Can you verify this code? A.
It doesn't work :-(
# ./ssh naga evp_crypt: EVP_Cipher failed
CBC mode I presume? Can you try to verify all modes against software AES? E.g. 'echo test | apps/openssl enc -aes-128-cbc -e -k none [-engine padlock] | apps/openssl enc -aes-128-cbc -d -k none [-engine padlock]', etc. A.
These tests all work. However ssh with AES128 doesn't and with AES256 even segfaults...
Where? I mean 'gdb ssh core' and 'where'?
How about merging the last known to work version from you from this morning to the CVS and playing these optimization games later? :-)
The last code only adds couple of sanity checks. E.g. "if (nbytes==0 ...) return 0;" "default: return 0;" Can it be something simple like this?
I doubt that e.g. the IV loading optimizations would have a noticable speed impact anyway...
IV thing is not an optimization, but a bug fix. I mean I believe that IV was handled incorrectly in my previous version [which should show on chunks larger than REALIGN_SIZE]. Bear with me:-) A.
______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
