I'm not on the dev team or anything, but I don't understand how you could have *ever* successfully encrypted multiple streams with the same EVP context??? Just the IV's alone would have been screwed up for CBC ciphers and stream ciphers like RC4 would completely break.
Unless, of course, you decrypted in *exactly* the same sequence of streams as you encrypted, in which case, each individual stream would be incorrectly encrypted. still, I don't see how this could have ever worked. -lee -----Original Message----- From: Pavel Tsekov [mailto:[EMAIL PROTECTED]] Sent: Friday, May 03, 2002 5:27 AM To: [EMAIL PROTECTED] Subject: Re: [PATCH] Re: Question on EVP encryption/decryption routines Is there any chance that somone will comment on this topic anytime soon ? PT> Does the attached oneliner make sense ? IMO it doesnt break anything, PT> but allows reusing the EVP_CIPHER_CTX in calls to EVP_EncryptUpdate, PT> after EVP_EncryptFinal is called. PT> Any comments greatly appreciated :) PT> The diff is against the released 0.9.6c version of the OpenSSL PT> library. PT>> Currently EVP_Encrypt* interface doesnt support PT>> encryption of multiple data streams with a single PT>> symmetric key. Is there any chance patches to PT>> allow this to be accepted in the official OpenSSL PT>> codebase ? Currently I'm thinking to modify EVP_EncryptFinal PT>> so it leaves the EVP_CIPHER_STATE in a consistent state PT>> after finishing its work. PT>> Any comments on this ? I am aware of the fact that encrypting PT>> multiple data streams with a single key is not such a good idea PT>> of a security point of view. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
