[xmlsec] GOST 28147-89 CFB && padding issue

Nikolay Shaplov dhyan at nataraj.su
Tue Mar 10 12:13:32 PDT 2015

I've succsessuflly implemented GOST 28147-89 symmetric transform. You can see 
alpha version of a patch.

I think i will add cfb suffix to all transform names, as gost98 works by default 
in cfb mode. And this mode is recommended. (cbc even has only custom 
implementation as it is out of standard)

I also met an issue I'd like to discuss...

cfb mode do not need padding. And for AES and DES encryption some strange 
efforts are made in openssl/ciphers.c in functions


So I've wrapped all padding code in 

if ((xmlSecKeyDataId*) ctx->keyId != (xmlSecKeyDataId*) 

and everything work well now.

I am not sure that it is the best way to do the trick... 
If this way is good enough I will indent code in proper way there. If not, 
tell me what way to use...
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: This is a digitally signed message part.
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20150310/78000d1c/attachment.sig>

More information about the xmlsec mailing list