It's hard to approach this without knowing the mode of operation you
are running CBC, OFB, CTR? Also are you using UDP with varying packet
sizes?
Julian
On Jun 24, 2008, at 10:25 PM, Vijay Kotari wrote:
Hi,
I am using EVP_DecryptUpdate() and EVP_DecryptFinal_ex() to decrypt a
SSL packet that I have captured. The cipher that I am using AES256 and
I can read the application data in cleartext as a result. The problem
comes if the application data size > 8, which I think has something to
do with me using a block cipher. I can't seem to decrypt the data
then. Anyways, after inspecting the packet dumps, I realized that
sometimes I get fragmented packets.
For Example,
17 03 01 00 20 85 99 2a 94 4d 0e 56 2c 81 bc fc
4d c9 32 aa 85 46 90 02 6d 4e b6 c6 da 4b d9 82
e9 ab cf 77 e7 17 03 01 00 20 76 68 51 17 9e 86
d4 20 6e 31 3e 7a 96 17 d5 cd c0 ba 5c cd ba 11
2b 18 b1 8d d8 3c 15 3d e9 c7
This is actually two packets that are using the SSL application
protocol, each of size 0x20 (The second packet starts on line 3, 6th
byte onwards). While decrypting, should both these packets be merged
together and hence treated as a single packet of size 0x40 or should
packet be processed separately. Since, we are using a block cipher of
size 256 bits(32 bytes), will it even make a difference?
Thanks and Regards,
Vijay Kotari
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
