Mark wrote: > I may be making a wrong assumption but if the cypher used is a block > cypher does it not wait until a full block of data is ready before it > can encrypt and send the data? If a message does not consist of enough > data to fill a block, could there be unencrypted data left in a buffer > somewhere? The peer would see that a whole message has not been > received > an wait for the rest of it ... which never comes.
No, that cannot happen. SSL does not permit the properties of the underlying cipher it happens to be using to change the properties of SSL itself. That would be horribly broken design. SSL presents a bidirectional byte-stream that does not preserve message boundaries to the application layer, regardless of the underlying cipher. SSL does not encrypt and decrypt application data. It uses the underlying cipher to encrypt and decrypt SSL protocol data that includes the application data, among other things. It is the SSL protocol data that has to be adapted to the underlying cipher. DS ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org