On Tue, Apr 7, 2009 at 8:17 PM, Charles <hobbe...@gmail.com> wrote: > Doh! Thanks guys. I try and use std::strings where possible to keep > me out of trouble. Stupid. So I should be padding my key? I guess > this threw me off:
Trouble with string<> is (and with anything that thinks 'string' instead of 'binary blob', to ab/re-use a database term) that any NUL bytes within your key would make any assignment/copy-ing in your code dangerous as strings stop copying when they hit the NUL sentinel. Keys (and for that matter anything else that's fed to crypt APIs, unless it very specifically says: 'input value is supposed to be a string') should be thought of as 'series of arbitrary data bytes' plus 'length' attribute. > > from http://openssl.org/docs/crypto/EVP_EncryptInit.html: > > EVP_bf_cbc(void), EVP_bf_ecb(void), EVP_bf_cfb(void), EVP_bf_ofb(void); > > Blowfish encryption algorithm in CBC, ECB, CFB and OFB modes > respectively. This is a variable key length cipher. > > "Variable" key length? > > Charles Which brings us to Blowfish: when you compare BF with, say, DES or AES, the latter all have fixed width key sizes - by design -, e.g. 64 bits (8 bytes) or 128 bits (16 bytes). Sure, there's AES-256, but that is a _different cipher_ (okay, not really very different, but is a clearly defined, separately designed and tested, cipher, accepting 256 bits key values. BF is 'variable key size' as it's one design-fits-many key sizes: one specification, with not 'special sauce' for the various key sizes. You can specify your BF key (and its size) using the void BF_set_key(BF_KEY *key, size_t len, const unsigned char *data); API (see openssl/blowfish.h). From the manual: BF_set_key() sets up the BF_KEY key using the len bytes long key at data. See crypto/bf/bftest.c for an example of this: there, two keys are shown to be used, each of a different length and, notably, not each some integer multiple of 64 bits in key length. Hence: variable length key. (bftest uses strings as input as an example; don't let this fool you: data+len accepts _arbitrary_ data, so BF keys can be generated using a (secure) PRNG, such as RAND, included in OpenSSL.) -- Met vriendelijke groeten / Best regards, Ger Hobbelt -------------------------------------------------- web: http://www.hobbelt.com/ http://www.hebbut.net/ mail: g...@hobbelt.com mobile: +31-6-11 120 978 -------------------------------------------------- ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org