On 29/12/2018 13:41, Ertan Küçükoglu wrote:
Hello,
Windows program does not know length of data. I would like to use some
kind of standard method and use exact method on Windows to decrypt.
I think my problem is really that I do not know what "padding" is used
by default. I have found below function. However, there is no detailed
explanation about it in here:
https://www.openssl.org/docs/man1.0.2/crypto/EVP_CIPHER_CTX_set_padding.html
int EVP_CIPHER_CTX_set_padding(EVP_CIPHER_CTX *x, int padding);
I wanted to learn what values can "padding" parameter be. I understand
I can set it to zero ( 0 ) for disabling padding. This is not what I
want because my plain text length is not confirmed to be multiply of
16 bytes.
I can use PKCS#7 to decrypt on Windows so I would like to encrypt
using that padding. Just do not know what value to pass in above
function now.
PKCS#7 also known as CMS or (in OpenSSL) SMIME, doesn't just pad. It
generates a random key and encrypts it with the recipients key (usually
a public key from a certificate, but there may be a symmetric variant).
Thus to do PKCS#7 with OpenSSL, you need to use the "openssl cms" command
line or the corresponding functions.
Michael Wojcik <Michael.Wojcik@xxxxxxxxxxxxxx
<mailto:Michael.Wojcik@xxxxxxxxxxxxxx>>, 28 Ara 2018 Cum, 21:16
tarihinde şunu yazdı:
> From: openssl-users [mailto:openssl-users-bounces@xxxxxxxxxxx
<mailto:openssl-users-bounces@xxxxxxxxxxx>] On Behalf Of Ertan
Küçükoglu
> Sent: Thursday, December 27, 2018 16:03
> A- I tried to directly decrypt (no padding applied) and I get my
plain text plus
> some additional invisible characters at the end. I am told it
maybe a "padding"
> issue, my problem, during decryption.
How does the Windows program know how long the decrypted data is?
It sounds to me like the problem is simply that your Windows code
is decrypting the data correctly, then reading past it into
garbage left at the end of the buffer.
If the messages are of fixed length, only use that many bytes from
the decryption output. If they're of variable length, then the
sender will have to tell the receiver how long they are. There are
many ways of doing that; you haven't told us enough about your
protocol to know which would be appropriate in your case.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
