-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Yeah, the XML Enc spec has a non-standard padding for AES/DES and this is the reason for this code.
I would much prefer to add a flag customPadding to the struct _xmlSecOpenSSLEvpBlockCipherCtx that would determine this and then set this flag from the xmlSecOpenSSLEvpBlockCipherInitialize() function. This is much cleaner. Thanks, Aleksey On 3/10/15 12:13 PM, Nikolay Shaplov wrote: > > I've succsessuflly implemented GOST 28147-89 symmetric transform. > You can see alpha version of a patch. > > I think i will add cfb suffix to all transform names, as gost98 > works by default in cfb mode. And this mode is recommended. (cbc > even has only custom implementation as it is out of standard) > > I also met an issue I'd like to discuss... > > cfb mode do not need padding. And for AES and DES encryption some > strange efforts are made in openssl/ciphers.c in functions > > xmlSecOpenSSLEvpBlockCipherCtxUpdate > xmlSecOpenSSLEvpBlockCipherCtxFinal > > So I've wrapped all padding code in > > if ((xmlSecKeyDataId*) ctx->keyId != (xmlSecKeyDataId*) > xmlSecOpenSSLKeyDataGost28147_89Id) > > and everything work well now. > > I am not sure that it is the best way to do the trick... If this > way is good enough I will indent code in proper way there. If not, > tell me what way to use... > > > > _______________________________________________ xmlsec mailing > list [email protected] > http://www.aleksey.com/mailman/listinfo/xmlsec > -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.22 (Darwin) Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJU/3msAAoJEEEbi2vACtCgM7YQAJq6DpXXHZiu9jLTCHT2030P l97Yk3ExSWsKel86oUzeoPNCMKeT7BqY+tUZO5EuuimhZnTKWcFYxHbbBJzHsNwo E7IA2D21zwEhX0O6Je6wEG0JTE4omGv98zcUsgOijX6dXQJ94kiiKILFEcLVrg9N PHLxWr+gfHefkzXHDkaZcO5yXeo9SUyWsQfMEPg5bL1nHMGjIGjP0mhpFS6G4Z5v z/23X5GY6zTBG51r4qjKKLjRTSdkZ25yiIO1nf+LJIpjQZEqOvNq0hZpkjs4oWCe iuspvihuWdo1VbIEz8og08BLCL3H5Yh5yKx9CEl/7e3BOId4tW7yDh5Zczbue92/ KIQeQAmHNgntxVIFms+TqRswX9ORuEw7HNDH2i9QTmZnTcbo2rnMq+KkrZWKmyvq Q1h8L496/Mp8S7MoP5V+7UKmaD9vAaUF5zJZ8FOsV4BLdCKX4SJ3WPNsrgT6VhsW HFb5otgkoS8K8+LGY86N8Y5K8Tg8WUW6X/rCthqOUaMAD5OB3Xj9zn0fvHLWDGqI N2TO+m+BMErni86BS0xL+s+5CzUG0ucZ8ZQzrovqKi1RLDE07H0Nib524xjsfPg8 4O42JaaF2q3E/jtltHrOp92HOq4EeFiInvcsajdyKWD3PNxhx4CGot9G/H68kPf1 gpGauYP+VLpFU6zcrE5X =Ti+S -----END PGP SIGNATURE----- _______________________________________________ xmlsec mailing list [email protected] http://www.aleksey.com/mailman/listinfo/xmlsec
