The number you asked for typically.
Pauli
On 21/9/21 4:49 pm, Nagarjun J wrote:
Hi,
What is the Number of Bytes Returned by aes-256 ctr drbg ?
Thanks,
Nagarjun
Hi,
What is the Number of Bytes Returned by aes-256 ctr drbg ?
Thanks,
Nagarjun
Hello Again,
Sorry, I should have explained myself better. I am using AES-256 in
CBC mode. I am getting a string as a password, and using
PKCS5_PBKDF2_HMAC_SHA1 function to generate 256 bit key and 128 bit
IV. I was wondering if generating and IV like this is necessary, or
can I just use a
,
Uri
Sent from my iPhone
On Apr 27, 2017, at 08:34, Salz, Rich via openssl-users
wrote:
>> For AES-256 encryption, should IV be random? I am already using a random
>> salt, so I was wondering if IV should be random too.
>
> It should be non-repeating. It can just be a cou
> For AES-256 encryption, should IV be random? I am already using a random
> salt, so I was wondering if IV should be random too.
It should be non-repeating. It can just be a counter.
(Yes, I know OP didn't ask about AESGCM. But if they're coming here for advice
... )
-
On 27/04/2017 14:00, Yaşar Arabacı wrote:
Hi,
For AES-256 encryption, should IV be random? I am already using a
random salt, so I was wondering if IV should be random too.
Thanks in advance
AES itself takes neither an IV nor a salt.
AES in CBC mode takes a 128 bit IV for the CBC mode, it is
On Thu, 27 Apr 2017 15:00:37 +0300
Yaşar Arabacı wrote:
> For AES-256 encryption, should IV be random? I am already using a
> random salt, so I was wondering if IV should be random too.
An IV is part of a cipher mode. AES-256 is just a block cipher. You
can't use it on its own. So
Hi,
For AES-256 encryption, should IV be random? I am already using a
random salt, so I was wondering if IV should be random too.
Thanks in advance
--
http://ysar.net/
--
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
On 25/11/16 14:42, Dave Poirier wrote:
> *Question 1: Are there other functions I should have been using to
> implement AES-256-CBC than the EVP methods above?*
EVP is the correct thing to be using.
>
> Question 2: If EVP is the way to go for implementing AES-256-CBC, which
> f
Hello,
I am relatively new to using OpenSSL libraries in C so please accept my
apologies if this may sound simple for most of you.
I have an algorithm that I implemented in 1.0.1c to perform AES-256-CBC
encryption, which no longer compiles due to EVP_CIPHER_CTX now being opaque in
1.1.0
Hi,
We are using openssl-1.0.1e version and also AESNI is enabled in BIOS.
I am trying to measure the AES-256-CBC algorithm performance for decryption of
256bytes buffer size. But I am not getting the numbers matching with the
'openssl speed' tool.
I saw it uses AESNI if we call th
On 6 Aug 2013, at 12:57 PM, Richard Cook wrote:
> I'm trying to determine if the current development version of OpenSSL
> supports AES-256-CCM. I've cloned the repository from
> https://github.com/openssl/openssl, built locally and tried the following
> commands:
>
&
Hi,
I'm trying to determine if the current development version of OpenSSL
supports AES-256-CCM. I've cloned the repository from
https://github.com/openssl/openssl, built locally and tried the following
commands:
./openssl ciphers | grep CCM
This yields no matches. The following, how
program. In the
project we do larger sizes.
I had the impression that the key and IV should be of 256 bits ( 32) since
its aes 256 mode. I might be wrong.
Will keep the IV to 16 only. The IV is very simple for now. But will make
it more difficult to predict.
I hash the key using SHA256. This is
t *outLength,const unsigned char* keyData, int pageNo)
>{
>unsigned char key[AES_BLOCK_SIZE*2], iv[AES_BLOCK_SIZE*2];
The fact that an AES-256 key is twice the size of an AES data block (128)
-- and a -128 or -192 key is the same or half more -- is just coincidence.
Use 256/8, or
On 25 April 2013 21:42, Taraniteja Vishwanatha wrote:
> Hey guys,
>
> I was using the low level aes APIs and now have switched to EVP ones. My
Good. That is (in most cases) the correct approach.
> string encryption and decryption always work fine. But when it comes to
> files, I am getting mall
Hey guys,
I was using the low level aes APIs and now have switched to EVP ones. My
string encryption and decryption always work fine. But when it comes to
files, I am getting malloc errors: malloc: *** error for object : incorrect
checksum for freed object - object was probably modified after bein
For AES-256-CBC, if I have a passphrase stored in a file; are there
limits in terms of how big either the key or the passphrase can be in
terms of characters?
__
OpenSSL Project http
ansal wrote:
>>
>>> Thanks Matt. Is there a sample code i can look into?
>>>
>>> In my case the key is unique across different messages, so having same
>>> IV across messages should not lead me into problem
>>>
>>> Thanks,
>>&g
al
>>
>>
>> On Mon, Jan 14, 2013 at 12:22 PM, Matt Caswell wrote:
>>
>>> Yes, you can use CTR mode for AES-256: use the EVP interface with the
>>> EVP_CIPHER of EVP_aes_256_ctr().
>>>
>>> However it is a fundamental requirement of CTR mode
t; On Mon, Jan 14, 2013 at 12:22 PM, Matt Caswell wrote:
>
>> Yes, you can use CTR mode for AES-256: use the EVP interface with the
>> EVP_CIPHER of EVP_aes_256_ctr().
>>
>> However it is a fundamental requirement of CTR mode that the IV must be
>> unique across mes
Thanks Matt. Is there a sample code i can look into?
In my case the key is unique across different messages, so having same IV
across messages should not lead me into problem
Thanks,
Rohit Bansal
On Mon, Jan 14, 2013 at 12:22 PM, Matt Caswell wrote:
> Yes, you can use CTR mode for AES-
Yes, you can use CTR mode for AES-256: use the EVP interface with the
EVP_CIPHER of EVP_aes_256_ctr().
However it is a fundamental requirement of CTR mode that the IV must be
unique across messages. If you reuse the IV then your messages can be
broken quite trivially. Therefore, if by a fixed IV
Objet : Problem with AES 256 algorithm / GCM mode.
Hello.
I use OpenSSL for my work and particularly the AES 256 algorithm with the GCM
mode.
When I test this mode, the ciphered text is correct but the authentication tag
is not correct.
I think my test vectors are correct (source : NIST and my cip
Hello.
I use OpenSSL for my work and particularly the AES 256 algorithm with the GCM
mode.
When I test this mode, the ciphered text is correct but the authentication tag
is not correct.
I think my test vectors are correct (source : NIST and my cipher room).
Could you help me? If yes, how can we
On 4/2/2012 5:09 PM, Theodore Tolstoy wrote:
Hi!
There is a widely known and used AES implementation in C by "Niyaz PK" for
encryption/decryption:
http://www.hoozi.com/posts/advanced-encryption-standard-aes-implementation-in-cc-with-comments-part-1-encryption/
.
It seems to implement AES-{128,1
On 2 Apr 2012, at 8:09 AM, Theodore Tolstoy wrote:
> It seems to implement AES-{128,192,256} ECB mode of
> encryption/decryption(?). Am I wrong?
>
> Is it possible to use OpenSSL to achieve equivalent results?
Yes. The low-level openssl AES implementation (AES_ecb_encrypt(), etc.) is
available
sl-users@openssl.org
>
> To
>
> openssl-users@openssl.org
>
> cc
>
> Subject
>
> AES-256 Implementation and OpenSSL
>
> Hi!
>
> There is a widely known and used AES implementation in C by "Niyaz PK"
for
> encryption/decryption:
>
http:/
Hi!
There is a widely known and used AES implementation in C by "Niyaz PK" for
encryption/decryption:
http://www.hoozi.com/posts/advanced-encryption-standard-aes-implementation-in-cc-with-comments-part-1-encryption/
.
It seems to implement AES-{128,192,256} ECB mode of
encryption/decryption(?). A
f C -- maybe
80-90%, depending how you count -- but NOT all. So in some
cases it matters which you are using.
> I'm having issues base64 decoding files that have been
> encrypted using AES-256-CBC and the base64 encoded. I'm
> using the following code to base64 d
gt; wrote:
>
> > You need to use same iv and key for decryption.
> > I believe the command is
> > openssl enc -d -aes-256-cbc -K -iv
> used to encrypt> ...
>
> Both -K key and -iv iv must be hex; yes, character by chara
mething else ?
> I use the passphrase "As different as chalk and cheese" ...
> On Tue, May 25, 2010 at 6:32 PM, Anand Patel
wrote:
> You need to use same iv and key for decryption.
> I believe the command is
>
Kunal Sharma wrote:
>What I see happening is this:
>ENCRYPT - size of /etc/rgconf on disk is 157043 bytes
>ENCRYPT - size of /etc/rgconf_encrypted on disk is 157044 bytes.
>BROWSER saves the file to disk - size is 136 bytes (How ???)
You called 'strlen' on something that was not a string, so it
t;. What would my iv be in the format Openssl expects it to be ?
Thanks again,
Kunal
On Tue, May 25, 2010 at 6:32 PM, Anand Patel wrote:
> You need to use same iv and key for decryption.
> I believe the command is
> openssl enc -d -aes-256-cbc -K -iv encrypt> -in rgconf
You need to use same iv and key for decryption.
I believe the command is
openssl enc -d -aes-256-cbc -K -iv -in rgconf_encrypted -out rgconf_decrypted.
-Anand
On Tue, May 25, 2010 at 8:30 AM, ~ Kunal Sharma ~ wrote:
> Friends,
>
> I'm trying to verify that my encryption
gio 2010 14.30
A: openssl-users@openssl.org
Oggetto: Error - AES-256 CBC encrypting using EVP routines and decrypting
using command line
Friends,
I'm trying to verify that my encryption and decryption routines work ok. One
way I do it is to encrypt the data and save it to a file. The I
owing command:
openssl enc -d -aes-256-cbc -in rgconf_encrypted
I enter the decryption password "As different as chalk and cheese" which I
used to encrypt the data. But I get the error "bad magic number".
Am I missing something here ? I need to be able to use a simple phrase as my
}
>
>
>
> ENCRYPT
>
>
> char *buffer = NULL;
>
> int wfd;
> if((wfd = creat("/etc/rgconf",0644) ) == -1) {
> console_printf("Couldn't open output file for writing");
> }else{
> write(wfd,rg_c
write(wfd,rg_conf_buf,strlen(rg_conf_buf)); //rg_conf_buf is read
from some other supplier routine
close(wfd);
console_printf("\nencode3 returned %d\n",encode3());//encode3
encrypts "/etc/rgconf" in AES-256 CBC and saves to &quo
Thanks Jeff, Carter.
I'm in the process of trying out EVP routines to do my stuff now. Will post
an update once I'm done.
Thanks again for your time.
- Kunal
On Fri, May 21, 2010 at 5:55 PM, Carter Browne wrote:
> Kunal,
>
> If your data can include NULs, you should not use strlen to calculat
Kunal,
If your data can include NULs, you should not use strlen to calculate
the length of the buffer, you need to provide the length in some other
way - in your example presumably as an additional parameter.
Carter
Carter Browne
CBCS
cbro...@cbcs-usa.com
781-721-2890
On 5/21/2010 2:30 AM, ~ K
Hi Kunal,
> I was also wondering about the cipher block size. I was thinking
> of using 16 as block size, read the input ...
You have no choice. AES is a 16-byte block cipher.
Using the EVP_* functions is easier.
Jeff
On Fri, May 21, 2010 at 2:30 AM, ~ Kunal Sharma ~ wrote:
> David,
> Thanks f
David,
Thanks for taking out time to review my code and reply.
1) I agree that using sizeof was a blunder on my part.
2) I'm calling decode2 with rg_conf_buf_dup and rg_conf_buf_dup_2, second
one being the output buffer. So I'm certain that I don't modify the input
buffer (though I just zero out
Kunal Sharma wrote:
void encode2(char *inbuf,char *outbuf)
{
unsigned char key32[] = "As different as chalk and cheese";
unsigned char iv[] = "As dark as pitch";
AES_KEY aeskey;
memset(outbuf, 0, sizeof(outbuf));
AES_set_encrypt_key(key32, 32*8,
Friends,
This is the first time I'm using Openssl for some small job to encrypt and
decrypt buffers for my application usage. My requirement is simple:
1) My application gets a buffer that needs to be encrypted.
2) My application gets a buffer that needs to be decrypted. This buffer can
be exactl
> From: owner-openssl-us...@openssl.org On Behalf Of NaGaGo
> Sent: Thursday, 19 November, 2009 02:02
> #include
> #include
> #include
> #include
> #include
> #include
> #define AES_BLOCK_SIZE 16
This is already in aes.h, you don't need to define it yourself.
>
> int main()
> {
>
>
3834373532303435333730323834383132373330393233343531323330383839 -iv
3636383630393433313132323031 -aes-256-cbc -in finalSigPackage.bin -out
x.zip
so what is the key I need to give in my code...??please help me!!
some error checking is removed as their file pointers are ready in the
code...and modification done to
> From: owner-openssl-us...@openssl.org On Behalf Of NaGaGo
> Sent: Tuesday, 17 November, 2009 05:35
> #include
> #inclide
> #incldue
I assume these were just a hint that the real code
has correct #include's.
> int main()
> {
>
> unsigned long lSize;
> FILE * inFile;
> FILE *
mand i'm using to decrypt a binary file...
>> openssl enc -d -K
>> 3834373532303435333730323834383132373330393233343531323330383839 -iv
>> 3636383630393433313132323031 -aes-256-cbc-in final2.bin -out test.zip
>> As my target doesnot support openssl commd i was asked
and i'm using to decrypt a binary file...
> >> openssl enc -d -K
> >> 3834373532303435333730323834383132373330393233343531323330383839 -iv
> >> 3636383630393433313132323031 -aes-256-cbc-in final2.bin -out test.zip
> >> As my target doesnot support openssl c
gt;> 3834373532303435333730323834383132373330393233343531323330383839 -iv
>> 3636383630393433313132323031 -aes-256-cbc-in final2.bin -out test.zip
>> As my target doesnot support openssl commd i was asked to write
>> decryption
>> code using some API's and create a binary ...so I decided to write i
openssl enc -d -K
> 3834373532303435333730323834383132373330393233343531323330383839 -iv
> 3636383630393433313132323031 -aes-256-cbc-in final2.bin -out test.zip
> As my target doesnot support openssl commd i was asked to write decryption
> code using some API's and create a binary ...so I decided to write it using
> AES AP
Hai
this is the openssl shell command i'm using to decrypt a binary file...
openssl enc -d -K
3834373532303435333730323834383132373330393233343531323330383839 -iv
3636383630393433313132323031 -aes-256-cbc-in final2.bin -out test.zip
As my target doesnot support openssl commd i was ask
Can any one help me out with the code below I dont understand properly what
is the error problem in this .
I'm using AES API's to decrypt.
Here is my code :
I need to decrypt a binary file...i only have key and iv and i was given the
mode of encryption asked to decrypt the binary file..so this was
On Wed, Jun 24, 2009, Gaurav Shah wrote:
> Hi All,
> I am kind of novice to cryptography and presently trying to develope my
> own Encryption/Decryption library. Many ppl suggested me to use AES-256
> algo for Encryption/Decryption. However, I do not find any documentation
> abo
Hi All,
I am kind of novice to cryptography and presently trying to develope my
own Encryption/Decryption library. Many ppl suggested me to use AES-256
algo for Encryption/Decryption. However, I do not find any documentation
about OpenSSL that provides me pointers to any OpenSSL API providing
Hi,
We are trying to deploy AES-256 in assembly, and of course we ran into your
code in aes-586.pl. In the code we saw that you use 64 byte alignment:
&set_label("AES_Te",64);# Yes! I keep it in the code segment!
Which is something that gives us a headache in other modules th
Thank you very much for the quick reply.
Regards,
Jaya.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola
Sent: Wednesday, September 06, 2006 3:31 PM
To: openssl-users@openssl.org
Subject: RE: Aes-256 /testing of AES_cbc_encrypt
Hello
Hello,
>
> I went through FIPS-197 for AES. Now if I want to test
> void AES_cbc_encrypt(const unsigned char *in, unsigned
> char *out,
>const unsigned long length, const AES_KEY *key,
>unsigned char *ivec, const int enc) function.
>
.
How should I test this function?
Regards,
Jaya.
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola
Sent: Monday, September 04, 2006 4:51 PM
To: openssl-users@openssl.org
Subject: Re: Aes-256
Hello,
> I want to test AES-256 encryption
Hi,
Thanks a lot for the timely help.
Regards,
Jaya
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Marek Marcola
Sent: Monday, September 04, 2006 4:51 PM
To: openssl-users@openssl.org
Subject: Re: Aes-256
Hello,
> I want to test AES-
Hello,
> I want to test AES-256 encryption and decryption. And also SH-512
> hashing functionality in
> SSL. Pls can any one tell me how do I do it?
If you want to check correctness of your implementation/OpenSSL API
you may download FIPS-197 (for AES) and FIPS-180 (for SHA1/25
Hi All,
I want to test AES-256 encryption and decryption. And also SH-512
hashing functionality in
SSL. Pls can any one tell me how do I do it?
Thanks in adnavce.
Jaya.
__
OpenSSL Project
63 matches
Mail list logo
