Skip to content

3.0.0: EVP_get_cipherbyname("des-ecb") does not fail when legacy provider is not loaded. #16864

Closed
Closed
3.0.0: EVP_get_cipherbyname("des-ecb") does not fail when legacy provider is not loaded.#16864
Labels
branch: 3.0Applies to openssl-3.0 branchbranch: masterApplies to master branchtriaged: documentationThe issue/pr deals with documentation (errors)
@cheese

Description

@cheese
cheese
opened on Oct 20, 2021

EVP_get_cipherbyname("des-ecb") does not fail when legacy provider is not loaded. It will fail later at EVP_CipherInit. This is surprising. EVP_get_cipherbyname is no longer reliable to get a cipher. It seems we have to completely change to EVP_CIPHER_fetch. EVP_get_cipherbyname should fail at this case, otherwise it should be deprecated.

Tested on Fedora Rawhide(36) with openssl-3.0.0-1.fc36.x86_64.

Metadata

Metadata

Assignees

No one assigned

    Labels

    branch: 3.0Applies to openssl-3.0 branchbranch: masterApplies to master branchtriaged: documentationThe issue/pr deals with documentation (errors)

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions