Openssl:
OK, I had a chance to look at another implementation of the AES_CBC
operation and they were doing something similar (changing the IV) to what
was being done in the original aes_cbc.c file. So I now think (I have
tested it) the original implementation was OK, given what was "probably"
intended (one wishes that the original authors had documented what they
intended...):
The IV will always be overwritten on return from the call. The value it
will be "updated" with is the value that would be needed if you were
"chaining" the operations (making multiple calls to encrypt/decrypt a large
buffer by doing it in sections). For example, the single call:
AES_cbc_encrypt(in_data, out_data, len, &ekey, iv_cpy, AES_ENCRYPT);
can be done in two calls( assuming len >32 in this example):
AES_cbc_encrypt(in_data, out_data, 32, &ekey, iv_cpy, AES_ENCRYPT);
AES_cbc_encrypt(&in_data[32], &out_data[32], len - 32, &ekey,
iv_cpy, AES_ENCRYPT);
The restriction here is that only the "last" call may have an encryption
length that is not an integer multiple of AES_BLOCK_SIZE (16).
-Bruce
At 10:09 AM 6/21/2007 +0200, The default queue via RT wrote:
>Greetings,
>
>This message has been automatically generated in response to the
>creation of a trouble ticket regarding:
> "bug report, file aes_cbc.c (from v 0.9.8e)",
>a summary of which appears below.
>
>There is no need to reply to this message right now. Your ticket has been
>assigned an ID of [openssl.org #1548].
>
>Please include the string:
>
> [openssl.org #1548]
>
>in the subject line of all future correspondence about this issue. To do so,
>you may reply to this message.
>
> Thank you,
> [EMAIL PROTECTED]
>
>-------------------------------------------------------------------------
>openssl:
>
>I have been playing with the AES encryption code that I have "cut out"
>of the sources and I recently tried using the AES_cbc_encrypt()
>routine (defined in aes_cbc.c) - comparing it to some "know results" in
>the WiMedia specifications. I found that the encryption operation was OK,
>but the decryption operation gave the wrong result!! In either
>case, (encryption/decryption) the routine is also doing something that
>would appear to be wrong: it is overwriting the IV input string. I have
>included "my" version of this file (that appears to work correctly in my
>tests).
>
>The details:
>
> 1. Testing done using VC++ v6.0 in Windows, but I believe this
> is not
>relevant.
> 2. file: aes_cbc.c (same version in 0.9.8d and 0.9.8e)
>
>
>-Bruce
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
