Re: How is key calculated from passphrase
Hi Dan, You should look at : http://www.rsa.com/rsalabs/node.asp?id=2127 http://www.openssl.org/docs/crypto/EVP_BytesToKey.html and a better OpenSSL implementation using PKCS5_PBKDF2_HMAC() in crypto\evp\p5_crpt2.c Le 01/07/2011 14:58, Daniel Wambold a écrit : Hello list. I started poring over the source but I haven't yet found the conversion from passphrase to key. Could someone point me to the code snippet or simply summarize the procedure for me so I can code the same thing into my app? __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How is key calculated from passphrase
On Fri July 1 2011, Jeffrey Walton wrote: > On Fri, Jul 1, 2011 at 8:58 AM, Daniel Wambold wrote: > > Hello list. Sorry for what is likely a simple question but I'm running out > > of time and could use a quick hand. I have a program that encrypts data > > using AES256 CBC mode and a 256 bit (obviously) key provided directly to > > the encryption engine as-is. openssl enc -help unknown option '-help' options are -in input file -out output file -pass pass phrase source -e encrypt -d decrypt -a/-base64 base64 encode/decode, depending on encryption flag -k key is the next argument -kfile key is the first line of the file argument -K/-iv key/iv in hex is the next argument -[pP] print the iv/key (then exit if -P) -bufsizebuffer size -engine e use engine e, possibly a hardware device. Cipher Types -aes-128-cbc -aes-128-cfb -aes-128-ecb -aes-128-ofb -aes-192-cbc -aes-192-cfb -aes-192-ecb -aes-192-ofb -aes-256-cbc -aes-256-cfb -aes-256-ecb -aes-256-ofb -aes128-aes192-aes256 -bf-bf-cbc-bf-cfb -bf-ecb-bf-ofb-blowfish -cast -cast-cbc -cast5-cbc -cast5-cfb -cast5-ecb -cast5-ofb -des -des-cbc -des-cfb -des-ecb -des-ede -des-ede-cbc -des-ede-cfb -des-ede-ofb -des-ede3 -des-ede3-cbc -des-ede3-cfb -des-ede3-ofb -des-ofb -des3 -desx -desx-cbc -idea -idea-cbc -idea-cfb -idea-ecb -idea-ofb -rc2 -rc2-40-cbc-rc2-64-cbc -rc2-cbc -rc2-cfb -rc2-ecb -rc2-ofb -rc4 -rc4-40 -rc5 -rc5-cbc -rc5-cfb -rc5-ecb -rc5-ofb For details, remember that "man" is your friend: $ >man enc If your Windows install does not support the manual command - then ask Google, Google knows many "man" sites. Mike > > I need our Windows-using counterpart to encrypt a file in exactly the same > > way, with exactly the same key. OpenSSL seems to provide command-line > > access to all the parameters we need (pkcs7, CBC), I need to ask it to use > > an encryption key rather than a passphrase (which is, presumably, converted > > to a 256 bit key). I started poring over the source but I haven't yet found > > the conversion from passphrase to key. Could someone point me to the code > > snippet or simply summarize the procedure for me so I can code the same > > thing into my app? Alternatively, if there's a way to give OpenSSL a key > > directly, that would be very helpful. Thanks in advance! > http://www.openssl.org/docs/crypto/evp.html > http://www.openssl.org/docs/crypto/EVP_EncryptInit.html > > Perhaps you should enlist some help from someone familiar with > OpenSSL. OpenSSL's consulting page is at > http://www.openssl.org/support/consulting.html. Shining Light offers a > lot of OpenSSL/Windows stuff at no charge. It would probably be > appreciated if you engaged Thomas at > http://www.slproweb.com/products/Win32OpenSSL.html. > > Jeff > __ > OpenSSL Project http://www.openssl.org > User Support Mailing Listopenssl-users@openssl.org > Automated List Manager majord...@openssl.org > > __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: How is key calculated from passphrase
On Fri, Jul 1, 2011 at 8:58 AM, Daniel Wambold wrote: > Hello list. Sorry for what is likely a simple question but I'm running out of > time and could use a quick hand. I have a program that encrypts data using > AES256 CBC mode and a 256 bit (obviously) key provided directly to the > encryption engine as-is. I need our Windows-using counterpart to encrypt a > file in exactly the same way, with exactly the same key. OpenSSL seems to > provide command-line access to all the parameters we need (pkcs7, CBC), I > need to ask it to use an encryption key rather than a passphrase (which is, > presumably, converted to a 256 bit key). I started poring over the source but > I haven't yet found the conversion from passphrase to key. Could someone > point me to the code snippet or simply summarize the procedure for me so I > can code the same thing into my app? Alternatively, if there's a way to give > OpenSSL a key directly, that would be very helpful. Thanks in advance! http://www.openssl.org/docs/crypto/evp.html http://www.openssl.org/docs/crypto/EVP_EncryptInit.html Perhaps you should enlist some help from someone familiar with OpenSSL. OpenSSL's consulting page is at http://www.openssl.org/support/consulting.html. Shining Light offers a lot of OpenSSL/Windows stuff at no charge. It would probably be appreciated if you engaged Thomas at http://www.slproweb.com/products/Win32OpenSSL.html. Jeff __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
How is key calculated from passphrase
Hello list. Sorry for what is likely a simple question but I'm running out of time and could use a quick hand. I have a program that encrypts data using AES256 CBC mode and a 256 bit (obviously) key provided directly to the encryption engine as-is. I need our Windows-using counterpart to encrypt a file in exactly the same way, with exactly the same key. OpenSSL seems to provide command-line access to all the parameters we need (pkcs7, CBC), I need to ask it to use an encryption key rather than a passphrase (which is, presumably, converted to a 256 bit key). I started poring over the source but I haven't yet found the conversion from passphrase to key. Could someone point me to the code snippet or simply summarize the procedure for me so I can code the same thing into my app? Alternatively, if there's a way to give OpenSSL a key directly, that would be very helpful. Thanks in advance! Best Regards, Dan__ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
