Corrupted MAC on input
Darren Tucker
dtucker at zip.com.au
Fri Apr 30 15:39:11 EST 2004
Deron Meranda wrote:
> At one point I started performing my own tests with lower and lower
> levels of debuging, almost to the point of capturing all the raw
> packet buffers just prior to encryption. I even inserted extra debug
> code so I could check every single step of the MAC computation and
> verification. I just could not explain what I saw, but it looked like
> a single byte was always getting changed. It was not a random pattern
> at all. If I recall correctly, I had ruled out the MAC computation
> itself. Also strangely the encrypted packets were identical. But
> somehow after decryption the plaintext buffers were different. I hope
> I'm recalling this correctly, but I think I am.
If the encrypted packets are identical but decrypt differently that
sounds like a problem in the crypto itself. Which algorithm were you
using? Are you using the HP ANSI C compiler to compile OpenSSL?
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list