Re: AES cbc? How to Init Openssl?

Tue, 04 Sep 2007 06:27:46 -0700 

Hello,
> 1. If I want to encrypt with AES_cbc_encrypt() I have to give the key I have 
> created with AES_set_encrypt_key(). 
> For decryption vice versa?
Yes,

> 2. What is the parameter "ivec" in AES_cbc_encrypt? What must set if I want 
> to encrypt or decrypt?
This is initialization vector for CBC. Must be the same for encryption and 
decryption.

> 3. How big must be the buffer for AES_cbc_encrypt? If I want to decrypt 32 
> Byte = 256 Bit with AES256, I have to create a 32 Byte Buffer. 
> If I want to encrypt 257 Bit I have to create a 512 Bit buffer?
For AES block size is 16 bytes irrespective of the length of the key
(128, 192, 256). In CBC mode, your encrypted data can be bigger for one
block (for padding).

Two simple examples attached.
If you save output from aes_enc to enc.bin then you will be able to
decrypt this data with command:
 $ openssl aes-256-cbc -in enc.bin -K \
 000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F -iv \
 000102030405060708090A0B0C0D0E0F -d

Because I use key of 32 bytes this is AES256, for AES192 key has 24
bytes and for AES128 key has 16 bytes.

Best regards,
-- 
Marek Marcola <[EMAIL PROTECTED]>

#include <stdio.h>
#include <string.h>

#include <openssl/aes.h>

int main(int argc, char *argv[])
{
	unsigned char key16[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
	unsigned char key24[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23};
	unsigned char key32[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31};
	unsigned char iv[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};

	unsigned char inbuf[1024]="marek\x0a\x0a\x0a\x0a\x0a\x0a\x0a\x0a\x0a\x0a\x0a";
	unsigned char outbuf[1024];

	AES_KEY aeskey;

	memset(outbuf, 0, sizeof(outbuf));

	AES_set_encrypt_key(key32, 32*8, &aeskey);

	AES_cbc_encrypt(inbuf, outbuf, 16, &aeskey, iv, AES_ENCRYPT);

	fwrite(outbuf, 1, 16, stdout);

	return(0);
}

#include <stdio.h>
#include <string.h>

#include <openssl/aes.h>

int main(int argc, char *argv[])
{
	unsigned char key16[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};
	unsigned char key24[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23};
	unsigned char key32[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31};
	unsigned char iv[] = {0,1,2,3,4,5,6,7,8,9,10,11,12,13,14,15};

	unsigned char inbuf[1024]="\x1f\xe6\xeb\xb8\x02\xc2\xf8\x6d\xc4\x4c\x1e\x63\xf2\x4b\xdd\xde";
	unsigned char outbuf[1024];

	AES_KEY aeskey;

	memset(outbuf, 0, sizeof(outbuf));

	AES_set_decrypt_key(key32, 32*8, &aeskey);

	AES_cbc_encrypt(inbuf, outbuf, 16, &aeskey, iv, AES_DECRYPT);

	fwrite(outbuf, 1, 5, stdout);

	return(0);
}

Reply via email to