On 3/19/2012 5:26 PM, Nicle wrote:
Hi all,
I can understand if file-size%16 != 0, openssl will pad data.
But it will also pad 16bytes for those file size exactly 16 times.
For example: original file size 16 bytes, cipher file size: 32 bytes.
Any help will be so appreciated.
Best Regards
Neo
The following description says 16, when it should really
say "the block size of the algorithm you select, e.g. 8
for DES, IDEA, 3DES and Blowfish, 16 for AES and TwoFish
etc."
OpenSSL is using the same padding rule as specified for
SSL connections:
Pad with bytes whose value is the number of padding bytes,
so decryption can see how many bytes to remove to get the
actual file data without padding.
To make this work for file-size%16 == 0, it is necessary
to pad with 16 bytes whose value are all 16, otherwise,
decryption could not tell the difference between a 16
byte file whose last byte was 1 and a 15 byte file.
Some beginners have suggested only padding with 16 x 16
if the last bytes of plain text happens to be one of the
16 padding patterns, but this would cause the size of the
encrypted file to reveal if the last bytes of the plain
text file was one of those values or not, which was
supposed to be hidden by the encryption.
So the rule is to pad with 1 to 16 bytes, each of which is
the number of bytes in the padding.
There is one more rule: If decryption sees a result which
does not end with a valid padding, it must not return an
error message any different from what it would have
returned for any other corrupt file, as otherwise an
attacker can use the error message to tell how close she
is to guessing the secret key.
Of cause if you are just using the "openssl enc" command
line command as a way to access the raw encryption with
your own padding and security around it, then you can
just feed it a multiple of 16 bytes, and then throw away
the 16 bytes of encrypted padding at the end of the result.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
