Brian, Please refrain from sending the same message four times in a row. It doesn't get you an answer any faster.
The openssl enc command by default adds a salt to the start of the message to be encrypted and removes it on decryption. This salt is of the form "Salted__" followed by some binary data; your plaintext then follows. By default the binary data in the salt is random, and thus why you see the decrypted output changing each time. If you include the -nosalt option then no salt will be added and your output will be fixed. There is also a "-S hexdigits" option that allows you to specify the salt, eg. "-S 414243" will prepend Salted__ABC to your plaintext. Regards, Steven -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Brian Sent: Sunday, 1 February 2004 1:37 PM To: [EMAIL PROTECTED] Subject: Randomness in encrypted text I am having problems getting random output using AES encryption. I know that it is possible because by typing the following at the command prompt: openssl enc -e -aes-256-ecb -in test.txt -pass pass:hello -out test.enc the resulting file test.enc had different output every time I ran that command, so I wrote a simple program using the OpenSSL API to accomplish the same thing (the passphrase is not the same, of course): #include <stdio.h> #include <stdlib.h> #include <stdarg.h> #include <string.h> #include <ctype.h> #include <sys/types.h> #include <openssl/des.h> #include <openssl/rand.h> #include <openssl/aes.h> main() { static const unsigned char key32[32]= {0x12,0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0, 0x34,0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12, 0x56,0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34, 0x78,0x9a,0xbc,0xde,0xf0,0x12,0x34,0x56}; AES_KEY aes_ks1, aes_ks2, aes_ks3; char *plain = "This is a test"; char enc[200] = {'\0'}; char plain2[200]; int retval = RAND_write_file("./RND_FILE"); printf("RAND_write_file returned: %d\n", retval); retval = RAND_load_file ("./RND_FILE", -1); printf("RAND_load_file returned: %d\n", retval); printf("RAND_status = %d\n", RAND_status()); AES_set_encrypt_key(key32,256,&aes_ks3); AES_set_decrypt_key(key32,256,&aes_ks2); AES_ecb_encrypt(plain, enc, &aes_ks3, 1); printf("Plain: %s -- Enc: %s\n", plain, enc); AES_ecb_encrypt(enc, plain2, &aes_ks2, 0); printf("Lengths: Plain (%d) -- Enc (%d)\n", strlen(plain), strlen(enc)); int loop; for (loop = 0; loop < 50; loop ++) { printf("%x ", (u_char)enc[loop]); if ( ((loop+1)%20) == 0 ) printf("\n"); } printf("\n"); printf("Plain: %s -- Enc: %s\n", plain2, enc); return 0; } The program is compiled as follows: gcc -I /usr/local/ssl/include -L /usr/local/ssl/lib -o try_aes1 try_aes1.c -lssl -lcrypto -lsocket according to the documentation, Unix systems that have the file "/dev/urandom" are supposed to handle seeding the PRNG transparently. I am running this on Solaris and there is a file "/dev/urandom", yet every time I run this program, I get the exact same output. I tried it first without the RAND_* functions (RAND_load_file and RAND_write_file, etc.) and it did not work so I added them in later. Even though RAND_status returns 1 (indicating the PRNG was successfully seeded) I still get exactly the same output. Am I missing something? Are there more calls needed to make this accually work? Why does it work in the openssl command but not with the API? Any help would be greatly appreciated! I am using openssl version 0.9.7c on Solaris 2.9 Sparc (sparcv9, UltraSparc IIi) tested in both 32 and 64 bit mode. If I have left out any details let me know. Thanks, brian. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED] ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
