Maybe this is well known: There seems to be a big mistake in the implementation of the des-cbc mode in openssl.
Read and repeat the following short experiment! Any comments? _____________ start with a file containing 32 zero-bytes, corresponding to 4 DES-input-blocks: sh-3.00$ xxd 4zeroblocks 0000000: 0000 0000 0000 0000 0000 0000 0000 0000 ................ 0000010: 0000 0000 0000 0000 0000 0000 0000 0000 ................ encrypt it with key=0 and iv=1 sh-3.00$ openssl des -nosalt -K 0000000000000000 -iv 0000000000000001 -p -in 4zeroblocks -out 4zeroblocks.cbc.enc key=0000000000000000 iv =0000000000000001 view the output: sh-3.00$ xxd 4zeroblocks.cbc.enc 0000000: 166b 40b4 4aba 4bd6 0000 0000 0000 0001 [EMAIL PROTECTED] 0000010: 166b 40b4 4aba 4bd6 0000 0000 0000 0001 [EMAIL PROTECTED] 0000020: ef09 3ff1 576f 9352 ..?.Wo.R It makes absolutely no sense to output the iv twice here. This is certainly not the des-cbc-encryption of the input. For longer inputfiles, the iv keeps repeating like this in the output. sh-3.00$ openssl version OpenSSL 0.9.8 05 Jul 2005 Same output for 2007 and 2008 versions. sh-3.00$ exit -- View this message in context: http://www.nabble.com/Mistake-in-openssl-cbc-mode-implementation----tp20475405p20475405.html Sent from the OpenSSL - User mailing list archive at Nabble.com.
