| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| crypt-blowfish-Remove-EVP_CIPHER_CTX_set_key_length.patch | [PATCH] crypt/blowfish: Remove EVP_CIPHER_CTX_set_key_length(). yapet did for blowfish: | EVP_CipherInit_ex(ctx, cipher, NULL, KEY, iv, mode); | EVP_CIPHER_CTX_set_key_length(ctx, KEY_LENGTH); | EVP_CipherUpdate(ctx, …); this worked in earlier OpenSSL versions and stopped working in openssl-3.0.13. The problem here is that the EVP_CIPHER_CTX_set_key_length() is ignored and the later OpenSSL version returns rightfully an error "Provider routines::no key set" here. Blowfish does support variable key lenghts but the key length has to be set first followed by the actual key. Otherwise the blocksize (16) will be used. The correct way to deal with this would be: | EVP_CipherInit_ex(ctx, cipher, NULL, NULL, NULL, mode); | EVP_CIPHER_CTX_set_key_length(ctx, KEY_LENGTH); | EVP_CipherInit_ex(ctx, NULL, NULL, KEY, IV, mode); | EVP_CipherUpdate(ctx, …); Using now the proper way will break earlier databases because in the blowfish case, always the default blocksize / 16 has been used. In order to keep compatibility with earlier versions of the database and openssl remove the EVP_CIPHER_CTX_set_key_length() invocation. Fixes #26 Fixes #24 |
Sebastian Andrzej Siewior <sebastian@breakpoint.cc> | no | 2024-04-08 | ||
| crypt-aes-Remove-EVP_CIPHER_CTX_set_key_length.patch | [PATCH] crypt/aes: Remove EVP_CIPHER_CTX_set_key_length(). The EVP_CIPHER_CTX_set_key_length() in the AES-256-CBC case is pointless because the key here is fixed EVP_CIPHER_CTX_set_key_length() and the function does not change the size. Remove the EVP_CIPHER_CTX_set_key_length() invocation. |
Sebastian Andrzej Siewior <sebastian@breakpoint.cc> | no | 2024-04-08 | ||
| do-not-install-licenses-files.patch | This patch suppress the installation of COPYING and LICENSE file into the `/usr/share/doc/yapet/' directory, since the copyright information is already covered by debian/copyright. |
Salvatore Bonaccorso <carnil@debian.org> | not-needed | vendor | 2018-10-23 | |
| avoid-remote-font.patch | Avoid remote fonts to avoid privacy breach | Salvatore Bonaccorso <carnil@debian.org> | no | vendor | 2020-11-29 |