[openssl-dev] [openssl.org #3675] Fix key wrapping mode with padding to conform to RFC 5649
Petr Spacek via RT
rt at openssl.org
Mon Jan 26 18:03:01 UTC 2015
Hello,
I'm attaching patch which fixes key wrapping mode with padding to conform to
RFC 5649.
According to RFC 5649 section 4.1 step 1) we should not add padding if
plaintext length is multiple of 8 ockets.
This matches pseudo-code in http://dx.doi.org/10.6028/NIST.SP.800-38F
on page 15, section 6.3 KWP, algorithm 5 KWP-AE, step 2.
Alternatively the same patch can be pulled from branch rfc5649_fix on Github:
https://github.com/spacekpe/openssl/commit/69a37391f4a82855246fd86ddfb0c6bb47c36855
Have a nice day!
--
Petr Spacek @ Red Hat
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-key-wrapping-mode-with-padding-to-conform-to-RFC.patch
Type: text/x-patch
Size: 1705 bytes
Desc: not available
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20150126/cff02639/attachment.bin>
More information about the openssl-dev
mailing list