Re: Question on EVP_DecryptFinal_ex

On Mon, Aug 4, 2014 at 4:50 AM, David Li wrote: > Hi Thulasi/Rich, > > Thanks! This prompted me to uncover another bug in the code. I did encrypt > an extra block of zeros! Now everything makes sense. > > Can't help to dig a little deeper into this: In AES-CBC mode, the > decryption can be parall

Re: Question on EVP_DecryptFinal_ex

Hi Thulasi/Rich, Thanks! This prompted me to uncover another bug in the code. I did encrypt an extra block of zeros! Now everything makes sense. Can't help to dig a little deeper into this: In AES-CBC mode, the decryption can be paralleled. Is this what the EVP_DecryptUpdate is doing behind the s

RE: Question on EVP_DecryptFinal_ex

Just wanted to say that Thulasi’s explanations and advice are exactly correct; thanks! -- Principal Security Engineer Akamai Technologies, Cambridge MA IM: rs...@jabber.me Twitter: RichSalz

Re: Question on EVP_DecryptFinal_ex

On Sat, Aug 2, 2014 at 12:16 AM, David Li wrote: > Hi Thulasi, > > You are right! It's a bug on my part. > > I have a follow-up question regarding what EVP_DecryptFinal is doing. > > In my case, the original string is 27 bytes long, the ciphertext length > is 48 ( I am using AES-CBC-128). The d

Re: Question on EVP_DecryptFinal_ex

Hi Thulasi, You are right! It's a bug on my part. I have a follow-up question regarding what EVP_DecryptFinal is doing. In my case, the original string is 27 bytes long, the ciphertext length is 48 ( I am using AES-CBC-128). The decrypted plaintext before finalization is 32 but the finalizatio

Re: Question on EVP_DecryptFinal_ex

On Fri, Aug 1, 2014 at 5:46 AM, David Li wrote: > Hi, > > I am using openssl 1.0.1h and AES128 CBC mode to encrypt some arbitrary > long ASCII string. > I encountered an issue at decryption. If I use EVP_DecryptFinal_ex then > the output is unrecognizable. If I remove the following then the outpu