[Bug 47432] New: bcrypt always chooses ECB mode when using AES, even if a program indicates otherwise.

Sat Jun 29 07:34:23 CDT 2019

https://bugs.winehq.org/show_bug.cgi?id=47432

            Bug ID: 47432
           Summary: bcrypt always chooses ECB mode when using AES, even if
                    a program indicates otherwise.
           Product: Wine
           Version: unspecified
          Hardware: x86-64
                OS: Linux
            Status: UNCONFIRMED
          Severity: normal
          Priority: P2
         Component: bcrypt
          Assignee: wine-bugs at winehq.org
          Reporter: hibbsncc1701 at gmail.com
      Distribution: ---

When selecting the block chaining mode to use with AES, wine's bcrypt
implementation never checks the full length of the mode string given. On my
system the call to strncmpW() only checks the first 8 bytes.

As a result, ECB mode is always chosen regardless as to the mode chosen by the
caller. This issue is present in both key_set_property() in gnutls.c and
set_alg_property() in bcrypt_main.c. I cannot test mac systems, so I cannot
tell if it affects macos.c.

-- 
Do not reply to this email, post in Bugzilla using the
above URL to reply.
You are receiving this mail because:
You are watching all bug changes.