Re: Using CAPI to encrypt in AES CBC mode without padding
- From: Mike Nelson <nelson_mikel@xxxxxxxxx>
- Date: 27 Apr 2007 16:04:21 -0700
On Apr 27, 2:51 pm, "devenka...@xxxxxxxxx" <devenka...@xxxxxxxxx>
wrote:
The default in MSCAPI is to use PKCS5 mode padding. I don't know what
that means. Basically I want to use no padding. Basic CBC mode
encryption should let me do that. In fact, on solaris using the Sun
Cryptographic Framework, I get exactly that (size of output buffer ==
size of input buffer).
Devenkalra,
You can read the pkcs5 padding definition here:
http://www.rsa.com/rsalabs/node.asp?id=2124
CBC mode can be used without padding, or with padding, as you say.
However, it sounds like CAPI only provides you with the padding
variant, which means that you will always get >= 1 byte of padding.
You should check carefully in case you simply have not found the no-
pad variant. It is likely that the Sun stuff you were using provided
you with both methods. If you can't live with padding, you may have
to find another CSP to use with CAPI, or write your own... There is a
faint possibility that your CSP supports primitive single block AES
encryption, in which case you could easily roll your own CBC.
No doubt you realize that if you use no-pad CBC and you have data that
is not a whole number of blocks, then you are in trouble...
.
- References:
- Using CAPI to encrypt in AES CBC mode without padding
- From: devenkalra
- Re: Using CAPI to encrypt in AES CBC mode without padding
- From: Mike Amling
- Re: Using CAPI to encrypt in AES CBC mode without padding
- From: devenkalra@xxxxxxxxx
- Using CAPI to encrypt in AES CBC mode without padding
- Prev by Date: Re: Using CAPI to encrypt in AES CBC mode without padding
- Next by Date: Re: Book on Pre-MATH for cryptography and cryptanalysis. Reply
- Previous by thread: Re: Using CAPI to encrypt in AES CBC mode without padding
- Next by thread: JSH: I am SMARTER than you are
- Index(es):
Relevant Pages
|
|
