On Tue, Jan 27, 2009 at 06:18:08PM -0500, Victor Duchovni wrote:
> On Wed, Jan 28, 2009 at 12:07:25AM +0200, faust cep wrote:
>
> > I'm new to using openssl and I have a question on dcecrypting files
> > from command line. Let's suppose that we encrypt file a.txt with key:
> > mykey and save the encrypted in a.enc What I want is if users decrypt
> > it with a wrong key not to be notified that their password is wrong but
> > instead to have a wrong decrypted file.
>
> Incorrect keys for CBC mode encrypted octet-aligned data will with high
> probability of decrypting to incorrectly padded, or non-octet aligned data.
>
s/of decrypting/decrypt/
You can also use "-nopad" with standard ciphers, but only if your data
is "block-aligned", and it is not clear why this is useful. Note, with
padding you still have a slightly greater than 1:256 odds of getting a
false positive.
--
Viktor.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
