Are you speaking of the CFB-8 tests failing? I've only implemented CFB-128 so far, so I'd expect CFB-8 to fail. If I'm reading things right, Levitte's fix is for the EVP padding, not the crypto routines.
S Thus spake Chris Brook: > Is this now fixed for EVP_Encrypt() and EVP_Decrypt() or only the > xxInit,xxUpdate,xxFinal sequences? Or must I set padding off? > If this is resolved, I can go back and rerun the NIST AES certification > tests for CFB with 8 bit block sizes. Needless to say they failed before. > Chris Brook > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:owner-openssl-dev@;openssl.org]On Behalf Of John Viega via RT > Sent: Thursday, October 17, 2002 7:18 PM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: [openssl.org #306] EVP_xxx_{cfb,ofb} problems in openssl > 0.9.7-beta3 > > > > Yes, it does indeed seem to be fixed. Seeing that OFB and CFB are > pretty fundamental, shouldn't a fix like that merit a b4 release, > particularly considering how long it's been since b3? :) > > John > > On Thursday, October 17, 2002, at 05:34 PM, Richard Levitte - VMS > Whacker wrote: > > > In message <[EMAIL PROTECTED]> > > on Thu, 17 Oct 2002 16:34:55 -0400, John Viega > > <[EMAIL PROTECTED]> said: > > > > viega> Perhaps it would help to show you how things work differently > > in 0.9.6 > > viega> and 0.9.7. Try this code out in each one: > > viega> > > viega> #include <openssl/evp.h> > > viega> > > viega> int main(int argc, char **argv) { > > viega> EVP_CIPHER_CTX c; > > viega> char key[128] = {0,}; > > viega> char iv[128] = {0,}; > > viega> char in[256]={0,}; > > viega> char out[256]; > > viega> int olen,i, o2; > > viega> > > viega> #define CIPHER() EVP_bf_cfb() > > viega> #define HOWMANY 148 > > viega> EVP_EncryptInit(&c, CIPHER(), (char *)key, iv); > > viega> EVP_EncryptUpdate(&c, out, &olen, in, HOWMANY); > > viega> EVP_EncryptFinal(&c, out+olen,&o2); > > viega> olen += o2; > > viega> printf("Olen = %d\n", olen); > > viega> for(i=0;i<olen;i++) { > > viega> printf("%02x ", (unsigned char)out[i]); > > viega> } > > viega> printf("\n"); > > viega> } > > viega> > > viega> This returns 148 in 0.9.6, and it returns 152 in 0.9.7 (b3 at > > least). > > viega> The same thing happens in OFB mode. What's going on is that > > PKCS > > viega> padding is getting added when it never was previously. > > > > Ah, yeah, right, that's a bug in beta3. It has been fixed, however. > > Please try the latest 0.9.7 snapshot, and you'll see the difference. > > > > -- > > Richard Levitte \ Spannvägen 38, II \ [EMAIL PROTECTED] > > Redakteur@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47 > > \ SWEDEN \ or +46-708-26 53 44 > > Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED] > > Member of the OpenSSL development team: http://www.openssl.org/ > > > > Unsolicited commercial email is subject to an archival fee of $400. > > See <http://www.stacken.kth.se/~levitte/mail/> for more info. > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] -- Stephen Sprunk "God does not play dice." --Albert Einstein CCIE #3723 "God is an inveterate gambler, and He throws the K5SSS dice at every possible opportunity." --Stephen Hawking ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]