[gnutls-dev] Symmetric cipher API

Werner Koch wk at gnupg.org
Tue Nov 20 09:18:44 CET 2007


On Tue, 20 Nov 2007 00:31, mrsam at courier-mta.com said:

> I'm not sure I understand what exactly is so protocol-dependent
> here. An application needs to encrypt 900 bytes using a symmetric
> cipher with a block size of 8 bytes. It looks to me like the only
> option here is 112, continuous, full blocks and one partial block,
> using PKCS padding. That's pretty much a standard, if there is one,

Most of it is protocol dependent.  What mode does the protocol require,
does it require padding, how is the padding done, is there a higher
level of blocking required, are there special variants of the mode to be
employed and so on.  A lot of parameters and not everyone is using CBC
with the de-facto standard padding as CMS (pkcs#7) encryption does.


Salam-Shalom,

   Werner

-- 
Die Gedanken sind frei.  Auschnahme regelt ein Bundeschgesetz.




More information about the Gnutls-dev mailing list