From nobody@FreeBSD.org  Sun Aug  8 07:17:44 2010
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id E5376106566B
	for <freebsd-gnats-submit@FreeBSD.org>; Sun,  8 Aug 2010 07:17:44 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id D469B8FC12
	for <freebsd-gnats-submit@FreeBSD.org>; Sun,  8 Aug 2010 07:17:44 +0000 (UTC)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.3/8.14.3) with ESMTP id o787Hikk020301
	for <freebsd-gnats-submit@FreeBSD.org>; Sun, 8 Aug 2010 07:17:44 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.3/8.14.3/Submit) id o787Hi62020300;
	Sun, 8 Aug 2010 07:17:44 GMT
	(envelope-from nobody)
Message-Id: <201008080717.o787Hi62020300@www.freebsd.org>
Date: Sun, 8 Aug 2010 07:17:44 GMT
From: Alan Hughes <tazalh@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: bdes in CFB/OFB modes can't decrypt own output
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         149412
>Category:       bin
>Synopsis:       bdes(1) in CFB/OFB modes can't decrypt own output
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Aug 08 07:20:04 UTC 2010
>Closed-Date:    
>Last-Modified:  Fri Aug 09 07:41:55 UTC 2013
>Originator:     Alan Hughes
>Release:        8.1 amd64/i386
>Organization:
n/a
>Environment:
multiple, including release 8.1 amd64 CD in fixit environment
also tested several stable amd64 and i386 with same results
>Description:
encrypted output from bdes on CFB or OFB modes does not decrypt with bdes. For some combinations of plaintext/key/mode/length decryption dumps core, all others merely fail 'nicely'.
CBC(default) and ECB modes are unaffected.
labeled non-critical/low-priority as these would be rarely used modes.
>How-To-Repeat:
opt='-f 64 -k $key' ;key=0x$(md5 -qs "testpass") ;echo "plaintext for testing bdes" |bdes $opt |bdes -d $opt

replacing "-f 64" with -F or -o and other suitable length
>Fix:
don't use CFB or OFB modes.

>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: freebsd-bugs->secteam 
Responsible-Changed-By: remko 
Responsible-Changed-When: Sun Aug 29 14:13:37 UTC 2010 
Responsible-Changed-Why:  
For review/check to secteam 

http://www.freebsd.org/cgi/query-pr.cgi?pr=149412 
Responsible-Changed-From-To: secteam->cperciva 
Responsible-Changed-By: remko 
Responsible-Changed-When: Thu Aug 1 20:24:42 UTC 2013 
Responsible-Changed-Why:  
Hi Colin, as one of our crypto experts, you might want to chime in on this one? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=149412 
Responsible-Changed-From-To: cperciva->freebsd-bugs 
Responsible-Changed-By: remko 
Responsible-Changed-When: Fri Aug 9 07:41:13 UTC 2013 
Responsible-Changed-Why:  
This is not something -secteam related so throw it back in the pool. 

One of the questions that passed me is that why would someone do this 
when openssl is capable of doing the same? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=149412 
>Unformatted:
