Re: Bug with AES key byte order in cygcrypto-0.9.8.dll?

Mon, 05 Feb 2007 01:47:47 -0800 

On Feb  4 12:18, Dave Wright wrote:
> I'm seeing a difference byte order handling between
> cygcrypto-0.9.8.dll (0.9.8d-1) and cygcrypto-0.9.7.dll (0.9.7l-1) in
> AES_set_encrypt_key (and set_decrypt_key).
> 
> Specifically, the 0.9.8 version doesn't appear to swap the byte order
> into LE correctly. The behavior and key byte order of 0.9.7 matches
> the other non-cygwin platforms I've tested on, including libcrypto
> 0.9.7 and 0.9.8 on Linux and OSX, so the problem appears to be
> something specific to the cygwin build.
> 
> Test case:
> 
> unsigned char key[256] = {0xb6, 0x6d, 0x7b, 0x21, 0x71, 0x34, 0x2e,
> 0xe7, 0x99, 0xce, 0x20, 0x6d, 0x5f, 0x10, 0x26, 0x55,
>  0x8e, 0xa8, 0xc3, 0xdf, 0xfc, 0x1a, 0x39, 0x59, 0x6a, 0x7c, 0x8f,
> 0xa3, 0x91, 0xa7, 0xbe, 0xd6};
> 
> AES_KEY kv;
> AES_set_encrypt_key(key, 128, &kv);
> 
> print /x kv (on cygcrypto 0.9.8):
> {rd_key = {0x217b6db6, 0xe72e3471, 0x6d20ce99, 0x5526105f,...
> (on cygcrypto 0.9.7):
> {rd_key = {0xb66d7b21, 0x71342ee7, 0x99ce206d, 0x5f102655,...
> 
> ..the first four values of rd_key SHOULD match the bytes of the key
> (as in 0.9.7), but on 0.9.8 they have not been byte swapped correctly
> for the x86 platform.
> 
> There are #defines in aes_locl.h that control the byte ordering, but
> they appear to only do something different for MSVC compilers.

I've no clue about crypto algorithms, I just have two tests.  The first
is the `make test' facility of openssl itself, the other one is OpenSSH.
OpenSSL's `make test' works fine.  Forcing AES on OpenSSH like in

  $ ssh -c aes192-cbc destination

works fine, too, regardless if the target machine is running Cygwin or
Linux.  I also tried to connect to a Linux box running OpenSSL 0.9.7,
which works as well.

Given that, if you still think something's wrong with OpenSSL's AES
algorithm on Cygwin, please create a self-contained testcase which
compiles and runs OOTB.  You can ask this on the OpenSSL developer
list directly if you wish, I would have to do the same anyway.


Corinna

-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple
Problem reports:       http://cygwin.com/problems.html
Documentation:         http://cygwin.com/docs.html
FAQ:                   http://cygwin.com/faq/

Reply via email to