Thanks Marek. I will try the attached code in the attached files. In many of the examples i have come across, i see IV is always being. Is it not possible to use this API by setting IV to NULL? (As i understand for CBC IV is a must) . In AES_Encrypt(), we don't use IV. Does this mean this does stream ciphering (byte by byte)?
Does any one know if Openssl supports AES-XTS? Reason is we are exploring to see if we can employ this. When i Googled, i did see some change request log which said AES-XTS has been added to Openssl in v1.1.0 which i am not able to find for download... Any idea on this? -Prashanth On Wed, Mar 28, 2012 at 8:26 PM, <marek.marc...@malkom.pl> wrote: > Hello, > > If you want to use low-level AES functions to encrypt more then 16 bytes > you > should use AES in CBC mode. You can implement this mode using AES_encrypt > () > or better use AES_cbc_encrypt(). > Using AES_encrypt() block-by-block is called ECB mode. > Look at: http://en.wikipedia.org/wiki/Block_cipher_modes_of_operation > > Example of using AES_cbc_encrypt() attached (pay attension of block > padding). > > Best regards, > -- > Marek Marcola <marek.marc...@malkom.pl> > > > > owner-openssl-us...@openssl.org wrote on 03/28/2012 09:01:25 AM: > > > Prashanth kumar N <prashanth.kuma...@gmail.com> > > Sent by: owner-openssl-us...@openssl.org > > > > 03/28/2012 09:03 AM > > > > Please respond to > > openssl-users@openssl.org > > > > To > > > > openssl-users@openssl.org > > > > cc > > > > Subject > > > > Re: How to do encryption using AES in Openssl > > > > Here is the modified program > > > > #include <stdio.h> > > 2 #include <openssl/aes.h> > > 3 > > 4 static const unsigned char key[] = { > > 5 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, > > 6 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, > > 7 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, > > 8 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f > > 9 }; > > 10 > > 11 void main() > > 12 { > > 13 unsigned char text[]="test12345678abcf"; > > 14 unsigned char out[16]; > > 15 unsigned char decout[16]; > > 16 int i; > > 17 > > 18 AES_KEY ectx; > > 19 AES_KEY dectx; > > 20 > > 21 AES_set_encrypt_key(key, 256, &ectx); > > 22 AES_encrypt(text, out, &ectx); > > 23 > > 24 printf("encryp data = %s\n", out); > > 25 > > 26 AES_set_encrypt_key(key, 256, &dectx); > > 27 AES_decrypt(out, decout, &dectx); > > 28 printf(" Decrypted o/p: %s \n", decout); > > 29 > > 30 for (i = 0;i < 16; i++) > > 31 printf(" %02x", decout[i]); > > 32 } > > 33 > > > > As i read min AES block size is 128 bits which can go up to 256 bits in > multiples of 32- > > bits. Is this correct? > > I do know encrypted data is binary but when i pass the same data to > AES_decrypt() > > fucntion and print using %s, i get non-readable characters. What i > notice is when i > > change the input plain text, i do see o/p vaires. > > > > On Tue, Mar 27, 2012 at 11:24 PM, Ken Goldman <kgold...@us.ibm.com> > wrote: > > On 3/27/2012 1:33 PM, pkumarn wrote:> > > I am trying to write a sample program to do AES encryption using > Openssl. I > > tried going through Openssl documentation( it's a pain), could not > figure > > out much. I went through the code and found the API's using which i > wrote a > > small program as below (please omit the line numbers). I don't see any > > encryption happening... am i missing something? > > > > Define "I don't see any encryption happening". > > > > > > > PS: I don't get any errors upon compilation. > > > > 1 #include<stdio.h> > > 2 #include<openssl/aes.h> > > 3 > > 4 static const unsigned char key[] = { > > 5 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, > > 6 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff, > > 7 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, > > 8 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f > > 9 }; > > > > It's strange to define a 256 bit key and use 128 bits. > > > > > 10 > > 11 void main() > > 12 { > > 13 unsigned char text[]="virident"; > > > > The input must be equal to the AES block size. > > > > > 14 unsigned char out[10]; > > > > The output must be equal to the AES block size. > > > > > 15 unsigned char decout[10]; > > > > Same here. > > > > > 16 > > 17 AES_KEY wctx; > > 18 > > 19 AES_set_encrypt_key(key, 128,&wctx); > > 20 AES_encrypt(text, out,&wctx); > > > > This is a raw encrypt, which assumes input and output are one AES block. > > > > > 21 > > 22 printf("encryp data = %s\n", out); > > > > The encrypted data is binary, not a printable C string. > > > 23 > > 24 AES_decrypt(out, decout,&wctx); > > > > 25 printf(" Decrypted o/p: %s \n", decout); > > 26 > > 27 > > 28 } > > Please help me to figure this out... > > > > > > ______________________________________________________________________ > > OpenSSL Project http://www.openssl.org > > User Support Mailing List openssl-users@openssl.org > > Automated List Manager majord...@openssl.org >
