On Fri, Apr 22, 2005, Alex Heatley wrote:

> 
> Running OpenSSL 0.9.7g 11 Apr 2005 on a HP server using HPUX 11.00 compiled 
> with gcc, I'm seeing a problem with decrypting smime messages that have 
> been encrypted with aes128. The problem is that at around the 4111 byte 
> mark the message has a whole pile of nulls inserted and the rest of the 
> message only appears in fragments.
> 
> We are successfully sending aes encrypted messages to another site which is 
> using a different package to decrypt the messages. But if you encrypt a 
> file as follows of 5192 bytes or more:
> 
> >openssl smime -encrypt -in foo2 -from [EMAIL PROTECTED] -to [EMAIL 
> >PROTECTED] -subject 
> >"Encryp"  -encrypt -aes128 cert.pem > foo3
> 
> then decrypt it
> 
> >openssl smime -decrypt -in foo3 -recip cert.pem -inkey key.pem > foo4
> 
> The corruption occurs. This doesn't happen with des3 or rc2-128.
> 
> We'd really like to use aes for encryption, any suggestions how to fix 
> this? Anyone else seen this problem?
> 

Yes I can reproduce your problem. I've applied a fix to OpenSSL and it will
appear in the next stable snapshot and 0.9.7h onwards.

Thanks for the report.

Steve.
--
Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage
OpenSSL project core developer and freelance consultant.
Funding needed! Details on homepage.
Homepage: http://www.drh-consultancy.demon.co.uk
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to