Corrected the typo
From: Paramashivaiah, Sunil
Sent: Tuesday, August 17, 2021 3:48 PM
To: [email protected]
Cc: Bhattacharjee, Debapriyo (c) <[email protected]>
Subject: Replacing DES_ede3_cbc_encrypt with EVP API's for upgrading to openssl
3.0
Hi All,
I am trying to upgrade our application to use openssl 3.0 from
openssl 1.0.2.
I am trying to replace DES_ede3_cbc_encrypt with EVP API's as
below.
DES_ede3_cbc_encrypt accepts 3 keys got from des_key_sched.
But for same thing to work using EVP API we have option for only
one key.
EVP_EncryptInit_ex2(ctx, EVP_des_ede3_cbc(), (unsigned char
*)key->v, (unsigned char *)iv->v, NULL)
Please suggest if this is correct. Even for decrypt, will passing
only one key to EVP_DecryptInit_ex2 work
Old Code:
if (des_key_sched((void *)key->v, ks1) != 0)
return NULL;
if (des_key_sched((void *)(key->v + 8), ks2) != 0)
return NULL;
if (des_key_sched((void *)(key->v + 16), ks3) != 0)
return NULL;
/* decryption data */
DES_ede3_cbc_encrypt((const unsigned char *)data->v, (unsigned char
*)res->v, data->l,
&ks1, &ks2, &ks3, (unsigned char (*)[8])iv->v, DES_ENCRYPT);
New Code:
EVP_EncryptInit_ex2(ctx, EVP_des_ede3_cbc(), (unsigned char *)key->v,
(unsigned char *)iv->v, NULL)
EVP_EncryptUpdate(ctx, (unsigned char *)res->v, &outl, (unsigned char
*)data->v,
data->l)
EVP_EncryptFinal_ex(ctx, (unsigned char *) res->v + outl, &tmpl)
Thanks and Regards,
Sunil
Notice: This e-mail together with any attachments may contain information of
Ribbon Communications Inc. and its Affiliates that is confidential and/or
proprietary for the sole use of the intended recipient. Any review, disclosure,
reliance or distribution by others or forwarding without express permission is
strictly prohibited. If you are not the intended recipient, please notify the
sender immediately and then delete all copies, including any attachments.
