Dear Bill,
Thank you very much for your quick reponse, on Sunday night!
Indeed I had read this part, but couldn't make much of it. It took me a
while to rewrite the code, but eventually everything looks fine!
BR,
Nikos
----- Original Message -----
From: "Bill Colvin" <bill.col...@opticatech.com>
To: <openssl-users@openssl.org>
Sent: Sunday, March 08, 2009 9:11 PM
Subject: RE: des_ncbc_encrypt question
I suggest you carefully read the following function description paying
close attention to length.
DES_ncbc_encrypt() encrypts/decrypts using the cipher-block-chaining (CBC)
mode of DES. If the encrypt argument is non-zero, the routine
cipher-block-chain encrypts the cleartext data pointed to by the input
argument into the ciphertext pointed to by the output argument, using the
key schedule provided by the schedule argument, and initialization vector
provided by the ivec argument. If the length argument is not an integral
multiple of eight bytes, the last block is copied to a temporary area and
zero filled. The output is always an integral multiple of eight bytes.
Bill
-----Original Message-----
From: owner-openssl-us...@openssl.org
[mailto:owner-openssl-us...@openssl.org] On Behalf Of Nikos Balkanas
Sent: March 8, 2009 1:20 PM
To: openssl-users@openssl.org
Subject: des_ncbc_encrypt question
Hi,
I am using des_ncbc_encrypt to encrypt/decrypt packages in a server/client
architecture (CBC mode). When I test encryption/decryption from within the
server I get everything decrypted OK, except the last 4 bytes. However,
this
is enough for the client to reject the packet. I am using the following
code:
uchar * output;
des_key_schedule des_ks;
des_cblock des_key, des_iv;
memcpy(des_iv, iv, sizeof(des_iv));
memcpy(des_key, server_write_enc_key, sizeof(des_key));
des_set_odd_parity(&des_key);
if (des_set_key_checked(&des_key, des_ks))
{
error(0, "wtls_des: Unable to set key schedule");
return(NULL);
}
output = (uchar *)gw_malloc((len + 1)* sizeof(uchar));
des_ncbc_encrypt(data, output, len, des_ks, &des_iv, crypt);
where crypt takes the values DES_ENCRYPT or DES_DECRYPT.
<gdb>
(gdb) p data + 1640
$11 = (
unsigned char *) 0x75f700
"*ξΥΰl:=8υ\n\236\236π\006\006\006\006\006\006\006"
(gdb) p output + 1640
$15 = (uchar *) 0x75e6f0 "Yy�6ΰ�'\216―L�kφ\033\232’)«Ε\233"
Decrypting output through another call to the same function (everything
gets
reinitialized) I get:
(gdb) p data + 1640
$22 = (unsigned char *) 0x760710
"Yy�6ΰ�'\216―L�kφ\033\232’)«Ε\233" (OK)
(gdb) p output + 1640
$24 = (uchar *) 0x75c6d0 "*ξΥΰl:=8υ\n\236\236π\006\006\006(VχR" (??)
Everything is fine except for the trailing "(VχR". Any ideas or pointers
of
what is wrong, would be greatly appreciated.
Thanx,
Nikos Balkanas
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
:I®r¶Γ¥²�¦1��¥²z¥²€Άy²�®Ά�z–
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
