Re: using AES encryption
Quoting Nils Larsch <[EMAIL PROTECTED]>: Julien ALLANOS wrote: ... Actually, I have tested the following: EVP_CIPHER_CTX_init(&ctx); EVP_CipherInit_ex(&ctx, EVP_aes_192_ecb(), NULL, key->data, NULL, 1); if (!EVP_CipherUpdate(&ctx, ciphertext->data, (int *) &ciphertext->length, plaintext->data, (int) plaintext->length)) { EVP_CIPHER_CTX_cleanup(&ctx); return NULL; } if (!EVP_CipherFinal_ex(&ctx, ciphertext->data, (int *) &ciphertext->length)) here you overwrite the previously set length and data. Have a look at the do_crypt example in the EVP_EncryptInit manpage. Nils Fine, it is working well now. Thanks for your help. Can I just assume that: 1/ AES_BLOCK_LENGTH = 16 ? 2/ output buffer size = input buffer size + AES_BLOCK_LENGTH for EVP_CipherUpdate()? 3/ output buffer size = AES_BLOCK_LENGTH for EVP_CipherFinal_ex()? -- Julien ALLANOS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: using AES encryption
Julien ALLANOS wrote: ... Actually, I have tested the following: EVP_CIPHER_CTX_init(&ctx); EVP_CipherInit_ex(&ctx, EVP_aes_192_ecb(), NULL, key->data, NULL, 1); if (!EVP_CipherUpdate(&ctx, ciphertext->data, (int *) &ciphertext->length, plaintext->data, (int) plaintext->length)) { EVP_CIPHER_CTX_cleanup(&ctx); return NULL; } if (!EVP_CipherFinal_ex(&ctx, ciphertext->data, (int *) &ciphertext->length)) here you overwrite the previously set length and data. Have a look at the do_crypt example in the EVP_EncryptInit manpage. Nils __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: using AES encryption
Quoting Julien ALLANOS <[EMAIL PROTECTED]>: Quoting Nils Larsch <[EMAIL PROTECTED]>: Julien ALLANOS wrote: Hello, I want to use AES encryption in my C application, but I am missing documentation. I only have openssl/aes.h but there isn't any manpage. Can someone points me to any how-to or source code? Thanks for you help. consider using the EVP_Cipher* etc. functions (see EVP_CipherInit_ex manpage) Nils Thanks Nils. This manpage shows a great example of an encryption/decryption function using this high-level API. However, I have a last question: is there any limit on the input buffer size for EVP_CipherUpdate()? I see in the example that you're using 1024 bytes buffers inside a for loop. In my application, most of the buffers I'm encrypting using AES-192 are <1024 bytes, but there might be cases where a buffer has a greater size (not so much though). I'm wondering if calling EVP_CipherUpdate() only once would be generic enough to handle these situations, or if I should use a for loop as you did. Thanks for any help. Actually, I have tested the following: EVP_CIPHER_CTX_init(&ctx); EVP_CipherInit_ex(&ctx, EVP_aes_192_ecb(), NULL, key->data, NULL, 1); if (!EVP_CipherUpdate(&ctx, ciphertext->data, (int *) &ciphertext->length, plaintext->data, (int) plaintext->length)) { EVP_CIPHER_CTX_cleanup(&ctx); return NULL; } if (!EVP_CipherFinal_ex(&ctx, ciphertext->data, (int *) &ciphertext->length)) { EVP_CIPHER_CTX_cleanup(&ctx); return NULL; } EVP_CIPHER_CTX_cleanup(&ctx); Here, key, plaintext and ciphertext are structs with an unsigned char * 'data' field and a size_t 'length' field. plaintext->length is 59 (in bytes), so I have allocated 59 + 16 bytes for ciphertext->data before the snippet of code above. But after encryption, ciphertext->length is only 16 bytes long! Do I have to call EVP_CipherUpdate multiple times (and manage an offset for both plaintext and ciphertext) to encrypt the entire incoming data? If so, what's the purpose of the inl parameter if only a block length (16 bytes for AES) is read per call? Thanks for any enlightenment. -- Julien ALLANOS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: using AES encryption
Quoting Nils Larsch <[EMAIL PROTECTED]>: Julien ALLANOS wrote: Hello, I want to use AES encryption in my C application, but I am missing documentation. I only have openssl/aes.h but there isn't any manpage. Can someone points me to any how-to or source code? Thanks for you help. consider using the EVP_Cipher* etc. functions (see EVP_CipherInit_ex manpage) Nils Thanks Nils. This manpage shows a great example of an encryption/decryption function using this high-level API. However, I have a last question: is there any limit on the input buffer size for EVP_CipherUpdate()? I see in the example that you're using 1024 bytes buffers inside a for loop. In my application, most of the buffers I'm encrypting using AES-192 are <1024 bytes, but there might be cases where a buffer has a greater size (not so much though). I'm wondering if calling EVP_CipherUpdate() only once would be generic enough to handle these situations, or if I should use a for loop as you did. Thanks for any help. -- Julien ALLANOS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
Re: using AES encryption
Julien ALLANOS wrote: Hello, I want to use AES encryption in my C application, but I am missing documentation. I only have openssl/aes.h but there isn't any manpage. Can someone points me to any how-to or source code? Thanks for you help. consider using the EVP_Cipher* etc. functions (see EVP_CipherInit_ex manpage) Nils __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
using AES encryption
Hello, I want to use AES encryption in my C application, but I am missing documentation. I only have openssl/aes.h but there isn't any manpage. Can someone points me to any how-to or source code? Thanks for you help. -- Julien ALLANOS __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]