Valient Gough wrote:
My previous mail doesn't seem to have appeared on the list, so sending
again:
Hello,
As the maintainer of a package which uses OpenSSL, I've received some
reports
of 0.9.8e failing to decrypt data which was encrypted by previous
versions of
OpenSSL.
Attached is a small bit of C++ code which demonstrates the problem. It
uses
the EVP interface with EVP_bf_cfb as the cipher and a 256 bit key (the
reports all point to Blowfish with key length > 128 bits). What it does is
set a key, an IV, and run an encryption pass, then a decryption and compute
checksums of the three arrays (original, encrypted, decrypted).
When built against 0.9.8c, I get:
ort:tmp> g++ -Wall -g -o ssltest ssltest.cpp -lssl -lcrypto -lz
ort:tmp> ./ssltest
src chksum = 698614540
stage2 chksum = 2266501868
final chksum = 698614540
Another machine with 0.9.7a gives an identical result. On a machine I
upgraded to 0.9.8e, I get the following output:
src chksum = 698614540
stage2 chksum = 2108297998
final chksum = 698614540
"stage2" is the encrypted data, and it differs on 0.9.8e. What this
means in
practice is that the program I'm using can encrypt/decrypt data just fine
when run in either version of OpenSSL, but if data is encrypted in an
earlier
version and then OpenSSL is upgraded to 0.9.8e, then decryption fails.
The nearest I've narrowed down is to something changing between 0.9.8c and
0.9.8e, but I've received reports that 0.9.8d -> 0.9.8e also fails. I've
been looking at the diffs between 0.9.8d -> 0.9.8e, but I'm not seeing any
obvious problem. Reports are that only Blowfish with key > 128 bits has a
problem, and AES users are not affected.
Any ideas what's wrong, and if there's a way to get 0.9.8e output to match
earlier versions?
it's a bug in openssl 0.9.8e (see [1]).
Nils
[1] http://cvs.openssl.org/chngview?cn=15978
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
