Hello,
Another thing which I observe here is even after setting NO_PADDING
option, it does not take into effect.. Any reasons why ?
EVP_CIPHER_CTX_set_padding(&cipherCtx, 0);
if (!EVP_DecryptInit_ex(&cipherCtx,
evpCipher, NULL,
(u_char *)usm_itr->get_privkey().data(),
&iv[0]))
{
delete [] *plain;
*plain = NULL;
return false;
}
if (cipherCtx.flags & EVP_CIPH_NO_PADDING) { <---- Does
not enter this path.
cout << "Rakesh EVP_DecryptInit_ex Hello" << endl;
}
Is this a BUG ?
Regards,
Rakesh
-----Original Message-----
From: Chenchu, Rakesh R
Sent: Tuesday, June 07, 2011 10:27 PM
To: Chenchu, Rakesh R; [email protected]
Cc: Mulchandani, Vasudev; Sankaran, Balasundaram
Subject: RE: EVP_DecryptFinal
Hello,
It looks like, it still enters with n==0 case. Here are the some debug
results.
cipherLen :56
plainLen :48
blk size :8
buf_len :0
n :0
Regards,
Rakesh
-----Original Message-----
From: Chenchu, Rakesh R
Sent: Tuesday, June 07, 2011 10:04 PM
To: '[email protected]'
Cc: Mulchandani, Vasudev; Sankaran, Balasundaram
Subject: RE: EVP_DecryptFinal
Hi Steve, Dave
I have used EVP_DecryptInit_ex() function instead of EVP_DecryptInit().
It throws an error in EVP_DecryptFinal_ex() function when I used this.
433 int EVP_DecryptFinal_ex(EVP_CIPHER_CTX *ctx, unsigned char *out,
int *outl)
434 {
435 int i,n;
436 unsigned int b;
437
438 *outl=0;
439 b=ctx->cipher->block_size;
440 if (ctx->flags & EVP_CIPH_NO_PADDING)
441 {
442 if(ctx->buf_len)
443 {
444
EVPerr(EVP_F_EVP_DECRYPTFINAL_EX,EVP_R_DATA_NOT_MULTIPLE_OF_BLOCK_LENGTH
);
445 return 0; <--------- returns
here
446 }
447 *outl = 0;
Basically, ctx->buf_len is zero here. Is this valid?
Regards,
Rakesh
-----Original Message-----
From: Chenchu, Rakesh R
Sent: Wednesday, June 01, 2011 7:41 PM
To: [email protected]
Subject: RE: EVP_DecryptFinal
Hi Steve,
Thanks. I will try out this.
Can you point me to some documents or reading materials which explains
the working Encryption and decryption functions (including padding),
apart from the man pages available?
Regards,
Rakesh
-----Original Message-----
From: Dr. Stephen Henson [mailto:[email protected]]
Sent: Wednesday, June 01, 2011 7:15 PM
To: [email protected]
Subject: Re: EVP_DecryptFinal
On Wed, Jun 01, 2011, Chenchu, Rakesh R wrote:
> Hi Stephen,
>
> I want to understand a bit more on this padding.
>
> Why should we have to leave padding intact here?
>
It depends on whether the ciphertext uses padding or not, you have to be
consistent.
> Should the call EVP_CIPHER_CTX_init modified to EVP_CipherInit_ex() ?
>
No, that's a different function.
>
> Should we then call EVP_DecryptUpdate_ex(),EVP_DecryptFinal_ex()
> equivalent?
>
There is no EVP_DecryptUpdate_ex but you should call
EVP_DecryptFinal_ex(),
after you've finished with the context you then must call
EVP_CIPHER_CTX_cleanup().
Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
