On Monday, July 1, 2019 at 5:53:45 PM UTC-4, Jeffrey Walton wrote: > > On Mon, Jul 1, 2019 at 5:38 PM Andrew Wason <[email protected]> wrote: > > > > On Monday, July 1, 2019 at 2:51:39 PM UTC-4, Jeffrey Walton wrote: > >> > >> > >> I think this may have something to do with > https://cryptopp.com/wiki/Elliptic_Curve_Integrated_Encryption_Scheme#Bouncy_Castle_Patch > > . That section needs to clearly state when the change occirs but it does > not. I'll look up the info and get it added. > > > > Ugh, I assumed Ubuntu libcrypto++6 was based on 6, but it's 5.6.4. So I > need to be comparing CRYPTOPP_5_6_4 and CRYPTOPP_6_0_0 > > https://packages.ubuntu.com/bionic/libcrypto++6 > > > > It turns out the problem does occur in CRYPTOPP_6_0_0 regardless of how > I compile, and does not occur with CRYPTOPP_5_6_4. > > > > I believe I found the issue. > >... > > > > In 6.0.0 and later, should SymmetricEncrypt be indexing into cipherKey > by MAC::DIGESTSIZE instead of MAC::DEFAULT_KEYLENGTH? > > I don't recall why that particular change happened. I'm probably the > guy who should remember why... Give me some time to think about it, > the reason may come to me. > > Uri, Marcel - Do you guys remember why that particular change was made? >
Looking at the changes, I would not be surprised if that was a copy/paste typo that flew under the radar because digest size was non-0. We opened a bug report to track changes at https://github.com/weidai11/cryptopp/issues/856 . Jeff -- You received this message because you are subscribed to "Crypto++ Users". More information about Crypto++ and this group is available at http://www.cryptopp.com and http://groups.google.com/forum/#!forum/cryptopp-users. --- You received this message because you are subscribed to the Google Groups "Crypto++ Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/cryptopp-users/80a88957-276c-4eb8-b182-c353f1822e5e%40googlegroups.com.
