Subject: Re: Inconsistent behavior between FIPS and non-FIPS AES
Hi Jeff,
Thanks for the response ... all the return values are 1, including setting the
FIPS mode.
I had removed the checks in this stripped down example code to get to my point
and try to show the relevant portions, and minimize
On Tue, Oct 16, 2012, AJ wrote:
Any other comments on the actual issue here?
I don't believe the inconsistency is the expected way the API should work.
It's a bug. The fix was applied to non-validated versions of OpenSSL but was
too late to be included in the last validation.
Steve.
--
Dr
st...@openssl.org
To: openssl-users@openssl.org
Cc:
Sent: Tuesday, October 16, 2012 11:35 AM
Subject: Re: Inconsistent behavior between FIPS and non-FIPS AES
On Tue, Oct 16, 2012, AJ wrote:
Any other comments on the actual issue here?
I don't believe the inconsistency is the expected way
Hi,
I've noticed an inconsistency between the behavior of AES_CTR in FIPS and
non-FIPS modes.
I am using openssl-1.0.1c and openssl-fips-2.0.
The following code demonstrates the issue:
1 #include stdio.h
2 #include string.h
3 #include openssl/evp.h
4
5 #define MSG_SIZE 14
6 const
Hi aunt.jomamma,
You have ignored every return value. You should probably start by
checking all return values.
If you check all return values *and* assert all the checks, you will
have self debugging code. I find self debugging code the best code of
all, but I'm kind of lazy.
2) Is there
-
From: Jeffrey Walton noloa...@gmail.com
To: openssl-users@openssl.org
Cc:
Sent: Friday, October 12, 2012 6:44 PM
Subject: Re: Inconsistent behavior between FIPS and non-FIPS AES
Hi aunt.jomamma,
You have ignored every return value. You should probably start by
checking all return values