On Sat, Jul 28, 2012 at 6:12 PM, Tayade, Nilesh <nilesh.tay...@netscout.com> wrote: > Hi, > > I have developed the utility to decrypt the packets coming on wire. > I take the server private key and go on decrypting packets which are received > through the .pcap file. > > But the utility is crashing in decrypting a trace file (Please see the > snapshot attached. Terminal didn't allow me to copy/paste, so the screen > shot). > It receives SIGABRT. I have compiled debug version of openssl-1.0.0g > libraries and received this back trace. > > I see that the error it is trying to give is related to Padding check failure. > 1. How to decide the padding? By default I keep it to RSA_PKCS1_PADDING > always in RSA_private_decrypt(). > 2. Is there no graceful way to give such error than crashing? > 3. What could be the cause of padding check failed? On searching, I found > some discussions mentioning about key-certificate mismatch. > But in my case it decrypts few of the initial packets.
Somewhat related: you should be using OAEP, not PKCS1 padding. Matt Greene has a nice write-up at http://blog.cryptographyengineering.com/2012/06/bad-couple-of-years-for-cryptographic.html. Jeff ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
