSL/SqueakSSL.h#L31


this is what windows already does:

	https://github.com/OpenSmalltalk/opensmalltalk-vm/blob/d494240736f7c0309e3e819784feb1d53ed0985a/platforms/win32/plugins/SqueakSSL/sqWin32SSL.c#L771



Best regards
	-Tobias



> 
> > 
> > 
> > Levente
> > 
> > [1] https://github.com/OpenSmalltalk/opensmalltalk-vm/blob/d494240736f7c0309e3e819784feb1d53ed0985a/platforms/unix/plugins/SqueakSSL/sqUnixOpenSSL.inc#L70
> > 


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic