On Thu, Oct 17, 2002 at 10:26:00PM +0200, Richard Levitte - VMS Whacker via RT wrote: > I'm honestly unsure what you guys are talking about. Could it > confusion over the fact that we have only implemented CFB-xx and > OFB-xx, where xx is the block size of the underlying algorithm? This > means that for all algorithms other than AES, we have implemented > CFB-64 and OFB-64, and for AES we have implemented CFB-128 and > OFB-128.
The problem is that when I try EVP_Decrypt with a cipher of EVP_xxx_cfb() and data that is not a multiple of the underlying block size, I get errors in EVP_DecryptFinal, whereas in 0.9.6 it simply works. The reason is that EVP_Decrypt* looks at EVP_CIPHER->block_size and thinks that the input must either be padded to that value, or must be a multiple of that value (if NO_PADDING is requested). At any rate, when I create a copy of the EVP_CIPHER and set the block size to 1, things work as before. It may not be a bug, but as I said in my message, it's a departure from previous defaults. And if that's a deliberate choice, then it would help to have EVP_xxx_cfb8() functions for all ciphers, too. Olaf -- Olaf Kirch | Anyone who has had to work with X.509 has probably [EMAIL PROTECTED] | experienced what can best be described as ---------------+ ISO water torture. -- Peter Gutmann ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
