It's a length thing. CFB1 expects the length in bits, not bytes. If you multiply the length by 8 inside crypto/aes/aes_cfb.c AES_cfb1_encrypt, it works fine. -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of RenYiqun Sent: Tuesday, November 13, 2007 7:01 AM To: openssl-dev@openssl.org Subject: aes-128-cfb1 bug
Hi developers, I find a bug of aes-128-cfb1: If key is "2b7e151628aed2a6abf7158809cf4f3c" , iv is "000102030405060708090a0b0c0d0e0f", plain-text is "a" or "abc", aes-128-cfb1 can not encrypt/decrypt correctly. The following is the log file. We can see that decryption result is different from original plain-text. [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># uname -all HP-UX sshia1 B.11.23 U ia64 3432702471 unlimited-user license [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># openssl version OpenSSL 0.9.7m 23 Feb 2007 [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># echo "a\c" > filea [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># cat filea [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># od -x filea 0000000 6100 0000001 [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># openssl enc -aes-128-cfb1 -in filea -out filea.enc.97m \ > -K 2b7e151628aed2a6abf7158809cf4f3c -iv 000102030405060708090a0b0c0d0e0f [EMAIL PROTECTED]<mailto%20:[EMAIL PROTECTED]># openssl enc -aes-128-cfb1 -d -in filea.enc.97m -out filea.dec.97m \ > -K 2b7e151628aed2a6abf7158809cf4f3c -iv 000102030405060708090a0b0c0d0e0f [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># cat filea.dec.97m [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># od -x filea.dec.97m 0000000 0 0000001 [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># echo "abc\c" > fileabc [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># cat fileabc [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># od -x fileabc 0000000 6162 6300 0000003 [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># openssl enc -aes-128-cfb1 -in fileabc -out fileabc.enc.97m \ > -K 2b7e151628aed2a6abf7158809cf4f3c -iv 000102030405060708090a0b0c0d0e0f [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># openssl enc -aes-128-cfb1 -d -in fileabc.enc.97m -out fileabc.dec.97m \ > -K 2b7e151628aed2a6abf7158809cf4f3c -iv 000102030405060708090a0b0c0d0e0f [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># cat fileabc.dec.97m [EMAIL PROTECTED]<mailto:[EMAIL PROTECTED]># od -x fileabc.dec.97m 0000000 606f 6e00 0000003 [EMAIL PROTECTED] a1<mailto:[EMAIL PROTECTED]># The bug at least exists in openssl-0.9.7m, openssl-0.9.7l and openssl-0.9.8b. I do the test on following platform: openssl-0.9.7m + HP-UX 11.23 + Itanium CPU openssl-0.9.7m + HP-UX 11.23 + PA-RISC CPU openssl-0.9.7l + HP-UX 11.11 + PA-RISC CPU openssl-0.9.8b + Redhat Enterprise Linux 5 + x86 CPU Would you please study this bug? Best Regards Yiqun Ren ________________________________ 使用新一代 Windows Live Messenger 轻松交流和共享! 立即体验!<http://messenger.live.cn/>
