aboutsummaryrefslogtreecommitdiffstats
path: root/README.md
diff options
context:
space:
mode:
authorKelly McLaughlin <[email protected]>2017-03-29 07:24:46 -0600
committerKelly McLaughlin <[email protected]>2017-03-29 07:24:46 -0600
commit59099922f53a478903da304cc591c4baae549dc5 (patch)
treefcff54ac6d7ab54ff20de24fde3b97697e5b7e94 /README.md
parenta748cafdc7063d9f181ba12088db6458793ced2f (diff)
downloadotp-59099922f53a478903da304cc591c4baae549dc5.tar.gz
otp-59099922f53a478903da304cc591c4baae549dc5.tar.bz2
otp-59099922f53a478903da304cc591c4baae549dc5.zip
Demonstrate the bug with AES CFB 128 encryption
Demonstrate a bug with AES CFB 128 for certain key sizes introduced with the Erlang 19.0 release. The code in the block_crypt_nif function in the crypto.c source file incorrectly calls aes_cfb_8_crypt when the specified cipher is aes_cfb8 or aes_cfb128 and the key size is 24 or 32. The aes_cfb_8_crypt function calls the AES_cfb8_encrypt function from the openssl interface, but this is incorrect when the cipher is aes_cfb128. Unfortunately the test cases in the crypto test suite are insufficient to detect an issue like this because it exercises the encryption and decryption roundtrip using the same incorrect underlying function. The problem was observed when trying to update an application to Erlang 19 that attempted to decrypt data that was encrypted using aes_cfb128 by another source. In this commit I altered the crypto test suite to provide a demonstration of this problem.
Diffstat (limited to 'README.md')
0 files changed, 0 insertions, 0 deletions