AES_encrypt : Size of the cipher text
Hi OpenSSL Team, I am Anil, trying to code aes encryption and decryption program using openssl library. I have coded a program which takes key and data as inputs and computes AES-128 cipher text and decrypt the same. *If the size of the data/Key changes, size of cipher text is also getting changed .Is it expected behavior ?* * * Here is my code: #include stdio.h #include openssl/aes.h main() { unsigned char text[1024]; unsigned char out[1024]; unsigned char decout[1024]; int i; char key[17]; AES_KEY ectx; AES_KEY dectx; memset(out, '\0', sizeof(out)); memset(decout, '\0', sizeof(decout)); printf(Enter the text:); scanf(%s, text); printf(AES Key:); scanf(%s, key); AES_set_encrypt_key(key, 128, ectx); AES_encrypt(text, out, ectx); //out[16] = '\0'; printf(Length of encrypted data: %d\n, strlen(out)); printf(encryp data = %s\n, out); AES_set_decrypt_key(key, 128, dectx); AES_decrypt(out, decout, dectx); //decout[16] = '\0'; printf( Decrypted o/p: %s \n, decout); for (i = 0;i 16; i++) printf( %02x, decout[i]); printf(\n); } Please correct me if I have gone wrong anywhere ? Thanks -Anil
Re: AES_encrypt : Size of the cipher text
On 4/15/2013 1:48 PM, Anil Kumar K K wrote: Hi OpenSSL Team, I am Anil, trying to code aes encryption and decryption program using openssl library. I have coded a program which takes key and data as inputs and computes AES-128 cipher text and decrypt the same. *If the size of the data/Key changes, size of cipher text is also getting changed .Is it expected behavior ?* * Remember: Unless you are using outdated WWII or older encryption, the ciphertext, plaintext etc. are not text strings, but pure arrays of bytes or bits, with 0 not being special or unusual. * Here is my code: #include stdio.h #include openssl/aes.h main() { unsigned char text[1024]; unsigned char out[1024]; unsigned char decout[1024]; int i; char key[17]; AES_KEY ectx; AES_KEY dectx; memset(out, '\0', sizeof(out)); memset(decout, '\0', sizeof(decout)); Since this is binary, not ASCII, it would be clearer to specify 0 rather than '\0', but since it is the same value it makes no differences. printf(Enter the text:); scanf(%s, text); Potential security issue: If the user types in more than 1023 characters, scanf will keep reading in, overwriting the return address of main(). In a real program this would be a security hole. printf(AES Key:); scanf(%s, key); Potential security issue: If the user types in more than 16 characters, scanf will keep reading in, overwriting first the other variables, then the return address of main(). In a real program this would be a security hole. AES_set_encrypt_key(key, 128, ectx); AES_encrypt(text, out, ectx); This encrypts the first 16 bytes of text (one AES block) out now contains 16 encrypted bytes, some of which may be 0 //out[16] = '\0'; OK, out[16] has not been changed since you set it to 0 with memset() above. printf(Length of encrypted data: %d\n, strlen(out)); WRONG, strlen() finds the first 0 byte in out and returns its offset. So if there are no 0 bytes in out[0..15], it will return 16 because we know that out[16] is 0. If out[0] happens to be 0 it will return 0, otherwise if out[1] is 0, it will return 1 etc. printf(encryp data = %s\n, out); WRONG, out is not an ASCII string and printf(%s) will not handle it right, it will stop at any 0 byte, and allow your output window to interpret/mishandle any bytes whose value matches a control char such as '\r' or '\b'. AES_set_decrypt_key(key, 128, dectx); AES_decrypt(out, decout, dectx); Good, this decrypts the 16 byte out to 16 bytes in decout, which should be the same as the first 16 bytes of text[]. //decout[16] = '\0'; OK, decout[16] has not been changed since you set it to 0 with memset() above. printf( Decrypted o/p: %s \n, decout); This should be right for (i = 0;i 16; i++) printf( %02x, decout[i]); Good, this is how you should have printed the encrypted out[] array printf(\n); } Please correct me if I have gone wrong anywhere ? Thanks -Anil Enjoy Jakob -- Jakob Bohm, CIO, Partner, WiseMo A/S. http://www.wisemo.com Transformervej 29, 2730 Herlev, Denmark. Direct +45 31 13 16 10 This public discussion message is non-binding and may contain errors. WiseMo - Remote Service Management for PCs, Phones and Embedded __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: AES_encrypt : Size of the cipher text
On 15 April 2013 12:48, Anil Kumar K K aniluvc...@gmail.com wrote: Hi OpenSSL Team, I am Anil, trying to code aes encryption and decryption program using openssl library. I have coded a program which takes key and data as inputs and computes AES-128 cipher text and decrypt the same. If the size of the data/Key changes, size of cipher text is also getting changed .Is it expected behavior ? Some further points in addition to Jakob's analysis. Firstly, and most importantly, you are using the wrong API for basic AES encryption. You are using the underlying block cipher directly rather than using it in conjunction with a mode (which by default means you are using ECB mode). This is almost certainly NOT want you want, and has all sorts of security implications. Typical modes would be CBC, CTR, GCM etc. To do this properly you should use the EVP api. I suggest you start here: http://wiki.opensslfoundation.com/index.php/EVP http://wiki.opensslfoundation.com/index.php/EVP_Symmetric_Encryption_and_Decryption Matt __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
AW: Loading a config file with the OpenSSL API
Von: owner-openssl-us...@openssl.org [owner-openssl-us...@openssl.org] im Auftrag von Derek Cole [derek.c...@gmail.com] Gesendet: Dienstag, 16. April 2013 14:29 An: openssl-users@openssl.org Betreff: Loading a config file with the OpenSSL API Hello, I am cross posting this to the list in hopes of getting some more traffic: http://stackoverflow.com/questions/16026718/how-to-load-a-config-for-cert-signing-request-with-openssl-api Basically I am trying to modify the mkreq.c program to read in my already existing config file instead of adding the ext's one at a time like is happening in the example. It is not crashing, but I don't see any evidence that it has loaded the config file either - perhaps someone can take a look and show me how that should be done? If you have a correctly working command line, I would suggest using gcov lcov. http://ltp.sourceforge.net/coverage/lcov.php This takes a few hours to make it work with code, but you can clearly see, what lines of code are called and it is very useful to follow a command line invocation. Greetings, Alexander -- Deutsche Telekom AG Seamless ICT Security Infrastructure Management im Auftrag T-Systems International GmbH Dipl. Inf Alexander Elgert Langwadener Strasse 17 64625 Bensheim +49 176 22 717 661 (Mobil) +49 671 83419-12 (Tel) +49 671 83419-30 (Fax) E-Mail: alexander.elg...@gmx.de __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Loading a config file with the OpenSSL API
On Tue, Apr 16, 2013, Derek Cole wrote: Hello, I am cross posting this to the list in hopes of getting some more traffic: http://stackoverflow.com/questions/16026718/how-to-load-a-config-for-cert-signing-request-with-openssl-api Basically I am trying to modify the mkreq.c program to read in my already existing config file instead of adding the ext's one at a time like is happening in the example. It is not crashing, but I don't see any evidence that it has loaded the config file either - perhaps someone can take a look and show me how that should be done? First there's a typo in mkreq.c it should be STACK_OF(X509_EXTENSION). Have a look at the snippet in apps/req.c around line 880 (where it uses the variable X509V3_CTX). This uses the newer nconf code. If you want to use a LHASH directly you can use the older API which ends in _conf instead of _nconf. Steve. -- Dr Stephen N. Henson. OpenSSL project core developer. Commercial tech support now available see: http://www.openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
SSL / SMTP
Hi, Since I upgraded my kernel (and rebuilt openssl), I get the following errors in Postfix: 2013-04-15T13:55:29.921960+02:00 server postfix/smtpd[3308]: warning: TLS library problem: 3308:error:1411C146:SSL routines:tls1_prf:unsupported digest type:t1_enc.c:276: 2013-04-15T13:55:29.921966+02:00 server postfix/smtpd[3308]: warning: TLS library problem: 3308:error:140D308A:SSL routines:TLS1_SETUP_KEY_BLOCK:cipher or hash unavailable:t1_enc.c:597: while the postfix system has worked since ages. I went back to the old kernel, but the error persists. Do you have an hint ? Thank you Joan
Re: Using libcrypto's RSA code
I'm sorry it took me so long to test this...but here's the result: I'm still getting an error when trying to read this key using the BIO interface: Error: error:0906D064:PEM routines:PEM_read_bio:bad base64 decode More info below: My pubkey looks like this (this is just a test key): (pubkey.h): static const char* pubkey = (char*)\ -BEGIN PUBLIC KEY-\n\ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo+0cqJqlbJ7IoauOQzS\ wm43nMeM1wgapDxhgeNxBFz8Y8WdC56iHu7ICQhrIybzK1Zv1a9dmExyeGhGPRM\ vXYssNoOhphLFiN5mUwA3BNkxY2QwECESqPnlThXGiJ4bhBwvdXJ8ixtjGIh84P\ BV70Hf1F+FfVQPbi7GctLWSx6JD5xLb9h5D0sdfierup0TfNDMgrVDwvIlG4iKe\ GfB8npCUcicQ1E8pqx1axX3OxHIRr0dLIPrsPWKVj24jdeDZn0H+jhKxqus2/Yv\ fdoPAnlKgltmlnon23C06hziIOwbvECDho9zrw+nQSWQIQvs1TXaSZjYgVM45Uk\ zFNYn2Smv0efCUPEJa6gNawR/HFw8hIpBmtl6Jhm+du9AgLGU0j4pgAcw0xfj5F\ vsjeZfQDHm9FIbhY9dOoqcCwoIV5gzsb224T2uIHc+glAPjCOS+3rEP1+YwcGIK\ ObtIbzq2/rxS1HEx5z4NacLToOFZSKStgshXFQIjWCJ+2dCS8I4z5rkn1cP4bNR\ RIB7J5gdOsq+NJuLjC42QfTW7+rq/9ivjAUPwbnytqfWITbJZB5RurumCnaURqb\ 18v6kzvjO0A3Hxk2a1zjbpsO1+w9G3dW/F0fWqfn2JQoCTXKf1FJnzN+NaRMa5a\ vt8ohOwbObEDRoEjaC/OqiERaX4pHrHhU8CAwEAAQ==\n\ -END PUBLIC KEY-\n\ ; My code to read the pubkey looks like this: BIO* bio = BIO_new_mem_buf((void*)pubkey, -1); RSA* x = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); The results of this action are: Error: error:0906D064:PEM routines:PEM_read_bio:bad base64 decode What is wrong with this key? -Zach On 04/02/2013 03:03 AM, Jakob Bohm wrote: On 02-04-2013 00:30, Zach wrote: I've been reading through the OpenSSL documentation, but I must be missing something... I have a public key (base64 encoded) which looks something like this: MIICIjANBgkqhkiG9w0BAQEFA..U8CAwEAAQ== This is in a char buffer. I've tried this with/without the wrapping text of -BEGIN PUBLIC KEY- and -END PUBLIC KEY-. Did you remember to put \n after the two marker strings and before the end string? -BEGIN PUBLIC KEY-\n and \n-END PUBLIC KEY-\n I then do the following 2 lines of code: BIO* bio = BIO_new_mem_buf((void*)pubkey, -1); RSA* x = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); As I understand it, this should: 1) create a BIO wrapper around the char* pubkey source, and 2) read from this BIO pointer an RSA key. However, the RSA pointer is null, and when I check the errors coming out of the library it says: error:0906D06C:PEM routines:PEM_read_bio:no start line I assume that I've formed the BIO instance incorrectly...what should I do differently? -Zach On 03/31/2013 02:49 AM, Dave Thompson wrote: From: owner-openssl-us...@openssl.org On Behalf Of Felipe Blauth Sent: Friday, 29 March, 2013 16:36 To read the key from your header file you might want to use a memory BIO in conjunction with the PEM_read_bio_PUBKEY function or PEM_read_bio_RSAPublicKey ( I don't remember which one you should use, but this was answered in this list before). I don't have a test The default from commandline is PUBKEY (*private* keys changed from per-algorithm to PKCS8 in 1.0.0). enviroment right now, but you should do something like this: char key[] = Your pem key goes here; Including newlines represented as \n, which is easy to miss. BIO *mem = BIO_new(BIO_s_mem()); BIO_puts(mem, key); Or just BIO_new_mem_buf(key,len_or_neg1); EVP_PKEY* pkey=PEM_read_bio_PUBKEY(mem,NULL,NULL,NULL); Or PEM_read_bio_RSA_PUBKEY to downcast to RSA*, which you can also do separately, but EVP is generally preferable. snip Enjoy Jakob __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
RE: Using libcrypto's RSA code
From: owner-openssl-us...@openssl.org On Behalf Of Zach Sent: Tuesday, 16 April, 2013 15:55 I'm still getting an error when trying to read this key using the BIO interface: Error: error:0906D064:PEM routines:PEM_read_bio:bad base64 decode More info below: My pubkey looks like this (this is just a test key): (pubkey.h): static const char* pubkey = (char*)\ -BEGIN PUBLIC KEY-\n\ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo+0cqJqlbJ7IoauOQzS\ wm43nMeM1wgapDxhgeNxBFz8Y8WdC56iHu7ICQhrIybzK1Zv1a9dmExyeGhGPRM\ vXYssNoOhphLFiN5mUwA3BNkxY2QwECESqPnlThXGiJ4bhBwvdXJ8ixtjGIh84P\ BV70Hf1F+FfVQPbi7GctLWSx6JD5xLb9h5D0sdfierup0TfNDMgrVDwvIlG4iKe\ GfB8npCUcicQ1E8pqx1axX3OxHIRr0dLIPrsPWKVj24jdeDZn0H+jhKxqus2/Yv\ fdoPAnlKgltmlnon23C06hziIOwbvECDho9zrw+nQSWQIQvs1TXaSZjYgVM45Uk\ zFNYn2Smv0efCUPEJa6gNawR/HFw8hIpBmtl6Jhm+du9AgLGU0j4pgAcw0xfj5F\ vsjeZfQDHm9FIbhY9dOoqcCwoIV5gzsb224T2uIHc+glAPjCOS+3rEP1+YwcGIK\ ObtIbzq2/rxS1HEx5z4NacLToOFZSKStgshXFQIjWCJ+2dCS8I4z5rkn1cP4bNR\ RIB7J5gdOsq+NJuLjC42QfTW7+rq/9ivjAUPwbnytqfWITbJZB5RurumCnaURqb\ 18v6kzvjO0A3Hxk2a1zjbpsO1+w9G3dW/F0fWqfn2JQoCTXKf1FJnzN+NaRMa5a\ vt8ohOwbObEDRoEjaC/OqiERaX4pHrHhU8CAwEAAQ==\n\ -END PUBLIC KEY-\n\ ; The body part of your string (between BEGIN line and END line) must have newlines -- actual newlines in the data \n not discarded source linebreaks \(EOL) -- at intervals of no more than 76 characters. (The normal output from PEM_write and thus most commandline utilities is intervals of 64 characters, which is usually convenient. I observe you've broken your lines above at 63 for some reason.) My code to read the pubkey looks like this: BIO* bio = BIO_new_mem_buf((void*)pubkey, -1); RSA* x = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); Asides: you don't need the cast to void* there; if you've #include'd the declaration from pem.h as required it's protototyped and any C compiler since 1989 will convert. You also don't need the cast to char* on your declaration above; any C compiler since about 1975 will decay a string literal which is char[] to char*. (But since 1980 or so, not explicitly 'signed char*' or 'unsigned char*'.) Finally, it's more portable and arguably clearer to write long string literals as a series of adjacent pieces, which any compiler since 1989 must concatenate, rather than one long logical line (after preprocessor eliminates \(EOL)) which compilers aren't required to support and some don't. Although this only needs to be portable to compilers on systems that support OpenSSL, somewhat more restrictive. char* foo = abc\1 def\2 /*white space or comment ignored*/ ghi\3 jkl\4; produces always exactly the same result as char *foo = abc\1def\2ghi\3jkl\4; but with shorter source lines. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Using libcrypto's RSA code
Dave, Thank you very much for your help! This seemed to fix my issues. -Zach On 04/16/2013 04:28 PM, Dave Thompson wrote: From: owner-openssl-us...@openssl.org On Behalf Of Zach Sent: Tuesday, 16 April, 2013 15:55 I'm still getting an error when trying to read this key using the BIO interface: Error: error:0906D064:PEM routines:PEM_read_bio:bad base64 decode More info below: My pubkey looks like this (this is just a test key): (pubkey.h): static const char* pubkey = (char*)\ -BEGIN PUBLIC KEY-\n\ MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAo+0cqJqlbJ7IoauOQzS\ wm43nMeM1wgapDxhgeNxBFz8Y8WdC56iHu7ICQhrIybzK1Zv1a9dmExyeGhGPRM\ vXYssNoOhphLFiN5mUwA3BNkxY2QwECESqPnlThXGiJ4bhBwvdXJ8ixtjGIh84P\ BV70Hf1F+FfVQPbi7GctLWSx6JD5xLb9h5D0sdfierup0TfNDMgrVDwvIlG4iKe\ GfB8npCUcicQ1E8pqx1axX3OxHIRr0dLIPrsPWKVj24jdeDZn0H+jhKxqus2/Yv\ fdoPAnlKgltmlnon23C06hziIOwbvECDho9zrw+nQSWQIQvs1TXaSZjYgVM45Uk\ zFNYn2Smv0efCUPEJa6gNawR/HFw8hIpBmtl6Jhm+du9AgLGU0j4pgAcw0xfj5F\ vsjeZfQDHm9FIbhY9dOoqcCwoIV5gzsb224T2uIHc+glAPjCOS+3rEP1+YwcGIK\ ObtIbzq2/rxS1HEx5z4NacLToOFZSKStgshXFQIjWCJ+2dCS8I4z5rkn1cP4bNR\ RIB7J5gdOsq+NJuLjC42QfTW7+rq/9ivjAUPwbnytqfWITbJZB5RurumCnaURqb\ 18v6kzvjO0A3Hxk2a1zjbpsO1+w9G3dW/F0fWqfn2JQoCTXKf1FJnzN+NaRMa5a\ vt8ohOwbObEDRoEjaC/OqiERaX4pHrHhU8CAwEAAQ==\n\ -END PUBLIC KEY-\n\ ; The body part of your string (between BEGIN line and END line) must have newlines -- actual newlines in the data \n not discarded source linebreaks \(EOL) -- at intervals of no more than 76 characters. (The normal output from PEM_write and thus most commandline utilities is intervals of 64 characters, which is usually convenient. I observe you've broken your lines above at 63 for some reason.) My code to read the pubkey looks like this: BIO* bio = BIO_new_mem_buf((void*)pubkey, -1); RSA* x = PEM_read_bio_RSA_PUBKEY(bio, NULL, NULL, NULL); Asides: you don't need the cast to void* there; if you've #include'd the declaration from pem.h as required it's protototyped and any C compiler since 1989 will convert. You also don't need the cast to char* on your declaration above; any C compiler since about 1975 will decay a string literal which is char[] to char*. (But since 1980 or so, not explicitly 'signed char*' or 'unsigned char*'.) Finally, it's more portable and arguably clearer to write long string literals as a series of adjacent pieces, which any compiler since 1989 must concatenate, rather than one long logical line (after preprocessor eliminates \(EOL)) which compilers aren't required to support and some don't. Although this only needs to be portable to compilers on systems that support OpenSSL, somewhat more restrictive. char* foo = abc\1 def\2 /*white space or comment ignored*/ ghi\3 jkl\4; produces always exactly the same result as char *foo = abc\1def\2ghi\3jkl\4; but with shorter source lines. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org