On Fri, Nov 04, 2016 at 09:59:33PM +0100, Sebastian Andrzej Siewior wrote: > On 2016-11-03 22:12:44 [+0100], Richard Levitte wrote: > > > > That would be quite a job. The correctness of the key can't be > > discovered before the last encrypted block, where the decrypted > > padding will either be correct (because it was the right key) or not > > (because it was the wrong key). Take into account a pipe with a 10MB > > file, I'm sure you see where that takes us. > > > > The solution in that bug report seems sane, even though unfortunate. > okay. And since the encrypted file has no header there is nothing we > could hide. And if we add one now then it won't work with older openssl. > > So I will try to put this in the release notes for the Debian package. > Do you have an idea where this would fit best in the Wiki? A new page > with one entry does not make sense and it does not look like it belongs > to
Would it be useful to document this in the manpage? Are there other places we should document it? Kurt -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev