On Wed, Dec 03, 2003, Dave Roberts wrote: > Hi > > Within evp/evp_enc.c, function EVP_DecryptFinal_ex() it looks at the last > byte of any padding, then works backwards ensuring that all padding > characters are the same. This is, I believe, conformant to PKCS#5. > > However, this doesn't allow for other padding schemes such as that > specified in FIPS 81, Appendix C (CBC mode), which states that the padding > bytes between the end of the plaintext, and the last byte containing the > count can be any random data. Although I realise that FIPS 81 is concered > with DES and CBC mode. > > FIPS 81 could be implemented in EVP_DecryptFinal_ex() with a minor change, > and it wouldn't affect plain text padded with PKCS#5. Alternatively a new > padding mode could be specified, where the additional PKCS#5 checks are > not made. Of course, nothing could be done and I could put my padding > removal into the application layer. > > I'd favour an additional padding scheme specified in the cipher context > flags. I can make this change and submit a patch unless there are any > objections. There may be a very good reason why this hasn't been done > already. >
Are you suggesting that OpenSSL should include support for other padding schemes or that it should be possible to disable PKCS#5 padding so an application can handle its own padding? If you just want to disable PKCS#5 padding then this can already be done using the EVP_CIPHER_CTX_set_padding() function. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
