[Dancer-users] Need help in understanding the role of taint handling in Dancer
Gurunandan Bhat
gbhat at pobox.com
Wed Apr 20 20:20:02 CEST 2011
Hi,
I am in the process of writing a Dancer application that does (in part) some
heavy lifting of PKI (RSA) [en|de]cryption using Crypt::OpenSSL::RSA and a
few other Crypt::* modules and have been hit with an issue that I do not
fully understand. Here is a rough sequence of what happens:
1. I have written a Moose based class that does PKI stuff. One of the the
methods in this class is encrypting binary strings using a Public Key. The
Public Key is read from a file on disk.
2. When I run a test script with this class, the encryption works fine.
3. When I run the same script as a route handler in Dancer the encryption
silently produces the wrong result - decrypting it does not give me the
original string.
4. Testing is a bit hard and complicated due to the fact that RSA
encryption is not deterministic and encrypting the same string twice will
give wildly different strings but decrypting both should correctly give the
original string. However after a few days of trying out multiple test code -
I am reasonably certain that *encryption with Crypt::OpenSSL::RSA gives
the correct result from the command line but gives the wrong result when run
as a Dance route handler*.I am currently working around this by doing the
encryption through a script on disk which the route handler runs - but this
is obviously too silly for words.
The only thing I can attribute this to is that my input string collected
from a form and/or my public key object which I read from file are marked as
tainted in Dancer but not in a command line script and that
Crypt::OpenSSL::RSA has a bug when used with tainted variables. This is a
conjecture but the only one that seems likely given the large amount of
testing that I have done.
With this background here are a couple of questions that I have:
1. Does Dancer taint input variables received from the user(-form)?
2. If yes, how do I untaint it.
3. How can I conclusively confirm that taintedness is causing the
difference in output between the command line script and the route handler.
With identical inputs to my command line script and to my route handler I am
certain that there is a difference in output. I am wondering if taintedness
is the cause.
Thank you for your patience in reading this rather long message
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.backup-manager.org/pipermail/dancer-users/attachments/20110420/10e9b037/attachment.htm>
More information about the Dancer-users
mailing list