Uploaded image for project: 'Erlang/OTP'
  1. Erlang/OTP
  2. ERL-328

crypto:block_encrypt and decrypt wrong under aes_cfb128 with 192/256 bits key

    XMLWordPrintable

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 19.0, 19.1, 19.0.1, 19.0.2, 19.1.1
    • Fix Version/s: 20.0
    • Component/s: crypto
    • Labels:
      None

      Description

      The crypto:block_encrypt and crypto:block_decrypt functions do not work properly with aes_cfb128 and 192/256 bits key.

      From https://github.com/erlang/otp/blob/OTP-19.0-rc1/lib/crypto/c_src/crypto.c#L1348-L1354 we could find out that when it comes to atom_aes_cfb128 and key.size==24 or 32, it will fall back to use aes_cfb_8_crypt which is totally wrong. We should use cfb 128 instead since they have totally different feedback size and will produce different results.

        Attachments

          Activity

            People

            Assignee:
            hans Hans Nilsson
            Reporter:
            noisyfox Noisyfox
            Votes:
            1 Vote for this issue
            Watchers:
            3 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: