Technically this is true, as DER requires the determinate length encoding options and disallows the indeterminate length ones...
Alicia da Conceicao wrote:
Hi Steve:
Its not ASN1 because the OpenSSL ASN1 code isn't fully streaming and to do so would be a massive undertaking which has so far not attracted any interest. The data following the salt is the raw encrypted data using standard block padding. This isn't conformant with any public standard.
Thank you for clearing things up for me regarding "openssl enc" encoding
format. :-)
But now that you mentioned it, I would have to say that it would be more than a massive undertaking to use DER encoding for "openssl enc" streaming, it would be impossible, since DER encoding always puts an object's length before an object's contents. You would first need to dump the entire stream contents into a temporary location before you can obtain and DER encode the stream length, and to do so would not qualify as streaming since nothing comes out until everything is put in.
Alicia.
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
-- Charles B (Ben) Cranston mailto: [EMAIL PROTECTED] http://www.wam.umd.edu/~zben
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
