Hi, On 30-12-2021 18:28, Arne Schwabe wrote: > That BF-CBC seems have an extra 8 bytes that I somehow missed. CBC is a > odd since it always gives you a multiple of the blocksize (64 bit or 8 > byte) and if you evenly divide by the blocksize you get an extra block > just for the padding. I need to reinvestigate that code and send a fixup > patch for it.
You probably know this, but for clarity: this is how CBC padding works, not just for BF. It is easier to trigger with BF though, because of the smaller (64-bit) block, compared to AES (128-bit block). -Steffan _______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
