On 3/1/2013 7:24 AM, Tayade, Nilesh wrote:
Hi,
I am using the AES_cbc_encrypt() API to perform symmetric decryption.
But in one of the scenarios I see the data encrypted is of 16bytes but just
1byte is useful and 15bytes is for padding.
Is there some way I can know the actual encrypted data length?
I came across some pointers like using EVP APIs- but I need to avoid using EVP
APIs as there are locking callbacks and mallocs() involved- which I have to
avoid, as my application is performance critical. Also the data I am decrypting
is HTTPS packet, so I cannot manipulate the encrypted data (to mention the
length in data, and then encrypt it).
Any advice on this will be appreciated.
Please refer to the TLS RFCs (there are different RFCs depending on
protocol version and encryption algorithm). Each one specifies in
detail how to recover the length from the encrypted data.
You also need to read the research document linked from the latest
OpenSSL security advisory, as it describes security critical changes
to the information in the RFCs about how to recover the length without
creating a security hole (fundamentally, you need to make sure you
take exactly the same number of CPU cycles to process a given number
of encrypted bytes, regardless of the recovered length or decryption
failures).
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
