RE: EVP_DecryptFinal

Wed, 01 Jun 2011 06:33:57 -0700 

Hi Stephen,

I want to understand a bit more on this padding.

Why should we have to leave padding intact here?

Should the call EVP_CIPHER_CTX_init modified to EVP_CipherInit_ex() ?


Should we then call EVP_DecryptUpdate_ex(),EVP_DecryptFinal_ex()
equivalent?

Regards,
Rakesh

-----Original Message-----
From: Dr. Stephen Henson [mailto:[email protected]] 
Sent: Wednesday, June 01, 2011 5:12 PM
To: [email protected]
Subject: Re: EVP_DecryptFinal

On Wed, Jun 01, 2011, Chenchu, Rakesh R wrote:

> Hi Dave,
> 
> Thanks for the response. The OID  I passed was:
> .1.3.6.1.4.1.789.1.25.1.1 or 
> Something like this:
> snmpwalk -v3 -l authPriv -u snmpsha -a SHA -A otci1234 -x DES -X
> otci1234 10.72.43.201 .1.3.6.1.4.1.789.1.5.8.1.1 (It just displays the
> first entry of all rows).
> 
> For USM user, it happens as follows:
> decryptMsg(pkt, usm_itr, msgPrivParams)  calls -> decryptxDES 
> 
> 
> The function decryptxDES() calls EVP_DecryptFinal as follows:
> 
> snmpV3SecModel::decryptxDES(...)
> {
> ......
> 
>     // Allocate a buffer the size of the cipher text message.
> 
>     *plain = NULL;
>     *plainLen = 0;
> 
>     try {
>         *plain = new u_char[cipherLen];
>     } catch (bad_alloc&) {
>         return false;
>     }
> 
>     EVP_CIPHER_CTX cipherCtx;
> 
>     EVP_CIPHER_CTX_init(&cipherCtx);
> 
>     // By default the OpenSSL EVP_DecryptFinal() function will strip
>     // off the padding of the decrypted message.  It assumes that the
>     // padding bytes are set to the size of the padding.  We do not
>     // want to assume this, so we turn this functionality off.  The
>     // padding is left intact and ignored by message processing.
> 
>     EVP_CIPHER_CTX_set_padding(&cipherCtx, 0);
> 
>     if (!EVP_DecryptInit(&cipherCtx,
>                          evpCipher,
>                          (u_char *)usm_itr->get_privkey().data(),
>                          &iv[0]))
>     {
>         delete [] *plain;
>         *plain = NULL;
>         return false;
>     }
> 

Use EVP_DecryptInit_ex() instead, EVP_DecryptInit() initialises the
context
so the padding value is reset to the default value.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]

Reply via email to