I see nothing incorrect in the padding.
The code pads as described in the rfc.
The pkcs 5 rfc (2989) states....(page 11)
4. Concatenate M and a padding string PS to form an encoded
message EM:
EM = M || PS ,
where the padding string PS consists of 8-(||M|| mod 8) octets
each with value 8-(||M|| mod 8). The padding string PS will
satisfy one of the following statements:
PS = 01, if ||M|| mod 8 = 7 ;
PS = 02 02, if ||M|| mod 8 = 6 ;
...
PS = 08 08 08 08 08 08 08 08, if ||M|| mod 8 = 0.
Which is as I've always understood. The padding byte value is the number of padding
bytes.
I don't understand your "length_needed" term. What do you mean by that?
-lee
-----Original Message-----
From: Eric Fritzges [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 29, 2002 3:57 PM
To: [EMAIL PROTECTED]
Subject: block cipher padding / pkcs#5 v2.0
I've seen this issue come up and wanted to clarify.
Openssl's implementation appears to not follow pkcs#5's
recommendation on block cipher padding. (padding is
done with the value of 'length_needed -1' as
opposed to 'length_needed').
This would break functionality with ssl stacks using
the standard. Hopefully I've missed something obvious
though ;^)
Thanks, cheers,
-Eric
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
