LinuxQuestions.org

Hi,

I'm testing with openssl. Here's what i'm using with it.

Quote:

openssl bf-cbc -in test.txt -out test2.bin -pass pass:password
openssl bf-cbc -d -in test.bin -out test2.bin.txt -pass pass:password

Then i've taken an example of symmetrical encryption from the book 'Network Security with OpenSSL' and made it into this. I've been playing with the 'EVP_BytesToKey()' function, of which I think i've got right. It encrypts and decrypts. However when I use the actual openssl program to decrypt it states: 'bad magic number'

Also I notice that the openssl variations output is 16 bytes bigger. From looking at a hex dump I see the string 'Salted__', but thats only 8 bytes. Is the next 8 used as an iv or something? Is it converted to hex? I'm almost assuming that this is internal to a BIO (from looking within enc.c)....

Any points towards the right direction greatly appreciated...

Code:

#include <stdio.h>

#include <stdlib.h>

#include <string.h>



#include <openssl/evp.h>



#define ALG                EVP_des_ede3_cbc()



int do_crypt(char *fin, char *fout, int do_encrypt, char *pw)

{

        

        static const char magic[]="Salted__";

        

        unsigned char iv[EVP_MAX_IV_LENGTH], key[EVP_MAX_KEY_LENGTH];

        EVP_BytesToKey(ALG, EVP_md5(), magic, (unsigned char*)pw, strlen(pw), 1, key, iv);

        

        FILE *in;

        in = fopen(fin, "r");

        

        FILE *out;

        out = fopen(fout, "w");

        

        unsigned char inbuf[1024], outbuf[1024 + EVP_MAX_BLOCK_LENGTH];

        int inlen, outlen;

        

        EVP_CIPHER_CTX ctx;

        

        EVP_CIPHER_CTX_init(&ctx);

        EVP_CipherInit_ex(&ctx, EVP_bf_cbc(), NULL, NULL, NULL, do_encrypt);

        

        EVP_CIPHER_CTX_set_key_length(&ctx, 10);

        EVP_CipherInit_ex(&ctx, NULL, NULL, key, iv, do_encrypt);

        

        for(;;)

        {

                inlen = fread(inbuf, 1, 1024, in);

                

                if(inlen <= 0) break;

                if(!EVP_CipherUpdate(&ctx, outbuf, &outlen, inbuf, inlen))

                {

                        /* Error */

                        EVP_CIPHER_CTX_cleanup(&ctx);

                        return 0;

                }

                fwrite(outbuf, 1, outlen, out);

        }

        if(!EVP_CipherFinal_ex(&ctx, outbuf, &outlen))

        {

                /* Error */

                EVP_CIPHER_CTX_cleanup(&ctx);

                return 0;

        }

        fwrite(outbuf, 1, outlen, out);

        EVP_CIPHER_CTX_cleanup(&ctx);

        fclose(in);

        fclose(out);

        return 1;

}



int main (int argc, char *argv[])

{

        int iret;

        char *s;

        s = (char*)malloc(8+1);

        strcpy(s, (char*)"password");

        

        iret = do_crypt("test.txt", "test.bin", 1, s);

        iret = do_crypt("test.bin", "test.bin.txt", 0, s);

        

        return 0;

}

My simple makefile for building within demos of src:

Code:

CC=cc

CFLAGS= -g -I../../include -Wall

LIBS= -L../.. ../../libssl.a ../../libcrypto.a -lcrypto -ldl -pthread

EXAMPLES=main



all: $(EXAMPLES) 



main: main.o

        $(CC) -o main main.o $(LIBS)



clean:        

        rm -f $(EXAMPLES) *.o