I was notified today of the existence of this ticket. My appologies for missing it. The patch included in this ticket was applied almost two months ago, so I'm resolving this ticket.
[EMAIL PROTECTED] - Fri Oct 24 09:29:09 2003]: > The function AES_cbc_encrypt has a bug when its input and output > parameters are the same which causes it to incorrectly update the IV. > All other OpenSSL ..._cbc_encrypt functions happily accept > input==output, I don't see a valid reason why AES would be the > exception. The attached patch fixes the problem, but a revisitation of > the AES CBC functions may be in order in order to optimise (I'm sure > it's got to be possible to encrypt/decrypt without memcpying so much) > > -- > Jon Bright > Silicon Circus Ltd. > http://www.siliconcircus.com -- Richard Levitte [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
