[Bug 1291] aes256-ctr, aes192-ctr, arcfour256 broken with OpenSSL 0.9.8e
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Sun Mar 4 10:55:14 EST 2007
http://bugzilla.mindrot.org/show_bug.cgi?id=1291
------- Comment #4 from dtucker at zip.com.au 2007-03-04 10:55 -------
Between 0.9.8d and 0.9.8e, EVP_CIPHER_CTX_key_length changed from
#define EVP_CIPHER_CTX_key_length(e) ((e)->key_len)
to
int EVP_CIPHER_CTX_key_length(const EVP_CIPHER_CTX *ctx)
{
return ctx->cipher->key_len;
}
so it seems that it's now returning the default key length of the
cipher rather than that of the context.
If I add a debug print of the key length you can see that it doesn't
change even though EVP_CIPHER_CTX_set_key_length has been called:
debug2: set_newkeys: mode 1
debug1: key len 16
debug2: cipher_init: set keylen (16 -> 32)
debug1: key len 16
If I then change "return ctx->cipher->key_len" to "return ctx->key_len"
in and recompile then everything seems to be peachy.
So it would appear to be an OpenSSL bug. I'll file it upstream.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the openssh-bugs
mailing list