Stefan Neis via RT wrote:
> Nils Larsch via RT schrieb:
>> openssl doesn't support the type of padding
> > (0x80, 0x00, 0x00, ...) you are using
> > (openssl only supports the padding described
> > in pkcs7).
>
> In that case, any idea why it does happen to
> work with version 0.9.8? Assuming that wasn't
> intended, it sure seems like a very strange
> coincidence...
actually it was a coincidence :-) If you look at the old code
in crypto/evp/evp_enc.c
...
n=ctx->final[b-1];
if (n > b)
{
EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
return(0);
}
for (i=0; i<n; i++)
{
if (ctx->final[--b] != n)
{
EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
return(0);
}
}
n=ctx->cipher->block_size-n;
for (i=0; i<n; i++)
out[i]=ctx->final[i];
*outl=n;
you can see that this code will always return 8 bytes (the block size)
if n (== ctx->final[b-1]) is 0, regardless of how many padding bytes were
actually added.
>
>> Try decrypting it without padding (using the
> > EVP_CIPH_NO_PADDING flag) and remove the
> > padding yourself.
>
> OK, will do. Thanks,
ok, I will close this ticket.
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
