Hello
I'm new to OpenSSL and this is my first post here. Please let me ask you a
few questions about the symmetric encryption API (EVP_) of OpenSSL 1.0.1.
I'm developing an application which encrypts+writes and reads+decrypts data
to/from files. It has the following requirements (characteristics):
1. The encryption algorithm is AES 256. I'm considering to use CBC block
cipher mode.
2. The application needs to minimize the overhead associated with the
encryption/decryption processing. It utilizes AES-NI (which is offered
transparently by OpenSSL.)
3. It handles two types of files:
3-1 File type 1 consists of 4 KB blocks. The application randomly reads and
writes those blocks.
3-2 File type 2 consists of variable length of records ranging from several
bytes to a few kilobytes. The application randomly reads and writes those
records.
Here, "randomly" means that the application needs to be able to read and
decrypt one arbitrary block/record without any preceding blocks/records.
Q1: Is AES-NI automatically utilized on the processors that have the
capability? Do I have to do anything (e.g. specify some engine in
openssl.conf)?
Q2: I'm going to call EVP_CIPHER_CTX_set_padding(&ctx, 0) for file type 1.
Can I omit the calls to EVP_EncryptFinal_ex/EVP_DecryptFinal_ex between
EVP_EncryptUpdate/EVP_DecryptUpdate calls? I want to avoid function calls as
much as possible.
Q3: Is it allowed to specify the same buffer (address) for in and out
arguments in calls to EVP_EncryptUpdate/EVP_DecryptUpdate? Some places in
OpenSSL does that like "EVP_EncryptUpdate(&ctx, data, &outlen, data,
inlen)", but that usage is not specified in the evp manual page.
Q4: Do I have to call EVP_EncryptInit_ex/EVP_DecryptInit_ex for each
block/record? I'm concerned about the overhead of those functions. For
example, I want to make function calls as follows. However, this does not
seem to work.
/* one-time initialization */
ERR_load_crypto_strings();
OpenSSL_add_all_algorithms();
EVP_CIPHER_CTX_init(&enc_ctx);
EVP_CIPHER_CTX_init(&dec_ctx);
EVP_EncryptInit_ex(&enc_ctx, EVP_aes_256_cbc(), NULL, key, iv);
EVP_CIPHER_CTX_set_padding(&enc_ctx, 0);
EVP_DecryptInit_ex(&dec_ctx, EVP_aes_256_cbc(), NULL, key, iv);
EVP_CIPHER_CTX_set_padding(&dec_ctx, 0);
/* encrypt first block */
EVP_EncryptUpdate(&enc_ctx, block1, &outlen, block1, 4096);
/* encrypt second block */
EVP_EncryptUpdate(&enc_ctx, block2, &outlen, block2, 4096);
/* decrypt second block */
EVP_DecryptUpdate(&dec_ctx, block2, &outlen, block2, 4096);
/* decrypt first block */
EVP_DecryptUpdate(&dec_ctx, block1, &outlen, block1, 4096);
The above code produces wrong data for block2. One of the following seems to
fix this problem. But is there any way to use CBC without repeated calls to
EVP_EncryptInit_ex/EVP_DecryptInit_ex?
1. Call EVP_EncryptInit_ex/EVP_DecryptInit_ex before each
EVP_EncryptUpdate/EVP_DecryptUpdate.
2. Replace EVP_aes_256_cbc() with EVP_aes_256_ecb().
Regards
MauMau
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
