Ok, now it's much clearer! Thank you very much, Marek, that helped me a lot.
Marek Marcola wrote: > > Hello, >> Why is the initial vector (ivec) needed? > This is part of CBC mode. This mode does not depend on used block > encryption algorithm. Look at: > http://en.wikipedia.org/wiki/Cipher_block_chaining > As you see, there is no information of AES or DES, this is only > mode of operation > >> I see by reading the openssl code that it is used for xoring with the >> input >> before encrypting, but from what I see in other resources, this is not a >> part of the Rijndael algorithm (It is not the AddRoundKey). > Yes, this is not part of AES. AES defines one block transformation (16 > bytes) in 10, 12, or 14 rounds. At each round, round-key is added by > AddRoundKey procedure but this key is only generated from AES key > provided by user (128, 192 or 256 bit length) > >> So doesn't it make this implementation imcompatible with the standard? > No, there is AES algorithm and block mode operation algorithm. > >> (passing ivec of 0 will also not help, since it changes during the >> function >> and the changed value is used). > Yes. > >> Also, I see the code does: >> >> const unsigned char *iv = ivec; >> ... // changing iv while encrypting... and then at the end: >> memcpy(ivec,iv,AES_BLOCK_SIZE); >> >> >> - For what purpose is the new value of ivec "returned" to the caller (by >> the >> memcpy)? >> Is there a use for the new ivec after the function returns? Decoding will >> need the original value, so it can't be for that :/ > You may want to encrypt some data in chunks and call this functions > many times on your data "window". For that purpose IV is returned. > > Best regards, > -- > Marek Marcola <[EMAIL PROTECTED]> > > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager [EMAIL PROTECTED] > > -- View this message in context: http://www.nabble.com/AES-cbc--How-to-Init-Openssl--tf4376933.html#a12733779 Sent from the OpenSSL - User mailing list archive at Nabble.com. ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager [EMAIL PROTECTED]
