OK, I had a chance to look at another implementation of the AES_CBC=20
operation and they were doing something similar (changing the IV) to what=
was being done in the original aes_cbc.c file. So I now think (I have=20
tested it) the original implementation was OK, given what was "probably"=20
intended (one wishes that the original authors had documented what they=20

The IV will always be overwritten on return from the call. The value it=20
will be "updated" with is the value that would be needed if you were=20
"chaining" the operations (making multiple calls to encrypt/decrypt a lar=
buffer by doing it in sections). For example, the single call:

AES_cbc_encrypt(in_data, out_data, len, &ekey, iv_cpy, AES_ENCRY=

can be done in two calls( assuming len >32 in this example):

AES_cbc_encrypt(in_data, out_data, 32, &ekey, iv_cpy, AES_ENCRYP=
AES_cbc_encrypt(&in_data[32], &out_data[32], len - 32, &ekey,=20
iv_cpy, AES_ENCRYPT);

The restriction here is that only the "last" call may have an encryption=20
length that is not an integer multiple of AES_BLOCK_SIZE (16).


At 10:09 AM 6/21/2007 +0200, The default queue via RT wrote:

>This message has been automatically generated in response to the
>creation of a trouble ticket regarding:
> "bug report, file aes_cbc.c (from v 0.9.8e)",
>a summary of which appears below.
>There is no need to reply to this message right now. Your ticket has be=

>assigned an ID of [ #1548].
>Please include the string:
> [ #1548]
>in the subject line of all future correspondence about this issue. To do=

>you may reply to this message.
> Thank you,

>I have been playing with the AES encryption code that I have "cut out"
>of the sources and I recently tried using the AES_cbc_encrypt()
>routine (defined in aes_cbc.c) - comparing it to some "know results" in
>the WiMedia specifications. I found that the encryption operation was O=

>but the decryption operation gave the wrong result!! In either
>case, (encryption/decryption) the routine is also doing something that
>would appear to be wrong: it is overwriting the IV input string. I have
>included "my" version of this file (that appears to work correctly in my
>The details:
> 1. Testing done using VC++ v6.0 in Windows, but I believe this=

> is not
> 2. file: aes_cbc.c (same version in 0.9.8d and 0.9.8e)

__________________________________________________ ____________________
OpenSSL Project
Development Mailing List
Automated List Manager