[openssl-dev] [openssl.org #3749] [PATCH] Fix major bugs in CRYPTO_128_unwrap()
Richard Godbee via RT
rt at openssl.org
Sun Mar 15 10:32:46 UTC 2015
"crypto/modes/wrap128.c was heavily refactored to support AES Key Wrap
with Padding, and four bugs were introduced into CRYPTO_128_unwrap() at
that time: [...]"
I created a pull request on GitHub for this back in September 2014, but
it seems to have gone unnoticed. I've rebased the commits to master and
am creating this RT ticket in hopes of getting the pull request seen
before the current, buggy code finds its way into the 1.1.0 release:
https://github.com/openssl/openssl/pull/179
There is also a GitHub Gist containing the source to a small program
that demonstrates the bug:
https://gist.github.com/rwg/d9b39167f49adf5b6e12
More information about the openssl-dev
mailing list