Dear Crypt::CBC maintainers,
Following this email, we found another incompatibility.
In order for Crypt::CBC to be compatible with openssl CBC when using the
*blowfish* algorithm, we also found it necessary to set the keysize to 16
bytes. However, because we wanted to maintain backward compatibility with
previous versions of CBC, we made this an optional "keysize" parameter to
the new() function - and put a comment in the CBC implementation to this
effect.
This improves the library in compatibility - but also in flexibility.
- Erik Aronesty
----- Original Message -----
From: "Erik Aronesty" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]>
Sent: Monday, November 20, 2000 10:52 AM
Subject: FYI: OpenSSL compliant Crypt::CBC
> Dear Crypt::CBC maintainers,
>
> I had to patch Crypt::CBC to make it OpenSSL compliant. I think this
should
> be included in the regular distribution. I had to rebuild the original
> hashing portion, which originally had fairly major security hole, as
pointed
> out by [EMAIL PROTECTED]
>
> Using this version, you have to call "setrantomiv(0)" to turn off the
> randomiv function. If you do that, you will be able to use the EVP
> functions to decrypt the ciphertext in OpenSSL.
>
> Compatibility between Perl and OpenSSL is very important to both
development
> communities.
>
> I am also adding a flag to the EVP_ functions in OpenSSL to make them PERL
> compliant, and posting the patch to the OpenSSL dev group, where I have
been
> a minor contributor in the past.
>
> - Erik Aronesty
>
>
>
>
Crypt-CBC.pm
