Re: Problem with configuring #rounds for RC5 in 0.9.6

Thu, 19 Oct 2000 05:51:09 -0700 

Iain Betson wrote:
> 
> Hi,
> 
> I think I've found a problem which prevents the number of rounds of the RC5
> cipher being configured when using the EVP cipher wrapper functions with
> OpenSSL 0.9.6. The default number of rounds for the EVP_rc5_32_12_16_cbc
> cipher is 12. To change this to 16, one might try to use
> EVP_CIPHER_CTX_ctrl(ctx, EVP_CTRL_SET_RC5_ROUNDS, RC5_16_ROUNDS, NULL). But,
> if this is called before EVP_CipherInit(), EVPCipher init overwrites the
> number of rounds back to the default of 12. If this is called after
> EVP_CipherInit(), it has no effect since the value is only copied into the
> EVP_CTX structure - the rc5 structure in EVP_CTX is not re-initialised with
> the new value.
> 
> Maybe rc5_ctrl() in e_rc5.c should only init the number of rounds to 12 in
> the EVP_CTRL_INIT case if the value is currently zero to allow
> EVP_CIPHER_CTX_ctrl() to be called beforehand to set the number of rounds to
> 16.
> 

You shouldn't have any problems if you follow the technique hinted at in
the manual page.

You need to call EVP_CipherInit() twice. 

The first time you have everything set to NULL apart from the cipher
context and the cipher type: this initializes the cipher context to use
the supplied cipher.

Then you change any parameters you wish with EVP_CIPHER_CTX_ctrl().

Then you call EVP_CipherInit() again but this time the cipher type is
NULL and you include the relevant key and iv.

After the second call you should be able to use the cipher context with
the relevant parameters appropriately set.

If that doesn't work then let me know.

Steve.
-- 
Dr Stephen N. Henson.   http://www.drh-consultancy.demon.co.uk/
Personal Email: [EMAIL PROTECTED] 
Senior crypto engineer, Celo Communications: http://www.celocom.com/
Core developer of the   OpenSSL project: http://www.openssl.org/
Business Email: [EMAIL PROTECTED] PGP key: via homepage.

______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    [EMAIL PROTECTED]
Automated List Manager                           [EMAIL PROTECTED]

Reply via email to