Alicia da Conceicao wrote:
Greetings:
The DES_ede3_cbc_encrypt() routine does not appear to properly pad
data to fill out the last block.
Consider, if the last block contains 4 bytes for the unencrypted
text "test", DES_ede3_cbc_encrypt() is only padding the remaining
characters with NULL characters:
74:65:73:74:00:00:00:00
yep, afaik that's documented in manual page
But shouldn't it be padded as follow:
74:65:73:74:00:00:00:04
according to pkcs#5 (6.1.1) it should be "74:65:73:74:04:04:04:04"
with the last byte containing the number of padded bytes. Note that
if the last block is full, then an additional block of padding is
added with 00:00:00:00:00:00:00:08.
Is CBC padding in OpenSSL handled by a separate routine? Shouldn't
CBC padding be handled by the CBC routine?
try EVP_EncryptInit_ex() etc.
Nils
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
