[openssl] openssl-3.0 update
Dr. Paul Dale
pauli at openssl.org
Thu Jan 27 01:02:27 UTC 2022
The branch openssl-3.0 has been updated
via 4ac8e51e3272c7d7f2e7d62da699f52e0112ac05 (commit)
from 17a27b8979d8dab8e57f2dad68d85dc2033cfeda (commit)
- Log -----------------------------------------------------------------
commit 4ac8e51e3272c7d7f2e7d62da699f52e0112ac05
Author: Tomas Mraz <tomas at openssl.org>
Date: Tue Jan 25 18:10:26 2022 +0100
Fix IV length of DES EDE ECB implementations
Fixes #17587
Reviewed-by: Paul Dale <pauli at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/17591)
(cherry picked from commit d450eb84c802b2f78971f905b251a0fb89ebb7d1)
-----------------------------------------------------------------------
Summary of changes:
providers/implementations/ciphers/cipher_tdes.c | 6 +-----
providers/implementations/ciphers/cipher_tdes_default.c | 2 +-
test/recipes/30-test_evp_data/evpciph_des3_common.txt | 15 ++++++++++++++-
3 files changed, 16 insertions(+), 7 deletions(-)
diff --git a/providers/implementations/ciphers/cipher_tdes.c b/providers/implementations/ciphers/cipher_tdes.c
index e63c143755..409e2b8306 100644
--- a/providers/implementations/ciphers/cipher_tdes.c
+++ b/providers/implementations/ciphers/cipher_tdes.c
@@ -19,11 +19,7 @@
#include "cipher_tdes.h"
#include "prov/implementations.h"
-/*
- * NOTE: ECB mode does not use an IV - but existing test code is setting
- * an IV. Fixing this could potentially make applications break.
- */
/* ossl_tdes_ede3_ecb_functions */
-IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64*3, 64, 64, block);
+IMPLEMENT_tdes_cipher(ede3, EDE3, ecb, ECB, TDES_FLAGS, 64*3, 64, 0, block);
/* ossl_tdes_ede3_cbc_functions */
IMPLEMENT_tdes_cipher(ede3, EDE3, cbc, CBC, TDES_FLAGS, 64*3, 64, 64, block);
diff --git a/providers/implementations/ciphers/cipher_tdes_default.c b/providers/implementations/ciphers/cipher_tdes_default.c
index 0e75d0ff11..4d1fe5c3f9 100644
--- a/providers/implementations/ciphers/cipher_tdes_default.c
+++ b/providers/implementations/ciphers/cipher_tdes_default.c
@@ -26,7 +26,7 @@ IMPLEMENT_tdes_cipher(ede3, EDE3, cfb1, CFB, TDES_FLAGS, 64*3, 8, 64, stream);
IMPLEMENT_tdes_cipher(ede3, EDE3, cfb8, CFB, TDES_FLAGS, 64*3, 8, 64, stream);
/* ossl_tdes_ede2_ecb_functions */
-IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64*2, 64, 64, block);
+IMPLEMENT_tdes_cipher(ede2, EDE2, ecb, ECB, TDES_FLAGS, 64*2, 64, 0, block);
/* ossl_tdes_ede2_cbc_functions */
IMPLEMENT_tdes_cipher(ede2, EDE2, cbc, CBC, TDES_FLAGS, 64*2, 64, 64, block);
/* ossl_tdes_ede2_ofb_functions */
diff --git a/test/recipes/30-test_evp_data/evpciph_des3_common.txt b/test/recipes/30-test_evp_data/evpciph_des3_common.txt
index 30be60e842..d5e8f9728a 100644
--- a/test/recipes/30-test_evp_data/evpciph_des3_common.txt
+++ b/test/recipes/30-test_evp_data/evpciph_des3_common.txt
@@ -11,7 +11,7 @@
# PrivPubKeyPair Sign Verify VerifyRecover
# and continue until a blank line. Lines starting with a pound sign are ignored.
-Title = DES3 Test
+Title = DES3 Tests
# DES EDE3 CBC tests (from destest)
Cipher = DES-EDE3-CBC
@@ -20,3 +20,16 @@ IV = fedcba9876543210
Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
Ciphertext = 3FE301C962AC01D02213763C1CBD4CDC799657C064ECF5D41C673812CFDE9675
NextIV = 1c673812cfde9675
+
+# DES EDE3 ECB test
+Cipher = DES-EDE3-ECB
+Key = 0123456789abcdeff1e0d3c2b5a49786fedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
+Ciphertext = 62c10cc9efbf15aaa5ae2e487b690e56d8b1dfb8f5c5b293855e77dd9024b1b1
+
+# DES EDE ECB test
+Availablein = default
+Cipher = DES-EDE-ECB
+Key = 0123456789abcdeffedcba9876543210
+Plaintext = 37363534333231204E6F77206973207468652074696D6520666F722000000000
+Ciphertext = 4d1332e49f380e23d80a0d8b2bae5e4e6a0094171abcfc27df2bfd40da9f4e4d
More information about the openssl-commits
mailing list