[openssl-users] Open ssl error "hex string is too long invalid hex key value"

Matt Caswell matt at openssl.org
Thu Apr 12 08:43:07 UTC 2018

On 12/04/18 07:05, shagun maheshwari wrote:
> Hi,
> We are getting an error "OpenSSL error hex string is too long invalid hex key value" . OpenSSL version we are using is openssl-1.0.2k-8.el7. We have solved this issue by applying a patch in openssl package suggested by openssl community (https://clicktime.symantec.com/a/1/7Fg4lSHbjGfkPSCbaHTn0_5SA3g7jIxY1-VykXIdKu0=?d=xVjLv3Egby2iJQ8Pps44kijPDpVNeq--5cgHmJMSt7fSfApR2--2rIk1xvvBJSwGIglcjn61v6-JXGiiMB8XDbwUXh0ZdrcNxdLZpZ4iydtMyQvgDDeJdBqNF31hW_gGSt77P5_qmJ2yJH6Z5ycJqZO-sUXRgdvObuqYlAKoqdLqFCSzKnR5BTUYw7C8JvfSp3kLE-Zbr3DSGCEz0KwUBfdYWjeH8n10a4bsKfA8cgMmRr6o9pBR66fciTOnTNJISKm5XTy6SWr9xlsKxJccrczY4TsEDL7AncqGJMaEHWBzFyRbsGWpZmsedW0xIJg0cDSkXGt4xJ3lTN26_iL2qBwfAOarzDrtJ2uQtfOgoszexm-ICb8y8VY23Y7xlvo-6awGNFuZX8xKABbpaB9Q&u=https%3A%2F%2Fmta.openssl.org%2Fpipermail%2Fopenssl-dev%2F2016-May%2F007266.html). 
> In nwhich release of OpenSSL, we can expect this fix?

The thread you point to doesn't describe a bug in 1.0.2. The command
line provided to OpenSSL in that thread is in error. The hex string
provided for the key is too long (by 2 bytes) so OpenSSL is doing the
right thing by issuing an error message. It seems that this was
tolerated in older versions of OpenSSL (1.0.1) - but that behaviour can
probably be considered a bug in those older (out of support) versions.


More information about the openssl-users mailing list