signalapp/libsignal-protocol-c

Bad MAC error with OpenSSL/external lib

mjena opened this issue · 4 comments

mjena commented

I have 2 related issues:

  1. I am getting INCONSISTENT "Bad MAC" error while decrypting message in signal_message_verify_mac() function with one of my HMAC_SHA256 library.
  2. When I am using openssl for HMAC_SHA256 operation, I am getting "Bad MAC" error EVERY TIME. Is the openssl not supported with this library?

I have:

  • searched open and closed issues for duplicates
    Not sure if it related to issue #65 .

Bug description

sometimes "Bad MAC" error is coming when I run the test with attached SHA256 files during decrypt call.
When I use openssl library for the HMAC_SHA256 operations (init, update, final), each time I am getting this Bad MAC error.
Note: I am using this library as a native side (C++) implementation for one of my Android application. Since CommonCrypto is not available in android, I am using the attached HMAC lib/openssl lib for HMAC and aes encryption.

hmac_sha256.zip

Steps to reproduce

  • Run the test_basic_session_v3 test present in test_session_cipher.c with attached library function for HMAC operation

Actual result: Out of 50 Interaction between Alice and Bob only 10 were success rest were failed due to Bad MAC error.

Expected result: 50 out of 50 interaction should be completed.

The library's own unit tests use OpenSSL when compiled on non-Apple platforms as-is, and they all pass. Have you compared your crypto callbacks against the code in test_common_openssl.c ?

mjena commented

Hi @dkonigsberg,
Thanks for the quick reply.
The difference between your openssl implementation and mine is, you are using old openssl library and its APIs (1.0.x) and i am using the latest one (1.1.0e).
I am facing some issues to use the old openssl library in my code.

  1. Can you please tell me exactly which version of openssl you are using for test_common_openssl.c?
  2. Do you think, this issue is different from issue #65 for "Bad MAC".

Okay, I just updated test_common_openssl.c so that it can be built against OpenSSL 1.1, and I tested against a fresh build of 1.1.0e. All the tests still pass.

If you're still experiencing problems, it would be helpful for you to supply a copy of your implementations of all the relevant crypto callbacks alongside the info about whichever crypto library you're trying to use.

mjena commented

Thanks @dkonigsberg, after making your changes, I can verify all those test cases are passed.
I am planning to use this library for android native side communication module.

Can you please advice me, if I have to check for any other aspect of this library (like this HMAC/Encryption part) before I can start using it for the actual product?