Hi *,
I'm looking for correct output produced from IDEA when used with SSL.
I started searching the web because of problems while a SSL handshake
between a SSL client and server using IDEA-CBC-SHA (SSLv3). There was a
padding problem with the first encrypted message (the client finished).
I found this description for IDEA-CBC at the website of ASCOM.
ideaCBC ALGORITHM ::= {
IdeaCBCPar
IDENTIFIED BY as-sys-sec-alg-ideaCBC }
IdeaCBCPar ::= SEQUENCE {
iv OCTET STRING OPTIONAL
-- If present, indicates the initial vector to be used. In this
-- case, the cyphertext does not include the initial vector.
-- If absent, the first 64 Bits of the cyphertext have to be taken
-- as the initial vector.
}
The problem seems to be that client and server have different
expectation regarding the format of the first IDEA encrypted block.
Either the client adds the IV as the first 8 Bytes and the server does
not strip them correctly or the client omits the IV which the server
expects.
Either situations would lead to have the decrypted block a wrong
padding, or am I wrong here ?
If this causes the mentioned problem which is the way to go ?
I would assume that as both sides now the IV anyway there is no need for
sending them in front of the CBC stream.
Any comment or guideline is very appreciated.
Thanks
Michael
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
