Hi,
On Mon, Sep 12, 2022 at 02:43:09PM +0200, Kristof Provost via Openvpn-devel
wrote:
> > it *does* bump the outside packet length up by +16 bytes ("bad length 1512"
> > ->
> > "1528"). Smells cipher algorithm padding or so - but why 16? And why pad
> > at all (AES-256-GCM used, so I think we should not pad)?
> >
> I would still expect padding. AES will operate on 16 byte blocks, so no
> matter the block chaining mode we???re going to have that
> multiple-of-16-bytes thing.
Asking the expert again :-)
14:51 <@plaisthos> aes-ctr generates a multiple of 16 bytes as stream
14:52 <@plaisthos> then you xor the message to that and just use the len of the
message
so yes, 16 byte block, but the message length does not increase.
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
