-
-
Notifications
You must be signed in to change notification settings - Fork 10.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
EVP_cast5_cfb master/1.1.1.f encryption output discrepancy #11459
Labels
issue: bug report
The issue was opened to report a bug
Comments
Will have a look - there are other KAT tests for cast so this is a bit strange. |
Hmm this works as a test vector in evp_test.. Must be the sequence of calls. |
The default keylength is wrong for 2 of the modes.. Fixing it up now. |
slontis
added a commit
to slontis/openssl
that referenced
this issue
May 2, 2020
Fixes openssl#11459 It was incorrectly using 8 bytes instead of 16 as the default. This was verified by expanding the macros used in e_cast.c. The issue occurs if EVP_CIPHER_CTX_set_key_length() is not called. evp_test.c hides this issue as it always calls EVP_CIPHER_CTX_set_key_length() before using EVP_CipherInit_ex(...., key, ..).
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This is a reproducer for OSS-Fuzz bug https://oss-fuzz.com/testcase-detail/5088449485078528
Output when compiled against master branch:
Output when compiled against 1.1.1f:
The latter is probably the correct one as this is consistent with Crypto++.
The text was updated successfully, but these errors were encountered: