Composition of DES_CBC_SHA
Ren Yanyu
robinren03 at outlook.com
Sun Mar 19 15:09:47 UTC 2023
Hi all,
I was trying to reproduce POODLE attack using OpenSSL 0.9.8 (though it is not a version-specific question) with designated ciphersuite DES_CBC_SHA. To be more specific, I use SSLv3.
I use SSL_write(ssl, buf, len) to send the data to a memory BIO and read the encrypted message. For example, one of the message reads:
17 03 00 00 18 ab d0 3c ae 20 f5 f8 ad dd 92 06 83 32 bd fa 6a 02 44 5d ec 7b 6d 0c 2b 17 03 00 00 28 66 45 37 06 e6 86 3e d2 cc 77 c1 0b 45 dd 96 0c c3 7c 23 8e ea 72 fa a6 f0 67 74 28 38 ae 37 23 92 b8 07 96 ce 0f d3 ea
As someone might notice, the message is of 74-bytes with a 5-byte SSL head, which means the application data is 69-byte. But the block size of DES is 8-byte and 69 is not evenly divisible by 8.
Furthore more, I notice that if len=10 or 11, the length of ciphertext will be 66; if len=12 or 13, the length of ciphertext will turn to 74 correspondingly. As the length of ciphertext should change only when len is divisible by 8. That makes me really confused.
I would greatly appreciate it if you coule explain to me how the ciphertext is composed of.
Best,
Robin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/openssl-users/attachments/20230319/cd83e2e2/attachment.htm>
More information about the openssl-users
mailing list