On Fri, Mar 08, 2013, Tayade, Nilesh wrote: > Hi, > > On performing the AES128 decryption, I see the decrypted data is preceded by > a block of 16bytes. E.g. Below, 0x48 to 0x5a is the extra 16bytes block. > And the actual 'GET' request starts from 0x47 onwards. > > 48 3f c4 99 fa f0 75 0e 51 b8 3b 58 aa 1f 4a 5a 47 45 54 20 2f 20 48 54 54 > 50 2f 31 2e 31 0d 0a ... 5b 28 c4 52 4e f9 53 2c 08 04 94 04 04 04 04 04 > > There is a padding of 5bytes in the end, which I can detect. Any pointers on > how to detect the initial 16bytes block? This causes the output to be some > junk followed by actual data. > > I cannot use EVP* APIs for some reason, so I am using the low level > aes_cbc_encrypt() function. Any pointers will be appreciated. >
You don't say *what* you are decrypting but from the look of it is a TLS record. The padding for TLS records is not standard block padding so you have to disable that if you use the EVP interface and remove it manually. Considerable care is needed when removing the padding to avoid security issues: see the recent discussion for CVE-2013-0169. As others have pointed out the first block is the IV that applies to TLS 1.1 and later or all versions of DTLS. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
