Re: DES_ede3_cbc_encrypt and padding
Alicia da Conceicao wrote: Greetings: The DES_ede3_cbc_encrypt() routine does not appear to properly pad data to fill out the last block. Consider, if the last block contains 4 bytes for the unencrypted text "test", DES_ede3_cbc_encrypt() is only padding the remaining characters with NULL characters: 74:65:73:74:00:00:00:00 yep, afaik that's documented in manual page But shouldn't it be padded as follow: 74:65:73:74:00:00:00:04 according to pkcs#5 (6.1.1) it should be "74:65:73:74:04:04:04:04" with the last byte containing the number of padded bytes. Note that if the last block is full, then an additional block of padding is added with 00:00:00:00:00:00:00:08. Is CBC padding in OpenSSL handled by a separate routine? Shouldn't CBC padding be handled by the CBC routine? try EVP_EncryptInit_ex() etc. Nils __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: DES_ede3_cbc_encrypt and padding
Alicia da Conceicao wrote: Greetings: The DES_ede3_cbc_encrypt() routine does not appear to properly pad data to fill out the last block. Consider, if the last block contains 4 bytes for the unencrypted text "test", DES_ede3_cbc_encrypt() is only padding the remaining characters with NULL characters: 74:65:73:74:00:00:00:00 But shouldn't it be padded as follow: 74:65:73:74:00:00:00:04 with the last byte containing the number of padded bytes. Note that if the last block is full, then an additional block of padding is added with 00:00:00:00:00:00:00:08. Is CBC padding in OpenSSL handled by a separate routine? Shouldn't CBC padding be handled by the CBC routine? Thanks in advance. Alicia. I noticed also a make test persistent failure if DES is enabled in Sparc/Solaris9/gcc342 hosts (4host tested) in 0.9.8. In my journey around 0.9.8 to solve the problem, a segmentation fault is done calling des cbc encrypt/decrypt. Note also that i'd no problems at all to compile&test openssl until this last release. -- Dott. Mag. Sergio Rabellino Technical Staff Department of Computer Science University of Torino (Italy) http://www.di.unito.it/~rabser Tel. +39-0116706701 Fax. +39-011751603 __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
DES_ede3_cbc_encrypt and padding
Greetings: The DES_ede3_cbc_encrypt() routine does not appear to properly pad data to fill out the last block. Consider, if the last block contains 4 bytes for the unencrypted text "test", DES_ede3_cbc_encrypt() is only padding the remaining characters with NULL characters: 74:65:73:74:00:00:00:00 But shouldn't it be padded as follow: 74:65:73:74:00:00:00:04 with the last byte containing the number of padded bytes. Note that if the last block is full, then an additional block of padding is added with 00:00:00:00:00:00:00:08. Is CBC padding in OpenSSL handled by a separate routine? Shouldn't CBC padding be handled by the CBC routine? Thanks in advance. Alicia. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]