Stefan Neis via RT wrote:
> Nils Larsch via RT schrieb:
>> openssl doesn't support the type of padding=20
> > (0x80, 0x00, 0x00, ...) you are using
> > (openssl only supports the padding described
> > in pkcs7).

>=20
> In that case, any idea why it does happen to
> work with version 0.9.8? Assuming that wasn't
> intended, it sure seems like a very strange
> coincidence...


actually it was a coincidence :-) If you look at the old code
in crypto/evp/evp_enc.c

...
n=3Dctx->final[b-1];
if (n > b)
{
EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
return(0);
}
for (i=3D0; i {
if (ctx->final[--b] !=3D n)
{
EVPerr(EVP_F_EVP_DECRYPTFINAL,EVP_R_BAD_DECRYPT);
return(0);
}
}
n=3Dctx->cipher->block_size-n;
for (i=3D0; i out[i]=3Dctx->final[i];
*outl=3Dn;

you can see that this code will always return 8 bytes (the block size)
if n (=3D=3D ctx->final[b-1]) is 0, regardless of how many padding bytes =
were
actually added.

>=20
>> Try decrypting it without padding (using the
> > EVP_CIPH_NO_PADDING flag) and remove the
> > padding yourself.

>=20
> OK, will do. Thanks,


ok, I will close this ticket.

Nils


__________________________________________________ ____________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majordomo@openssl.org