On 4/15/2013 1:48 PM, Anil Kumar K K wrote:
Hi OpenSSL Team,
I am Anil, trying to code aes encryption and decryption program using
openssl library.
I have coded a program which takes key and data as inputs and computes
AES-128 cipher text and decrypt the same. *If the size of the data/Key
changes, size of cipher text is also getting changed .Is it expected
behavior ?*
*
Remember: Unless you are using outdated WWII or older encryption, the
"ciphertext", "plaintext" etc. are not text strings, but pure arrays of
bytes or bits, with 0 not being special or unusual.
*
Here is my code:
#include <stdio.h>
#include <openssl/aes.h>
main()
{
unsigned char text[1024];
unsigned char out[1024];
unsigned char decout[1024];
int i;
char key[17];
AES_KEY ectx;
AES_KEY dectx;
memset(out, '\0', sizeof(out));
memset(decout, '\0', sizeof(decout));
Since this is binary, not ASCII, it would be clearer to specify
0 rather than '\0', but since it is the same value it makes no
differences.
printf("Enter the text:");
scanf("%s", text);
Potential security issue: If the user types in more than 1023
characters, scanf will keep reading in, overwriting the return address
of main(). In a real program this would be a security hole.
printf("AES Key:");
scanf("%s", key);
Potential security issue: If the user types in more than 16 characters,
scanf will keep reading in, overwriting first the other variables, then
the return address of main(). In a real program this would be a
security hole.
AES_set_encrypt_key(key, 128, &ectx);
AES_encrypt(text, out, &ectx);
This encrypts the first 16 bytes of text (one AES block)
out now contains 16 encrypted bytes, some of which may be 0
//out[16] = '\0';
OK, out[16] has not been changed since you set it to 0 with
memset() above.
printf("Length of encrypted data: %d\n", strlen(out));
WRONG, strlen() finds the first 0 byte in out and returns its
offset. So if there are no 0 bytes in out[0..15], it will
return 16 because we know that out[16] is 0. If out[0] happens
to be 0 it will return 0, otherwise if out[1] is 0, it will
return 1 etc.
printf("encryp data = %s\n", out);
WRONG, out is not an ASCII string and printf(%s) will not handle it
right, it will stop at any 0 byte, and allow your output window to
interpret/mishandle any bytes whose value matches a control char such
as '\r' or '\b'.
AES_set_decrypt_key(key, 128, &dectx);
AES_decrypt(out, decout, &dectx);
Good, this decrypts the 16 byte out to 16 bytes in decout, which
should be the same as the first 16 bytes of text[].
//decout[16] = '\0';
OK, decout[16] has not been changed since you set it to 0 with
memset() above.
printf(" Decrypted o/p: %s \n", decout);
This should be right
for (i = 0;i < 16; i++)
printf(" %02x", decout[i]);
Good, this is how you should have printed the encrypted out[] array
printf("\n");
}
Please correct me if I have gone wrong anywhere ?
Thanks
-Anil
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com
Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
