----- Original Message -----
> From: "Matej Kurpel" <[email protected]>
> > On 22 juil, 14:41, helpcrypto helpcrypto<[email protected]>
> > wrote:
> > at this time, i had just to make some test about the AES_CBC or
> > AES_ECB like time to encrypt, time to decrypt,how memory used, how
> > cpu used for just a simple operation . for tis kind of test
> > private key and IV will be set in the programm not given by
> > secure way.
Take a look at this code. I pieced this together by looking at
lib/ssl/ssl3con.c. It is probably very similar to the code in cmd/digest. I
have not tested it, compiled it, or even thought about it much. Also, I left
out all the error handling to mislead you into thinking that your final code
will be readable.
/* const SECItem * input; holds plaintext data
SECItem * output; will hold encrypted data
unsigned maxout; size of output->data buffer
*/
output->data = NULL;
output->len = 0;
PK11SlotInfo *slot = PK11_GetInternalSlot();
PK11Context *context = NULL;
PK11Symkey * aesKey = NULL;
SECItem *param = NULL;
/* This is not the proper way to deal with key material
in a real application. keyData is a pointer to a
SECItem that holds the raw key, and ivData is a pointer
to a SECItem that holds the IV. */
aesKey =
PK11_ImportSymKey(slot, CKM_AES_CBC,
PK11_OriginUnwrap, CKA_ENCRYPT,
keyData, NULL);
param = PK11_ParamFromIV(CKM_AES_CBC, iv);
context = PK11_CreateContextBySymKey(CKM_AES_CBC,
CKA_ENCRYPT, aesKey, param);
PK11_CipherOp(context, output->data, &output->len,
maxout, input->data, input->len);
PK11_DestroyContext(context, PR_TRUE);
PK11_FreeSlot(slot);
> OpenSSL is intended for this purpose, not NSS.
...
Cheers,
Brian
--
dev-tech-crypto mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-tech-crypto
