>> i am wondering how key derivation in openssl works, I got
>>
>> > > openssl enc -des -P -k 'admin' -nosalt
>> key=21232F297A57A5A7
>> iv =43894A0E4A801FC3
>>
>> as far i understand the documentation, in this setting the
>> key and iv are
>> just taken from
>>
>> md5(admin)=456b7016a916a4b178dd72b947c152b7
>>
> md5(admin)= 21232f297a57a5a743894a0e4a801fc3
> md5(admin PLUS NEWLINE)= what you got
>
Thanks, for your reply - by default nano adds a newline to a file, so i
got bad results.
The next step is to understand the insertion of salt. I tried to
understand 'enc.c' and 'evp_key.c', for key derivation EVP_BytesToKey() is
called. I am not familiar with things like MDcontexts; BIOs etc, so i
don't understand it very well. But according to its documentation it
computes
D_0 = {}
D_i = hash(d_{i-1}||data||salt)
After that the key and iv are taken from D_1, D_2, ...
For DES it would be enough to generate D_1.
data = 'admin'
As salt i use '0000000000000000', so 'Salted__0000000000000000' is passed
to EVP_BytesToKey - Anyway i cant reproduce
> openssl enc -des -k 'admin' -P -S 0000000000000000
salt=0000000000000000
key=752B559CFABA36F6
iv =9B6A524533353200
by hand. A Similar problem with
openssl enc -blowfish -k 'admin' -P -nosalt
key=21232F297A57A5A743894A0E4A801FC3 = md5(admin)
iv =7BED69E4F5F533BE != md5(md5(admin)||admin)..
can someone give me some hints..
stephan
ps: sorry for the double postings.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
