OpenSSL's site has already been notified to the US authorities as the repository for the project. This means that US citizens may submit patches directly without having to file additional notifications. (My understanding, anyway.)
-Kyle H On 4/16/06, Michael McDougall via RT <[EMAIL PROTECTED]> wrote: > > AES-CFB1 and DES-CFB1 mode only encrypts 1/8th of the source file. > > To reproduce, run the following commands: > > echo I Love OpenSSL so much. > test.txt > > openssl enc -in test.txt -out test.encssl -K > 0123456789abcdef0123456789abcdef -iv 000000000000000000000000 > > openssl enc -in test.encssl -K 0123456789abcdef0123456789abcdef -iv > 00000000000000000000000000000000 -des-cfb1 -d > > Expected output:"I Love OpenSSL so much." (plus a newline) > Actual ouput:"I L" (no newline) > > The results are the same if you substitute "-aes-128-cfb1" for > "-des-cfb1" in the above commands. > > I tracked the problem down and have a patch that fixes it, but I'm in > the US and don't want to go through the formalities of notifying > whatever authorities need to be notified. > > The problem is that a parameter is set to the number of *bytes* to > encrypt/decrypt, but the parameter is interpreted as the number of > *bits* to encrypt/decrypt. In the example above, the input is 24 bytes > but only 3 bytes (=24 bits) is encrypted and decrypted. > > The fix is very simple: replace "X" by "X * 8" in 2 places, where X is > the relevant parameter to the cfb1 respective functions. > > cfb8 seems to work ok for DES and AES. > > Contents of 'testlog' generated by 'make report' > > OpenSSL self-test report: > > OpenSSL version: 0.9.9-dev > Last change: Add support for key derivation (agreement) in the API, ... > Options: no-asm no-gmp no-krb5 no-mdc2 no-rc5 no-shared > no-zlib no-zli > b-dynamic > OS (uname): Darwin gato.local 8.6.0 Darwin Kernel Version 8.6.0: > Tue Mar > 7 16:58:48 PST 2006; root:xnu-792.6.70.obj~1/RELEASE_PPC Power Macintosh > powerpc > OS (config): ppc-apple-darwinDarwin Kernel Version 8.6.0: Tue Mar 7 > 16:58:4 > 8 PST 2006; root:xnu-792.6.70.obj~1/RELEASE_PPC > Target (default): darwin-ppc-cc > Target: darwin-ppc-cc > Compiler: Using built-in specs. > Target: powerpc-apple-darwin8 > Configured with: /private/var/tmp/gcc/gcc-5250.obj~12/src/configure > --disable-ch > ecking -enable-werror --prefix=/usr --mandir=/share/man > --enable-languages=c,obj > c,c++,obj-c++ --program-transform-name=/^[cg][^.-]*$/s/$/-4.0/ > --with-gxx-includ > e-dir=/include/c++/4.0.0 --build=powerpc-apple-darwin8 > --host=powerpc-apple-darw > in8 --target=powerpc-apple-darwin8 > Thread model: posix > gcc version 4.0.1 (Apple Computer, Inc. build 5250) > > Test passed. > > > The same behavior was oberved with the OpenSSL 0.9.7i version that is > installed in my Mac as well as v0.9.8a on my Mac, and on a linux system > (version unknown). > > > > Michael > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > Development Mailing List [email protected] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [email protected] Automated List Manager [EMAIL PROTECTED]
