On Fri, Apr 22, 2005, Alex Heatley wrote: > > Running OpenSSL 0.9.7g 11 Apr 2005 on a HP server using HPUX 11.00 compiled > with gcc, I'm seeing a problem with decrypting smime messages that have > been encrypted with aes128. The problem is that at around the 4111 byte > mark the message has a whole pile of nulls inserted and the rest of the > message only appears in fragments. > > We are successfully sending aes encrypted messages to another site which is > using a different package to decrypt the messages. But if you encrypt a > file as follows of 5192 bytes or more: > > >openssl smime -encrypt -in foo2 -from [EMAIL PROTECTED] -to [EMAIL > >PROTECTED] -subject > >"Encryp" -encrypt -aes128 cert.pem > foo3 > > then decrypt it > > >openssl smime -decrypt -in foo3 -recip cert.pem -inkey key.pem > foo4 > > The corruption occurs. This doesn't happen with des3 or rc2-128. > > We'd really like to use aes for encryption, any suggestions how to fix > this? Anyone else seen this problem? >
Yes I can reproduce your problem. I've applied a fix to OpenSSL and it will appear in the next stable snapshot and 0.9.7h onwards. Thanks for the report. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]