On Sun Mar 02 11:24:55 2014, [email protected] wrote: > One can duplicate the entire EVP_CIPHER_CTX with a call to > EVP_CIPHER_CTX_copy. > By default the state (cipher_data) is duplicated bytewize (malloc+memcpy). > Since AES > gcm has pointers in its state this naive copy method leads to crashes.
The patch works but I'm not sure we should permit this. If you copy an AES GCM context you end up reusing the key and IV which has security implications. Obviously crashing is wrong, an error message would be appropriate if we want to disallow copying GCM contexts. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [email protected]
