I'm seeing random failures (~1% of tests) during encrypt/decrypt tests using
the current 0.9.7 CVS code. In the failed cases the output clear text is
correct except that it is short or long by a few bytes. It doesn't seem to
matter which cipher is used (I tried rc5, des-ede3-cbc & a few others),
indicating a problem in the higher level EVP code. The openssl program reports
the error message:
27671:error:0606506D:digital envelope routines:EVP_DecryptFinal:wrong final block
length:.\crypto\evp\evp_enc.c:423:
The problem appears to be in the encrypt step as repeating the decrypt produces
the same incorrect output every time.
Platform: OS/2 using GCC 2.8.1, AMD Athlon 1200 (TBird).
The same tests using 0.9.6h produces no failures.
The input clear text is the ms/testenc.bat though the contents of the input
file doesn't appear to be a factor as other input files also fail.
I've tried reducing the optimization level down to -O1 with no effect.
This is the test script I've been using (it's in REXX but you should get the
idea). Each run produces 8-12 failures. Any hints on how to track this down
would be appreciated.
/* Rexx */
failed = 0
do c = 1 to 1000
say "Iteration "c
'openssl des-ede3-cbc -e -bufsize 113 -k test -in clear.in -out cipher.out.'c
'openssl des-ede3-cbc -d -bufsize 157 -k test -in cipher.out.'c' -out clear.out.'c
'cmp clear.in clear.out.'c
if rc \= 0 then do
say "Failed"
failed = failed + 1
end
end
say failed" failures"
--
______________________________________________________________________________
| Brian Havard | "He is not the messiah! |
| [EMAIL PROTECTED] | He's a very naughty boy!" - Life of Brian |
------------------------------------------------------------------------------
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
