Andy Polyakov via RT wrote:
Summary can be found at http://cvs.openssl.org/chngview?cn=14145. Point is that I assumed that RC4_KEY structure initialized by RC4_set_key is passed down to RC4 verbatim in its original memory location, while OpenSSH takes freedom to swap the structures initialized in different locations. One can argue that the latter is inappropriate design choice, but it works on too many other platforms to argue. And so IA64 was "reduced" to common denominator. Case dismissed. A.
We need some way to "export" a cipher's state (key + iv + anything else) to implement privilege separation, where we need to pass encryption state around. If OpenSSL can implement some way to import and export state, then the direct copying can go away in OpenSSH (at least for newer libcryptos). -d ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager [EMAIL PROTECTED]