You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
There are two calls to DES_ecb_encrypt in there. In the problematic case, on my mac, I can see that the second call gets the same output stored as the first call, thus the data at index 8 to 15 gets repeated identically as index 0 to 7. This does not happen when I run the same code on Linux. Both 64 bit, both using OpenSSL 3.0.0..
This is even reproducible in a smaller stand-alone example that I wrote based on the above mentioned function. Ripped out and put in a separate smaller file, built on mac like this (using my own opensslv3 build just to exclude the chances that the homebrew version played tricks with us, but the exact same output is seen with the homebrew installed version):
gcc des.c -lssl -lcrypto -L /Users/daniel/build-openssl/lib -I /Users/daniel/build-openssl/include -o des
I built the Linux version similarly:
gcc des.c -lssl -lcrypto -L /home/daniel/build-openssl/lib -I /home/daniel/build-openssl/include -o des
... as the previously used function DES_set_key() will in some cases
reject using a key that it deems "weak" which will cause curl to
continue using the unitialized buffer content as key instead.
Assisted-by: Harry Sintonen