On Wed, Feb 24, 2010, Gregory BELLIER wrote: > Hello Weidong and Stephen, > > So please, if you have time, take a look at this code sample, maybe you'll > notice something in just a glance. > > #define BLOCK_CIPHER_def_dyna(cname, nmode, mode, MODE, kstruct, nid, > block_size, \ > key_len, iv_len, flags, init_key, cleanup, \ > set_asn1, get_asn1, ctrl) \ > static EVP_CIPHER cname##_##mode = { \ > nid##_##nmode, block_size, key_len, iv_len, \ > flags | EVP_CIPH_##MODE##_MODE, \ > init_key, \ > cname##_##mode##_cipher, \ > cleanup, \ > sizeof(kstruct), \ > set_asn1, get_asn1,\ > ctrl, \ > NULL \ > }; \ > > #define IMPLEMENT_BLOCK_CIPHER_CBC(cname, ksched, cprefix, kstruct, nid, \ > block_size, key_len, iv_len, cbits, \ > flags, init_key, \ > cleanup, set_asn1, get_asn1, ctrl) \ > BLOCK_CIPHER_func_cbc(cname, cprefix, kstruct, ksched) \ > BLOCK_CIPHER_def_dyna(cname, cbc, cbc, CBC, kstruct, nid, 0, 0, 0, \ > flags, init_key, cleanup, set_asn1, get_asn1, ctrl) > > IMPLEMENT_BLOCK_CIPHER_CBC(myc, ks, MYC, EVP_MYC_KEY, > NID_myc, 16, MYC_KEY_LENGTH,16, 128, > EVP_CIPH_VARIABLE_LENGTH, myc_init_key, NULL, > EVP_CIPHER_set_asn1_iv, EVP_CIPHER_get_asn1_iv, > NULL) > > const EVP_CIPHER *EVP_myc_cbc(void) > { > myc_cbc.block_size = 16; > myc_cbc.iv_len = 16; > myc_cbc.key_len = 32; > return &myc_cbc; > } >
Just a comment about that and a point of reference for anyone who might also want to implement a cipher. All this IMPLEMENT/DECLARE business is done internally so we can defined many cipher structures which are almost identical and any changes to them need only a macro change and not having to manually update over a hundred definitions as well. If you define your own cipher you don't and arguably shouldn't do that because it can be difficult to see what is going on. You can just define the EVP_CIPHER structure manually. There is an example of this "manual cipher" definition in crypto/evp/e_xcbc_d.c One thing to note is that OpenSSL expects a cipher to function correctly if the input and output buffers are the same (i.e. to cipher "in place"). I'd suggest testing with something like the 'enc' utility at first to see if you can encrypt/decrypt data sensibly. If you have any test vectors then try those too. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org