On Sun, Aug 01, 2004, Alicia da Conceicao wrote: > Greetings: > > I was wondering what type of data format is used by "openssl enc"? > > Specifically, when I type: > > openssl enc -des-ede3-cbc -e < fileName > fileName.3des > > The resulting binary output file from "openssl enc", which is 3DES (triple- > DES) encrypted with a password, it not DER encoded. In fact, the binary > output file begins with the text "Salted__", which I am guessing is for > the 3DES CBC mode initialization vector. >
No its a random salt for EVP_BytesToKey(). > This means that "openssl enc" does not appear to use any ANS.1 format, like > PKCS-7 EncryptedData, that I can decern. So what is this mystery format? > Is it proprietary to OpenSSL, or does it conform to some public standard > (CCITT, IETF, or PKIX)? > Its not ASN1 because the OpenSSL ASN1 code isn't fully streaming and to do so would be a massive undertaking which has so far not attracted any interest. > If the "openssl enc" format does conform to some public standard, then it > should be specified in the man page so that other encryption librarie > can conform to it. > The data following the salt is the raw encrypted data using standard block padding. This isn't conformant with any public standard. Steve. -- Dr Stephen N. Henson. Email, S/MIME and PGP keys: see homepage OpenSSL project core developer and freelance consultant. Funding needed! Details on homepage. Homepage: http://www.drh-consultancy.demon.co.uk ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
