On Mon, Aug 03, 2009, canroc wrote: > > Moving from DES to AES encryption and all new encryption will be AES. However > some existing strings were encrypted in DES. Is there a way to determine if > a string is encrypted in DES or AES? Will the decrypt AES fail on a DES > encrypted string always or will openssl return a good return but with > garbage as the decrypted string? >
If the strings are just encrypted without any associated structure (e.g. S/MIME) then there is no way to tell. If the data is encrypted using standard block padding you will usually get a padding error if you use the wrong algorithm or key. However the nature of the padding means that random chance will produce a false positive (i.e. incorrect decrypt with no error) rather more than 1 in 256 times. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
