On Sun November 8 2009, barcaroller wrote: > > "Mounir IDRASSI" wrote in message ... > > > You simply can't guess the padding mode if you don't know it in advance. > > Imagine the security consequences if this was possible : it would mean > > that an attacker can have information about the clear text without having > > access to the private key!! > > Okay, but the SSL client uses RSA_public_encrypt() with a padding value that > is unknown to the SSL server, which uses RSA_private_decrypt() later on. > How can the SSL server know in advance what padding mode the SSL client is > going to use? >
The padding is added to the **plain text** After decryption, the server can determine the padding present. Mike > > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org > > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
