Remus Rusanu wrote on Saturday, May 07, 2011 07:41: > I need to exchange encrypted content with an existing application > on Windows with an RC4 key that is salted as per > http://msdn.microsoft.com/en-us/library/aa387782%28v=vs.85%29.aspx > (KP_SALT_EX). Note that this is not a passphrase and salt key derivation, > but a cipher initialized with some a known key and known initialization > vector, similar to a block cipher.
> I think technically RC4 does not have an IV, but what is the equivalent > operation I can perform in openssl to get the cipher in the desired state? > Specifying the salt as the iv param in EVP_EncryptInit does not work. As it seems Microsoft did not sufficiently document the key parameters KP_SALT and KP_SALT_EX. Some time ago I had a similar problem when I tried to decrypt a MS PFX container. This is what I could find out so far: With the RC4 algorithm and a key length of 40 bits the salt value works as a switch to either use a true 40-bit mode, identical to EVP_rc4_40(), or a 128-bit mode with bits 40 to 127 set to zero, similar to EVP_rc4(). With a key length different from 40 a salt is not supported. With the dwFlags parameter in CryptSetKeyParam(hKey,KP_SALT,pbData,dwFlags) you can toggle between them: zero sets the true 40-bit mode, and non zero sets the default zero-padded 128-bit mode. A value at pbData does not seem to have any influence. Might be with KP_SALT_EX you can set these 88 bits to a value in the blob, but I have not tried that. -- Peter-Michael Hager - acm senior - HAGER-ELECTRONICS GmbH - Germany ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
