[openssl-dev] Possible bug in crypto/evp/e_aes.c:aes_cbc_cipher
Andy Polyakov
appro at openssl.org
Wed Dec 17 14:35:13 UTC 2014
Hi,
> I'was tracking a segfault in EVP_OpneUdate and stumbled on following:
>
> static int aes_cbc_cipher(EVP_CIPHER_CTX *ctx,unsigned char *out,
> const unsigned char *in, size_t len)
> {
> EVP_AES_KEY *dat = (EVP_AES_KEY *)ctx->cipher_data;
>
> if (dat->stream.cbc)
> (*dat->stream.cbc)(in,out,len,&dat->ks,ctx->iv,ctx->encrypt);
> else if (ctx->encrypt)
> CRYPTO_cbc128_encrypt(in,out,len,&dat->ks,ctx->iv,dat->block);
> else
> CRYPTO_cbc128_encrypt(in,out,len,&dat->ks,ctx->iv,dat->block);
>
> return 1;
> }
>
>
> I think that the second call to CRYPTO_cbc128_encrypt should be actually to
> CRYPTO_cbc128_decrypt.
Yes, it's a typo, and it was fixed in development branches. One
naturally wonders how did it work? The truth is that that call is never
made, because dat->stream.cbc is always initialized. At least was so far.
More information about the openssl-dev
mailing list