[erlang-questions] question regarding symmetric encryption with crypto library
Tue Apr 28 02:19:01 CEST 2009
Read the SSL/TLS RFC for some good ideas.
Basically you need out-of-band agreement so both tx and rx applications know what to expect. One possibility is the first 2 bytes of data in each encrypted message can describe the actual length of valid data; followed by some amount of random fill.
From: Larry White <ljw1001@REDACTED>
To: "erlang-questions@REDACTED" <erlang-questions@REDACTED>
Sent: Tuesday, 28 April, 2009 6:49:01 AM
Subject: [erlang-questions] question regarding symmetric encryption with crypto library
In the past the encryption libraries I've used have accepted an arbitrary string as plain text input. The des implementation in crypto (and the algorithm itself) seems to require that the the input text be some multiple of 8 bytes long. I can pad the input string with something to make it n*8 bytes long, but then when I decrypt the string, I have no way of knowing if the returned value was padded and by how much.
This seems like a problem many people must have solved. What's the right way to do this here?
thanks much for your help.
Enjoy a safer web experience. Upgrade to the new Internet Explorer 8 optimised for Yahoo!7. Get it now.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the erlang-questions