Hi, Hodie XIII Kal. Apr. MMIX, carlyo...@keycomm.co.uk scripsit: > I would suspect that an 8 byte IV has been appended/prefixed > > Carl > > On Thu 19/03/09 9:16 PM , Dick Hollenbeck d...@softplc.com sent: > > I am using on Ubuntu Hardy: > > $ openssl enc -bf-cbc -K 012221222F2D9E4555559E41001291222 \ > -iv 5522777779BBB1A9 -in file.raw -out file.enc > > and the output file is 8 bytes longer than the input file! > > The input file is 144 bytes long and the output file is 152 bytes > > Doing this in pycrypto, I do not get this result, the output file is the > same length.
The added bytes are padding ones. Padding is necessary, since a block cipher operates on fixed-size blocks of bytes (here, 8 bytes or 64 bits). It is therefore quasi mandatory, since a generic decryption operation doesn't know in advance the size of the decrypted data, so the padding is also used to indicate how many bytes should be removed at the end. In your case, you're encrypting a 144 bytes long file, multiple of 8 bytes, so the padding consists of 8 bytes, each one being 0x08. Test the encryption of a 145 bytes long file, you'll also end with e 152 bytes encrypted file. There will be 7 padding bytes, each one being 0x07. -- Erwann ABALEA <erwann.aba...@keynectis.com> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org