Marek Marcola wrote:
Hello,
As an addition to my previous mail,
I can decrypt the data that are encrypted by my application. (It's a
WS-Security Implementation).
But it is not inter-operable with the WSS4J. WSS4J uses bouncy castle
crypto package. The reason is that they use ISO 10126 padding.
Since I'm using openssl and openssl has it's own padding I really don't
know how to overcome with this.
You may disable padding in OpenSSL (this is only last block
broblem).
When encrypting data, just pad your data with ISO 10126 padding first
and then encrypt data using OpenSSL functions with padding disabled.
When decrypting data, just decrypt data with OpenSSL function with
padding disabled and un-pad your decrypted data manually (or in other
words check your last block and alter total data length).
Thanks for the info.
For encryption I can disable the padding in openssl and fill the data up
to a multiplication of a block size as per http://www.w3.org/TR/xmlenc-core.
The spec says a way to pad the block (section : Padding). So in the
decryption process I have to check the last byte to get the pad length
and then remove the pad from the decrypted result. If you are familiar
with this process can you verify my approach.
Cheers,
Kaushalye
Best regards,
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager [EMAIL PROTECTED]
