Hi guys, Am 15.06.2012 01:29, schrieb Victor Dubiniuk: > Blowfish*encrypt *method pads the input data with *0x00* in order to > make their length multiple of 8. Yes, that's a necessary step for block encryption algorithms. However, padding with (only) zeroes is troublesome as the step is possibly irrevertible. > From the other hand, trimming is required for any text file or string > as it is padded with 0x00 and corrupted if it's length is not multiple > of 8. > > I'm not sure how to solve this puzzle right now. You need to use one of the proven byte padding methods, see Wikipedia: <http://en.wikipedia.org/wiki/Padding_%28cryptography%29#Byte_padding> Pick your standardization flavor, ANSI, ISO, PKCS, they are all comparatively easy to code ;-) > Is it worth to store the original file size before encryption and trim > the excessive bytes for the decrypted file to match this size? That might work as well for the particular usecase. Roughly speaking, the padding methods mentioned above do not embed the length of the data but rather the amount of padding that was done. I think it would be preferable to stick to these known best practices.
If you want a somewhat more involved method that avoids adding length to an encrypted file, have a look at "ciphertext stealing". cu, Sven _______________________________________________ Owncloud mailing list [email protected] https://mail.kde.org/mailman/listinfo/owncloud
