[PATCH] cipher: fix dhgex for non-GCM ciphers for OpenSSL 3.0
Marc Kleine-Budde
mkl at pengutronix.de
Tue Dec 8 03:10:44 AEDT 2020
On 12/4/20 3:36 AM, Darren Tucker wrote:
> Thanks for the investigation.
>
>> The issue is that openssh needs the "current" IV state (which the
>> now-deprecated EVP_CIPHER_CTX_iv() used to return), but it's calling the
>> wrong openssl function to obtain it.
>
> It's not that simple.
>
> In 2018, LibreSSL added EVP_CIPHER_CTX_get_iv (
> https://github.com/libressl-portable/openbsd/commit/db321d7792) which
> returns the current IV, and OpenSSH has been using it ever since.
>
> In 2020, OpenSSL added a function of the same name (
> https://github.com/openssl/openssl/commit/79f4417ed94) which behaves
> differently. Maybe OpenSSL could change it before 3.0 instead of shipping
> an incompatible API? EVP_CIPHER_CTX_get_original_iv would be consistent
> with the function they deprecated. ie
>
> EVP_CIPHER_CTX_get_iv -> EVP_CIPHER_CTX_get_original_iv
> EVP_CIPHER_CTX_get_iv_state -> EVP_CIPHER_CTX_get_iv
I tried to wrap up the problem and created an openssl issue:
https://github.com/openssl/openssl/issues/13631
Marc
--
Pengutronix e.K. | Marc Kleine-Budde |
Embedded Linux | https://www.pengutronix.de |
Vertretung West/Dortmund | Phone: +49-231-2826-924 |
Amtsgericht Hildesheim, HRA 2686 | Fax: +49-5121-206917-5555 |
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: OpenPGP digital signature
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20201207/28f34a58/attachment.asc>
More information about the openssh-unix-dev
mailing list