I believe I've found a bug with the UNIX command-line "openssl enc" utility. If you specify the hex key (with -K) on the command line, the IV is some randomish garbage, probably whatever happens to be in memory. Shouldn't the default IV be zero in this case? I did not include the full "make report" because a friend (Chris Casey, CC'ed) shows similar behavior on other architectures and operating systems (listed after the example). The same problem exists with a snapshot build (openssl-0.9.6-stable-SNAP-20010412). I believe it to be a code problem, not a compilation problem. I've included (LONG!) typical sample output using OpenSSL 0.9.6a built with just "./config; make". Here's some basic info about my particular machine: $ id uid=100(ajbrown) gid=1(other) $ uname -a SunOS sleeper 5.8 Generic_108528-06 sun4u sparc SUNW,Ultra-5_10 $ openssl version -a OpenSSL 0.9.6a 5 Apr 2001 built on: Fri Apr 13 15:01:02 PDT 2001 platform: solaris-sparcv9-gcc options: bn(64,32) md2(int) rc4(ptr,char) des(idx,cisc,16,long) idea(int) blowfish(ptr) compiler: gcc -fPIC -DTHREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -mcpu=ultrasparc -O3 -fomit-frame-pointer -Wall -DB_ENDIAN -DBN_DIV2W -DULTRASPARC -DMD5_ASM $ gcc -v Reading specs from /usr/local/lib/gcc-lib/sparc-sun-solaris2.8/2.95.3/specs gcc version 2.95.3 20010315 (release) When the hex key (-K) is specified: 1) A garbage salt is presented 2) A garbage IV is presented The garbage salt and IVs are sometimes different on different shell instances. They are also sometimes different if I specify the base64 output (-a) option: $ openssl enc -des -K AAAAAAAAAAAAAAAA -P salt=00000000FFBEFB68 key=AAAAAAAAAAAAAAAA iv =FFBEF568000277FC $ openssl enc -des -a -K AAAAAAAAAAAAAAAA -P salt=00000000FFBEFB60 key=AAAAAAAAAAAAAAAA iv =FFBEF560000277FC This leads me to believe it's an allocation problem. Clearly the salt is irrelevant because, since the key is specified, the salt isn't used. The problem is that it actually *IS* using the badly-allocated IV (the one generated with the -a option) as the default during encryption: $ echo $$ 1987 $ echo hi | openssl enc -des -a -K AAAAAAAAAAAAAAAA ZRcbPPZYq7Y= $ echo hi | openssl enc -des -a -K AAAAAAAAAAAAAAAA -iv FFBEF568000277FC ZRcbPPZYq7Y= Over on another shell instance, the default IV is different: $ echo $$ 9050 $ echo hi | openssl enc -des -a -K AAAAAAAAAAAAAAAA AajSnZQWZFA= On one of Chris's machines with a different OS, gcc, and (the previous) version of OpenSSL, I can't replicate the changing IV, but the default IV looks strange (and different) nonetheless: $ id uid=1016(logic) gid=1016(logic) groups=1016(logic), 0(wheel), 2000(frogstar) $ uname -a FreeBSD punt.xxxxxxxx.xxx 4.0-20000531-STABLE FreeBSD 4.0-20000531-STABLE #2: Fri Aug 18 13:45:27 CDT 2000 [EMAIL PROTECTED]:/usr/src/sys/compile/woo i386 $ openssl version -a OpenSSL 0.9.6 24 Sep 2000 built on: Mon Feb 12 22:17:25 CST 2001 platform: FreeBSD-elf options: bn(64,32) md2(int) rc4(idx,int) des(ptr,risc1,16,long) idea(int) blowfish(idx) compiler: gcc -DTERMIOS -DL_ENDIAN -fomit-frame-pointer -O3 -m486 -Wall -DSHA1_ASM -DMD5_ASM -DRMD160_ASM $ gcc -v Using builtin specs. gcc version 2.95.2 19991024 (release) $ openssl enc -des -K AAAAAAAAAAAAAAAA -P salt=B8D611087B5A1128 key=AAAAAAAAAAAAAAAA iv =010000006DC90908 $ openssl enc -des -a -K AAAAAAAAAAAAAAAA -P salt=B8D611087B5A1128 key=AAAAAAAAAAAAAAAA iv =010000006DC90908 $ echo hi | openssl enc -des -a -K AAAAAAAAAAAAAAAA nlT+LgivVLg= $ echo hi | openssl enc -des -a -K AAAAAAAAAAAAAAAA -iv 010000006DC90908 nlT+LgivVLg= Also, Chris shows different default IVs on FreeBSD Alpha, another FreeBSD x86, and Solaris 2.6 sparc: root@ctest1:~> uname -a FreeBSD ctest1.xxxx.xxx.xxx 4.3-RC2 FreeBSD 4.3-RC2 #0: Fri Mar 30 22:58:27 GMT 2001 [EMAIL PROTECTED]:/usr/src/sys/compile/GENERIC alpha root@ctest1:~> openssl enc -des -K AAAAAAAAAAAAAAAA -P salt=A0AFFF1100000000 key=AAAAAAAAAAAAAAAA iv =50C8052001000000 chriss@jasper:~> uname -a FreeBSD jasper 4.2-20010109-STABLE FreeBSD 4.2-20010109-STABLE #0: Wed Jan 10 23:55:04 GMT 2001 [EMAIL PROTECTED]:/usr/src/sys/compile/foo i386 chriss@jasper:~> openssl enc -des -K AAAAAAAAAAAAAAAA -P salt=A852092800800928 key=AAAAAAAAAAAAAAAA iv =80920808E0F1BFBF chriss@schottky:~> uname -a SunOS schottky 5.6 Generic_105181-19 sun4u sparc SUNW,Ultra-5_10 chriss@schottky:~> openssl enc -des -K AAAAAAAAAAAAAAAA -P salt=00000000EFFFF6B8 key=AAAAAAAAAAAAAAAA iv =EFFFF0B80003119C ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
