Hi,
I'm totally confused by a difference I'm observing
between openssl-0.9.8 and openssl-0.9.8d, both
compiled on the same solaris box with the same
compiler installation (gcc-3.4.4), both passing
"make test".
I'm decrypting a DES-encrypted "message", that was
padded with "80 00 00 00 00 00 00 00" (in hex code)
before encryption.
The essential lines of code are as follows:
> EVP_CIPHER_CTX ctx_des;
> EVP_DecryptInit(&ctx_des, EVP_des_ede_cbc(), key, NULL);
> out = (BYTE*)malloc(inlen + EVP_CIPHER_block_size(EVP_des_ede_cbc()));
> EVP_DecryptUpdate(&ctx_des, out, &ds, in, inlen);
> EVP_DecryptFinal(&ctx_des, out + ds, &ps);
Now, with openssl-0.9.8 everything is fine,
EVP_DecryptFinal returns 1 indicating that the padding was OK.
With openssl-0.9.8d, I get an error from EVP_DecryptFinal,
(which is indicating a padding error, isn't it?)
Any idea of what is going on? Has support for that padding scheme
been discontinued in the "middle" of the 0.9.8 series? Am I missing
something that should be obvious?
Thanks for any insight...
Stefan Neis
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [EMAIL PROTECTED]
