[openssl-dev] [openssl.org #3533] [PATCH] Ensures that EVP encryption & decryption operations check the encrypt flag on the context.
https://github.com/openssl/openssl/pull/172 Closing ticket. -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=3533 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
[openssl.org #3533] [PATCH] Ensures that EVP encryption decryption operations check the encrypt flag on the context.
Hi, I didn't get any response to my previous email regarding checking the encrypt flag when doing EVP encryption or decryption operations, nor did I get any comments on the patch. I have the feeling I incorrectly formatted my patch, so I'm re-doing it. Alok 0001-Ensures-that-EVP-encryption-decryption-operations-ch.patch Description: Binary data
[openssl.org #3533] [PATCH] Ensures that EVP encryption decryption operations check the encrypt flag on the context.
Hi, I didn't get any response to my previous email regarding checking the encrypt flag when doing EVP encryption or decryption operations, nor did I get any comments on the patch. I have the feeling I incorrectly formatted my patch, so I'm re-doing it. Alok 0001-Ensures-that-EVP-encryption-decryption-operations-ch.patch Description: Binary data
Re: [openssl.org #3533] [PATCH] Ensures that EVP encryption decryption operations check the encrypt flag on the context.
Patch visible. Thanks for contribution. As to actual content - it is up to OpenSSL team. But as to the style: comments of // type is not in OpenSSL code conventions. If you redo them to /**/ way - it could speed-up processing. On 13 November 2014 20:54, Alok Menghrajani via RT r...@openssl.org wrote: Hi, I didn't get any response to my previous email regarding checking the encrypt flag when doing EVP encryption or decryption operations, nor did I get any comments on the patch. I have the feeling I incorrectly formatted my patch, so I'm re-doing it. Alok
Re: [openssl.org #3533] [PATCH] Ensures that EVP encryption decryption operations check the encrypt flag on the context.
You are welcome. Fixed comments to use /**/ style. On Thu, Nov 13, 2014 at 3:40 PM, Andrey Kulikov amde...@gmail.com wrote: Patch visible. Thanks for contribution. As to actual content - it is up to OpenSSL team. But as to the style: comments of // type is not in OpenSSL code conventions. If you redo them to /**/ way - it could speed-up processing. On 13 November 2014 20:54, Alok Menghrajani via RT r...@openssl.org wrote: Hi, I didn't get any response to my previous email regarding checking the encrypt flag when doing EVP encryption or decryption operations, nor did I get any comments on the patch. I have the feeling I incorrectly formatted my patch, so I'm re-doing it. Alok 0001-Ensures-that-EVP-encryption-decryption-operations-ch.patch Description: Binary data
[openssl.org #3533] [PATCH] Ensures that EVP encryption decryption operations check the encrypt flag on the context.
I created a pull request about a week ago (https://github.com/openssl/openssl/pull/172) but it seems things work better if I send an email also? I believe EVP should make it hard to shoot yourself in the foot, so this change ensures that a user cannot accidentally decrypt data with an encryption context or vice-versa. For example, without the check, if an encryption context is used to decrypt EVP_aes_256_gcm encrypted data, the code will fail to validate the TAG. Alok evp_check_ctx_encrypt.patch Description: Binary data