Mounir IDRASSI wrote in message
To my knowledge, SSLV2, SSLV3 and TLS1.0 all use PKCS#1 Block Type 2
padding.
Are you sure about this? I'm writing a server and I occasionally get the
error I reported; however, if what you are saying is true, the error may be
indicative of another problem.
Michael S. Zick wrote in message
The padding is added to the **plain text**
After decryption, the server can determine the padding present.
I'm writing a server and I usually just call RSA_private_decrypt(...,
RSA_PKCS1_PADDING). Everything works fine most of the time but sometimes I
get
On Mon, Nov 09, 2009, barcaroller wrote:
Mounir IDRASSI wrote in message
To my knowledge, SSLV2, SSLV3 and TLS1.0 all use PKCS#1 Block Type 2
padding.
Are you sure about this? I'm writing a server and I occasionally get the
error I reported; however, if what you are saying is
Hi,
Take a look at function get_client_master_key in the file s2_srv.c, and
specifically at the line where a call to ssl_rsa_private_decrypt is made
: in it, the decision to use RSA_PKCS1_PADDING or RSA_SSLV23_PADDING is
made depending on the value of the member ssl2_rollback of the
Mounir IDRASSI wrote in message ...
You simply can't guess the padding mode if you don't know it in advance.
Imagine the security consequences if this was possible : it would mean
that an attacker can have information about the clear text without having
access to the private key!!
Okay,
On Sun November 8 2009, barcaroller wrote:
Mounir IDRASSI wrote in message ...
You simply can't guess the padding mode if you don't know it in advance.
Imagine the security consequences if this was possible : it would mean
that an attacker can have information about the clear text
Hi,
Which version of SSL/TLS are you talking about?
To my knowledge, SSLV2, SSLV3 and TLS1.0 all use PKCS#1 Block Type 2
padding (in case of SSL V2 rollback, that last eight padding bytes are
not random and are set to 0x03 but this special case is detect at the
protocol level).
Cheers,
--
How can I tell what the padding mode was before I attempt to decrypt data.
For example, when I use
RSA_private_decrypt(encsize,
encdata,
decdata,
privkey,
RSA_PKCS1_PADDING)
Hi,
You simply can't guess the padding mode if you don't know it in advance.
Imagine the security consequences if this was possible : it would mean
that an attacker can have information about the clear text without
having access to the private key!!
Cheers,
--
Mounir IDRASSI
IDRIX
