Hello, > Why is the initial vector (ivec) needed? This is part of CBC mode. This mode does not depend on used block encryption algorithm. Look at: http://en.wikipedia.org/wiki/Cipher_block_chaining As you see, there is no information of AES or DES, this is only mode of operation
> I see by reading the openssl code that it is used for xoring with the input > before encrypting, but from what I see in other resources, this is not a > part of the Rijndael algorithm (It is not the AddRoundKey). Yes, this is not part of AES. AES defines one block transformation (16 bytes) in 10, 12, or 14 rounds. At each round, round-key is added by AddRoundKey procedure but this key is only generated from AES key provided by user (128, 192 or 256 bit length) > So doesn't it make this implementation imcompatible with the standard? No, there is AES algorithm and block mode operation algorithm. > (passing ivec of 0 will also not help, since it changes during the function > and the changed value is used). Yes. > Also, I see the code does: > > const unsigned char *iv = ivec; > ... // changing iv while encrypting... and then at the end: > memcpy(ivec,iv,AES_BLOCK_SIZE); > > > - For what purpose is the new value of ivec "returned" to the caller (by the > memcpy)? > Is there a use for the new ivec after the function returns? Decoding will > need the original value, so it can't be for that :/ You may want to encrypt some data in chunks and call this functions many times on your data "window". For that purpose IV is returned. Best regards, -- Marek Marcola <[EMAIL PROTECTED]> ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
