I meant to send this to the list too, so others could point out any errors or omissions, etc., and so there'd be something for the archives :-). Sorry about that.
Reply used to naturally go to the list, I thought. Now it seems Reply-all is required? Geoff ---------- Forwarded message ---------- From: Geoff Beier <[email protected]> Date: Thu, Mar 24, 2011 at 01:07 Subject: Re: AES Problem To: "Robert F." <[email protected]> You'll need to change your encryption function too. You've got a round trip through your old hex encode/decode routines in there. I whacked together a quick and dirty sample that starts off with a password and generates a random salt and IV. It uses PBKDF2 to derive a key suitable for AES from the password and salt, then uses CBC mode to encrypt a message with that derived key. It then encodes ciphertext, salt and IV using the Hex Encoder and prints them. Then it decodes salt and IV, re-runs the key derivation function with the decoded salt and IV, uses that re-generated key to decrypt the encoded ciphertext that it just printed. I did compile and execute the code, but it was put together *very* quickly and lacks error checking, etc. It should make it easy to understand how the key derivation function works and how these filters all hang together. My sample is here: http://pastebin.com/sVq5JneG That code is as-is, no warranties. You can, of course, do what you want with that code. I'd particularly encourage you to read it carefully, understand it, find and fix any bugs, and write up your understanding in the crypto++ wiki so others can find it easily :-) When I run the test program that I get from compiling that program, here is its output: http://pastebin.com/NwjBdPhw Good luck, and I hope this helps. Geoff -- You received this message because you are subscribed to the "Crypto++ Users" Google Group. To unsubscribe, send an email to [email protected]. More information about Crypto++ and this group is available at http://www.cryptopp.com.
