[prev in list] [next in list] [prev in thread] [next in thread]
List: gcrypt-devel
Subject: Re: gcry_cipher_decrypt usage
From: Joe the Shmoe <news () edrusb ! is-a-geek ! org>
Date: 2011-04-07 20:14:58
Message-ID: 3ji178-ps4.ln1 () news ! edrusb ! is-a-geek ! org
[Download RAW message or body]
Werner Koch a écrit :
> On Thu, 7 Apr 2011 10:55, news@edrusb.is-a-geek.org said:
>
>> Cipher used is blowfish. In this buggy situation, gcry_cipher_decrypt()
>
> What cipher mode (CBC, CFB, CTR, ...) and depending on that what kind of
> padding to you use. How do you call gcry_cipher_open?
gcry_cipher_hd_t clef;
err = gcry_cipher_open(&clef,
algo_id, // equal to GCRY_CIPHER_BLOWFISH
GCRY_CIPHER_MODE_CBC,
GCRY_CIPHER_SECURE);
etc...
>
>> The fact that clear data is located after the ciphered data is not
>
> Sure it can't know that and will happlity decrypt this.
OK, I better see the picture now, and understand my mistake.
> gcry_cipher_decrypt can's distinguish between cleartext and ciphertext.
> The upper layer (i.e. the protocol) must define how this can be done.
Yep, I must review this upper layer in Disk ARchive, to handle the
particular and rare situation in which this condition occur and thus
avoid having clear text after ciphered one being passed to
gcry_cipher_decrypt().
>
>> time, gcry_cipher_decrypt() returns an error as expected, because the
>
> gcry_cipher_decrypt can't return an error except for cases where you you
> pass an invalid data length (e.g. not a multiple of the blocklength).
>
> Shalom-Salam,
>
> Werner
>
Werner, Thank you for your clear explanations. And also, at this
occasion, thank you for GnuPG. ;-)
Best Regards,
Denis Corbin.
_______________________________________________
Gcrypt-devel mailing list
Gcrypt-devel@gnupg.org
http://lists.gnupg.org/mailman/listinfo/gcrypt-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic