On Sat, Jul 28, 2012, Tayade, Nilesh wrote: > Hi, > > I have developed the utility to decrypt the packets coming on wire. > I take the server private key and go on decrypting packets which are received > through the .pcap file. > > But the utility is crashing in decrypting a trace file (Please see the > snapshot attached. Terminal didn't allow me to copy/paste, so the screen > shot). > It receives SIGABRT. I have compiled debug version of openssl-1.0.0g > libraries and received this back trace. > > I see that the error it is trying to give is related to Padding check failure. > 1. How to decide the padding? By default I keep it to RSA_PKCS1_PADDING > always in RSA_private_decrypt(). > 2. Is there no graceful way to give such error than crashing? > 3. What could be the cause of padding check failed? On searching, I found > some discussions mentioning about key-certificate mismatch. > But in my case it decrypts few of the initial packets. >
Since you mention "packets" I'm assuming it is SSL/TLS. If so it always uses RSA_PKCS1_PADDING. It doesn't crash if that fails (otherwise you could DoS any webserver using OpenSSL that way) so that's presumably a problem with your program. Well the older SSLv2 protocol didn't use RSA_PKCS1_PADDING but that's obsolete now... Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
