Hi,
> I'was tracking a segfault in EVP_OpneUdate and stumbled on following:
>
> static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
> const unsigned char *in, size_t len)
> {
> EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
>
> if (dat->stream.cbc)
> (*dat->stream.cbc)(in,out,len,&dat->ks,ctx->iv,ctx->encrypt);
> else if (ctx->encrypt)
> CRYPTO_cbc128_encrypt(in,out,len,&dat->ks,ctx->iv,dat->block);
> else
> CRYPTO_cbc128_encrypt(in,out,len,&dat->ks,ctx->iv,dat->block);
>
> return 1;
> }
>
>
> I think that the second call to CRYPTO_cbc128_encrypt should be actually to
> CRYPTO_cbc128_decrypt.
Yes, it's a typo, and it was fixed in development branches. One
naturally wonders how did it work? The truth is that that call is never
made, because dat->stream.cbc is always initialized. At least was so far.
_______________________________________________
openssl-dev mailing list
openssl-dev@openssl.org
https://mta.opensslfoundation.net/mailman/listinfo/openssl-dev
